From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from hqnvemgate26.nvidia.com (hqnvemgate26.nvidia.com [216.228.121.65]) by mx.groups.io with SMTP id smtpd.web10.14708.1585151270448352731 for ; Wed, 25 Mar 2020 08:47:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@nvidia.com header.s=n1 header.b=GxPbcaL3; spf=pass (domain: nvidia.com, ip: 216.228.121.65, mailfrom: ashishsingha@nvidia.com) Received: from hqpgpgate101.nvidia.com (Not Verified[216.228.121.13]) by hqnvemgate26.nvidia.com (using TLS: TLSv1.2, DES-CBC3-SHA) id ; Wed, 25 Mar 2020 08:47:36 -0700 Received: from hqmail.nvidia.com ([172.20.161.6]) by hqpgpgate101.nvidia.com (PGP Universal service); Wed, 25 Mar 2020 08:47:50 -0700 X-PGP-Universal: processed; by hqpgpgate101.nvidia.com on Wed, 25 Mar 2020 08:47:50 -0700 Received: from HQMAIL107.nvidia.com (172.20.187.13) by HQMAIL105.nvidia.com (172.20.187.12) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 25 Mar 2020 15:47:49 +0000 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.169) by HQMAIL107.nvidia.com (172.20.187.13) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 25 Mar 2020 15:47:49 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LZ18qBY6zQblxoC4++E9nJUgdPDk2sY38PYIND6DGpTR/HtDSrgcvh3rlwtMuTKtKmD5NVYc7X+6UOUkbkIxuq2AUvvtcRrj3bOcZ5R3uGWuw5SQaPKN2uN+j4nC4owMTWuxePz1vFzTIqtQc/29MQ4Zs54ElSmSdyJUFPxa94VMBYiQ+3d5G5psNiZhF8jTNdsOJMwlbkMOqqDsgOJwy/A1Fn7QtGUWGWEPHlFGUvmkJn2oam2Kjg3Vb6g/NQCM5SbskNDF2UGLj799Wjp/AgzUd3IycE8zcYEtV+3f6+fmE+TCAeNaZfW6sGQYqBTt2ULoO6MeRWVwp7L63zXWtA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LXs5jZ6M2YgS5Gz3w37ImPcqyyQyE4fCxDtQeJPh7hw=; b=lYTGV3P8hlMZsquYhgk+j0I2gcRZSjC+YUDVN/t0g8aSx7M71QhPkmoLIyy7BX0T/Oh4WPh6e5blXSSnti5ctkgZY3bhb1EeaZorMPD4pLtQQgZv7sOTq+lg6pvopTZJJEIotC/C6OPRzw5weEAHN+Xmm+kmT/cfAfDjA0UzhRxuKt9Ul4yYxGcxr/R9ecm1GBKHLOKFxYg4lnHABY/ofUO93oj4bVj2NMBUTXfPqbmJ/ncHs0lEqTpbyEa67wgajOXvGSikMqrI4vBNnyvDIPGWcSvBu3MJCvZHp+U65VCukzCk8UrkILlgVjokVW0e7Bvw0TL21m2ZlKpxeZrGwA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none Received: from MW3PR12MB4457.namprd12.prod.outlook.com (2603:10b6:303:2e::20) by MW3PR12MB4474.namprd12.prod.outlook.com (2603:10b6:303:2e::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2835.20; Wed, 25 Mar 2020 15:47:48 +0000 Received: from MW3PR12MB4457.namprd12.prod.outlook.com ([fe80::d477:5c8e:2e4e:5481]) by MW3PR12MB4457.namprd12.prod.outlook.com ([fe80::d477:5c8e:2e4e:5481%4]) with mapi id 15.20.2835.023; Wed, 25 Mar 2020 15:47:48 +0000 From: "Ashish Singhal" To: Ard Biesheuvel , "devel@edk2.groups.io" CC: Laszlo Ersek , Leif Lindholm Subject: Re: [PATCH v3 3/3] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry Thread-Topic: [PATCH v3 3/3] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry Thread-Index: AQHWAro78Xn6U7YhhE2XnrRVRMV2kahZdAGL Date: Wed, 25 Mar 2020 15:47:48 +0000 Message-ID: References: <20200325152940.1492-1-ard.biesheuvel@linaro.org>,<20200325152940.1492-4-ard.biesheuvel@linaro.org> In-Reply-To: <20200325152940.1492-4-ard.biesheuvel@linaro.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=ashishsingha@nvidia.com; x-originating-ip: [216.228.112.22] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: d0276859-f898-4ee5-9d6f-08d7d0d3de81 x-ms-traffictypediagnostic: MW3PR12MB4474: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:5236; x-forefront-prvs: 0353563E2B x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(376002)(366004)(39860400002)(396003)(136003)(346002)(5660300002)(110136005)(19627405001)(52536014)(54906003)(33656002)(76116006)(7696005)(66476007)(66556008)(316002)(19627235002)(8676002)(66946007)(81166006)(71200400001)(86362001)(81156014)(478600001)(4326008)(186003)(9686003)(55016002)(26005)(6506007)(53546011)(64756008)(2906002)(8936002)(66446008);DIR:OUT;SFP:1101;SCL:1;SRVR:MW3PR12MB4474;H:MW3PR12MB4457.namprd12.