From: "Laszlo Ersek" <lersek@redhat.com>
To: devel@edk2.groups.io, jacek.kukiello@intel.com
Cc: Jian J Wang <jian.j.wang@intel.com>,
Hao A Wu <hao.a.wu@intel.com>, Dandan Bi <dandan.bi@intel.com>,
Liming Gao <gaoliming@byosoft.com.cn>,
Oleksiy Yakovlev <oleksiyy@ami.com>,
"Ard Biesheuvel (ARM address)" <ard.biesheuvel@arm.com>
Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/Mem: Memory paging related attributes must be separated from others
Date: Wed, 23 Sep 2020 12:27:20 +0200 [thread overview]
Message-ID: <fd2f28bf-1880-ebf8-3e9d-bc5d58323074@redhat.com> (raw)
In-Reply-To: <20200923080829.6884-1-jacek.kukiello@intel.com>
On 09/23/20 10:08, Malgorzata Kukiello wrote:
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2982
>
> During a recent change (bda18f5ed04f5317ab2bdc9da4530c078b33cc63) that changed
> the way memory attributes are handled it affected a function in Page.c that
> would clear all memory attributes even security related ones
>
> Signed-off-by: Malgorzata Kukiello <jacek.kukiello@intel.com>
> ---
> MdeModulePkg/Core/Dxe/Mem/Page.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/Page.c
> index 2c2c9cd6c3..9254afb92b 100644
> --- a/MdeModulePkg/Core/Dxe/Mem/Page.c
> +++ b/MdeModulePkg/Core/Dxe/Mem/Page.c
> @@ -1933,7 +1933,7 @@ CoreGetMemoryMap (
> MemoryMapEnd = MemoryMap;
> MemoryMap = MemoryMapStart;
> while (MemoryMap < MemoryMapEnd) {
> - MemoryMap->Attribute &= ~(UINT64)EFI_MEMORY_ATTRIBUTE_MASK;
> + MemoryMap->Attribute &= ~(UINT64)EFI_MEMORY_ACCESS_MASK;
> MemoryMap = NEXT_MEMORY_DESCRIPTOR (MemoryMap, Size);
> }
> MergeMemoryMap (MemoryMapStart, &BufferSize, Size);
>
(1) Please CC the maintainers that need to review this patch.
I'm doing that for you, for now.
$ python BaseTools/Scripts/GetMaintainer.py -l \
MdeModulePkg/Core/Dxe/Mem/Page.c
(But note that "BaseTools/Scripts/GetMaintainer.py" can operate on
patches / commits as well; it's better to use it that way, and then to
add corresponding "Cc:" tags to the commit messages themselves.)
(2) Also CC'ing Oleksiy (author of the commit in question), and Ard
(Linux EFI subsystem maintainer).
(3) Your commit reference in the commit message is *still* wrong (I
corrected it before in the BZ). The proper (upstream) commit hash is
3bd5c994c879f78e8e3d5346dc3b627f199291aa.
(4) This patch should be patch#2 in a series of two patches.
Currently this patch has been posted as a thread starter, and the more
foundational patch (the one that modifies the macros in "UefiSpec.h")
has been posted in response to this one.
Instead, there should be a cover letter 0/2, then 1/2 (in response to
the cover letter) should modify the macros, then finally this patch
should be 2/2.
Please run "BaseTools/Scripts/SetupGit.py" in your edk2 clone; it will
set up shallow threading (meaning sendemail.thread=True AND
sendemail.chainreplyto=False).
(5) A better subject line for this patch, in my opinion, would be:
MdeModulePkg/Core/Dxe: expose SP and CRYPTO capabilities in UEFI memmap
Because, near the location that you are modifying, we have the following
helpful comment:
//
// Note: Some OSs will treat EFI_MEMORY_DESCRIPTOR.Attribute as really
// set attributes and change memory paging attribute accordingly.
// But current EFI_MEMORY_DESCRIPTOR.Attribute is assigned by
// value from Capabilities in GCD memory map. This might cause
// boot problems. Clearing all paging related capabilities can
// workaround it. Following code is supposed to be removed once
// the usage of EFI_MEMORY_DESCRIPTOR.Attribute is clarified in
// UEFI spec and adopted by both EDK-II Core and all supported
// OSs.
//
Which in fact clarifies your issue report: apparently, the SP and CRYPTO
attributes *are* already treated as capabilities (and not as presently
set attributes) by operating systems. Therefore we should not hide these
capabilities from OSes -- we should not allow the workaround to cover
these capabilities.
(BTW, when Oleksiy posted the original patch and we reviewed it, I
believe this information -- i.e. how OSes would treat these new
capabilities -- was not at our disposal. So I think it was impossible to
tell whether we should hide SP and CRYPTO too, or not.)
(6) I think the comment I quoted above should be clarified too. It
currently says "Clearing all paging related capabilities". It should say
"Clearing all page-access permission capabilities", or something
similar; to better reflect the purpose of EFI_MEMORY_ACCESS_MASK.
Thanks
Laszlo
prev parent reply other threads:[~2020-09-23 10:27 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-23 8:08 [PATCH] MdeModulePkg/Mem: Memory paging related attributes must be separated from others Malgorzata Kukiello
2020-09-23 8:08 ` Malgorzata Kukiello
2020-09-23 10:36 ` [edk2-devel] " Laszlo Ersek
2020-09-23 10:27 ` Laszlo Ersek [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fd2f28bf-1880-ebf8-3e9d-bc5d58323074@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox