From patchwork Mon Oct 24 08:57:23 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 78909 Delivered-To: patch@linaro.org Received: by 10.140.97.247 with SMTP id m110csp2457946qge; Mon, 24 Oct 2016 01:57:38 -0700 (PDT) X-Received: by 10.98.213.132 with SMTP id d126mr26614416pfg.182.1477299458206; Mon, 24 Oct 2016 01:57:38 -0700 (PDT) Return-Path: Received: from ml01.01.org (ml01.01.org. [198.145.21.10]) by mx.google.com with ESMTPS id g9si11386866pgn.302.2016.10.24.01.57.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 24 Oct 2016 01:57:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) client-ip=198.145.21.10; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id ECD571A1E57; Mon, 24 Oct 2016 01:57:35 -0700 (PDT) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received: from mail-wm0-x22f.google.com (mail-wm0-x22f.google.com [IPv6:2a00:1450:400c:c09::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id F27111A1E57 for ; Mon, 24 Oct 2016 01:57:33 -0700 (PDT) Received: by mail-wm0-x22f.google.com with SMTP id f193so103563542wmg.0 for ; Mon, 24 Oct 2016 01:57:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=8cJ6StnszTRG1cTb2rXVCtp4Cm7am2zK4mC/4Btr40A=; b=hqj3ucP8PzdPTWm71LvwkM1tNQX64frYOE0PrTGkGlv24o/tOCzYzP+4mRZjOG6Kmy L2A53Cz/YFfQiu7z9+FwodxsH2IXk+P0hiNGLe/YYc6G9Nwz2hq/zsZQFpp4SI8NZNip EzdlbciASRBzv3FdzxmMh9xx/cCwXmJRXfdvw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=8cJ6StnszTRG1cTb2rXVCtp4Cm7am2zK4mC/4Btr40A=; b=VmxHG84EZ52hhuHaIOiTwKFURx64NXBCGLLOgmUXwv0Qnt2nyUOGh+ai2f5pK7sHVW CQKe4ElaoYu9WELEor0VVh7DSP+OVOMxpnFT2Zmv/1M4sg+pSAp0HLsfGLxgrOpLnukh ABTVqxdIwQTayH9EqqJC5X2hCr7G3KfJjCy23eiWuewcJ8LWxvATJKDQA2UmsRfhcZxE +eWsGtWkP4zD9Yqx0vlhoYi5vpA+i+sUXlGBJRujWrjVVhHSWAeKbPXA/EmxnY1AtYh+ nBAGDA53A6d4geIrqN29yVzgFTgSAK55u5wKoX5rlav6WERqRjpYfYNeDNLkGKcSpYtm nybA== X-Gm-Message-State: AA6/9RmsjtukpCqq3M1UH2Mod5b/14cy5JZh8skaGXJJpkrpkTL6Fcp/XaIqXEX/M5UnBJ5F X-Received: by 10.28.181.68 with SMTP id e65mr14897210wmf.131.1477299451202; Mon, 24 Oct 2016 01:57:31 -0700 (PDT) Received: from localhost.localdomain ([105.146.229.54]) by smtp.gmail.com with ESMTPSA id uq6sm18114920wjc.37.2016.10.24.01.57.29 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 24 Oct 2016 01:57:30 -0700 (PDT) From: Ard Biesheuvel To: edk2-devel@lists.01.org Date: Mon, 24 Oct 2016 09:57:23 +0100 Message-Id: <1477299443-9324-2-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1477299443-9324-1-git-send-email-ard.biesheuvel@linaro.org> References: <1477299443-9324-1-git-send-email-ard.biesheuvel@linaro.org> Subject: [edk2] [PATCH 2/2] ArmPlatformPkg/PrePi: avoid global variable write to mSystemMemoryEnd X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: heyi.guo@Linaro.org, lersek@redhat.com, ryan.harkin@linaro.org, leif.lindholm@linaro.org, Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" The global variable mSystemMemoryEnd is initialized by PrePi only if it has not been initialized by ArmPlatformPeiBootAction(). This allows platforms executing under, e.g., ARM Trusted Firmware to dynamically reserve a window at the top of memory that will be used by the secure firmware. However, PrePi is a SEC module, and writing to a global variable violates the SEC constraints, since SEC and PEI may execute from NOR flash. So instead, initialize mSystemMemoryEnd statically. This will ensure it holds the correct value for all implementations where the value is not overridden, but still allows it to be overridden during the call to ArmPlatformPeiBootAction(). Note that this patch also fixes a latent bug on 32-bit platforms where a value of mSystemMemoryEnd exceeding 4 GB would be truncated to 32-bits rather than limited to (4 GB - 1) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel --- Build tested only. ArmPlatformPkg/PrePi/AArch64/ModuleEntryPoint.S | 14 ------------- ArmPlatformPkg/PrePi/Arm/ModuleEntryPoint.S | 20 +++++-------------- ArmPlatformPkg/PrePi/Arm/ModuleEntryPoint.asm | 21 ++++++-------------- ArmPlatformPkg/PrePi/PrePi.c | 3 +++ 4 files changed, 14 insertions(+), 44 deletions(-) -- 2.7.4 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel Tested-by: Ryan Harkin Reviewed-by: Leif Lindholm diff --git a/ArmPlatformPkg/PrePi/AArch64/ModuleEntryPoint.S b/ArmPlatformPkg/PrePi/AArch64/ModuleEntryPoint.S index d0530a874726..a81709d5d12d 100644 --- a/ArmPlatformPkg/PrePi/AArch64/ModuleEntryPoint.S +++ b/ArmPlatformPkg/PrePi/AArch64/ModuleEntryPoint.S @@ -13,8 +13,6 @@ #include -ASM_GLOBAL ASM_PFX(mSystemMemoryEnd) - ASM_FUNC(_ModuleEntryPoint) // Do early platform specific actions bl ASM_PFX(ArmPlatformPeiBootAction) @@ -31,16 +29,6 @@ _SetSVCMode: _SystemMemoryEndInit: ldr x1, mSystemMemoryEnd - // Is mSystemMemoryEnd initialized? - cmp x1, #0 - bne _SetupStackPosition - - MOV64 (x1, FixedPcdGet64(PcdSystemMemoryBase) + FixedPcdGet64(PcdSystemMemorySize) - 1) - - // Update the global variable - adr x2, mSystemMemoryEnd - str x1, [x2] - _SetupStackPosition: // r1 = SystemMemoryTop @@ -129,5 +117,3 @@ _PrepareArguments: _NeverReturn: b _NeverReturn - -ASM_PFX(mSystemMemoryEnd): .8byte 0 diff --git a/ArmPlatformPkg/PrePi/Arm/ModuleEntryPoint.S b/ArmPlatformPkg/PrePi/Arm/ModuleEntryPoint.S index 39030da5f2c3..212cab62d44b 100644 --- a/ArmPlatformPkg/PrePi/Arm/ModuleEntryPoint.S +++ b/ArmPlatformPkg/PrePi/Arm/ModuleEntryPoint.S @@ -15,8 +15,6 @@ #include -GCC_ASM_EXPORT(mSystemMemoryEnd) - ASM_FUNC(_ModuleEntryPoint) // Do early platform specific actions bl ASM_PFX(ArmPlatformPeiBootAction) @@ -35,17 +33,11 @@ _SetSVCMode: // to install the stacks at the bottom of the Firmware Device (case the FD is located // at the top of the DRAM) _SystemMemoryEndInit: - ldr r1, mSystemMemoryEnd - - // Is mSystemMemoryEnd initialized? - cmp r1, #0 - bne _SetupStackPosition - - MOV32 (r1, FixedPcdGet32(PcdSystemMemoryBase) + FixedPcdGet32(PcdSystemMemorySize) - 1) - - // Update the global variable - adr r2, mSystemMemoryEnd - str r1, [r2] + ADRL (r1, mSystemMemoryEnd) + ldrd r2, r3, [r1] + teq r3, #0 + moveq r1, r2 + mvnne r1, #0 _SetupStackPosition: // r1 = SystemMemoryTop @@ -136,5 +128,3 @@ _PrepareArguments: _NeverReturn: b _NeverReturn - -ASM_PFX(mSystemMemoryEnd): .8byte 0 diff --git a/ArmPlatformPkg/PrePi/Arm/ModuleEntryPoint.asm b/ArmPlatformPkg/PrePi/Arm/ModuleEntryPoint.asm index 023339841f75..1e9daf563bb6 100644 --- a/ArmPlatformPkg/PrePi/Arm/ModuleEntryPoint.asm +++ b/ArmPlatformPkg/PrePi/Arm/ModuleEntryPoint.asm @@ -21,15 +21,14 @@ IMPORT ArmReadMpidr IMPORT ArmPlatformPeiBootAction IMPORT ArmPlatformStackSet + IMPORT mSystemMemoryEnd EXPORT _ModuleEntryPoint - EXPORT mSystemMemoryEnd PRESERVE8 AREA PrePiCoreEntryPoint, CODE, READONLY StartupAddr DCD CEntryPoint -mSystemMemoryEnd DCQ 0 _ModuleEntryPoint // Do early platform specific actions @@ -49,19 +48,11 @@ _SetSVCMode // to install the stacks at the bottom of the Firmware Device (case the FD is located // at the top of the DRAM) _SystemMemoryEndInit - ldr r1, mSystemMemoryEnd - - // Is mSystemMemoryEnd initialized? - cmp r1, #0 - bne _SetupStackPosition - - mov32 r1, FixedPcdGet32(PcdSystemMemoryBase) - mov32 r2, FixedPcdGet32(PcdSystemMemorySize) - sub r2, r2, #1 - add r1, r1, r2 - // Update the global variable - adr r2, mSystemMemoryEnd - str r1, [r2] + mov32 r1, mSystemMemoryEnd + ldrd r2, r3, [r1] + teq r3, #0 + moveq r1, r2 + mvnne r1, #0 _SetupStackPosition // r1 = SystemMemoryTop diff --git a/ArmPlatformPkg/PrePi/PrePi.c b/ArmPlatformPkg/PrePi/PrePi.c index 36928c65a73b..e548ccace097 100644 --- a/ArmPlatformPkg/PrePi/PrePi.c +++ b/ArmPlatformPkg/PrePi/PrePi.c @@ -32,6 +32,9 @@ #define IS_XIP() (((UINT64)FixedPcdGet64 (PcdFdBaseAddress) > mSystemMemoryEnd) || \ ((FixedPcdGet64 (PcdFdBaseAddress) + FixedPcdGet32 (PcdFdSize)) < FixedPcdGet64 (PcdSystemMemoryBase))) +UINT64 mSystemMemoryEnd = FixedPcdGet64(PcdSystemMemoryBase) + + FixedPcdGet64(PcdSystemMemorySize) - 1; + EFI_STATUS EFIAPI ExtractGuidedSectionLibConstructor (