#include <Library/PcdLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
\r
+#include <Protocol/Cpu.h>\r
#include <Protocol/FdtClient.h>\r
\r
EFI_STATUS\r
)\r
{\r
FDT_CLIENT_PROTOCOL *FdtClient;\r
+ EFI_CPU_ARCH_PROTOCOL *Cpu;\r
EFI_STATUS Status, FindNodeStatus;\r
INT32 Node;\r
CONST UINT32 *Reg;\r
UINTN AddressCells, SizeCells;\r
UINT64 CurBase;\r
UINT64 CurSize;\r
+ UINT64 Attributes;\r
\r
Status = gBS->LocateProtocol (&gFdtClientProtocolGuid, NULL,\r
(VOID **)&FdtClient);\r
ASSERT_EFI_ERROR (Status);\r
\r
+ Status = gBS->LocateProtocol (&gEfiCpuArchProtocolGuid, NULL,\r
+ (VOID **)&Cpu);\r
+ ASSERT_EFI_ERROR (Status);\r
+\r
//\r
// Check for memory node and add the memory spaces except the lowest one\r
//\r
\r
Status = gDS->SetMemorySpaceAttributes (CurBase, CurSize,\r
EFI_MEMORY_WB);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((DEBUG_WARN,\r
+ "%a: gDS->SetMemorySpaceAttributes() failed on region 0x%lx - 0x%lx (%r)\n",\r
+ __FUNCTION__, CurBase, CurBase + CurSize - 1, Status));\r
+ }\r
+\r
+ //\r
+ // Due to the ambiguous nature of the RO/XP GCD memory space attributes,\r
+ // it is impossible to add a memory space with the XP attribute in a way\r
+ // that does not result in the XP attribute being set on *all* UEFI\r
+ // memory map entries that are carved from it, including code regions\r
+ // that require executable permissions.\r
+ //\r
+ // So instead, we never set the RO/XP attributes in the GCD memory space\r
+ // capabilities or attribute fields, and apply any protections directly\r
+ // on the page table mappings by going through the cpu arch protocol.\r
+ //\r
+ Attributes = EFI_MEMORY_WB;\r
+ if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) &\r
+ (1U << (UINT32)EfiConventionalMemory)) != 0) {\r
+ Attributes |= EFI_MEMORY_XP;\r
+ }\r
+\r
+ Status = Cpu->SetMemoryAttributes (Cpu, CurBase, CurSize, Attributes);\r
\r
if (EFI_ERROR (Status)) {\r
DEBUG ((EFI_D_ERROR,\r