ArmPkg/ArmMmuLib ARM: implement memory permission control routines

Now that we have the prerequisite functionality available in ArmMmuLib,
wire it up into ArmSetMemoryRegionNoExec, ArmClearMemoryRegionNoExec,
ArmSetMemoryRegionReadOnly and ArmClearMemoryRegionReadOnly. This is
used by the non-executable stack feature that is configured by DxeIpl.

NOTE: The current implementation will not combine RO and XP attributes,
      i.e., setting/clearing a region no-exec will unconditionally
      clear the read-only attribute, and vice versa. Currently, we
      only use ArmSetMemoryRegionNoExec(), so for now, we should be
      able to live with this.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
This commit is contained in:
Ard Biesheuvel 2017-03-01 16:31:42 +00:00
parent d9c0d991f7
commit 9f1dcbe8c8
1 changed files with 6 additions and 4 deletions

View File

@ -37,6 +37,8 @@
#define ID_MMFR0_SHR_IMP_HW_COHERENT 1
#define ID_MMFR0_SHR_IGNORED 0xf
#define __EFI_MEMORY_RWX 0 // no restrictions
#define CACHE_ATTRIBUTE_MASK (EFI_MEMORY_UC | \
EFI_MEMORY_WC | \
EFI_MEMORY_WT | \
@ -797,7 +799,7 @@ ArmSetMemoryRegionNoExec (
IN UINT64 Length
)
{
return EFI_UNSUPPORTED;
return ArmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_XP);
}
EFI_STATUS
@ -806,7 +808,7 @@ ArmClearMemoryRegionNoExec (
IN UINT64 Length
)
{
return EFI_UNSUPPORTED;
return ArmSetMemoryAttributes (BaseAddress, Length, __EFI_MEMORY_RWX);
}
EFI_STATUS
@ -815,7 +817,7 @@ ArmSetMemoryRegionReadOnly (
IN UINT64 Length
)
{
return EFI_UNSUPPORTED;
return ArmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_RO);
}
EFI_STATUS
@ -824,7 +826,7 @@ ArmClearMemoryRegionReadOnly (
IN UINT64 Length
)
{
return EFI_UNSUPPORTED;
return ArmSetMemoryAttributes (BaseAddress, Length, __EFI_MEMORY_RWX);
}
RETURN_STATUS