ArmPkg/ArmMmuLib ARM: implement memory permission control routines
authorArd Biesheuvel <ard.biesheuvel@linaro.org>
Wed, 1 Mar 2017 16:31:42 +0000 (16:31 +0000)
committerArd Biesheuvel <ard.biesheuvel@linaro.org>
Tue, 7 Mar 2017 09:31:53 +0000 (10:31 +0100)
Now that we have the prerequisite functionality available in ArmMmuLib,
wire it up into ArmSetMemoryRegionNoExec, ArmClearMemoryRegionNoExec,
ArmSetMemoryRegionReadOnly and ArmClearMemoryRegionReadOnly. This is
used by the non-executable stack feature that is configured by DxeIpl.

NOTE: The current implementation will not combine RO and XP attributes,
      i.e., setting/clearing a region no-exec will unconditionally
      clear the read-only attribute, and vice versa. Currently, we
      only use ArmSetMemoryRegionNoExec(), so for now, we should be
      able to live with this.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c

index 351b6c03a42c7593017a81727c38a304f0cb80a7..b02f6d7fc590e923f3860f0de43b15d817c3e240 100644 (file)
@@ -37,6 +37,8 @@
 #define ID_MMFR0_SHR_IMP_HW_COHERENT   1\r
 #define ID_MMFR0_SHR_IGNORED         0xf\r
 \r
+#define __EFI_MEMORY_RWX               0    // no restrictions\r
+\r
 #define CACHE_ATTRIBUTE_MASK   (EFI_MEMORY_UC | \\r
                                 EFI_MEMORY_WC | \\r
                                 EFI_MEMORY_WT | \\r
@@ -797,7 +799,7 @@ ArmSetMemoryRegionNoExec (
   IN  UINT64                    Length\r
   )\r
 {\r
-  return EFI_UNSUPPORTED;\r
+  return ArmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_XP);\r
 }\r
 \r
 EFI_STATUS\r
@@ -806,7 +808,7 @@ ArmClearMemoryRegionNoExec (
   IN  UINT64                    Length\r
   )\r
 {\r
-  return EFI_UNSUPPORTED;\r
+  return ArmSetMemoryAttributes (BaseAddress, Length, __EFI_MEMORY_RWX);\r
 }\r
 \r
 EFI_STATUS\r
@@ -815,7 +817,7 @@ ArmSetMemoryRegionReadOnly (
   IN  UINT64                    Length\r
   )\r
 {\r
-  return EFI_UNSUPPORTED;\r
+  return ArmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_RO);\r
 }\r
 \r
 EFI_STATUS\r
@@ -824,7 +826,7 @@ ArmClearMemoryRegionReadOnly (
   IN  UINT64                    Length\r
   )\r
 {\r
-  return EFI_UNSUPPORTED;\r
+  return ArmSetMemoryAttributes (BaseAddress, Length, __EFI_MEMORY_RWX);\r
 }\r
 \r
 RETURN_STATUS\r