ArmVirtPkg/HighMemDxe: preserve non-exec permissions on newly added regions
authorArd Biesheuvel <ard.biesheuvel@linaro.org>
Tue, 28 Feb 2017 13:45:47 +0000 (13:45 +0000)
committerArd Biesheuvel <ard.biesheuvel@linaro.org>
Wed, 1 Mar 2017 11:43:24 +0000 (11:43 +0000)
commit413edd470932d8e542325fa205b1e4f5e163a85c
tree4220acbc9385a9e46fa91cfa58ddb0d4820c1536
parente9429e7997b8e668126d71b8030cc3a96c36a652
ArmVirtPkg/HighMemDxe: preserve non-exec permissions on newly added regions

Using DxeServices::SetMemorySpaceAttributes to set cacheability
attributes has the side effect of stripping permission attributes,
given that those are bits in the same bitfield, and so setting the
Attributes argument to EFI_MEMORY_WB implies not setting EFI_MEMORY_XP
or EFI_MEMORY_RO attributes.

In fact, the situation is even worse, given that the descriptor returned
by DxeServices::GetMemorySpaceDescriptor does not reflect the permission
attributes that may have been set by the preceding call to
DxeServices::AddMemorySpace if PcdDxeNxMemoryProtectionPolicy has been
configured to map EfiConventionalMemory with non-executable permissions.

Note that this applies equally to the non-executable stack and to PE/COFF
sections that may have been mapped with R-X or RW- permissions. This is
due to the ambiguity in the meaning of the EFI_MEMORY_RO/EFI_MEMORY_XP
attributes when used in the GCD memory map, i.e., between signifying
that an underlying RAM region has the controls to be configured as
read-only or non-executable, and signifying that the contents of a
certain UEFI memory region allow them to be mapped with certain
restricted permissions.

So let's check the policy in PcdDxeNxMemoryProtectionPolicy directly,
and set the EFI_MEMORY_XP attribute if appropriate for
EfiConventionalMemory regions.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
ArmVirtPkg/HighMemDxe/HighMemDxe.c
ArmVirtPkg/HighMemDxe/HighMemDxe.inf