From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105894+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105894+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191305; cv=none; d=zohomail.com; s=zohoarc; b=XX2+3Unpyoz8yhTCsO1fPhxGrt57J7pDRZZPtcrW5dscZxlu1oaK5IJXUOVi8B42IhXg3/jL5+Au3t07R5aR16bSRBk0Lv7YqElQWXoevGu3uf+BKokODgWMtKvQwgpE4/4RKGTItgqYBhiNUTF6mg96qVpH+8um9v34EEZqVsg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191305; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=udyWx09mBPhLRspIH4+oMWICSHDub48P3pcD97BFGww=; b=ap+NFXtm3kP3Nb7R1uwMX86y1K7uWgZ9PfBR2qMhd4ZYJayetg9hB5gssJhaXbX3xCn6MVUO8OK4wFC3/Wg2aOODn7OeCG92vJxPRanmiozmWryO4aXUiXeznQ4Pq+Ht5/7p28W3pBxjN/yC3/D3idt4g1BAHK+QhmMPQqUnP0I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105894+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 168619130510176.92905999079426; Wed, 7 Jun 2023 19:28:25 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id JPjNYY1788612xvkydTsUP3Q; Wed, 07 Jun 2023 19:28:24 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.377.1686191300320666390 for ; Wed, 07 Jun 2023 19:28:24 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184164" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184164" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:23 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877674" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877674" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:21 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann , Tom Lendacky , Ray Ni Subject: [edk2-devel] [Patch V5 01/14] OvmfPkg:Remove code that apply AddressEncMask to non-leaf entry Date: Thu, 8 Jun 2023 10:27:29 +0800 Message-Id: <20230608022742.1292-2-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: 9qATUyzkvMghzNIlaJT3gZAlx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191304; bh=cGvkEF8cMFgkOtHyS38utXClLx+RR8MhG9ZmvzHuCH0=; h=Cc:Date:From:Reply-To:Subject:To; b=d95AqAn40BqtKmJjA+FASKnxCihbZJHTjMxh+hdbX6DhFlZI79Z9/1p+9C4nLblXMUQ YMQNW3V0f2cSBLYXv6uehLlKry5XQ0zOmNYeHfwFL9jIyy6PUHDOl8HlMfpns0at9QI6x bi30/viu7Izj7ctvVzD0mx8WwuPiFWN5JDc= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191307089100003 Content-Type: text/plain; charset="utf-8" Remove code that apply AddressEncMask to non-leaf entry when split smm page table by MemEncryptSevLib. In FvbServicesSmm driver, it calls MemEncryptSevClearMmioPageEncMask to clear AddressEncMask bit in page table for a specific range. In AMD SEV feature, this AddressEncMask bit in page table is used to indicate if the memory is guest private memory or shared memory. But all memory used by page table are treated as encrypted regardless of encryption bit. So remove the EncMask bit for smm non-leaf page table entry doesn't impact AMD SEV feature. If page split happens in the AddressEncMask bit clear process, there will be some new non-leaf entries with AddressEncMask applied in smm page table. When ReadyToLock, code in PiSmmCpuDxe module will use CpuPageTableLib to modify smm page table. So remove code to apply AddressEncMask for new non-leaf entries since CpuPageTableLib doesn't consume the EncMask PCD. Signed-off-by: Dun Tan Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann Cc: Tom Lendacky Cc: Ray Ni Acked-by: Gerd Hoffmann Reviewed-by: Ray Ni Tested-by: Gerd Hoffmann --- OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c= b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c index cf2441b551..aba2e8c081 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c @@ -233,7 +233,7 @@ Split2MPageTo4K ( // Fill in 2M page entry. // *PageEntry2M =3D ((UINT64)(UINTN)PageTableEntry1 | - IA32_PG_P | IA32_PG_RW | AddressEncMask); + IA32_PG_P | IA32_PG_RW); } =20 /** @@ -352,7 +352,7 @@ SetPageTablePoolReadOnly ( PhysicalAddress +=3D LevelSize[Level - 1]; } =20 - PageTable[Index] =3D (UINT64)(UINTN)NewPageTable | AddressEncMask | + PageTable[Index] =3D (UINT64)(UINTN)NewPageTable | IA32_PG_P | IA32_PG_RW; PageTable =3D NewPageTable; } @@ -440,7 +440,7 @@ Split1GPageTo2M ( // Fill in 1G page entry. // *PageEntry1G =3D ((UINT64)(UINTN)PageDirectoryEntry | - IA32_PG_P | IA32_PG_RW | AddressEncMask); + IA32_PG_P | IA32_PG_RW); =20 PhysicalAddress2M =3D PhysicalAddress; for (IndexOfPageDirectoryEntries =3D 0; --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105894): https://edk2.groups.io/g/devel/message/105894 Mute This Topic: https://groups.io/mt/99399225/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105895+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105895+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191307; cv=none; d=zohomail.com; s=zohoarc; b=BEgba100vjJjugG1MvFHrIlCdSBeIZ+/Q4fRV08YZZc+cp40wqe3NlHse0z6ijm9aT+bw/kozvzA3shHtIpuiiT1kbwBaQDnr0akBvnC53pcA0eLzBIjIleZC2CeGWZkf1GUaDNYCtygy0oBwlM/ZLnvrAHaV4oc+azYGk9S98Q= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191307; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=H/hnj5d4hMLcBU2zjPg8wO/PYl6ZH+EGwfDgUNpuhXA=; b=hM2jYQEn5nKyxX3Jemli7ZmlWAyugwdcFX3BK/94j1lERL4wFiODHlpcAZlF2El52r6vQ3Oe9Gcn6Lx+Di4iE/GHkE4+gSS/smOOXFCVKQbYelAt7609XuGtec8hoSwnqqSzG1JOvCuBZJ5PvvXVxP8vZCBZe7cmXk0f9sStrF8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105895+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1686191307326879.6785088462117; Wed, 7 Jun 2023 19:28:27 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id nP2SYY1788612xjL9kQsjfFl; Wed, 07 Jun 2023 19:28:27 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.377.1686191300320666390 for ; Wed, 07 Jun 2023 19:28:26 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184177" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184177" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:26 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877691" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877691" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:24 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Liming Gao , Ray Ni , Jian J Wang Subject: [edk2-devel] [Patch V5 02/14] MdeModulePkg: Remove RO and NX protection when unset guard page Date: Thu, 8 Jun 2023 10:27:30 +0800 Message-Id: <20230608022742.1292-3-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: R5lIEcJpUMZkCoBIstol82Gtx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191307; bh=Y+tzgUbdIs168TEkmwDf9FQ8U5ORfmZGjPKbebW3Urg=; h=Cc:Date:From:Reply-To:Subject:To; b=deJToZDV6YBruK4xUlCK6BHzvmDNDak+B7sqFawr/tbjdoxSd1Zh6BYJYKhY4Px5a0S mcIysnQrK2G6zhXDRy6dBLv6n96+R3LbtmT9MG8A8YwlmKZQRJVqtzfysOuXLruJ/Py1o 8I4tBTH7val0yZk5mWjvY43L9mldHnmJaCc= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191308312100005 Content-Type: text/plain; charset="utf-8" Remove RO and NX protection when unset guard page. When UnsetGuardPage(), remove all the memory attribute protection for guarded page. Signed-off-by: Dun Tan Cc: Liming Gao Cc: Ray Ni Cc: Jian J Wang Reviewed-by: Ray Ni --- MdeModulePkg/Core/PiSmmCore/HeapGuard.