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords; received-spf: None (protection.outlook.com: nvidia.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: Cf1nNwE8vmoCbMXchyLZ/3pfwl/kLnqb9hes0csju0E1SbgQmApV5ftAwuVhYChvKNyI6W57C5CLhqZ8LySLka6prWcv84qjSUPsLqUYswGZTJEL5lLqfuZAV5PtCV/V02f1LEyftEYpULwwCoOy1vntCn6+o88T2bgpobaccfu9wEdc/EPx7n0RdfxnCJmltWJwSMC5vCyAelkzkYtoAVEuX3XT1baiQD4CHEg4blfPghLWwh1nPyVIspu5HW9lgGS/KP9wYoqiCyMjcst7r7nxWmDBVUm57sCone5V6NgshMRyeancfffa1p1WembVnELMcH8BCmfmFJ0GRlb96ladnevYHtx5M7PsoGUOMGNoS5Md1QZXZDPqgMvJEaJrZQ+U5cU0+04oWSYlsIPi8rpVL5oUhwl2xxr0gXTYzov/FhRX6QQIAQwQVLgMq/n4 x-ms-exchange-antispam-messagedata: vehtJWnzeo374H/+OInx3A2B5D5U5UN4LY2AsRYg8Y26FbD7PgL53INf1Zoj5CKzmu0IXCGSI48p7kvM9lPaOYc0/xdN9TPLnQe+SXRkt/cpmU9uz0Dh/tNoCUiPLMqCFxGbQZx67ig0gi1p7D/D4g== x-ms-exchange-transport-forked: True MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: d0276859-f898-4ee5-9d6f-08d7d0d3de81 X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Mar 2020 15:47:48.4414 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Vp7eMp/vz6vZtqQEU9q1KUORJNKKUbjrH+h71yiOzWJ92qi6dkvN4dRZYxNllpSazqEOh+QE5BqYm3Ak9NuUCA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR12MB4474 Return-Path: ashishsingha@nvidia.com X-OriginatorOrg: Nvidia.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nvidia.com; s=n1; t=1585151256; bh=njYoSzc+jj9Ea6PqpjdhRCOFOoNFJn6rQqVlf42Cg5w=; h=X-PGP-Universal:ARC-Seal:ARC-Message-Signature: ARC-Authentication-Results:From:To:CC:Subject:Thread-Topic: Thread-Index:Date:Message-ID:References:In-Reply-To: Accept-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: authentication-results:x-originating-ip:x-ms-publictraffictype: x-ms-office365-filtering-correlation-id:x-ms-traffictypediagnostic: x-microsoft-antispam-prvs:x-ms-oob-tlc-oobclassifiers: x-forefront-prvs:x-forefront-antispam-report:received-spf: x-ms-exchange-senderadcheck:x-microsoft-antispam: x-microsoft-antispam-message-info: x-ms-exchange-antispam-messagedata:x-ms-exchange-transport-forked: MIME-Version:X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-CrossTenant-mailboxtype: X-MS-Exchange-CrossTenant-userprincipalname: X-MS-Exchange-Transport-CrossTenantHeadersStamped:X-OriginatorOrg: Content-Language:Content-Type; b=GxPbcaL38+zQVcdTbpyiU5BdjvhBPOa9gjPiiVjFzzZcSLDMvORcdWVV1Cx5YM8Io W9+7ewb8ka+Dtqv3bB6rKf7YHBXPL/R2rKzbErsruw0OqsgfY1Q431j2ocYUAaAhXm J3e7Ni9O4ROi5CEt86MtJrINcnLC1hLlykzbUK+Uj6dmcwysYCcba/faIoF6kcfwA/ reez3Bc4/lbVAxuzoOZQpOSpBPwiiD2jyi/Qnn+ZlFF1GcFRiplwHVT9aK9L6kkGDx TxPnBpCkePFd/ug6KWfu++OkMJ73eTJ4wKaGMA81BmX8avErbDtrofNhOytxN9HL0B 3G0Cu+DzAtkfQ== Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_MW3PR12MB4457A909ADCE5AE56372BED9BACE0MW3PR12MB4457namp_" --_000_MW3PR12MB4457A909ADCE5AE56372BED9BACE0MW3PR12MB4457namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Ashish Singhal Tested-by: Ashish Singhal ________________________________ From: Ard Biesheuvel Sent: Wednesday, March 25, 2020 9:29 AM To: devel@edk2.groups.io Cc: Ard Biesheuvel ; Laszlo Ersek ; Leif Lindholm ; Ashish Singhal Subject: [PATCH v3 3/3] ArmPkg/ArmMmuLib AARCH64: preserve attributes whe= n replacing a table entry External email: Use caution opening links or attachments Currently, depending on the size of the region being (re)mapped, the page table manipulation code may replace a table entry with a block entry= , even if the existing table entry uses different mapping attributes to describe different parts of the region it covers. This is undesirable, an= d instead, we should avoid doing so unless we are disregarding the original= attributes anyway. And if we make