From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from hqnvemgate25.nvidia.com (hqnvemgate25.nvidia.com [216.228.121.64]) by mx.groups.io with SMTP id smtpd.web12.13314.1585148282656241381 for ; Wed, 25 Mar 2020 07:58:02 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@nvidia.com header.s=n1 header.b=nvgPpCTp; spf=pass (domain: nvidia.com, ip: 216.228.121.64, mailfrom: ashishsingha@nvidia.com) Received: from hqpgpgate101.nvidia.com (Not Verified[216.228.121.13]) by hqnvemgate25.nvidia.com (using TLS: TLSv1.2, DES-CBC3-SHA) id ; Wed, 25 Mar 2020 07:57:16 -0700 Received: from hqmail.nvidia.com ([172.20.161.6]) by hqpgpgate101.nvidia.com (PGP Universal service); Wed, 25 Mar 2020 07:58:02 -0700 X-PGP-Universal: processed; by hqpgpgate101.nvidia.com on Wed, 25 Mar 2020 07:58:02 -0700 Received: from HQMAIL109.nvidia.com (172.20.187.15) by HQMAIL109.nvidia.com (172.20.187.15) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 25 Mar 2020 14:58:01 +0000 Received: from NAM04-SN1-obe.outbound.protection.outlook.com (104.47.44.58) by HQMAIL109.nvidia.com (172.20.187.15) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 25 Mar 2020 14:58:01 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=A/Og0iutSsP4XUVQE+6ddv9159nPe/mLERUVqN4aQxQfLlq+8Yvpdojy+S6/9JbY9lTI1cn2/1NGQTyVLn8k/KIlU7umFqHzHCS/exNmnVGjIvvK2qE7Mxz1nuaEd+WsuJ5kLiRa1X/6xOfn/gIO1xbMSJOKznAB/cSgVzg2+2zZ+jtthX5H2U2JG8OwDk/ro8QJPn+YPutFOPrnlDuBLXdJEi5I/PiI6D9FscEy3vRWMSLLjIoQxxGRcXBlekcBMXAeF193z75uVvlowOx6i6QxLWHW4V6fFjdJaPrnbhXyYRUSXmeph9jiLMdjJ90UvbpdRKzTcrTSIqOzWPMMaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WFWUxjHaPYveLfwSrCtVomabmb7xLD2yqQqb6cnpfJY=; b=Hp2vhSCnw+DmLcE5CX12RSDFoDvZtmSBNJbOD3tPD54mpmzEQ9XngRsX5FuEZhYn/+JbmP+0jmd7lH2SL6wlN4NehX3STsrDTmkNGBkbWkcfrxHknGnn+7cj8lJS+IDjxlq++SuQB8o4FglN+Z4q3kVZw09IgMYM36PoQYmLW0qmO3EAYQy55GAkmJROEG7dam8JUVpzaca2oh/N49I6Bxfa+byN0E3IjFqUxAuPwv3WHEHHUhkxFIHk9kjRuEaWA2h6LCIhuOGQWkbDaaE/6mj8+tpMBiGj+ukQj4OnYyfz7GGLGud8pKcnOc2uEVt55tbsWc35Z0zQFr6QNscyrQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none Received: from MW3PR12MB4457.namprd12.prod.outlook.com (2603:10b6:303:2e::20) by MW3PR12MB4362.namprd12.prod.outlook.com (2603:10b6:303:5d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2835.22; Wed, 25 Mar 2020 14:58:00 +0000 Received: from MW3PR12MB4457.namprd12.prod.outlook.com ([fe80::d477:5c8e:2e4e:5481]) by MW3PR12MB4457.namprd12.prod.outlook.com ([fe80::d477:5c8e:2e4e:5481%4]) with mapi id 15.20.2835.023; Wed, 25 Mar 2020 14:58:00 +0000 From: "Ashish Singhal" To: Ard Biesheuvel , "devel@edk2.groups.io" CC: Laszlo Ersek , Leif Lindholm Subject: Re: [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry Thread-Topic: [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry Thread-Index: AQHWApoBPNfqhCfj6kyAE7496MQqlKhZZSPs Date: Wed, 25 Mar 2020 14:58:00 +0000 Message-ID: References: <20200325113846.21700-1-ard.biesheuvel@linaro.org>,<20200325113846.21700-3-ard.biesheuvel@linaro.org> In-Reply-To: <20200325113846.21700-3-ard.biesheuvel@linaro.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=ashishsingha@nvidia.com; x-originating-ip: [216.228.112.22] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: e586d10b-e9a5-4f54-0f7d-08d7d0cce95b x-ms-traffictypediagnostic: MW3PR12MB4362: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:6430; x-forefront-prvs: 0353563E2B x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(376002)(366004)(396003)(346002)(39860400002)(136003)(71200400001)(4326008)(2906002)(7696005)(8676002)(5660300002)(19627235002)(33656002)(19627405001)(8936002)(316002)(76116006)(81166006)(81156014)(66946007)(64756008)(66556008)(66476007)(54906003)(66446008)(52536014)(55016002)(9686003)(53546011)(86362001)(186003)(6506007)(26005)(478600001)(110136005);DIR:OUT;SFP:1101;SCL:1;SRVR:MW3PR12MB4362;H:MW3PR12MB4457.namprd12.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords; received-spf: None (protection.outlook.com: nvidia.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 0lKEIFxPGX7FbtujWljXEEigjfnKlOmESV4dr3RVXkCpdbXCFYVqg/SsUxjGUKG6IOgORaLc8lPJ1lSd6HYNiS4uQQz2SdgpkaPz374BqTCwSRQCJS1OTG/ZDQBoCdUxQW1Ra4Hvy2Q8fCXfaIS3kPAvxTwmIzWQlIAeDi80nWuuiUldqncr0KngY/0SO4vz4R0tigtBuDyaaefiyqkZJ4X5Bh1EYqEvdX4JW+lgd3SpPHGLf7TbKI+6j/uHKEmdsH8Mgt3ff2Rlth2Ge9MPZCFqeMgyzo3N9+w2P6bz3XTaNQHLO3JOqpqQKm8JfnIyM1YQqnfzgojoRovZ6sT/9Y2fpc2qN24SKgBj7KLa63ljlGkVwAuk+j7j9u6VpvzEJFjl+8r7JPX/GZU185Gigz23ccoQicsJrApznWXTIZaPcRVe/zaMCg1xPicz6+4T x-ms-exchange-antispam-messagedata: ht+JcaXJdBkhSu9Fm5faZQCeRy6Spg3D3OopA9GDrip2zbXs9FQ8QhoJj+y49kpD4cJG9XEanco3UQ+NupHMiTrctWmWGuWGn54ZHWr0qznP7JDzqxoOSh3WbktrzAKHDltqTqrwPreEdOdbIsKemg== x-ms-exchange-transport-forked: True MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: e586d10b-e9a5-4f54-0f7d-08d7d0cce95b X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Mar 2020 14:58:00.1994 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: DpPLHE6r6aHnuurXHUlgeKW3waFrZ6tmeJnnksMh7BAF3oJ6mRN1uDeBvogf5jSl6Nocx2W9Vn1Fenmdt3bYYg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR12MB4362 Return-Path: ashishsingha@nvidia.com X-OriginatorOrg: Nvidia.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nvidia.com; s=n1; t=1585148236; bh=9ldmsqIH2Ov8roXlhUmHUV4X8v0l5vK1WSl992i+QSw=; h=X-PGP-Universal:ARC-Seal:ARC-Message-Signature: ARC-Authentication-Results:From:To:CC:Subject:Thread-Topic: Thread-Index:Date:Message-ID:References:In-Reply-To: Accept-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: authentication-results:x-originating-ip:x-ms-publictraffictype: x-ms-office365-filtering-correlation-id:x-ms-traffictypediagnostic: x-microsoft-antispam-prvs:x-ms-oob-tlc-oobclassifiers: x-forefront-prvs:x-forefront-antispam-report:received-spf: x-ms-exchange-senderadcheck:x-microsoft-antispam: x-microsoft-antispam-message-info: x-ms-exchange-antispam-messagedata:x-ms-exchange-transport-forked: MIME-Version:X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-CrossTenant-mailboxtype: X-MS-Exchange-CrossTenant-userprincipalname: X-MS-Exchange-Transport-CrossTenantHeadersStamped:X-OriginatorOrg: Content-Language:Content-Type; b=nvgPpCTp7mUNIr+EuouZc4FM9Qqo2Zb4JCI+2ZtTmd/k1KX3WpwMjIf3HAzYuHw1s HGbsEGNO5KRPm4H9KI7/FPVCnAh+6ATFL+8SGkV8vJQFKuu2BNp9IlG0EaGJvdA4G/ dDGc4LgfBIIbeyP6yaL0+CXibLxJCV28ySOqSPKp3jtC+L3HHOMyUmCF7CAOuL906Z y8IR0aNxe3rFcfkxt5HrUvL1OBaLsLZ0UBUNuIUdO+A0cgENBLq6sVOiEz9w0+b8PP CeQRHHRk9xLdpIEbLo4ppf6L/Rh4Hsc3F68uTMMMOMOpj9eQGKH0yA+Rtdi3C1NE7u NFJScbKQP27/Q== Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_MW3PR12MB44576D144134C51E69427C18BACE0MW3PR12MB4457namp_" --_000_MW3PR12MB44576D144134C51E69427C18BACE0MW3PR12MB4457namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Ard, I tried to verify the patch just now and now I am seeing data abort with = a translation fault at 0th level. Also, if this helps, it is caused by in= =20FreePageTablesRecursive function when it tries to access the address p= ointed to by TranslationTable. Thanks Ashish ________________________________ From: Ard Biesheuvel Sent: Wednesday, March 25, 2020 5:38 AM To: devel@edk2.groups.io Cc: Ard Biesheuvel ; Laszlo Ersek ; Leif Lindholm ; Ashish Singhal Subject: [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attributes whe= n replacing a table entry External email: Use caution opening links or attachments Currently, depending on the size of the region being (re)mapped, the page table manipulation code may replace a table entry with a block entry= , even if the existing table entry uses different mapping attributes to describe different parts of the