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c b/MdeModulePkg/Core/Pi= SmmCore/HeapGuard.c index 8f3bab6fee..7daeeccf13 100644 --- a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c +++ b/MdeModulePkg/Core/PiSmmCore/HeapGuard.c @@ -553,7 +553,7 @@ UnsetGuardPage ( mSmmMemoryAttribute, BaseAddress, EFI_PAGE_SIZE, - EFI_MEMORY_RP + EFI_MEMORY_RP|EFI_MEMORY_RO|EFI_M= EMORY_XP ); ASSERT_EFI_ERROR (Status); mOnGuarding =3D FALSE; --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105895): https://edk2.groups.io/g/devel/message/105895 Mute This Topic: https://groups.io/mt/99399226/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105896+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105896+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191309; cv=none; d=zohomail.com; s=zohoarc; b=kaaY5g40gfxXAqIypFAfp3CHNS+9HUvt8AmmkEgYHkwLKZ461eryBpdTwYjBJ93fUJ4wxqdfez3n+rFIoYI0cRpp/LMMQ7f31ufNCfWmxpObYW3f1nb+4MWcR89kWQacl9y/jyqg+zP+yCl90uyb1DkdIADhXRcNH3komgpJYNA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191309; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=lyO+facpM5r0xxOF7fATsdz2t40Ukmv/bP7ARigzjN4=; b=MbdKEGdbjLhqGuCB3nPAsa0i/ThXPh7vA9+58DCz3/F42SAkYTzFXOxKV8X3DoYiOptP/ScsciEaJuKCevxcfJJJPRYn9Qfy/ojpG0pyZHKXl6BK6EK5AniiX9PBOzhySn4fespWJUNOaY4VtpeRCfSIeJGmK3VKs06ncUmxk8Q= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105896+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1686191309803764.1184335746792; Wed, 7 Jun 2023 19:28:29 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 7RKDYY1788612xTKqa3UBrAB; Wed, 07 Jun 2023 19:28:29 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.377.1686191300320666390 for ; Wed, 07 Jun 2023 19:28:28 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184199" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184199" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:28 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877710" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877710" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:27 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V5 03/14] UefiCpuPkg: Use CpuPageTableLib to convert SMM paging attribute. Date: Thu, 8 Jun 2023 10:27:31 +0800 Message-Id: <20230608022742.1292-4-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: TyP35ysay9m3Im1SgBOUBvFTx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191309; bh=uj2tCAZeoUja0abz1MSn23pAWKQrU6JTCf8tFH6u+lo=; h=Cc:Date:From:Reply-To:Subject:To; b=rZ03+Q6xOaDCl+xMaQDb8NjuN3LSTmjH2U2dsy9l1qi+DUcGQ//lVcAvd72QrlaCIRf iDU3QabF3bB+GTjO0+dpd9ah5bR5Rox9ZoGBIP56W6lNCK/eeSU3amAnCJbfExj6qug3s 2yepsxRfXpWjrWLCymj2MEcFnt4VNXQ8LBM= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191311121100001 Content-Type: text/plain; charset="utf-8" Simplify the ConvertMemoryPageAttributes API to convert paging attribute by CpuPageTableLib. In the new API, it calls PageTableMap() to update the page attributes of a memory range. With the PageTableMap() API in CpuPageTableLib, we can remove the complicated page table manipulating code. Signed-off-by: Dun Tan Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Reviewed-by: Ray Ni --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 3 ++- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 28 +++++++++++++----= ----------- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf | 1 + UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 409 +++++++++++++++++= +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++= ++++++++-------------------------------------------------------------------= ---------------------------------------------------------------------------= ---------------------------------------------------------------------------= ---------------------------------------------------------------------------= ----------------- UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 7 ++++++- 5 files changed, 122 insertions(+), 326 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c b/UefiCpuPkg/PiSmmCpu= DxeSmm/Ia32/PageTbl.c index 34bf6e1a25..9c8107080a 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c @@ -1,7 +1,7 @@ /** @file Page table manipulation functions for IA-32 processors =20 -Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2009 - 2023, Intel Corporation. All rights reserved.
Copyright (c) 2017, AMD Incorporated. All rights reserved.
=20 SPDX-License-Identifier: BSD-2-Clause-Patent @@ -31,6 +31,7 @@ SmmInitPageTable ( InitializeSpinLock (mPFLock); =20 mPhysicalAddressBits =3D 32; + mPagingMode =3D PagingPae; =20 if (FeaturePcdGet (PcdCpuSmmProfileEnable) || HEAP_GUARD_NONSTOP_MODE || diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index a5c2bdd971..ba341cadc6 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -50,6 +50,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 #include #include @@ -260,6 +261,7 @@ extern UINTN mNumberOfCpus; extern EFI_SMM_CPU_PROTOCOL mSmmCpu; extern EFI_MM_MP_PROTOCOL mSmmMp; extern BOOLEAN m5LevelPagingNeeded; +extern PAGING_MODE mPagingMode; =20 /// /// The mode of the CPU at the time an SMI occurs @@ -1008,11 +1010,10 @@ SetPageTableAttributes ( Length from their current attributes to the attributes specified by Attr= ibutes. =20 @param[in] PageTableBase The page table base. - @param[in] EnablePML5Paging If PML5 paging is enabled. + @param[in] PagingMode The paging mode. @param[in] BaseAddress The physical address that is the start add= ress of a memory region. @param[in] Length The size in bytes of the memory region. @param[in] Attributes The bit mask of attributes to set for the = memory region. - @param[out] IsSplitted TRUE means page table splitted. FALSE mean= s page table not splitted. =20 @retval EFI_SUCCESS The attributes were set for the memory reg= ion. @retval EFI_ACCESS_DENIED The attributes for the memory resource ran= ge specified by @@ -1030,12 +1031,11 @@ SetPageTableAttributes ( **/ EFI_STATUS SmmSetMemoryAttributesEx ( - IN UINTN PageTableBase, - IN BOOLEAN EnablePML5Paging, - IN EFI_PHYSICAL_ADDRESS BaseAddress, - IN UINT64 Length, - IN UINT64 Attributes, - OUT BOOLEAN *IsSplitted OPTIONAL + IN UINTN PageTableBase, + IN PAGING_MODE PagingMode, + IN PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 Attributes ); =20 /** @@ -1043,34 +1043,32 @@ SmmSetMemoryAttributesEx ( Length from their current attributes to the attributes specified by Attr= ibutes. =20 @param[in] PageTableBase The page table base. - @param[in] EnablePML5Paging If PML5 paging is enabled. + @param[in] PagingMode The paging mode. @param[in] BaseAddress The physical address that is the start add= ress of a memory region. @param[in] Length The size in bytes of the memory region. @param[in] Attributes The bit mask of attributes to clear for th= e memory region. - @param[out] IsSplitted TRUE means page table splitted. FALSE mean= s page table not splitted. =20 @retval EFI_SUCCESS The attributes were cleared for the memory= region. @retval EFI_ACCESS_DENIED The attributes for the memory resource ran= ge specified by BaseAddress and Length cannot be modified. @retval EFI_INVALID_PARAMETER Length is zero. Attributes specified an illegal combinatio= n of attributes that - cannot be set together. + cannot be cleared together. @retval EFI_OUT_OF_RESOURCES There are not enough system resources to m= odify the attributes of the memory resource range. @retval EFI_UNSUPPORTED The processor does not support one or more= bytes of the memory resource range specified by BaseAddress an= d Length. - The bit mask of attributes is not support = for the memory resource + The bit mask of attributes is not supporte= d for the memory resource range specified by BaseAddress and Length. =20 **/ EFI_STATUS SmmClearMemoryAttributesEx ( IN UINTN PageTableBase, - IN BOOLEAN EnablePML5Paging, + IN PAGING_MODE PagingMode, IN EFI_PHYSICAL_ADDRESS BaseAddress, IN UINT64 Length, - IN UINT64 Attributes, - OUT BOOLEAN *IsSplitted OPTIONAL + IN UINT64 Attributes ); =20 /** diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf b/UefiCpuPkg/PiSm= mCpuDxeSmm/PiSmmCpuDxeSmm.inf index 158e05e264..38d4e950a4 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf @@ -97,6 +97,7 @@ ReportStatusCodeLib SmmCpuFeaturesLib PeCoffGetEntryPointLib + CpuPageTableLib =20 [Protocols] gEfiSmmAccess2ProtocolGuid ## CONSUMES diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c b/UefiCpuPk= g/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c index 834a756061..12723e5750 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c @@ -1,6 +1,6 @@ /** @file =20 -Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2016 - 2023, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -26,14 +26,9 @@ UINTN mGcdMemNumberOfDesc =3D= 0; =20 EFI_MEMORY_ATTRIBUTES_TABLE *mUefiMemoryAttributesTable =3D NULL; =20 -PAGE_ATTRIBUTE_TABLE mPageAttributeTable[] =3D { - { Page4K, SIZE_4KB, PAGING_4K_ADDRESS_MASK_64 }, - { Page2M, SIZE_2MB, PAGING_2M_ADDRESS_MASK_64 }, - { Page1G, SIZE_1GB, PAGING_1G_ADDRESS_MASK_64 }, -}; - -BOOLEAN mIsShadowStack =3D FALSE; -BOOLEAN m5LevelPagingNeeded =3D FALSE; +BOOLEAN mIsShadowStack =3D FALSE; +BOOLEAN m5LevelPagingNeeded =3D FALSE; +PAGING_MODE mPagingMode =3D PagingModeMax; =20 // // Global variable to keep track current available memory used as page tab= le. @@ -185,52 +180,6 @@ AllocatePageTableMemory ( return Buffer; } =20 -/** - Return length according to page attributes. - - @param[in] PageAttributes The page attribute of the page entry. - - @return The length of page entry. -**/ -UINTN -PageAttributeToLength ( - IN PAGE_ATTRIBUTE PageAttribute - ) -{ - UINTN Index; - - for (Index =3D 0; Index < sizeof (mPageAttributeTable)/sizeof (mPageAttr= ibuteTable[0]); Index++) { - if (PageAttribute =3D=3D mPageAttributeTable[Index].Attribute) { - return (UINTN)mPageAttributeTable[Index].Length; - } - } - - return 0; -} - -/** - Return address mask according to page attributes. - - @param[in] PageAttributes The page attribute of the page entry. - - @return The address mask of page entry. -**/ -UINTN -PageAttributeToMask ( - IN PAGE_ATTRIBUTE PageAttribute - ) -{ - UINTN Index; - - for (Index =3D 0; Index < sizeof (mPageAttributeTable)/sizeof (mPageAttr= ibuteTable[0]); Index++) { - if (PageAttribute =3D=3D mPageAttributeTable[Index].Attribute) { - return (UINTN)mPageAttributeTable[Index].AddressMask; - } - } - - return 0; -} - /** Return page table entry to match the address. =20 @@ -353,181 +302,6 @@ GetAttributesFromPageEntry ( return Attributes; } =20 -/** - Modify memory attributes of page entry. - - @param[in] PageEntry The page entry. - @param[in] Attributes The bit mask of attributes to modify for t= he memory region. - @param[in] IsSet TRUE means to set attributes. FALSE means = to clear attributes. - @param[out] IsModified TRUE means page table modified. FALSE mean= s page table not modified. -**/ -VOID -ConvertPageEntryAttribute ( - IN UINT64 *PageEntry, - IN UINT64 Attributes, - IN BOOLEAN IsSet, - OUT BOOLEAN *IsModified - ) -{ - UINT64 CurrentPageEntry; - UINT64 NewPageEntry; - - CurrentPageEntry =3D *PageEntry; - NewPageEntry =3D CurrentPageEntry; - if ((Attributes & EFI_MEMORY_RP) !