such a replacement, we should free all the page tables that have become orphaned in the process. So let's implement this, by taking the table entry path through the code for block sized regions if a table entry already exists, and the clear mask is set (which means we are preserving attributes from the existing mapping). And when we do replace a table entry with a block entry, free all the pages that are no longer referenced. Signed-off-by: Ard Biesheuvel --- =20ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 25 ++++++++++++++++= ---- =201 file changed, 21 insertions(+), 4 deletions(-) diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Li= brary/ArmMmuLib/AArch64/ArmMmuLibCore.c index 0680ba36d907..3b10ef58f0a2 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -229,8 +229,12 @@ UpdateRegionMappingRecursive ( =20 // than a block, and recurse to create the block or page entries a= t =20 // the next level. No block mappings are allowed at all at level 0= , =20 // so in that case, we have to recurse unconditionally. + // If we are changing a table entry and the AttributeClearMask is no= n-zero, + // we cannot replace it with a block entry without potentially losin= g + // attribute information, so keep the table entry in that case. =20 // - if (Level =3D=3D 0 || ((RegionStart | BlockEnd) & BlockMask) !=3D 0)= =20{ + if (Level =3D=3D 0 || ((RegionStart | BlockEnd) & BlockMask) !=3D 0 = || + (IsTableEntry (*Entry, Level) && AttributeClearMask !=3D 0)) { =20 ASSERT (Level < 3); =20 if (!IsTableEntry (*Entry, Level)) { @@ -251,6 +255,8 @@ UpdateRegionMappingRecursive ( =20 InvalidateDataCacheRange (TranslationTable, EFI_PAGE_SIZE); =20 } + ZeroMem (TranslationTable, EFI_PAGE_SIZE); + =20 if (IsBlockEntry (*Entry, Level)) { =20 // =20 // We are splitting an existing block entry, so we have to p= opulate @@ -268,8 +274,6 @@ UpdateRegionMappingRecursive ( =20 FreePages (TranslationTable, 1); =20 return Status; =20 } - } else { - ZeroMem (TranslationTable, EFI_PAGE_SIZE); =20 } =20 } else { =20 TranslationTable =3D (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_= BLOCK_ENTRY); @@ -306,7 +310,20 @@ UpdateRegionMappingRecursive ( =20 EntryValue |=3D (Level =3D=3D 3) ? TT_TYPE_BLOCK_ENTRY_LEVEL3 =20 : TT_TYPE_BLOCK_ENTRY; - ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); + if (IsTableEntry (*Entry, Level)) { + // + // We are replacing a table entry with a block entry. This is on= ly + // possible if we are keeping none of the original attributes. + // We can free the table entry's page table, and all the ones be= low + // it, since we are dropping the only possible reference to it. + // + ASSERT (AttributeClearMask =3D=3D 0); + TranslationTable =3D (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BL= OCK_ENTRY); + ReplaceTableEntry (Entry, EntryValue, RegionStart, TRUE); + FreePageTablesRecursive (TranslationTable, Level + 1); + } else { + ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); + } =20 } =20 } =20 return EFI_SUCCESS; -- 2.17.1 -------------------------------------------------------------------------= ---------- This email message is for the sole use of the intended recipient(s) and m= ay contain confidential information. Any unauthorized review, use, disclosure or di= stribution is prohibited. If you are not the intended recipient, please contact the= =20sender by reply email and destroy all copies of the original message. -------------------------------------------------------------------------= ---------- --_000_MW3PR12MB4457A909ADCE5AE56372BED9BACE0MW3PR12MB4457namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
Reviewed-by: =20Ashish Singhal <ashishsingha@nvidia.com>
Tested-by: =20Ashish Singhal <ashishsingha@nvidia.com>

From: Ard Biesheuvel &l= t;ard.biesheuvel@linaro.org>
Sent: Wednesday, March 25, 2020 9:29 AM
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek= =20<lersek@redhat.com>; Leif Lindholm <leif@nuviainc.com>; As= hish Singhal <ashishsingha@nvidia.com>
Subject: [PATCH v3 3/3] ArmPkg/ArmMmuLib AARCH64: preserve attribu= tes when replacing a table entry
 
External email: Use caution opening links or att= achments


Currently, depending on the size of the region being (re)mapped, the
page table manipulation code may replace a table entry with a block entry= ,
even if the existing table entry uses different mapping attributes to
= describe different parts of the region it covers. This is undesirable, an= d
instead, we should avoid doing so unless we are disregarding the original=
attributes anyway. And if we make such a replacement, we should free all<= br> the page tables that have become orphaned in the process.

So let's implement this, by taking the table entry path through the code<= br> for block sized regions if a table entry already exists, and the clear mask is set (which means we are preserving attributes from the existing mapping). And when we do replace a table entry with a block entry, free all the pages that are no longer referenced.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 25 ++= 3;+++++++++++++----  1 file changed, 21 insertions(+), 4 deletions(-)

diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Li= brary/ArmMmuLib/AArch64/ArmMmuLibCore.c
index 0680ba36d907..3b10ef58f0a2 100644
--- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
+++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
@@ -229,8 +229,12 @@ UpdateRegionMappingRecursive (
     // than a block, and recurse to create the block= =20or page entries at
     // the next level. No block mappings are allowed= =20at all at level 0,
     // so in that case, we have to recurse unconditi= onally.
+    // If we are changing a table entry and the Attri= buteClearMask is non-zero,
+    // we cannot replace it with a block entry withou= t potentially losing
+    // attribute information, so keep the table entry= =20in that case.
     //
-    if (Level =3D=3D 0 || ((RegionStart | BlockEnd) &= =20BlockMask) !=3D 0) {
+    if (Level =3D=3D 0 || ((RegionStart | BlockEnd) &= amp; BlockMask) !=3D 0 ||
+        (IsTableEntry (*Entry, Le= vel) && AttributeClearMask !=3D 0)) {
       ASSERT (Level < 3);

       if (!IsTableEntry (*Entry, Level)) {=
@@ -251,6 +255,8 @@ UpdateRegionMappingRecursive (
           InvalidateDa= taCacheRange (TranslationTable, EFI_PAGE_SIZE);
         }

+        ZeroMem (TranslationTable= , EFI_PAGE_SIZE);
+
         if (IsBlockEntry (*Entry= , Level)) {
           //
           // We are sp= litting an existing block entry, so we have to populate
@@ -268,8 +274,6 @@ UpdateRegionMappingRecursive (
             = FreePages (TranslationTable, 1);
             = return Status;
           }
-        } else {
-          ZeroMem (Translat= ionTable, EFI_PAGE_SIZE);
         }
       } else {
         TranslationTable =3D (VO= ID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOCK_ENTRY);
@@ -306,7 +310,20 @@ UpdateRegionMappingRecursive (
       EntryValue |=3D (Level =3D=3D 3) ? T= T_TYPE_BLOCK_ENTRY_LEVEL3
            &= nbsp;           &n= bsp;         : TT_TYPE_BLOCK_ENTR= Y;

-      ReplaceTableEntry (Entry, EntryValue, Reg= ionStart, FALSE);
+      if (IsTableEntry (*Entry, Level)) { +        //
+        // We are replacing a tab= le entry with a block entry. This is only
+        // possible if we are kee= ping none of the original attributes.
+        // We can free the table = entry's page table, and all the ones below
+        // it, since we are dropp= ing the only possible reference to it.
+        //
+        ASSERT (AttributeClearMas= k =3D=3D 0);
+        TranslationTable =3D (VOI= D *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOCK_ENTRY);
+        ReplaceTableEntry (Entry,= =20EntryValue, RegionStart, TRUE);
+        FreePageTablesRecursive (= TranslationTable, Level + 1);
+      } else {
+        ReplaceTableEntry (Entry,= =20EntryValue, RegionStart, FALSE);
+      }
     }
   }
   return EFI_SUCCESS;
--
2.17.1

This email message is for the sole use of the intended recipient(s) = and may=20 contain confidential information.  Any unauthorized review, use, dis= closure=20 or distribution is prohibited.  If you are not the intended recipien= t,=20 please contact the sender by reply email and destroy all copies of the or= iginal=20 message.
--_000_MW3PR12MB4457A909ADCE5AE56372BED9BACE0MW3PR12MB4457namp_--