region it covers. This is undesirable, an= d instead, we should avoid doing so unless we are disregarding the original= attributes anyway. And if we make such a replacement, we should free all the page tables that have become orphaned in the process. So let's implement this, by taking the table entry path through the code for block sized regions if a table entry already exists, and the clear mask is set (which means we are preserving attributes from the existing mapping). And when we do replace a table entry with a block entry, free all the pages that are no longer referenced. Signed-off-by: Ard Biesheuvel --- =20ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 25 ++++++++++++++++= ---- =201 file changed, 21 insertions(+), 4 deletions(-) diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Li= brary/ArmMmuLib/AArch64/ArmMmuLibCore.c index 6f6ef5b05fbc..488156e69057 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -223,8 +223,12 @@ UpdateRegionMappingRecursive ( =20 // than a block, and recurse to create the block or page entries a= t =20 // the next level. No block mappings are allowed at all at level 0= , =20 // so in that case, we have to recurse unconditionally. + // If we are changing a table entry and the AttributeClearMask is no= n-zero, + // we cannot replace it with a block entry without potentially losin= g + // attribute information, so keep the table entry in that case. =20 // - if (Level =3D=3D 0 || ((RegionStart | BlockEnd) & BlockMask) !=3D 0)= =20{ + if (Level =3D=3D 0 || ((RegionStart | BlockEnd) & BlockMask) !=3D 0 = || + (IsTableEntry (*Entry, Level) && AttributeClearMask !=3D 0)) { =20 ASSERT (Level < 3); =20 if (!IsTableEntry (*Entry, Level)) { @@ -245,6 +249,8 @@ UpdateRegionMappingRecursive ( =20 InvalidateDataCacheRange (TranslationTable, EFI_PAGE_SIZE); =20 } + ZeroMem (TranslationTable, EFI_PAGE_SIZE); + =20 if (IsBlockEntry (*Entry, Level)) { =20 // =20 // We are splitting an existing block entry, so we have to p= opulate @@ -262,8 +268,6 @@ UpdateRegionMappingRecursive ( =20 FreePages (TranslationTable, 1); =20 return Status; =20 } - } else { - ZeroMem (TranslationTable, EFI_PAGE_SIZE); =20 } =20 } else { =20 TranslationTable =3D (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_= BLOCK_ENTRY); @@ -300,7 +304,20 @@ UpdateRegionMappingRecursive ( =20 EntryValue |=3D (Level =3D=3D 3) ? TT_TYPE_BLOCK_ENTRY_LEVEL3 =20 : TT_TYPE_BLOCK_ENTRY; - ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); + if (IsTableEntry (*Entry, Level)) { + // + // We are replacing a table entry with a block entry. This is on= ly + // possible if we are keeping none of the original attributes. + // We can free the table entry's page table, and all the ones be= low + // it, since we are dropping the only possible reference to it. + // + ASSERT (AttributeClearMask =3D=3D 0); + TranslationTable =3D (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BL= OCK_ENTRY); + ReplaceTableEntry (Entry, EntryValue, RegionStart, TRUE); + FreePageTablesRecursive (TranslationTable); + } else { + ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); + } =20 } =20 } =20 return EFI_SUCCESS; -- 2.17.1 -------------------------------------------------------------------------= ---------- This email message is for the sole use of the intended recipient(s) and m= ay contain confidential information. Any unauthorized review, use, disclosure or di= stribution is prohibited. If you are not the intended recipient, please contact the= =20sender by reply email and destroy all copies of the original message. -------------------------------------------------------------------------= ---------- --_000_MW3PR12MB44576D144134C51E69427C18BACE0MW3PR12MB4457namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
Hi Ard,

