On Thu, Mar 16, 2017 at 01:06:14PM +0000, Ryan Harkin wrote:
On 16 March 2017 at 13:03, Leif Lindholm leif.lindholm@linaro.org wrote:
On Thu, Mar 16, 2017 at 12:04:50PM +0000, Ryan Harkin wrote:
On 7 March 2017 at 11:25, Ard Biesheuvel ard.biesheuvel@linaro.org wrote:
This enables the recently added and/or enhanced memory protection features in upstream EDK2:
- strict code/data separation PE/COFF sections so that mappings can be made either read-only or non-executable
- remove exec permissions from all other (i.e., non-code) regions (as far as is feasible without breaking GRUB)
- remap the DXE stack as non-executable before entering DxeCore
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel ard.biesheuvel@linaro.org
Tested-by: Ryan Harkin ryan.harkin@linaro.org
Tested on FVP Foundation & AEMv8, TC2 and Juno R0/1/2 when combined with the HEAD of EDK2 (currently 056563f) and OpenPlatformPkg at c6cdf9e, but with my hack to get TC2 booting [1].
I can't really defend to myself keeping that patch out of the public tree any more. We don't care enough to try to figure the actual issue out and it's needed for the platform to be of any use.
Want me to just push it?
Yes please :-)
If you could be so kind as to remove the "HACK" prefix from the title, that would be much appreciated. Although, it is still a hack...
Done. (And shortened the remainder of the subject slightly.)
I kept the rest of the commit message as-is, in violation of guidelines, because it's archeologically useful (and includes indented copies of other commit messages, which I wouldn't want to reflow).
/ Leif
/ Leif
Platforms/ARM/VExpress/ArmVExpress.dsc.inc | 21 ++++++++++++++++++++ 1 file changed, 21 insertions(+)
diff --git a/Platforms/ARM/VExpress/ArmVExpress.dsc.inc b/Platforms/ARM/VExpress/ArmVExpress.dsc.inc index c94001b3bcdb..431d6d0f76ce 100644 --- a/Platforms/ARM/VExpress/ArmVExpress.dsc.inc +++ b/Platforms/ARM/VExpress/ArmVExpress.dsc.inc @@ -14,6 +14,9 @@ [Defines] SECURE_BOOT_ENABLE = FALSE
+[BuildOptions.common.EDKII.DXE_CORE,BuildOptions.common.EDKII.DXE_DRIVER,BuildOptions.common.EDKII.UEFI_DRIVER,BuildOptions.common.EDKII.UEFI_APPLICATION]
- GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000
[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER] GCC:*_*_ARM_DLINK_FLAGS = -z common-page-size=0x1000 GCC:*_*_AARCH64_DLINK_FLAGS = -z common-page-size=0x10000 @@ -437,6 +440,24 @@ # GUID of the UI app gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{ 0x21, 0xaa, 0x2c, 0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a, 0xb6, 0xf4, 0x66, 0x23, 0x31 }
- #
- # Enable strict image permissions for all images. (This applies
- # only to images that were built with >= 4 KB section alignment.)
- #
- gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x3
- #
- # Enable NX memory protection for all non-code regions, including OEM and OS
- # reserved ones, with the exception of LoaderData regions, of which OS loaders
- # (i.e., GRUB) may assume that its contents are executable.
- #
- gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD1
- #
- # Enable the non-executable DXE stack. (This gets set up by DxeIpl)
- #
- gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE
[Components.common] MdeModulePkg/Universal/PCD/Dxe/Pcd.inf { <LibraryClasses> -- 2.7.4
[1] https://git.linaro.org/landing-teams/working/arm/OpenPlatformPkg.git/commit/...