tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/ArmVirtPkg/HighMemDxe/HighMemDxe.c

136 lines
5.1 KiB
C
Raw Normal View History

ArmVirtPkg: HighMemDxe: add memory space for the high memory nodes Here we add the memory space for the high memory nodes except the lowest one in FDT. So these spaces will show up in the UEFI memory map. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> [lersek@redhat.com: rewrap at 79 chars, use NULL, print Status] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19124 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 17:17:17 +01:00
/** @file
* High memory node enumeration DXE driver for ARM Virtual Machines
*
ArmVirtPkg/HighMemDxe: move to FDT client protocol Use the FDT client protocol rather than parsing the DT directly using fdtlib. While we're at it, update the code so it deals correctly with memory nodes that describe multiple disjoint regions in their "reg" properties, and make the code work with #address-cells/#size-cells properties of <1> as well as <2>. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-09-15 15:23:11 +02:00
* Copyright (c) 2015-2016, Linaro Ltd. All rights reserved.
ArmVirtPkg: HighMemDxe: add memory space for the high memory nodes Here we add the memory space for the high memory nodes except the lowest one in FDT. So these spaces will show up in the UEFI memory map. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> [lersek@redhat.com: rewrap at 79 chars, use NULL, print Status] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19124 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 17:17:17 +01:00
*
* This program and the accompanying materials are licensed and made available
* under the terms and conditions of the BSD License which accompanies this
* distribution. The full text of the license may be found at
* http://opensource.org/licenses/bsd-license.php
*
* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
* IMPLIED.
*
**/
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/DxeServicesTableLib.h>
ArmVirtPkg/HighMemDxe: move to FDT client protocol Use the FDT client protocol rather than parsing the DT directly using fdtlib. While we're at it, update the code so it deals correctly with memory nodes that describe multiple disjoint regions in their "reg" properties, and make the code work with #address-cells/#size-cells properties of <1> as well as <2>. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-09-15 15:23:11 +02:00
#include <Library/PcdLib.h>
#include <Library/UefiBootServicesTableLib.h>
ArmVirtPkg/HighMemDxe: use CPU arch protocol to apply memprotect policy Instead of invoking gDS->SetMemorySpaceAttributes to set the EFI_MEMORY_XP attribute on newly added regions, which is guaranteed to fail if the same attribute was not declared as a capability of the region when it as added, invoke the CPU arch protocol directly to set the EFI_MEMORY_XP attribute if our memory protection policy demands it. Reported-by: Michael Zimmermann <sigmaepsilon92@gmail.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2017-03-21 09:47:23 +01:00
#include <Protocol/Cpu.h>
ArmVirtPkg/HighMemDxe: move to FDT client protocol Use the FDT client protocol rather than parsing the DT directly using fdtlib. While we're at it, update the code so it deals correctly with memory nodes that describe multiple disjoint regions in their "reg" properties, and make the code work with #address-cells/#size-cells properties of <1> as well as <2>. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-09-15 15:23:11 +02:00
#include <Protocol/FdtClient.h>
ArmVirtPkg: HighMemDxe: add memory space for the high memory nodes Here we add the memory space for the high memory nodes except the lowest one in FDT. So these spaces will show up in the UEFI memory map. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> [lersek@redhat.com: rewrap at 79 chars, use NULL, print Status] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19124 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 17:17:17 +01:00
EFI_STATUS
EFIAPI
InitializeHighMemDxe (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
ArmVirtPkg/HighMemDxe: check new regions against GCD memory space map Instead of looking at the PCD gArmTokenSpaceGuid.PcdSystemMemoryBase to decide which DT node covers the memory we are already using, query the GCD memory space map, which is the authoritative source for this kind of information This fixes a problem observed by Michael on platforms where this PCD is of the 'Patchable' type, which means updates to its value do not propagate to other modules. Reported-by: Michael Zimmermann <sigmaepsilon92@gmail.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2017-03-21 10:12:56 +01:00
FDT_CLIENT_PROTOCOL *FdtClient;
EFI_CPU_ARCH_PROTOCOL *Cpu;
EFI_STATUS Status, FindNodeStatus;
INT32 Node;
CONST UINT32 *Reg;
UINT32 RegSize;
UINTN AddressCells, SizeCells;
UINT64 CurBase;
UINT64 CurSize;
UINT64 Attributes;
EFI_GCD_MEMORY_SPACE_DESCRIPTOR GcdDescriptor;
