mail archive of the barebox mailing list
 help / color / mirror / Atom feed
From: Ahmad Fatoum <a.fatoum@pengutronix.de>
To: Peter Rosin <peda@axentia.se>,
	Rouven Czerwinski <r.czerwinski@pengutronix.de>,
	Sascha Hauer <s.hauer@pengutronix.de>,
	Ahmad Fatoum <ahmad@a3f.at>
Cc: Barebox List <barebox@lists.infradead.org>
Subject: Re: [PATCH 3/4] Revert "ARM: mmu: use client domain permissions to support ARMv7 eXecute Never"
Date: Mon, 20 Sep 2021 11:14:01 +0200	[thread overview]
Message-ID: <aa1fb3a8-6d97-1c3f-ec7e-82489c8ceb0a@pengutronix.de> (raw)
In-Reply-To: <02b09328-e300-f36e-4cc4-daa7afb47ad5@axentia.se>

Hi Peter,

On 19.09.21 09:50, Peter Rosin wrote:
> On 2021-09-19 09:06, Rouven Czerwinski wrote:
>> Hi Peter,
>>
>> while this may break for your board, it fundamentally introduces the
>> possibility to speculate out of the RAM area on speculation happy
> 
> I'm aware of that. For me, speculation is not an issue since *any*
> rogue code running on the embedded device in question is a major fail.

We have seen Cortex-A7 CPUs speculatively executing I/O memory. That's
why we mar everything eXecute-Never except for known memory banks and
expect board code to mark any further regions that are safe to execute
manually. 

> Also, from the cover letter:
> 
> "I'm going to follow up with patches. I very much realize that
> these patches are most likely not acceptable as-is, but I do
> include them since they are probably the best description of
> where the problems are."
> 
>> processors. Are you calling into SAMA5D3 ROM code somewhere? If so an
> 
> *I* am not calling anything. Maybe the board code for sama5d3xek is,
> but I have no idea as it's not "my" code. How can I figure out if it
> does?

If you don't revert this patch. Do you get any output at all?
If not, enable DEBUG_LL and see how far you get before hanging.

Cheers,
Ahad

> 
> Cheers,
> Peter
> 
>> exception can be added similar to the handling for the HAB code
>> (arch/arm/cpu/mmu_early.c):
>>
>> 	if (IS_ENABLED(CONFIG_HABV4) && IS_ENABLED(CONFIG_ARCH_IMX6))
>> 		map_region(0x0, SZ_1M, PMD_SECT_DEF_CACHED);
>>
>> which allows calls into the NXP boot ROM to retrieve the HAB status.
> 
> _______________________________________________
> barebox mailing list
> barebox@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/barebox
> 


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox


  parent reply	other threads:[~2021-09-20  9:15 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-17 22:37 at91 sama5d3 "regressions" Peter Rosin
2021-09-17 22:39 ` [PATCH 1/4] common.h: reintroduce region_overlap() as, old_region_overlap() Peter Rosin
2021-09-17 22:39 ` [PATCH 2/4] ARM: copy data if there is a region overlap Peter Rosin
2021-09-17 22:40 ` [PATCH 3/4] Revert "ARM: mmu: use client domain permissions to support ARMv7 eXecute Never" Peter Rosin
2021-09-19  7:06   ` Rouven Czerwinski
2021-09-19  7:50     ` Peter Rosin
2021-09-19 20:33       ` Peter Rosin
2021-09-20  9:14       ` Ahmad Fatoum [this message]
2021-09-20 10:22         ` Peter Rosin
2021-09-17 22:41 ` [PATCH 4/4] lds: the RO_DATA_SECTION macro does not work on my SAMA5D3 board Peter Rosin
2021-09-17 23:57 ` at91 sama5d3 "regressions" Peter Rosin
2021-09-19  6:32   ` Peter Rosin
2021-09-22  7:06     ` Ahmad Fatoum
2021-09-22  7:41       ` Peter Rosin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aa1fb3a8-6d97-1c3f-ec7e-82489c8ceb0a@pengutronix.de \
    --to=a.fatoum@pengutronix.de \
    --cc=ahmad@a3f.at \
    --cc=barebox@lists.infradead.org \
    --cc=peda@axentia.se \
    --cc=r.czerwinski@pengutronix.de \
    --cc=s.hauer@pengutronix.de \
    --subject='Re: [PATCH 3/4] Revert "ARM: mmu: use client domain permissions to support ARMv7 eXecute Never"' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox