*\r
* Copyright (c) 2015-2016, Linaro Ltd. All rights reserved.\r
*\r
-* This program and the accompanying materials are licensed and made available\r
-* under the terms and conditions of the BSD License which accompanies this\r
-* distribution. The full text of the license may be found at\r
-* http://opensource.org/licenses/bsd-license.php\r
-*\r
-* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR\r
-* IMPLIED.\r
+* SPDX-License-Identifier: BSD-2-Clause-Patent\r
*\r
**/\r
\r
#include <Library/PcdLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
\r
+#include <Protocol/Cpu.h>\r
#include <Protocol/FdtClient.h>\r
\r
EFI_STATUS\r
IN EFI_SYSTEM_TABLE *SystemTable\r
)\r
{\r
- FDT_CLIENT_PROTOCOL *FdtClient;\r
- EFI_STATUS Status, FindNodeStatus;\r
- INT32 Node;\r
- CONST UINT32 *Reg;\r
- UINT32 RegSize;\r
- UINTN AddressCells, SizeCells;\r
- UINT64 CurBase;\r
- UINT64 CurSize;\r
+ FDT_CLIENT_PROTOCOL *FdtClient;\r
+ EFI_CPU_ARCH_PROTOCOL *Cpu;\r
+ EFI_STATUS Status, FindNodeStatus;\r
+ INT32 Node;\r
+ CONST UINT32 *Reg;\r
+ UINT32 RegSize;\r
+ UINTN AddressCells, SizeCells;\r
+ UINT64 CurBase;\r
+ UINT64 CurSize;\r
+ UINT64 Attributes;\r
+ EFI_GCD_MEMORY_SPACE_DESCRIPTOR GcdDescriptor;\r
\r
Status = gBS->LocateProtocol (&gFdtClientProtocolGuid, NULL,\r
(VOID **)&FdtClient);\r
ASSERT_EFI_ERROR (Status);\r
\r
+ Status = gBS->LocateProtocol (&gEfiCpuArchProtocolGuid, NULL,\r
+ (VOID **)&Cpu);\r
+ ASSERT_EFI_ERROR (Status);\r
+\r
//\r
// Check for memory node and add the memory spaces except the lowest one\r
//\r
}\r
RegSize -= (AddressCells + SizeCells) * sizeof (UINT32);\r
\r
- if (PcdGet64 (PcdSystemMemoryBase) != CurBase) {\r
+ Status = gDS->GetMemorySpaceDescriptor (CurBase, &GcdDescriptor);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((DEBUG_WARN,\r
+ "%a: Region 0x%lx - 0x%lx not found in the GCD memory space map\n",\r
+ __FUNCTION__, CurBase, CurBase + CurSize - 1));\r
+ continue;\r
+ }\r
+ if (GcdDescriptor.GcdMemoryType == EfiGcdMemoryTypeNonExistent) {\r
Status = gDS->AddMemorySpace (EfiGcdMemoryTypeSystemMemory, CurBase,\r
CurSize, EFI_MEMORY_WB);\r
\r
\r
Status = gDS->SetMemorySpaceAttributes (CurBase, CurSize,\r
EFI_MEMORY_WB);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((DEBUG_WARN,\r
+ "%a: gDS->SetMemorySpaceAttributes() failed on region 0x%lx - 0x%lx (%r)\n",\r
+ __FUNCTION__, CurBase, CurBase + CurSize - 1, Status));\r
+ }\r
+\r
+ //\r
+ // Due to the ambiguous nature of the RO/XP GCD memory space attributes,\r
+ // it is impossible to add a memory space with the XP attribute in a way\r
+ // that does not result in the XP attribute being set on *all* UEFI\r
+ // memory map entries that are carved from it, including code regions\r
+ // that require executable permissions.\r
+ //\r
+ // So instead, we never set the RO/XP attributes in the GCD memory space\r
+ // capabilities or attribute fields, and apply any protections directly\r
+ // on the page table mappings by going through the cpu arch protocol.\r
+ //\r
+ Attributes = EFI_MEMORY_WB;\r
+ if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) &\r
+ (1U << (UINT32)EfiConventionalMemory)) != 0) {\r
+ Attributes |= EFI_MEMORY_XP;\r
+ }\r
+\r
+ Status = Cpu->SetMemoryAttributes (Cpu, CurBase, CurSize, Attributes);\r
\r
if (EFI_ERROR (Status)) {\r
DEBUG ((EFI_D_ERROR,\r