X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=ArmVirtPkg%2FHighMemDxe%2FHighMemDxe.c;h=aa3f5f6d8956c4d8ca28ef1b6dcc9cb9973a9d65;hb=76c09700edc67686b29662e81a3ca7d947594ce5;hp=22f738279b202e3256e08e8cbd7094fc71767f86;hpb=490acf8908f797982f367bfeb4bdf3ebe0764e42;p=mirror_edk2.git diff --git a/ArmVirtPkg/HighMemDxe/HighMemDxe.c b/ArmVirtPkg/HighMemDxe/HighMemDxe.c index 22f738279b..aa3f5f6d89 100644 --- a/ArmVirtPkg/HighMemDxe/HighMemDxe.c +++ b/ArmVirtPkg/HighMemDxe/HighMemDxe.c @@ -20,6 +20,7 @@ #include #include +#include #include EFI_STATUS @@ -29,19 +30,26 @@ InitializeHighMemDxe ( IN EFI_SYSTEM_TABLE *SystemTable ) { - FDT_CLIENT_PROTOCOL *FdtClient; - EFI_STATUS Status, FindNodeStatus; - INT32 Node; - CONST UINT32 *Reg; - UINT32 RegSize; - UINTN AddressCells, SizeCells; - UINT64 CurBase; - UINT64 CurSize; + FDT_CLIENT_PROTOCOL *FdtClient; + EFI_CPU_ARCH_PROTOCOL *Cpu; + EFI_STATUS Status, FindNodeStatus; + INT32 Node; + CONST UINT32 *Reg; + UINT32 RegSize; + UINTN AddressCells, SizeCells; + UINT64 CurBase; + UINT64 CurSize; + UINT64 Attributes; + EFI_GCD_MEMORY_SPACE_DESCRIPTOR GcdDescriptor; Status = gBS->LocateProtocol (&gFdtClientProtocolGuid, NULL, (VOID **)&FdtClient); ASSERT_EFI_ERROR (Status); + Status = gBS->LocateProtocol (&gEfiCpuArchProtocolGuid, NULL, + (VOID **)&Cpu); + ASSERT_EFI_ERROR (Status); + // // Check for memory node and add the memory spaces except the lowest one // @@ -66,7 +74,14 @@ InitializeHighMemDxe ( } RegSize -= (AddressCells + SizeCells) * sizeof (UINT32); - if (PcdGet64 (PcdSystemMemoryBase) != CurBase) { + Status = gDS->GetMemorySpaceDescriptor (CurBase, &GcdDescriptor); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_WARN, + "%a: Region 0x%lx - 0x%lx not found in the GCD memory space map\n", + __FUNCTION__, CurBase, CurBase + CurSize - 1)); + continue; + } + if (GcdDescriptor.GcdMemoryType == EfiGcdMemoryTypeNonExistent) { Status = gDS->AddMemorySpace (EfiGcdMemoryTypeSystemMemory, CurBase, CurSize, EFI_MEMORY_WB); @@ -79,6 +94,30 @@ InitializeHighMemDxe ( Status = gDS->SetMemorySpaceAttributes (CurBase, CurSize, EFI_MEMORY_WB); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_WARN, + "%a: gDS->SetMemorySpaceAttributes() failed on region 0x%lx - 0x%lx (%r)\n", + __FUNCTION__, CurBase, CurBase + CurSize - 1, Status)); + } + + // + // Due to the ambiguous nature of the RO/XP GCD memory space attributes, + // it is impossible to add a memory space with the XP attribute in a way + // that does not result in the XP attribute being set on *all* UEFI + // memory map entries that are carved from it, including code regions + // that require executable permissions. + // + // So instead, we never set the RO/XP attributes in the GCD memory space + // capabilities or attribute fields, and apply any protections directly + // on the page table mappings by going through the cpu arch protocol. + // + Attributes = EFI_MEMORY_WB; + if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & + (1U << (UINT32)EfiConventionalMemory)) != 0) { + Attributes |= EFI_MEMORY_XP; + } + + Status = Cpu->SetMemoryAttributes (Cpu, CurBase, CurSize, Attributes); if (EFI_ERROR (Status)) { DEBUG ((EFI_D_ERROR,