From patchwork Wed Apr 20 08:19:40 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 66182 Delivered-To: patch@linaro.org Received: by 10.140.93.198 with SMTP id d64csp2312323qge; Wed, 20 Apr 2016 01:19:49 -0700 (PDT) X-Received: by 10.98.68.86 with SMTP id r83mr10358703pfa.137.1461140389204; Wed, 20 Apr 2016 01:19:49 -0700 (PDT) Return-Path: Received: from ml01.01.org (ml01.01.org. [2001:19d0:306:5::1]) by mx.google.com with ESMTPS id lc4si17226215pab.144.2016.04.20.01.19.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 Apr 2016 01:19:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) client-ip=2001:19d0:306:5::1; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 9CB221A1EF1; Wed, 20 Apr 2016 01:19:48 -0700 (PDT) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received: from mail-wm0-x236.google.com (mail-wm0-x236.google.com [IPv6:2a00:1450:400c:c09::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id AD1A81A1E93 for ; Wed, 20 Apr 2016 01:19:46 -0700 (PDT) Received: by mail-wm0-x236.google.com with SMTP id v188so192730309wme.1 for ; Wed, 20 Apr 2016 01:19:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=QhH9uf8vMCjH/0HnbgzNR6q6DDrNkyW30VOjRbIiKVA=; b=g3ekPYtNgRAjb2tKk1R66P6LSHLP902pVV6drQ6mIqSf/G5J+wVhKmCt5lNmViLiVv vzJNInDcB6/nr2go2qYDJ11ojEAptmTSMBYSZWfsHniCnCv7rXfFZNtjZWzBhh74hYFR CixaB0C+HsaufsPcnfJbj7UbLwFmqe/cF5taE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=QhH9uf8vMCjH/0HnbgzNR6q6DDrNkyW30VOjRbIiKVA=; b=XU0TGMzjXPVPPi5MC3ZwHbtuJVMOPhxvCOs8rhVSElZi63eJ+gcYHkffXUkW+AXMIJ Gk1qeEVjsaCfiZuZUBOdCGXMWh9SO8y0yTz6vrVI5ewNgG0ZPjAoQeJoWeSpaHL2QbsE iZa2vzQrTzaqY/6T8xu7h2BIxO/+1n+Y8TKYNCdJjqZL28eKBUS3ltzXkyNzAEbcdvSI TdAOhw0BkP6IyOazyqagxJp7BC5VLJhX1jdo32P8s+70FBILIhJCwAvaOyz7FNDVK3O2 M6cT2r4ty3Mvinxe8D1dyZEZ8fhiONvETmAUDtG83U/+F05w1XsvjaPLz3FZdomlwHNQ VIHQ== X-Gm-Message-State: AOPr4FVt7GYN+LeNb3OtdqRYvFRqFzn0eEKJLXcpyLaGtBj4oBq1BnlS1fouXc02pYyw+4LB X-Received: by 10.194.83.42 with SMTP id n10mr7384059wjy.20.1461140385304; Wed, 20 Apr 2016 01:19:45 -0700 (PDT) Received: from localhost.localdomain ([195.55.142.58]) by smtp.gmail.com with ESMTPSA id w67sm8246834wmd.23.2016.04.20.01.19.44 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 20 Apr 2016 01:19:44 -0700 (PDT) From: Ard Biesheuvel To: edk2-devel@lists.01.org, leif.lindholm@linaro.org Date: Wed, 20 Apr 2016 10:19:40 +0200 Message-Id: <1461140380-19345-1-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.5.0 Subject: [edk2] [PATCH] ArmPkg/AArch64Mmu: don't let table entries inherit XN permission bits X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: vishalo@qti.qualcomm.com, Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" When we split a block entry into a table entry, the UXN/PXN/XN permission attributes are inherited both by the new table entry and by the new block entries at the next level down. Unlike the NS bit, which only affects the next level of lookup, the XN table bits supersede the permissions of the final translation, and setting the permissions at multiple levels is not only redundant, it also prevents us from lifting XN restrictions on a subregion of the original block entry by simply clearing the appropriate bits at the lowest level. So drop the code that sets the UXN/PXN/XN bits on the table entries. Reported-by: "Oliyil Kunnil, Vishal" Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel --- ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c | 7 ------- 1 file changed, 7 deletions(-) -- 2.5.0 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel Reviewed-by: Leif Lindholm diff --git a/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c b/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c index 48ca8271849c..cf9b7222b47b 100644 --- a/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c +++ b/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c @@ -306,13 +306,6 @@ GetBlockEntryListFromAddress ( // Convert the block entry attributes into Table descriptor attributes TableAttributes = TT_TABLE_AP_NO_PERMISSION; - if (Attributes & TT_PXN_MASK) { - TableAttributes = TT_TABLE_PXN; - } - // XN maps to UXN in the EL1&0 translation regime - if (Attributes & TT_XN_MASK) { - TableAttributes = TT_TABLE_XN; - } if (Attributes & TT_NS) { TableAttributes = TT_TABLE_NS; }