diff options
| author | Ard Biesheuvel <ard.biesheuvel@linaro.org> | 2015-11-18 11:51:06 +0000 |
|---|---|---|
| committer | abiesheuvel <abiesheuvel@Edk2> | 2015-11-18 11:51:06 +0000 |
| commit | 6bc35cbaca790fc32904cbb4f1bfc30381910ed0 (patch) | |
| tree | 130a0662a08c28bac7aa63becf028a0d3aeada02 | |
| parent | 19bb46c411279dcd30d540c56e5993c5f771c319 (diff) | |
| download | edk2-6bc35cbaca790fc32904cbb4f1bfc30381910ed0.zip edk2-6bc35cbaca790fc32904cbb4f1bfc30381910ed0.tar.gz edk2-6bc35cbaca790fc32904cbb4f1bfc30381910ed0.tar.bz2 | |
ArmPkg/Mmu: set required XN attributes for device mappings
To prevent speculative intruction fetches from MMIO ranges that may
have side effects on reads, the architecture requires device mappings
to be created with the XN or UXN/PXN bits set (for the ARM/EL2 and
EL1&0 translation regimes, respectively.)
Note that, in the ARM case, this involves moving all accesses to a
client domain since permission attributes like XN are ignored from
a manager domain. The use of a client domain is actually mandated
explicitly by the UEFI spec.
Reported-by: Heyi Guo <heyi.guo@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18891 6f19259b-4bc3-4df7-8a09-765794883524
| -rw-r--r-- | ArmPkg/Include/Chipset/ArmV7Mmu.h | 2 | ||||
| -rw-r--r-- | ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c | 5 | ||||
| -rw-r--r-- | ArmPkg/Library/ArmLib/ArmV7/ArmV7Mmu.c | 2 |
3 files changed, 7 insertions, 2 deletions
diff --git a/ArmPkg/Include/Chipset/ArmV7Mmu.h b/ArmPkg/Include/Chipset/ArmV7Mmu.h index aaa0977..e38c5f7 100644 --- a/ArmPkg/Include/Chipset/ArmV7Mmu.h +++ b/ArmPkg/Include/Chipset/ArmV7Mmu.h @@ -192,6 +192,7 @@ TT_DESCRIPTOR_SECTION_S_NOT_SHARED | \
TT_DESCRIPTOR_SECTION_DOMAIN(0) | \
TT_DESCRIPTOR_SECTION_AP_RW_RW | \
+ TT_DESCRIPTOR_SECTION_XN_MASK | \
TT_DESCRIPTOR_SECTION_CACHE_POLICY_SHAREABLE_DEVICE)
#define TT_DESCRIPTOR_SECTION_UNCACHED(NonSecure) (TT_DESCRIPTOR_SECTION_TYPE_SECTION | \
((NonSecure) ? TT_DESCRIPTOR_SECTION_NS : 0) | \
@@ -215,6 +216,7 @@ TT_DESCRIPTOR_PAGE_NG_GLOBAL | \
TT_DESCRIPTOR_PAGE_S_NOT_SHARED | \
TT_DESCRIPTOR_PAGE_AP_RW_RW | \
+ TT_DESCRIPTOR_PAGE_XN_MASK | \
TT_DESCRIPTOR_PAGE_CACHE_POLICY_SHAREABLE_DEVICE)
#define TT_DESCRIPTOR_PAGE_UNCACHED (TT_DESCRIPTOR_PAGE_TYPE_PAGE | \
TT_DESCRIPTOR_PAGE_NG_GLOBAL | \
diff --git a/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c b/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c index c8b3d4a..377a785 100644 --- a/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c +++ b/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c @@ -50,7 +50,10 @@ ArmMemoryAttributeToPageAttribute ( ASSERT(0);
case ARM_MEMORY_REGION_ATTRIBUTE_DEVICE:
case ARM_MEMORY_REGION_ATTRIBUTE_NONSECURE_DEVICE:
- return TT_ATTR_INDX_DEVICE_MEMORY;
+ if (ArmReadCurrentEL () == AARCH64_EL2)
+ return TT_ATTR_INDX_DEVICE_MEMORY | TT_TABLE_XN;
+ else
+ return TT_ATTR_INDX_DEVICE_MEMORY | TT_TABLE_UXN | TT_TABLE_PXN;
}
}
diff --git a/ArmPkg/Library/ArmLib/ArmV7/ArmV7Mmu.c b/ArmPkg/Library/ArmLib/ArmV7/ArmV7Mmu.c index 1287dfb..e05a51e 100644 --- a/ArmPkg/Library/ArmLib/ArmV7/ArmV7Mmu.c +++ b/ArmPkg/Library/ArmLib/ArmV7/ArmV7Mmu.c @@ -294,7 +294,7 @@ ArmConfigureMmu ( DOMAIN_ACCESS_CONTROL_NONE( 3) |
DOMAIN_ACCESS_CONTROL_NONE( 2) |
DOMAIN_ACCESS_CONTROL_NONE( 1) |
- DOMAIN_ACCESS_CONTROL_MANAGER(0));
+ DOMAIN_ACCESS_CONTROL_CLIENT(0));
ArmEnableInstructionCache();
ArmEnableDataCache();
|