From patchwork Tue Feb 28 12:13:12 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 94610 Delivered-To: patch@linaro.org Received: by 10.140.20.113 with SMTP id 104csp1291468qgi; Tue, 28 Feb 2017 04:13:28 -0800 (PST) X-Received: by 10.84.133.193 with SMTP id f59mr2686144plf.64.1488284008378; Tue, 28 Feb 2017 04:13:28 -0800 (PST) Return-Path: Received: from ml01.01.org (ml01.01.org. [2001:19d0:306:5::1]) by mx.google.com with ESMTPS id o71si1609198pfi.195.2017.02.28.04.13.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 28 Feb 2017 04:13:28 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) client-ip=2001:19d0:306:5::1; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id B37BD82169; Tue, 28 Feb 2017 04:13:26 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received: from mail-wm0-x22f.google.com (mail-wm0-x22f.google.com [IPv6:2a00:1450:400c:c09::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 8E8B381F45 for ; Tue, 28 Feb 2017 04:13:25 -0800 (PST) Received: by mail-wm0-x22f.google.com with SMTP id u199so10120618wmd.1 for ; Tue, 28 Feb 2017 04:13:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=2PJeDJx/oCwuAczTf8dB+hbItlKbISDKQs+mTTJxprI=; b=RvgmQHSzBXxKNiOL+Mp+QdLP6un7QQbWgMmbJXFeXnA3uExeXPyxW2Of5Yd4jBIkff MTxR2gRCic15/0bZn8iIXqF9lKqSaKeslB0En5GjEODK+trPUtt/w8KI/pQ0RpcOEVg5 Y9vKfLxdmaTZWExO/2C4n8Wzt31I9HhpocAC0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=2PJeDJx/oCwuAczTf8dB+hbItlKbISDKQs+mTTJxprI=; b=MXxo5ft7WgXpd9HSOFyyvUkOav4Oe5SnVAA/ZCMBeHE58fQuSO6N3anTEmhBCJxtcf dzsvYts6CKN5eMCig+rTkysmd0yJQGQOQfC8XcZTMokBe3PWz66bAwAzjDMyT/imvVvu RiyLKkiV2n0rbIRIZdCKGmOFhqfDVq5SP347CZRq3wG6e/q/mXaVUSOaYI1+EiWJNxqL UJ8vFVy9GxbssPvAR2iLDzzmugKLJ4h8whrrNlYN0nO2vMzTEwdhFi8HeQAK3jwgkCmk kiaIxB4ikQPoRvFuPFoNJMRzFyu95NWVx81o6pc0Ezevw1uskXxjk7NzXGG+5bzCY07W sCFw== X-Gm-Message-State: AMke39moznQdndGA/6NKulEpNHbTmF8Cl/CdJRXILYPS2ljSfhn9uu5ubOOwx1fWMf/VnWsv X-Received: by 10.28.97.194 with SMTP id v185mr2164037wmb.117.1488284004136; Tue, 28 Feb 2017 04:13:24 -0800 (PST) Received: from localhost.localdomain ([105.149.201.216]) by smtp.gmail.com with ESMTPSA id x193sm2403690wme.23.2017.02.28.04.13.22 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 28 Feb 2017 04:13:23 -0800 (PST) From: Ard Biesheuvel To: edk2-devel@lists.01.org, leif.lindholm@linaro.org Date: Tue, 28 Feb 2017 12:13:12 +0000 Message-Id: <1488283992-32104-3-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1488283992-32104-1-git-send-email-ard.biesheuvel@linaro.org> References: <1488283992-32104-1-git-send-email-ard.biesheuvel@linaro.org> Subject: [edk2] [PATCH 3/3] ArmPkg/UncachedMemoryAllocationLib: map uncached allocations non-executable X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" The primary use case for UncachedMemoryAllocationLib is non-coherent DMA, which implies that such regions are not used to fetch instructions from. So let's map them as non-executable, to avoid creating a security hole when the rest of the platform may be enforcing strict memory permissions on ordinary allocations. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel --- ArmPkg/Library/UncachedMemoryAllocationLib/UncachedMemoryAllocationLib.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) -- 2.7.4 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel Reviewed-by: Leif Lindholm diff --git a/ArmPkg/Library/UncachedMemoryAllocationLib/UncachedMemoryAllocationLib.c b/ArmPkg/Library/UncachedMemoryAllocationLib/UncachedMemoryAllocationLib.c index 0d8abad23433..b4fbfbcb362b 100644 --- a/ArmPkg/Library/UncachedMemoryAllocationLib/UncachedMemoryAllocationLib.c +++ b/ArmPkg/Library/UncachedMemoryAllocationLib/UncachedMemoryAllocationLib.c @@ -154,7 +154,8 @@ AllocatePagesFromList ( return Status; } - Status = gDS->SetMemorySpaceAttributes (Memory, EFI_PAGES_TO_SIZE (Pages), EFI_MEMORY_WC); + Status = gDS->SetMemorySpaceAttributes (Memory, EFI_PAGES_TO_SIZE (Pages), + EFI_MEMORY_WC | EFI_MEMORY_XP); if (EFI_ERROR (Status)) { gBS->FreePages (Memory, Pages); return Status;