ArmVirtQemu: Use read-only memory regio...

Ard Biesheuvel via edk2-commits Mon, 29 May 2023 09:51:34 -0700

  Branch: refs/heads/master
  Home:   https://github.com/tianocore/edk2
  Commit: 03663c4319003ccd911c93d11be37397a5881780
      
https://github.com/tianocore/edk2/commit/03663c4319003ccd911c93d11be37397a5881780
  Author: Ard Biesheuvel <a...@kernel.org>
  Date:   2023-05-29 (Mon, 29 May 2023)


  Changed paths:
    M ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoLib.c

  Log Message:
  -----------
  ArmVirtPkg/ArmVirtQemu: Use read-only memory region type for code flash

Map the code flash with read-only attributes so we can execute from it
even under a memory protection regime that enables WXN, making all
writable memory regions non-executable by default.

Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>


  Commit: 1034d223f8cc6bf8b9b86c57e564753cdad46f88
      
https://github.com/tianocore/edk2/commit/1034d223f8cc6bf8b9b86c57e564753cdad46f88
  Author: Ard Biesheuvel <a...@kernel.org>
  Date:   2023-05-29 (Mon, 29 May 2023)

  Changed paths:
    M ArmPkg/ArmPkg.dec
    M ArmPkg/Drivers/CpuDxe/CpuDxe.c
    M ArmPkg/Drivers/CpuDxe/CpuDxe.inf

  Log Message:
  -----------
  ArmPkg/CpuDxe: Perform preliminary NX remap of free memory

The DXE core implementation of PcdDxeNxMemoryProtectionPolicy already
contains an assertion that EfiConventionalMemory and EfiBootServicesData
are subjected to the same policy when it comes to the use of NX
permissions. The reason for this is that we may otherwise end up with
unbounded recursion in the page table code, given that allocating a page
table would then involve a permission attribute change, and this could
result in the need for a block entry to be split, which would trigger
the allocation of a page table recursively.

For the same reason, a shortcut exists in ApplyMemoryProtectionPolicy()
where, instead of setting the memory attributes unconditionally, we
compare the NX policies and avoid touching the page tables if they are
the same for the old and the new memory types. Without this shortcut, we
may end up in a situation where, as the CPU arch protocol DXE driver is
ramping up, the same unbounded recursion is triggered, due to the fact
that the NX policy for EfiConventionalMemory has not been applied yet.

To break this cycle, let's remap all EfiConventionalMemory regions
according to the NX policy for EfiBootServicesData before exposing the
CPU arch protocol to the DXE core and other drivers. This ensures that
creating EfiBootServicesData allocations does not result in memory
attribute changes, and therefore no recursion.

Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>


Compare: https://github.com/tianocore/edk2/compare/8e934ab9562a...1034d223f8cc


_______________________________________________
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits

[tianocore/edk2] 03663c: ArmVirtPkg/ArmVirtQemu: Use read-only memory regio...

Reply via email to