diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c index 548ee13038..7050052903 100644 --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c @@ -142,10 +142,21 @@ UpdatePageEntries ( EntryValue |= TT_DESCRIPTOR_PAGE_AF; } - if ((Attributes & EFI_MEMORY_RO) != 0) { - EntryValue |= TT_DESCRIPTOR_PAGE_AP_RO_RO; + if ((Attributes & EFI_MEMORY_USER) != 0) { + // + // TODO: Add PXN for Translation table descriptors. + // + if ((Attributes & EFI_MEMORY_RO) != 0) { + EntryValue |= TT_DESCRIPTOR_PAGE_AP_RO_RO; + } else { + EntryValue |= TT_DESCRIPTOR_PAGE_AP_RW_RW; + } } else { - EntryValue |= TT_DESCRIPTOR_PAGE_AP_RW_RW; + if ((Attributes & EFI_MEMORY_RO) != 0) { + EntryValue |= TT_DESCRIPTOR_PAGE_AP_NO_RO; + } else { + EntryValue |= TT_DESCRIPTOR_PAGE_AP_NO_RW; + } } if ((Attributes & EFI_MEMORY_XP) != 0) { diff --git a/ArmPkg/Library/CpuArchLib/Arm/Mmu.c b/ArmPkg/Library/CpuArchLib/Arm/Mmu.c index 8c4de284e1..86c375075a 100644 --- a/ArmPkg/Library/CpuArchLib/Arm/Mmu.c +++ b/ArmPkg/Library/CpuArchLib/Arm/Mmu.c @@ -63,15 +63,18 @@ SectionToGcdAttributes ( // determine protection attributes switch (SectionAttributes & TT_DESCRIPTOR_SECTION_AP_MASK) { case TT_DESCRIPTOR_SECTION_AP_NO_RW: + break; case TT_DESCRIPTOR_SECTION_AP_RW_RW: - // normal read/write access, do not add additional attributes + *GcdAttributes |= EFI_MEMORY_USER; break; // read only cases map to write-protect case TT_DESCRIPTOR_SECTION_AP_NO_RO: - case TT_DESCRIPTOR_SECTION_AP_RO_RO: *GcdAttributes |= EFI_MEMORY_RO; break; + case TT_DESCRIPTOR_SECTION_AP_RO_RO: + *GcdAttributes |= EFI_MEMORY_USER | EFI_MEMORY_RO; + break; } // now process eXectue Never attribute @@ -468,10 +471,21 @@ EfiAttributeToArmAttribute ( } // Determine protection attributes - if ((EfiAttributes & EFI_MEMORY_RO) != 0) { - ArmAttributes |= TT_DESCRIPTOR_SECTION_AP_RO_RO; + if ((EfiAttributes & EFI_MEMORY_USER) != 0) { + // + // TODO: Add PXN for Translation table descriptors. + // + if ((EfiAttributes & EFI_MEMORY_RO) != 0) { + ArmAttributes |= TT_DESCRIPTOR_SECTION_AP_RO_RO; + } else { + ArmAttributes |= TT_DESCRIPTOR_SECTION_AP_RW_RW; + } } else { - ArmAttributes |= TT_DESCRIPTOR_SECTION_AP_RW_RW; + if ((EfiAttributes & EFI_MEMORY_RO) != 0) { + ArmAttributes |= TT_DESCRIPTOR_SECTION_AP_NO_RO; + } else { + ArmAttributes |= TT_DESCRIPTOR_SECTION_AP_NO_RW; + } } // Determine eXecute Never attribute