From patchwork Wed Aug 26 13:30:02 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 52728 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-la0-f71.google.com (mail-la0-f71.google.com [209.85.215.71]) by patches.linaro.org (Postfix) with ESMTPS id 3B28622E9E for ; Wed, 26 Aug 2015 13:32:07 +0000 (UTC) Received: by labip2 with SMTP id ip2sf14592864lab.1 for ; Wed, 26 Aug 2015 06:32:06 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:subject:date:message-id :precedence:list-id:list-unsubscribe:list-archive:list-post :list-help:list-subscribe:cc:mime-version:content-type :content-transfer-encoding:sender:errors-to:x-original-sender :x-original-authentication-results:mailing-list; bh=qUOeL3bdhgE3cv7rE4q0PbGtYnyeYfYURh2ItIgu7VQ=; b=M2KGnjg/QFxhdLi+HatbdEyFcQKpSnrl29kbD8ipntxN7QVB37T1s5TCvfHMGr5S1b Yt9zztxumn2SFp/fVw4joNJ0kOlY3Dem0TluOL5MIQEPePV2SjjF4pjxz8XqVYksu/jU 9bXRjYSRCy4uAwbLIvMgSV3jrrv1RyWaqtgF0OaOGGDAXRqor88m68yVGkIrA6CxuKa8 Wqkxtt34jV9YWGFuwGO2X24Y7z0nbew6ggwfNkHxUbqIr60cJ2Og2AeRzVvW4z8j7zCQ HF5OaPncGEGbtXenx6xl+NUkP4oWrfKwC82kKAxRIQ6e/13gozN9XKnFfS50cj0Mn5yl 1HMg== X-Gm-Message-State: ALoCoQmtd7rBISEs4ols/Q8D8Nz78E3c9ahDRT7ODfR7ObyexA0v1hyJz1KxVmCHF6E+9UfOh9lJ X-Received: by 10.180.11.178 with SMTP id r18mr900639wib.5.1440595925979; Wed, 26 Aug 2015 06:32:05 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.36.201 with SMTP id s9ls829249laj.40.gmail; Wed, 26 Aug 2015 06:32:05 -0700 (PDT) X-Received: by 10.112.137.164 with SMTP id qj4mr30283157lbb.105.1440595925800; Wed, 26 Aug 2015 06:32:05 -0700 (PDT) Received: from mail-la0-f41.google.com (mail-la0-f41.google.com. [209.85.215.41]) by mx.google.com with ESMTPS id t6si18764672lae.163.2015.08.26.06.32.05 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 26 Aug 2015 06:32:05 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.41 as permitted sender) client-ip=209.85.215.41; Received: by labgv11 with SMTP id gv11so51637729lab.2 for ; Wed, 26 Aug 2015 06:32:05 -0700 (PDT) X-Received: by 10.112.131.98 with SMTP id ol2mr31241252lbb.56.1440595925660; Wed, 26 Aug 2015 06:32:05 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.162.200 with SMTP id yc8csp3926533lbb; Wed, 26 Aug 2015 06:32:04 -0700 (PDT) X-Received: by 10.68.219.194 with SMTP id pq2mr1964676pbc.20.1440595923475; Wed, 26 Aug 2015 06:32:03 -0700 (PDT) Received: from bombadil.infradead.org (bombadil.infradead.org. [2001:1868:205::9]) by mx.google.com with ESMTPS id en10si38643237pac.97.2015.08.26.06.32.02 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 26 Aug 2015 06:32:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) client-ip=2001:1868:205::9; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1ZUamg-0008Me-Tx; Wed, 26 Aug 2015 13:30:35 +0000 Received: from mail-wi0-f174.google.com ([209.85.212.174]) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1ZUame-0008Df-DU for linux-arm-kernel@lists.infradead.org; Wed, 26 Aug 2015 13:30:33 +0000 Received: by widdq5 with SMTP id dq5so15502171wid.0 for ; Wed, 26 Aug 2015 06:30:08 -0700 (PDT) X-Received: by 10.180.20.48 with SMTP id k16mr12957058wie.56.1440595808395; Wed, 26 Aug 2015 06:30:08 -0700 (PDT) Received: from localhost.localdomain (cag06-7-83-153-85-71.fbx.proxad.net. [83.153.85.71]) by smtp.gmail.com with ESMTPSA id ja8sm3900126wjb.13.2015.08.26.06.30.06 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 26 Aug 2015 06:30:07 -0700 (PDT) From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org, linux-efi@vger.kernel.org, mark.rutland@arm.com, msalter@redhat.com, leif.lindholm@linaro.org, catalin.marinas@arm.com, will.deacon@arm.com