> On 7. Feb 2023, at 19:19, Taylor Beebe wrote:
>
> If I understand Marvin correctly, he means that there either needs to be a
> requirement that if you change the attributes of an allocated buffer you must
> change them back before freeing, or the memory management logic should handle
>
> On 7. Feb 2023, at 18:56, Ard Biesheuvel wrote:
>
> On Tue, 7 Feb 2023 at 11:13, Marvin Häuser wrote:
>>
>>
>> On 7. Feb 2023, at 11:01, Ard Biesheuvel wrote:
>>
>> Actually, it seems UnprotectUefiImage () is corrent under the
>> assumption that all code regions have EFI_MEMORY_XP
On 2/7/2023 12:56 AM, Marvin Häuser wrote:
> Hi Taylor and Ard,
>
>> On 7. Feb 2023, at 09:29, Ard Biesheuvel wrote:
>>
>> On Tue, 7 Feb 2023 at 02:18, Taylor Beebe wrote:
>>>
>>> I can't see the Bugzilla you referenced so I requested security
Bugzilla
>>> access. But, yes, that's the bug to
On Tue, 7 Feb 2023 at 11:13, Marvin Häuser wrote:
>
>
> On 7. Feb 2023, at 11:01, Ard Biesheuvel wrote:
>
> Actually, it seems UnprotectUefiImage () is corrent under the
> assumption that all code regions have EFI_MEMORY_XP cleared by
> default.
>
> However, if you redefine the policy to set
> On 7. Feb 2023, at 11:01, Ard Biesheuvel wrote:
>
> Actually, it seems UnprotectUefiImage () is corrent under the
> assumption that all code regions have EFI_MEMORY_XP cleared by
> default.
>
> However, if you redefine the policy to set EFI_MEMORY_XP on code
> regions by default, and only
On Tue, 7 Feb 2023 at 10:16, Ard Biesheuvel wrote:
>
> On Tue, 7 Feb 2023 at 09:56, Marvin Häuser wrote:
> >
> > Hi Taylor and Ard,
> >
> > > On 7. Feb 2023, at 09:29, Ard Biesheuvel wrote:
> > >
> > > On Tue, 7 Feb 2023 at 02:18, Taylor Beebe wrote:
> > >>
> > >> I can't see the Bugzilla you
> On 7. Feb 2023, at 10:16, Ard Biesheuvel wrote:
>
> On Tue, 7 Feb 2023 at 09:56, Marvin Häuser wrote:
>>
>> Hi Taylor and Ard,
>>
On 7. Feb 2023, at 09:29, Ard Biesheuvel wrote:
>>>
>>> On Tue, 7 Feb 2023 at 02:18, Taylor Beebe wrote:
I can't see the Bugzilla you
On Tue, 7 Feb 2023 at 09:56, Marvin Häuser wrote:
>
> Hi Taylor and Ard,
>
> > On 7. Feb 2023, at 09:29, Ard Biesheuvel wrote:
> >
> > On Tue, 7 Feb 2023 at 02:18, Taylor Beebe wrote:
> >>
> >> I can't see the Bugzilla you referenced so I requested security Bugzilla
> >> access. But, yes,
Hi Taylor and Ard,
> On 7. Feb 2023, at 09:29, Ard Biesheuvel wrote:
>
> On Tue, 7 Feb 2023 at 02:18, Taylor Beebe wrote:
>>
>> I can't see the Bugzilla you referenced so I requested security Bugzilla
>> access. But, yes, that's the bug to which I was referring :)
>>
>
> I cannot see that
On Tue, 7 Feb 2023 at 02:18, Taylor Beebe wrote:
>
> I can't see the Bugzilla you referenced so I requested security Bugzilla
> access. But, yes, that's the bug to which I was referring :)
>
I cannot see that bugzilla entry either.
> Once Ard's change to add Memory Attribute Protocol support to
I can't see the Bugzilla you referenced so I requested security Bugzilla
access. But, yes, that's the bug to which I was referring :)
Once Ard's change to add Memory Attribute Protocol support to ARM
platforms is in, the change you linked may be palatable for the
upstream. However, ARM
Hi Taylor,
Do you by any chance mean this bug?
https://github.com/microsoft/mu_basecore/blob/release/202208/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c#L1544
I reported this a while ago at
https://bugzilla.tianocore.org/show_bug.cgi?id=3316
The Mu fix is by no means a workaround and
On 2/2/2023 1:43 AM, Ard Biesheuvel wrote:
On Wed, 1 Feb 2023 at 19:41, Taylor Beebe wrote:
Hey Ard,
Have you encountered complications which stem from the lack of
pre-allocated page table memory on ARM devices utilizing the memory
protection policy?
Interesting. No I haven't, but I
On Wed, 1 Feb 2023 at 19:41, Taylor Beebe wrote:
>
> Hey Ard,
>
> Have you encountered complications which stem from the lack of
> pre-allocated page table memory on ARM devices utilizing the memory
> protection policy?
>
Interesting. No I haven't, but I agree it is a potential concern.
> My
Hey Ard,
Have you encountered complications which stem from the lack of
pre-allocated page table memory on ARM devices utilizing the memory
protection policy?
My observation is the call stack can end up something like:
1. MemoryAttributeProtocol->SetMemoryAttributes(EFI_MEMORY_RO)
2.
Expose the protocol introduced in v2.10 that permits the caller to
manage mapping permissions in the page tables.
Signed-off-by: Ard Biesheuvel
---
ArmPkg/Drivers/CpuDxe/CpuDxe.c | 2 +
ArmPkg/Drivers/CpuDxe/CpuDxe.h | 3 +
ArmPkg/Drivers/CpuDxe/CpuDxe.inf| 2 +
16 matches
Mail list logo