Revision: 18891
http://sourceforge.net/p/edk2/code/18891
Author: abiesheuvel
Date: 2015-11-18 11:51:06 +0000 (Wed, 18 Nov 2015)
Log Message:
-----------
ArmPkg/Mmu: set required XN attributes for device mappings
To prevent speculative intruction fetches from MMIO ranges that may
have side effects on reads, the architecture requires device mappings
to be created with the XN or UXN/PXN bits set (for the ARM/EL2 and
EL1&0 translation regimes, respectively.)
Note that, in the ARM case, this involves moving all accesses to a
client domain since permission attributes like XN are ignored from
a manager domain. The use of a client domain is actually mandated
explicitly by the UEFI spec.
Reported-by: Heyi Guo <[email protected]>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <[email protected]>
Reviewed-by: Leif Lindholm <[email protected]>
Modified Paths:
--------------
trunk/edk2/ArmPkg/Include/Chipset/ArmV7Mmu.h
trunk/edk2/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c
trunk/edk2/ArmPkg/Library/ArmLib/ArmV7/ArmV7Mmu.c
Modified: trunk/edk2/ArmPkg/Include/Chipset/ArmV7Mmu.h
===================================================================
--- trunk/edk2/ArmPkg/Include/Chipset/ArmV7Mmu.h 2015-11-18 11:50:50 UTC
(rev 18890)
+++ trunk/edk2/ArmPkg/Include/Chipset/ArmV7Mmu.h 2015-11-18 11:51:06 UTC
(rev 18891)
@@ -192,6 +192,7 @@
TT_DESCRIPTOR_SECTION_S_NOT_SHARED | \
TT_DESCRIPTOR_SECTION_DOMAIN(0) | \
TT_DESCRIPTOR_SECTION_AP_RW_RW | \
+
TT_DESCRIPTOR_SECTION_XN_MASK | \
TT_DESCRIPTOR_SECTION_CACHE_POLICY_SHAREABLE_DEVICE)
#define TT_DESCRIPTOR_SECTION_UNCACHED(NonSecure)
(TT_DESCRIPTOR_SECTION_TYPE_SECTION
| \
((NonSecure) ?
TT_DESCRIPTOR_SECTION_NS : 0) | \
@@ -215,6 +216,7 @@
TT_DESCRIPTOR_PAGE_NG_GLOBAL
| \
TT_DESCRIPTOR_PAGE_S_NOT_SHARED
| \
TT_DESCRIPTOR_PAGE_AP_RW_RW
| \
+
TT_DESCRIPTOR_PAGE_XN_MASK
| \
TT_DESCRIPTOR_PAGE_CACHE_POLICY_SHAREABLE_DEVICE)
#define TT_DESCRIPTOR_PAGE_UNCACHED
(TT_DESCRIPTOR_PAGE_TYPE_PAGE
| \
TT_DESCRIPTOR_PAGE_NG_GLOBAL
| \
Modified: trunk/edk2/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c
===================================================================
--- trunk/edk2/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c 2015-11-18
11:50:50 UTC (rev 18890)
+++ trunk/edk2/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c 2015-11-18
11:51:06 UTC (rev 18891)
@@ -50,7 +50,10 @@
ASSERT(0);
case ARM_MEMORY_REGION_ATTRIBUTE_DEVICE:
case ARM_MEMORY_REGION_ATTRIBUTE_NONSECURE_DEVICE:
- return TT_ATTR_INDX_DEVICE_MEMORY;
+ if (ArmReadCurrentEL () == AARCH64_EL2)
+ return TT_ATTR_INDX_DEVICE_MEMORY | TT_TABLE_XN;
+ else
+ return TT_ATTR_INDX_DEVICE_MEMORY | TT_TABLE_UXN | TT_TABLE_PXN;
}
}
Modified: trunk/edk2/ArmPkg/Library/ArmLib/ArmV7/ArmV7Mmu.c
===================================================================
--- trunk/edk2/ArmPkg/Library/ArmLib/ArmV7/ArmV7Mmu.c 2015-11-18 11:50:50 UTC
(rev 18890)
+++ trunk/edk2/ArmPkg/Library/ArmLib/ArmV7/ArmV7Mmu.c 2015-11-18 11:51:06 UTC
(rev 18891)
@@ -294,7 +294,7 @@
DOMAIN_ACCESS_CONTROL_NONE( 3) |
DOMAIN_ACCESS_CONTROL_NONE( 2) |
DOMAIN_ACCESS_CONTROL_NONE( 1) |
- DOMAIN_ACCESS_CONTROL_MANAGER(0));
+ DOMAIN_ACCESS_CONTROL_CLIENT(0));
ArmEnableInstructionCache();
ArmEnableDataCache();
------------------------------------------------------------------------------
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
