Ring3: Added PAN support for ARM.

ArmPkg/Include/Chipset/ArmV7.h

@@ -20,6 +20,9 @@
 #define ARM_PFR1_TIMER  (0xFUL << 16)
 #define ARM_PFR1_GIC    (0xFUL << 28)
 
+// ID_MMFR3 - ARM Memory Model Feature Register 3 definitions
+#define ARM_MMFR3_PAN   (0xFUL << 16)
+
 // Domain Access Control Register
 #define DOMAIN_ACCESS_CONTROL_MASK(a)      (3UL << (2 * (a)))
 #define DOMAIN_ACCESS_CONTROL_NONE(a)      (0UL << (2 * (a)))

ArmPkg/Include/Library/ArmLib.h

@@ -764,6 +764,18 @@ ArmHasCcidx (
   VOID
   );
 
+/**
+  Checks whether the CPU implements the Privileged Access Never.
+
+  @retval TRUE  FEAT_PAN is implemented.
+  @retval FALSE FEAT_PAN is not mplemented.
+**/
+BOOLEAN
+EFIAPI
+ArmHasPan (
+  VOID
+  );
+
 #ifdef MDE_CPU_AARCH64
 ///
 /// AArch64-only ID Register Helper functions
@@ -781,18 +793,6 @@ ArmHasVhe (
   VOID
   );
 
-/**
-  Checks whether the CPU implements the Privileged Access Never.
-
-  @retval TRUE  FEAT_PAN is implemented.
-  @retval FALSE FEAT_PAN is not mplemented.
-**/
-BOOLEAN
-EFIAPI
-ArmHasPan (
-  VOID
-  );
-
 /**
   Checks whether the CPU implements the Trace Buffer Extension.
 

ArmPkg/Library/ArmLib/Arm/ArmLibSupportV7.S

@@ -64,6 +64,10 @@ ASM_FUNC(ArmReadIdMmfr4)
   mrc    p15,0,r0,c0,c2,6     @ Read ID_MMFR4 Register
   bx     lr
 
+ASM_FUNC(ArmReadIdMmfr3)
+  mrc    p15,0,r0,c0,c1,7     @ Read ID_MMFR3 Register
+  bx     lr
+
 // UINTN
 // ReadCCSIDR (
 //   IN UINT32 CSSELR

ArmPkg/Library/ArmLib/Arm/ArmV7Lib.c

@@ -119,3 +119,18 @@ ArmHasCcidx (
   Mmfr4 = ArmReadIdMmfr4 ();
   return (((Mmfr4 >> 24) & 0xF) == 1) ? TRUE : FALSE;
 }
+
+/**
+  Checks whether the CPU implements the Privileged Access Never.
+
+  @retval TRUE  FEAT_PAN is implemented.
+  @retval FALSE FEAT_PAN is not mplemented.
+**/
+BOOLEAN
+EFIAPI
+ArmHasPan (
+  VOID
+  )
+{
+  return ((ArmReadIdMmfr3 () & ARM_MMFR3_PAN) != 0);
+}

ArmPkg/Library/ArmLib/Arm/ArmV7Lib.h

@@ -60,6 +60,16 @@ ArmReadIdMmfr4 (
   VOID
   );
 
+/** Reads the ID_MMFR3 register.
+
+   @return The contents of the ID_MMFR3 register.
+**/
+UINT32
+EFIAPI
+ArmReadIdMmfr3 (
+  VOID
+  );
+
 UINTN
 EFIAPI
 ArmReadIdPfr1 (

ArmPkg/Library/DefaultExceptionHandlerLib/Arm/DefaultExceptionHandler.c

@@ -197,7 +197,8 @@ STATIC CHAR8  *gExceptionTypeString[] = {
 
 
 **/
-VOID
+EFI_STATUS
+EFIAPI
 DefaultExceptionHandler (
   IN     EFI_EXCEPTION_TYPE  ExceptionType,
   IN OUT EFI_SYSTEM_CONTEXT  SystemContext
@@ -316,4 +317,6 @@ DefaultExceptionHandler (
 
   // If some one is stepping past the exception handler adjust the PC to point to the next instruction
   SystemContext.SystemContextArm->PC += PcAdjust;
+
+  return EFI_SUCCESS;
 }

MdeModulePkg/Core/Dxe/SysCall/ARM/CoreBootServices.S

@@ -7,25 +7,7 @@
 
 #include <AsmMacroIoLib.h>
 
-//------------------------------------------------------------------------------
-// VOID
-// EFIAPI
-// DisableSMAP (
-//   VOID
-//   );
-//------------------------------------------------------------------------------
-ASM_FUNC(DisableSMAP)
-    bx    LR
-
-//------------------------------------------------------------------------------
-// VOID
-// EFIAPI
-// EnableSMAP (
-//   VOID
-//   );
-//------------------------------------------------------------------------------
-ASM_FUNC(EnableSMAP)
-    bx    LR
+.arch armv8.1a
 
 //------------------------------------------------------------------------------
 // EFI_STATUS
@@ -71,3 +53,25 @@ ASM_FUNC(CoreBootServices)
 //------------------------------------------------------------------------------
 ASM_FUNC(CallRing3)
     bx    LR
+
+//------------------------------------------------------------------------------
+// VOID
+// EFIAPI
+// ArmSetPan (
+//   VOID
+//   );
+//------------------------------------------------------------------------------
+ASM_FUNC(ArmSetPan)
+  setpan #1
+  bx     LR
+
+//------------------------------------------------------------------------------
+// VOID
+// EFIAPI
+// ArmClearPan (
+//  VOID
+//  );
+//------------------------------------------------------------------------------
+ASM_FUNC(ArmClearPan)
+  setpan #0
+  bx     LR

MdeModulePkg/Core/Dxe/SysCall/ARM/InitializeMsr.c

@@ -5,8 +5,22 @@
 
 **/
 
+#include <Library/ArmLib.h>
+
 #include "DxeMain.h"
 
+VOID
+EFIAPI
+ArmSetPan (
+  VOID
+  );
+
+VOID
+EFIAPI
+ArmClearPan (
+  VOID
+  );
+
 VOID
 EFIAPI
 InitializeMsr (
@@ -14,5 +28,31 @@ InitializeMsr (
   IN     UINTN                   NumberOfEntries
   )
 {
-
+  if (ArmHasPan ()) {
+    //
+    // Enable Privileged Access Never feature.
+    //
+    ArmSetPan ();
+  } else {
+    DEBUG ((DEBUG_ERROR, "Core: Failed to initialize MSRs for Ring3.\n"));
+    ASSERT (FALSE);
+  }
+}
+
+VOID
+EFIAPI
+DisableSMAP (
+  VOID
+  )
+{
+  ArmClearPan ();
+}
+
+VOID
+EFIAPI
+EnableSMAP (
+  VOID
+  )
+{
+  ArmSetPan ();
 }