Re: [edk2] [PATCH 1/4] ArmPkg/CpuDxe: Correct EFI_MEMORY_RO usage

On Fri, Feb 10, 2017 at 06:25:00PM +, Ard Biesheuvel wrote: > On 10 February 2017 at 18:17, Leif Lindholm wrote: > > On Thu, Feb 09, 2017 at 05:38:08PM +, Ard Biesheuvel wrote: > >> From: Jiewen Yao > >> > >> Current Arm CpuDxe driver uses

Re: [edk2] [PATCH] ShellPkg/pci: Report error when invalid value is specified for "-ec"

Reviewed-by: Jaben Carsey Ray, What is the intended behavior if the user does -ec with no data after it? -Jaben > -Original Message- > From: Ni, Ruiyu > Sent: Friday, February 10, 2017 12:24 AM > To: edk2-devel@lists.01.org > Cc: Carsey, Jaben

Re: [edk2] [PATCH 1/4] ArmPkg/CpuDxe: Correct EFI_MEMORY_RO usage

On Thu, Feb 09, 2017 at 05:38:08PM +, Ard Biesheuvel wrote: > From: Jiewen Yao > > Current Arm CpuDxe driver uses EFI_MEMORY_WP for write protection, > according to UEFI spec, we should use EFI_MEMORY_RO for write protection. > The EFI_MEMORY_WP is the cache attribute

Re: [edk2] [PATCH 4/4] ArmPkg/ArmMmuLib: AARCH64: add support for modifying only permissions

On 10 February 2017 at 18:16, Leif Lindholm wrote: > On Thu, Feb 09, 2017 at 05:38:11PM +, Ard Biesheuvel wrote: >> Since the new DXE page protection for PE/COFF images may invoke >> EFI_CPU_ARCH_PROTOCOL.SetMemoryAttributes() with only permission >> attributes set,

Re: [edk2] [PATCH 1/4] ArmPkg/CpuDxe: Correct EFI_MEMORY_RO usage

On 10 February 2017 at 18:17, Leif Lindholm wrote: > On Thu, Feb 09, 2017 at 05:38:08PM +, Ard Biesheuvel wrote: >> From: Jiewen Yao >> >> Current Arm CpuDxe driver uses EFI_MEMORY_WP for write protection, >> according to UEFI spec, we should

Re: [edk2] [PATCH 2/4] ArmPkg/CpuDxe: translate invalid memory types in EfiAttributeToArmAttribute

On Thu, Feb 09, 2017 at 05:38:09PM +, Ard Biesheuvel wrote: > The single user of EfiAttributeToArmAttribute () is the protocol > method EFI_CPU_ARCH_PROTOCOL.SetMemoryAttributes(), which uses the > return value to compare against the ARM attributes of an existing mapping, > to infer whether it

Re: [edk2] [PATCH 3/4] ArmPkg/CpuDxe: ARM: ignore page table updates that only change permissions

On Thu, Feb 09, 2017 at 05:38:10PM +, Ard Biesheuvel wrote: > Currently, we have not implemented support on 32-bit ARM for managing > permission bits in the page tables. Since the new DXE page protection > for PE/COFF images may invoke EFI_CPU_ARCH_PROTOCOL.SetMemoryAttributes() > with only

Re: [edk2] [PATCH 2/4] ArmPkg/CpuDxe: translate invalid memory types in EfiAttributeToArmAttribute

On 10 February 2017 at 17:54, Leif Lindholm wrote: > On Thu, Feb 09, 2017 at 05:38:09PM +, Ard Biesheuvel wrote: >> The single user of EfiAttributeToArmAttribute () is the protocol >> method EFI_CPU_ARCH_PROTOCOL.SetMemoryAttributes(), which uses the >> return value

Re: [edk2] [PATCH] ShellPkg/pci: Report error when invalid value is specified for "-ec"

Jaben, "-ec" should be followed by a ID. The patch fixes when "-ec" is followed by string other than ID, no error is reported. Regards, Ray >-Original Message- >From: Carsey, Jaben >Sent: Saturday, February 11, 2017 1:06 AM >To: Ni, Ruiyu ; edk2-devel@lists.01.org

Re: [edk2] [PATCH 2/3] MdeModulePkg/Universal/CapsulePei: Add support for PCD PcdPteMemoryEncryptionAddressOrMask

