From nobody Sun Apr 28 19:03:28 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1523509096275137.06870531786467; Wed, 11 Apr 2018 21:58:16 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 0BA272270D328; Wed, 11 Apr 2018 21:58:15 -0700 (PDT) Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 152DA2267F0FB for ; Wed, 11 Apr 2018 21:58:13 -0700 (PDT) Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Apr 2018 21:58:13 -0700 Received: from shwdeopenpsi777.ccr.corp.intel.com ([10.239.158.27]) by fmsmga004.fm.intel.com with ESMTP; 11 Apr 2018 21:58:11 -0700 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.20; helo=mga02.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.48,439,1517904000"; d="scan'208";a="45528144" From: Jian J Wang To: edk2-devel@lists.01.org Date: Thu, 12 Apr 2018 12:58:07 +0800 Message-Id: <20180412045807.5060-1-jian.j.wang@intel.com> X-Mailer: git-send-email 2.16.2.windows.1 Subject: [edk2] [PATCH v2] MdeModulePkg/PiSmmIpl: fix non-executable SMM RAM X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ruiyu Ni , Michael D Kinney , Jiewen Yao , Eric Dong , Star Zeng MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" > v2 changes: > a. Remove redundant code and fill-up potential logic hole > b. Code clean-up > c. Fix error in commit log This patch fixes an issue introduced by commit 5b91bf82c67b586b9588cbe4bbffa1588f6b5926 and 0c9f2cb10b7ddec56a3440e77219fd3ab1725e5c This issue will only happen if PcdDxeNxMemoryProtectionPolicy is enabled for reserved memory, which will mark SMM RAM as NX (non- executable) during DXE core initialization. SMM IPL driver will unset the NX attribute for SMM RAM to allow loading and running SMM core/drivers. But above commit will fail the unset operation of the NX attribute due to a fact that SMM RAM has zero cache attribute (MRC code always sets 0 attribute to reserved memory), which will cause GCD internal method ConverToCpuArchAttributes() to return 0 attribute, which is taken as invalid CPU paging attribute and skip the calling of gCpu->SetMemoryAttributes(). The solution is to make use of existing functionality in PiSmmIpl to make sure one cache attribute is set for SMM RAM. For performance consideration, PiSmmIpl will always try to set SMM RAM to write-back. But there's a hole in the code which will fail the setting write-back attribute because of no corresponding cache capabilities. This patch will add necessary cache capabilities before setting corresponding attributes. Cc: Star Zeng Cc: Eric Dong Cc: Jiewen Yao Cc: Ruiyu Ni Cc: Michael D Kinney Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang --- MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c | 51 ++++++++++++++++++++++++------= ---- 1 file changed, 37 insertions(+), 14 deletions(-) diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c b/MdeModulePkg/Core/PiS= mmCore/PiSmmIpl.c index 94d671bd74..dee6e62bf4 100644 --- a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c +++ b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c @@ -42,6 +42,15 @@ =20 #include "PiSmmCorePrivateData.h" =20 +#define SMRAM_CAPABILITIES \ + (EFI_MEMORY_WB | EFI_MEMORY_UC | EFI_MEMORY_XP | EFI_MEMORY_RP | EFI_MEM= ORY_RO) + +#define MEMORY_CACHE_ATTRIBUTES (EFI_MEMORY_UC | EFI_MEMORY_WC | \ + EFI_MEMORY_WT | EFI_MEMORY_WB | \ + EFI_MEMORY_WP | EFI_MEMORY_UCE) + +#define MEMORY_PAGE_ATTRIBUTES (EFI_MEMORY_XP | EFI_MEMORY_RP | EFI_MEMOR= Y_RO) + // // Function prototypes from produced protocols // @@ -1617,34 +1626,48 @@ SmmIplEntry ( =20 GetSmramCacheRange (mCurrentSmramRange, &mSmramCacheBase, &mSmramCache= Size); // + // Make sure we can change the desired memory attributes. + // + Status =3D gDS->GetMemorySpaceDescriptor ( + mSmramCacheBase, + &MemDesc + ); + ASSERT_EFI_ERROR (Status); + if ((MemDesc.Capabilities & SMRAM_CAPABILITIES) !=3D SMRAM_CAPABILITIE= S) { + gDS->SetMemorySpaceCapabilities ( + mSmramCacheBase, + mSmramCacheSize, + MemDesc.Capabilities | SMRAM_CAPABILITIES + ); + } + // // If CPU AP is present, attempt to set SMRAM cacheability to WB and c= lear - // XP if it's set. + // all paging attributes. // Note that it is expected that cacheability of SMRAM has been set to= WB if CPU AP // is not available here. // CpuArch =3D NULL; Status =3D gBS->LocateProtocol (&gEfiCpuArchProtocolGuid, NULL, (VOID = **)&CpuArch); if (!EFI_ERROR (Status)) { - Status =3D gDS->SetMemorySpaceAttributes( - mSmramCacheBase,=20 + MemDesc.Attributes &=3D ~(MEMORY_CACHE_ATTRIBUTES | MEMORY_PAGE_ATTR= IBUTES); + MemDesc.Attributes |=3D EFI_MEMORY_WB; + Status =3D gDS->SetMemorySpaceAttributes ( + mSmramCacheBase, mSmramCacheSize, - EFI_MEMORY_WB + MemDesc.Attributes ); if (EFI_ERROR (Status)) { DEBUG ((DEBUG_WARN, "SMM IPL failed to set SMRAM window to EFI_MEM= ORY_WB\n")); } =20 - Status =3D gDS->GetMemorySpaceDescriptor( - mCurrentSmramRange->PhysicalStart, - &MemDesc - ); - if (!EFI_ERROR (Status) && (MemDesc.Attributes & EFI_MEMORY_XP) !=3D= 0) { - gDS->SetMemorySpaceAttributes ( - mCurrentSmramRange->PhysicalStart, - mCurrentSmramRange->PhysicalSize, - MemDesc.Attributes & (~EFI_MEMORY_XP) + DEBUG_CODE ( + gDS->GetMemorySpaceDescriptor ( + mSmramCacheBase, + &MemDesc ); - } + DEBUG ((DEBUG_INFO, "SMRAM attributes: %016lx\n", MemDesc.Attribut= es)); + ASSERT ((MemDesc.Attributes & MEMORY_PAGE_ATTRIBUTES) =3D=3D 0); + ); } // // if Loading module at Fixed Address feature is enabled, save the SMR= AM base to Load --=20 2.16.2.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel