Re: [PATCH v1 5/6] treewide: Add a function to change page permissions

[Heinrich Schuchardt]

Am 9. Februar 2025 21:15:53 MEZ schrieb Simon Glass <sjg at chromium.org>:
>Hi Tom,
>
>On Sun, 9 Feb 2025 at 09:39, Tom Rini <trini at konsulko.com> wrote:
>>
>> On Thu, Feb 06, 2025 at 08:47:47AM -0700, Simon Glass wrote:
>>
>> [snip]
>> > Perhaps make EFI_LOADER select CPU, or depend on CPU? If that's the
>> > way you want to go, I'd be happy to do a precursor series to deal with
>> > the fallout.
>>
>> I'm not sure what EFI_LOADER has to do with the generic security feature
>> of enforcing permissions on pages. That's something we want everywhere
>> that can enable it as it's a good defensive security measure and also
>> catches code bugs.
>
>Yes, it's a good thing to have. I assumed it was related to EFI
>because of all the mention of EFI, SetVirtualAddressMap() and the
>like.
>
>It doesn't have to be DM. I was reacting to the idea that we cannot
>add it to the CPU driver because hardly any boards have one. How about
>mapping arch-specific stuff to generic functions, like we try to do
>with the CPU uclass. The enforcement happens before initr_dm()
>although I suppose it could be moved later, or a CPU driver could be
>started up before relocation. Or just don't use a CPU driver, use
>something else.
>
>WIth all the pain I've just been through with the EFI link scripts, I
>would have rather seen some effort to follow the existing convention,
>e.g. text_start rather than start_text. We already have
>__image_copy_start - there is so much arch-specific variability here
>already.

Like we did for the EFI linker scripts we should standardize the u-boot binary linker scripts by using a common linker script include.

Best regards

Heinrich


>
>Anyway, I'll stay away from this series in future.
>
>Regards,
>Simon