Leo, CapsuleX64 is a standalone module, PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) could not be used in X64Entry PageFaultHandler() as PcdPteMemoryEncryptionAddressOrMask may be configured to DYNAMIC type. You can use similar logic with PAGE_FAULT_CONTEXT.Page1GSupport to transfer the

[edk2] [PATCH] ShellPkg/pci: Report error when invalid value is specified for "-ec"

Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni Cc: Jaben Carsey --- ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c | 21 +++-- .../UefiShellDebug1CommandsLib.uni | 2 +- 2 files

[edk2] [Patch] BaseTools: NULL pointer comparison to a char literal should be to NULL

From: Nikolai SAOUKH GCC7 complaint -- error: ISO C++ forbids comparison between pointer and integer. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Nikolai SAOUKH Reviewed-by: Yonghong Zhu ---

Re: [edk2] [PATCH 1/3] MdeModulePkg: Add PCD PcdPteMemoryEncryptionAddressOrMask

Reviewed-by: Star Zeng -Original Message- From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Leo Duran Sent: Thursday, February 9, 2017 5:13 AM To: edk2-de...@ml01.01.org Cc: Laszlo Ersek ; Tian, Feng ;

[edk2] CapsuleApp behavior for CAPSULE_FLAGS_PERSIST_ACROSS_RESET only capsule

Hi Jiewen, I think it might be a logic error for CapsuleApp with CAPSULE_FLAGS_PERSIST_ACROSS_RESET only capsule. If a capsule only have CAPSULE_FLAGS_PERSIST_ACROSS_RESET flag, my understanding it will not trigger reset automatially. User will trigger reset（S3) in OS or application

Re: [edk2] CapsuleApp behavior for CAPSULE_FLAGS_PERSIST_ACROSS_RESET only capsule

That is an interesting question. A general rule for Capsule App is: 1) If a capsule has CAPSULE_FLAGS_INITIATE_RESET, the CapsuleService will issue reset. No need to handler in CapsuleApp. (The free memory logic will not run) 2) If a capsule has CAPSULE_FLAGS_PERSIST_ACROSS_RESET,

Re: [edk2] [PATCH V3 0/4] DXE Memory Protection

Good to learn that ARM/ARCH64 behavior. That is interesting. Yes, if that is the case, we need figure out a way to make it work. IMHO, “Undo the protection” directly is also risky. Maybe the protection is used or setup by OS purposely before EBS (WoW. ☺). Unprotecting them in BIOS might break

Re: [edk2] [PATCH V2] MdePkg ACPI: Incorrect definition name for ACPI IORT Table signature

Reviewed-by: jiewen@intel.com > -Original Message- > From: Zeng, Star > Sent: Thursday, February 9, 2017 11:41 PM > To: edk2-devel@lists.01.org > Cc: Zeng, Star ; Alexei Fedorov > ; Yao, Jiewen ; Gao, Liming >

Re: [edk2] [PATCH V3 0/4] DXE Memory Protection

> On 10 Feb 2017, at 11:32, Yao, Jiewen wrote: > > Good to learn that ARM/ARCH64 behavior. That is interesting. > > Yes, if that is the case, we need figure out a way to make it work. > > IMHO, “Undo the protection” directly is also risky. > Maybe the protection is

Re: [edk2] [PATCH 3/3] UefiCpuPkg/Universal/Acpi/S3Resume2Pei: Add support for PCD PcdPteMemoryEncryptionAddressOrMask

Leo, On 02/10/17 05:27, Duran, Leo wrote: > Hi Jeff, > The new PCD is intended to be OR'ed with the address (upper bits). > Leo. if I understand correctly, you only answered Jeff's first question: >> -Original Message- >> From: Fan, Jeff [mailto:jeff@intel.com] >> Sent: Thursday,

Re: [edk2] [PATCH V3 0/4] DXE Memory Protection

Thanks for the info. Mike/Vincent also mentioned that FW does not own page tables after ExitBootServices(), so the OS would have to relax NX protection of RT code pages across SVA. Or delay setting NX protections on RT code pages until after SVA. I agree with you that we can mark RT region to

Re: [edk2] [PATCH V3 0/4] DXE Memory Protection

On 10 February 2017 at 12:59, Yao, Jiewen wrote: > Thanks for the info. > > > > Mike/Vincent also mentioned that FW does not own page tables after > ExitBootServices(), so the OS would have to relax NX protection of RT code > pages across SVA. > > Or delay setting NX