Subject: [PATCH v2] arm64/efi: base UEFI mapping permissions on region attributes Date: Wed, 26 Aug 2015 15:30:02 +0200 Message-Id: <1440595802-20359-1-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 1.9.1 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20150826_063032_610398_05EB57C0 X-CRM114-Status: GOOD ( 15.72 ) X-Spam-Score: -2.6 (--) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-2.6 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [209.85.212.174 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [209.85.212.174 listed in wl.mailspike.net] -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , Cc: Ard Biesheuvel MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: ard.biesheuvel@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.41 as permitted sender) smtp.mailfrom=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 Currently, we infer the UEFI memory region mapping permissions from the memory region type (i.e., runtime services code are mapped RWX and runtime services data mapped RW-). This appears to work fine but is not entirely UEFI spec compliant. So instead, use the designated permission attributes to decide how these regions should be mapped. Since UEFIv2.5 introduces a new EFI_MEMORY_RO permission attribute, and redefines EFI_MEMORY_WP as a cacheability attribute, use only the former as a read-only attribute. For setting the PXN bit, the corresponding EFI_MEMORY_XP attribute is used. Signed-off-by: Ard Biesheuvel --- Changes since v1: - rewrote page size and alignment check to be more legible - use code that is STRICT_MM_TYPECHECKS compliant Example output of a recent Tianocore build on FVP Foundation model is attached below. arch/arm64/kernel/efi.c | 37 +++++++++++++------- 1 file changed, 24 insertions(+), 13 deletions(-) diff --git a/arch/arm64/kernel/efi.c b/arch/arm64/kernel/efi.c index ab21e0d58278..c8d587f46f3e 100644 --- a/arch/arm64/kernel/efi.c +++ b/arch/arm64/kernel/efi.c @@ -235,7 +235,7 @@ static bool __init efi_virtmap_init(void) for_each_efi_memory_desc(&memmap, md) { u64 paddr, npages, size; - pgprot_t prot; + pteval_t prot_val; if (!(md->attribute & EFI_MEMORY_RUNTIME)) continue; @@ -247,22 +247,33 @@ static bool __init efi_virtmap_init(void) memrange_efi_to_native(&paddr, &npages); size = npages << PAGE_SHIFT; - pr_info(" EFI remap 0x%016llx => %p\n", - md->phys_addr, (void *)md->virt_addr); + if (!is_normal_ram(md)) + prot_val = PROT_DEVICE_nGnRE; + else + prot_val = pgprot_val(PAGE_KERNEL_EXEC); /* - * Only regions of type EFI_RUNTIME_SERVICES_CODE need to be - * executable, everything else can be mapped with the XN bits - * set. + * On 64 KB granule kernels, only use strict permissions when + * the region does not share a 64 KB page frame with another + * region at either end. */ - if (!is_normal_ram(md)) - prot = __pgprot(PROT_DEVICE_nGnRE); - else if (md->type == EFI_RUNTIME_SERVICES_CODE) - prot = PAGE_KERNEL_EXEC; - else - prot = PAGE_KERNEL; + if (PAGE_SIZE == EFI_PAGE_SIZE || + (PAGE_ALIGNED(md->virt_addr) && + PAGE_ALIGNED(md->phys_addr + md->num_pages * EFI_PAGE_SIZE))) { + + if (md->attribute & EFI_MEMORY_RO) + prot_val |= PTE_RDONLY; + if (md->attribute & EFI_MEMORY_XP) + prot_val |= PTE_PXN; + } + + pr_info(" EFI remap 0x%016llx => %p (R%c%c)\n", + md->phys_addr, (void *)md->virt_addr, + prot_val & PTE_RDONLY ? '-' : 'W', + prot_val & PTE_PXN ? '-' : 'X'); - create_pgd_mapping(&efi_mm, paddr, md->virt_addr, size, prot); + create_pgd_mapping(&efi_mm, paddr, md->virt_addr, size, + __pgprot(prot_val)); } return true; }