ArmVirtPkg: HighMemDxe: add memory space for the high memory nodes Here we add the memory space for the high memory nodes except the lowest one in FDT. So these spaces will show up in the UEFI memory map. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> [lersek@redhat.com: rewrap at 79 chars, use NULL, print Status] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19124 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 17:17:17 +01:00
ArmVirtPkg/HighMemDxe: move to FDT client protocol Use the FDT client protocol rather than parsing the DT directly using fdtlib. While we're at it, update the code so it deals correctly with memory nodes that describe multiple disjoint regions in their "reg" properties, and make the code work with #address-cells/#size-cells properties of <1> as well as <2>. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-09-15 15:23:11 +02:00
Status = gBS->LocateProtocol (&gFdtClientProtocolGuid, NULL,
(VOID **)&FdtClient);
ASSERT_EFI_ERROR (Status);
ArmVirtPkg: HighMemDxe: add memory space for the high memory nodes Here we add the memory space for the high memory nodes except the lowest one in FDT. So these spaces will show up in the UEFI memory map. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> [lersek@redhat.com: rewrap at 79 chars, use NULL, print Status] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19124 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 17:17:17 +01:00
ArmVirtPkg/HighMemDxe: use CPU arch protocol to apply memprotect policy Instead of invoking gDS->SetMemorySpaceAttributes to set the EFI_MEMORY_XP attribute on newly added regions, which is guaranteed to fail if the same attribute was not declared as a capability of the region when it as added, invoke the CPU arch protocol directly to set the EFI_MEMORY_XP attribute if our memory protection policy demands it. Reported-by: Michael Zimmermann <sigmaepsilon92@gmail.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2017-03-21 09:47:23 +01:00
Status = gBS->LocateProtocol (&gEfiCpuArchProtocolGuid, NULL,
(VOID **)&Cpu);
ASSERT_EFI_ERROR (Status);
ArmVirtPkg: HighMemDxe: add memory space for the high memory nodes Here we add the memory space for the high memory nodes except the lowest one in FDT. So these spaces will show up in the UEFI memory map. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> [lersek@redhat.com: rewrap at 79 chars, use NULL, print Status] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19124 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 17:17:17 +01:00
//
ArmVirtPkg/HighMemDxe: move to FDT client protocol Use the FDT client protocol rather than parsing the DT directly using fdtlib. While we're at it, update the code so it deals correctly with memory nodes that describe multiple disjoint regions in their "reg" properties, and make the code work with #address-cells/#size-cells properties of <1> as well as <2>. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-09-15 15:23:11 +02:00
// Check for memory node and add the memory spaces except the lowest one
ArmVirtPkg: HighMemDxe: add memory space for the high memory nodes Here we add the memory space for the high memory nodes except the lowest one in FDT. So these spaces will show up in the UEFI memory map. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> [lersek@redhat.com: rewrap at 79 chars, use NULL, print Status] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19124 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 17:17:17 +01:00
//
ArmVirtPkg/HighMemDxe: move to FDT client protocol Use the FDT client protocol rather than parsing the DT directly using fdtlib. While we're at it, update the code so it deals correctly with memory nodes that describe multiple disjoint regions in their "reg" properties, and make the code work with #address-cells/#size-cells properties of <1> as well as <2>. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-09-15 15:23:11 +02:00
for (FindNodeStatus = FdtClient->FindMemoryNodeReg (FdtClient, &Node,
(CONST VOID **) &Reg, &AddressCells,
&SizeCells, &RegSize);
!EFI_ERROR (FindNodeStatus);
FindNodeStatus = FdtClient->FindNextMemoryNodeReg (FdtClient, Node,
&Node, (CONST VOID **) &Reg, &AddressCells,
&SizeCells, &RegSize)) {
ASSERT (AddressCells <= 2);
ASSERT (SizeCells <= 2);
ArmVirtPkg: HighMemDxe: add memory space for the high memory nodes Here we add the memory space for the high memory nodes except the lowest one in FDT. So these spaces will show up in the UEFI memory map. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> [lersek@redhat.com: rewrap at 79 chars, use NULL, print Status] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19124 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 17:17:17 +01:00
ArmVirtPkg/HighMemDxe: move to FDT client protocol Use the FDT client protocol rather than parsing the DT directly using fdtlib. While we're at it, update the code so it deals correctly with memory nodes that describe multiple disjoint regions in their "reg" properties, and make the code work with #address-cells/#size-cells properties of <1> as well as <2>. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-09-15 15:23:11 +02:00
while (RegSize > 0) {
CurBase = SwapBytes32 (*Reg++);
if (AddressCells > 1) {
CurBase = (CurBase << 32) | SwapBytes32 (*Reg++);
}
CurSize = SwapBytes32 (*Reg++);
if (SizeCells > 1) {
CurSize = (CurSize << 32) | SwapBytes32 (*Reg++);
}
RegSize -= (AddressCells + SizeCells) * sizeof (UINT32);
ArmVirtPkg: HighMemDxe: add memory space for the high memory nodes Here we add the memory space for the high memory nodes except the lowest one in FDT. So these spaces will show up in the UEFI memory map. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> [lersek@redhat.com: rewrap at 79 chars, use NULL, print Status] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19124 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 17:17:17 +01:00
ArmVirtPkg/HighMemDxe: check new regions against GCD memory space map Instead of looking at the PCD gArmTokenSpaceGuid.PcdSystemMemoryBase to decide which DT node covers the memory we are already using, query the GCD memory space map, which is the authoritative source for this kind of information This fixes a problem observed by Michael on platforms where this PCD is of the 'Patchable' type, which means updates to its value do not propagate to other modules. Reported-by: Michael Zimmermann <sigmaepsilon92@gmail.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2017-03-21 10:12:56 +01:00
Status = gDS->GetMemorySpaceDescriptor (CurBase, &GcdDescriptor);
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_WARN,
"%a: Region 0x%lx - 0x%lx not found in the GCD memory space map\n",
__FUNCTION__, CurBase, CurBase + CurSize - 1));
continue;
}
if (GcdDescriptor.GcdMemoryType == EfiGcdMemoryTypeNonExistent) {
ArmVirtPkg/HighMemDxe: move to FDT client protocol Use the FDT client protocol rather than parsing the DT directly using fdtlib. While we're at it, update the code so it deals correctly with memory nodes that describe multiple disjoint regions in their "reg" properties, and make the code work with #address-cells/#size-cells properties of <1> as well as <2>. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-09-15 15:23:11 +02:00
Status = gDS->AddMemorySpace (EfiGcdMemoryTypeSystemMemory, CurBase,
CurSize, EFI_MEMORY_WB);
ArmVirtPkg: HighMemDxe: add memory space for the high memory nodes Here we add the memory space for the high memory nodes except the lowest one in FDT. So these spaces will show up in the UEFI memory map. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> [lersek@redhat.com: rewrap at 79 chars, use NULL, print Status] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19124 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 17:17:17 +01:00
ArmVirtPkg/HighMemDxe: move to FDT client protocol Use the FDT client protocol rather than parsing the DT directly using fdtlib. While we're at it, update the code so it deals correctly with memory nodes that describe multiple disjoint regions in their "reg" properties, and make the code work with #address-cells/#size-cells properties of <1> as well as <2>. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-09-15 15:23:11 +02:00
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR,
"%a: Failed to add System RAM @ 0x%lx - 0x%lx (%r)\n",
__FUNCTION__, CurBase, CurBase + CurSize - 1, Status));
continue;
}
ArmVirtPkg: HighMemDxe: add memory space for the high memory nodes Here we add the memory space for the high memory nodes except the lowest one in FDT. So these spaces will show up in the UEFI memory map. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> [lersek@redhat.com: rewrap at 79 chars, use NULL, print Status] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19124 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 17:17:17 +01:00
ArmVirtPkg/HighMemDxe: use CPU arch protocol to apply memprotect policy Instead of invoking gDS->SetMemorySpaceAttributes to set the EFI_MEMORY_XP attribute on newly added regions, which is guaranteed to fail if the same attribute was not declared as a capability of the region when it as added, invoke the CPU arch protocol directly to set the EFI_MEMORY_XP attribute if our memory protection policy demands it. Reported-by: Michael Zimmermann <sigmaepsilon92@gmail.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2017-03-21 09:47:23 +01:00
Status = gDS->SetMemorySpaceAttributes (CurBase, CurSize,
EFI_MEMORY_WB);
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_WARN,
"%a: gDS->SetMemorySpaceAttributes() failed on region 0x%lx - 0x%lx (%r)\n",
__FUNCTION__, CurBase, CurBase + CurSize - 1, Status));
}
//
// Due to the ambiguous nature of the RO/XP GCD memory space attributes,
// it is impossible to add a memory space with the XP attribute in a way
// that does not result in the XP attribute being set on *all* UEFI
// memory map entries that are carved from it, including code regions
// that require executable permissions.
ArmVirtPkg/HighMemDxe: preserve non-exec permissions on newly added regions Using DxeServices::SetMemorySpaceAttributes to set cacheability attributes has the side effect of stripping permission attributes, given that those are bits in the same bitfield, and so setting the Attributes argument to EFI_MEMORY_WB implies not setting EFI_MEMORY_XP or EFI_MEMORY_RO attributes. In fact, the situation is even worse, given that the descriptor returned by DxeServices::GetMemorySpaceDescriptor does not reflect the permission attributes that may have been set by the preceding call to DxeServices::AddMemorySpace if PcdDxeNxMemoryProtectionPolicy has been configured to map EfiConventionalMemory with non-executable permissions. Note that this applies equally to the non-executable stack and to PE/COFF sections that may have been mapped with R-X or RW- permissions. This is due to the ambiguity in the meaning of the EFI_MEMORY_RO/EFI_MEMORY_XP attributes when used in the GCD memory map, i.e., between signifying that an underlying RAM region has the controls to be configured as read-only or non-executable, and signifying that the contents of a certain UEFI memory region allow them to be mapped with certain restricted permissions. So let's check the policy in PcdDxeNxMemoryProtectionPolicy directly, and set the EFI_MEMORY_XP attribute if appropriate for EfiConventionalMemory regions. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2017-02-28 14:45:47 +01:00
//
ArmVirtPkg/HighMemDxe: use CPU arch protocol to apply memprotect policy Instead of invoking gDS->SetMemorySpaceAttributes to set the EFI_MEMORY_XP attribute on newly added regions, which is guaranteed to fail if the same attribute was not declared as a capability of the region when it as added, invoke the CPU arch protocol directly to set the EFI_MEMORY_XP attribute if our memory protection policy demands it. Reported-by: Michael Zimmermann <sigmaepsilon92@gmail.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2017-03-21 09:47:23 +01:00
// So instead, we never set the RO/XP attributes in the GCD memory space
// capabilities or attribute fields, and apply any protections directly
// on the page table mappings by going through the cpu arch protocol.
ArmVirtPkg/HighMemDxe: preserve non-exec permissions on newly added regions Using DxeServices::SetMemorySpaceAttributes to set cacheability attributes has the side effect of stripping permission attributes, given that those are bits in the same bitfield, and so setting the Attributes argument to EFI_MEMORY_WB implies not setting EFI_MEMORY_XP or EFI_MEMORY_RO attributes. In fact, the situation is even worse, given that the descriptor returned by DxeServices::GetMemorySpaceDescriptor does not reflect the permission attributes that may have been set by the preceding call to DxeServices::AddMemorySpace if PcdDxeNxMemoryProtectionPolicy has been configured to map EfiConventionalMemory with non-executable permissions. Note that this applies equally to the non-executable stack and to PE/COFF sections that may have been mapped with R-X or RW- permissions. This is due to the ambiguity in the meaning of the EFI_MEMORY_RO/EFI_MEMORY_XP attributes when used in the GCD memory map, i.e., between signifying that an underlying RAM region has the controls to be configured as read-only or non-executable, and signifying that the contents of a certain UEFI memory region allow them to be mapped with certain restricted permissions. So let's check the policy in PcdDxeNxMemoryProtectionPolicy directly, and set the EFI_MEMORY_XP attribute if appropriate for EfiConventionalMemory regions. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2017-02-28 14:45:47 +01:00
//
Attributes = EFI_MEMORY_WB;
if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) &
(1U << (UINT32)EfiConventionalMemory)) != 0) {
Attributes |= EFI_MEMORY_XP;
}
ArmVirtPkg/HighMemDxe: use CPU arch protocol to apply memprotect policy Instead of invoking gDS->SetMemorySpaceAttributes to set the EFI_MEMORY_XP attribute on newly added regions, which is guaranteed to fail if the same attribute was not declared as a capability of the region when it as added, invoke the CPU arch protocol directly to set the EFI_MEMORY_XP attribute if our memory protection policy demands it. Reported-by: Michael Zimmermann <sigmaepsilon92@gmail.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2017-03-21 09:47:23 +01:00
Status = Cpu->SetMemoryAttributes (Cpu, CurBase, CurSize, Attributes);
ArmVirtPkg: HighMemDxe: add memory space for the high memory nodes Here we add the memory space for the high memory nodes except the lowest one in FDT. So these spaces will show up in the UEFI memory map. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> [lersek@redhat.com: rewrap at 79 chars, use NULL, print Status] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19124 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 17:17:17 +01:00
ArmVirtPkg/HighMemDxe: move to FDT client protocol Use the FDT client protocol rather than parsing the DT directly using fdtlib. While we're at it, update the code so it deals correctly with memory nodes that describe multiple disjoint regions in their "reg" properties, and make the code work with #address-cells/#size-cells properties of <1> as well as <2>. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-09-15 15:23:11 +02:00
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR,
"%a: Failed to set System RAM @ 0x%lx - 0x%lx attribute (%r)\n",
__FUNCTION__, CurBase, CurBase + CurSize - 1, Status));
} else {
DEBUG ((EFI_D_INFO, "%a: Add System RAM @ 0x%lx - 0x%lx\n",
__FUNCTION__, CurBase, CurBase + CurSize - 1));
ArmVirtPkg: HighMemDxe: add memory space for the high memory nodes Here we add the memory space for the high memory nodes except the lowest one in FDT. So these spaces will show up in the UEFI memory map. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> [lersek@redhat.com: rewrap at 79 chars, use NULL, print Status] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19124 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 17:17:17 +01:00
}
}
}
}
return EFI_SUCCESS;
}