I tried to verify the patch just now and now I am seeing data abort with = a translation fault at 0th level. Also, if this helps, it is caused by in=  FreePageTablesRecursive function when it tries to access the addres= s pointed to by TranslationTable.

Thanks
Ashish
From: Ard Biesheuvel &l= t;ard.biesheuvel@linaro.org>
Sent: Wednesday, March 25, 2020 5:38 AM
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek= =20<lersek@redhat.com>; Leif Lindholm <leif@nuviainc.com>; As= hish Singhal <ashishsingha@nvidia.com>
Subject: [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attribu= tes when replacing a table entry
 
External email: Use caution opening links or att= achments


Currently, depending on the size of the region being (re)mapped, the
page table manipulation code may replace a table entry with a block entry= ,
even if the existing table entry uses different mapping attributes to
= describe different parts of the region it covers. This is undesirable, an= d
instead, we should avoid doing so unless we are disregarding the original=
attributes anyway. And if we make such a replacement, we should free all<= br> the page tables that have become orphaned in the process.

So let's implement this, by taking the table entry path through the code<= br> for block sized regions if a table entry already exists, and the clear mask is set (which means we are preserving attributes from the existing mapping). And when we do replace a table entry with a block entry, free all the pages that are no longer referenced.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 25 ++= 3;+++++++++++++----  1 file changed, 21 insertions(+), 4 deletions(-)

diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Li= brary/ArmMmuLib/AArch64/ArmMmuLibCore.c
index 6f6ef5b05fbc..488156e69057 100644
--- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
+++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
@@ -223,8 +223,12 @@ UpdateRegionMappingRecursive (
     // than a block, and recurse to create the block= =20or page entries at
     // the next level. No block mappings are allowed= =20at all at level 0,
     // so in that case, we have to recurse unconditi= onally.
+    // If we are changing a table entry and the Attri= buteClearMask is non-zero,
+    // we cannot replace it with a block entry withou= t potentially losing
+    // attribute information, so keep the table entry= =20in that case.
     //
-    if (Level =3D=3D 0 || ((RegionStart | BlockEnd) &= =20BlockMask) !=3D 0) {
+    if (Level =3D=3D 0 || ((RegionStart | BlockEnd) &= amp; BlockMask) !=3D 0 ||
+        (IsTableEntry (*Entry, Le= vel) && AttributeClearMask !=3D 0)) {
       ASSERT (Level < 3);

       if (!IsTableEntry (*Entry, Level)) {=
@@ -245,6 +249,8 @@ UpdateRegionMappingRecursive (
           InvalidateDa= taCacheRange (TranslationTable, EFI_PAGE_SIZE);
         }

+        ZeroMem (TranslationTable= , EFI_PAGE_SIZE);
+
         if (IsBlockEntry (*Entry= , Level)) {
           //
           // We are sp= litting an existing block entry, so we have to populate
@@ -262,8 +268,6 @@ UpdateRegionMappingRecursive (
             = FreePages (TranslationTable, 1);
             = return Status;
           }
-        } else {
-          ZeroMem (Translat= ionTable, EFI_PAGE_SIZE);
         }
       } else {
         TranslationTable =3D (VO= ID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOCK_ENTRY);
@@ -300,7 +304,20 @@ UpdateRegionMappingRecursive (
       EntryValue |=3D (Level =3D=3D 3) ? T= T_TYPE_BLOCK_ENTRY_LEVEL3
            &= nbsp;           &n= bsp;         : TT_TYPE_BLOCK_ENTR= Y;

-      ReplaceTableEntry (Entry, EntryValue, Reg= ionStart, FALSE);
+      if (IsTableEntry (*Entry, Level)) { +        //
+        // We are replacing a tab= le entry with a block entry. This is only
+        // possible if we are kee= ping none of the original attributes.
+        // We can free the table = entry's page table, and all the ones below
+        // it, since we are dropp= ing the only possible reference to it.
+        //
+        ASSERT (AttributeClearMas= k =3D=3D 0);
+        TranslationTable =3D (VOI= D *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOCK_ENTRY);
+        ReplaceTableEntry (Entry,= =20EntryValue, RegionStart, TRUE);
+        FreePageTablesRecursive (= TranslationTable);
+      } else {
+        ReplaceTableEntry (Entry,= =20EntryValue, RegionStart, FALSE);
+      }
     }
   }
   return EFI_SUCCESS;
--
2.17.1

This email message is for the sole use of the intended recipient(s) = and may=20 contain confidential information.  Any unauthorized review, use, dis= closure=20 or distribution is prohibited.  If you are not the intended recipien= t,=20 please contact the sender by reply email and destroy all copies of the or= iginal=20 message.
--_000_MW3PR12MB44576D144134C51E69427C18BACE0MW3PR12MB4457namp_--