=3D 0) { - if (IsSet) { - NewPageEntry &=3D ~(UINT64)IA32_PG_P; - } else { - NewPageEntry |=3D IA32_PG_P; - } - } - - if ((Attributes & EFI_MEMORY_RO) !=3D 0) { - if (IsSet) { - NewPageEntry &=3D ~(UINT64)IA32_PG_RW; - if (mIsShadowStack) { - // Environment setup - // ReadOnly page need set Dirty bit for shadow stack - NewPageEntry |=3D IA32_PG_D; - // Clear user bit for supervisor shadow stack - NewPageEntry &=3D ~(UINT64)IA32_PG_U; - } else { - // Runtime update - // Clear dirty bit for non shadow stack, to protect RO page. - NewPageEntry &=3D ~(UINT64)IA32_PG_D; - } - } else { - NewPageEntry |=3D IA32_PG_RW; - } - } - - if ((Attributes & EFI_MEMORY_XP) !=3D 0) { - if (mXdSupported) { - if (IsSet) { - NewPageEntry |=3D IA32_PG_NX; - } else { - NewPageEntry &=3D ~IA32_PG_NX; - } - } - } - - *PageEntry =3D NewPageEntry; - if (CurrentPageEntry !=3D NewPageEntry) { - *IsModified =3D TRUE; - DEBUG ((DEBUG_VERBOSE, "ConvertPageEntryAttribute 0x%lx", CurrentPageE= ntry)); - DEBUG ((DEBUG_VERBOSE, "->0x%lx\n", NewPageEntry)); - } else { - *IsModified =3D FALSE; - } -} - -/** - This function returns if there is need to split page entry. - - @param[in] BaseAddress The base address to be checked. - @param[in] Length The length to be checked. - @param[in] PageEntry The page entry to be checked. - @param[in] PageAttribute The page attribute of the page entry. - - @retval SplitAttributes on if there is need to split page entry. -**/ -PAGE_ATTRIBUTE -NeedSplitPage ( - IN PHYSICAL_ADDRESS BaseAddress, - IN UINT64 Length, - IN UINT64 *PageEntry, - IN PAGE_ATTRIBUTE PageAttribute - ) -{ - UINT64 PageEntryLength; - - PageEntryLength =3D PageAttributeToLength (PageAttribute); - - if (((BaseAddress & (PageEntryLength - 1)) =3D=3D 0) && (Length >=3D Pag= eEntryLength)) { - return PageNone; - } - - if (((BaseAddress & PAGING_2M_MASK) !=3D 0) || (Length < SIZE_2MB)) { - return Page4K; - } - - return Page2M; -} - -/** - This function splits one page entry to small page entries. - - @param[in] PageEntry The page entry to be splitted. - @param[in] PageAttribute The page attribute of the page entry. - @param[in] SplitAttribute How to split the page entry. - - @retval RETURN_SUCCESS The page entry is splitted. - @retval RETURN_UNSUPPORTED The page entry does not support to be = splitted. - @retval RETURN_OUT_OF_RESOURCES No resource to split page entry. -**/ -RETURN_STATUS -SplitPage ( - IN UINT64 *PageEntry, - IN PAGE_ATTRIBUTE PageAttribute, - IN PAGE_ATTRIBUTE SplitAttribute - ) -{ - UINT64 BaseAddress; - UINT64 *NewPageEntry; - UINTN Index; - - ASSERT (PageAttribute =3D=3D Page2M || PageAttribute =3D=3D Page1G); - - if (PageAttribute =3D=3D Page2M) { - // - // Split 2M to 4K - // - ASSERT (SplitAttribute =3D=3D Page4K); - if (SplitAttribute =3D=3D Page4K) { - NewPageEntry =3D AllocatePageTableMemory (1); - DEBUG ((DEBUG_VERBOSE, "Split - 0x%x\n", NewPageEntry)); - if (NewPageEntry =3D=3D NULL) { - return RETURN_OUT_OF_RESOURCES; - } - - BaseAddress =3D *PageEntry & PAGING_2M_ADDRESS_MASK_64; - for (Index =3D 0; Index < SIZE_4KB / sizeof (UINT64); Index++) { - NewPageEntry[Index] =3D (BaseAddress + SIZE_4KB * Index) | mAddres= sEncMask | ((*PageEntry) & PAGE_PROGATE_BITS); - } - - (*PageEntry) =3D (UINT64)(UINTN)NewPageEntry | mAddressEncMask | PAG= E_ATTRIBUTE_BITS; - return RETURN_SUCCESS; - } else { - return RETURN_UNSUPPORTED; - } - } else if (PageAttribute =3D=3D Page1G) { - // - // Split 1G to 2M - // No need support 1G->4K directly, we should use 1G->2M, then 2M->4K = to get more compact page table. - // - ASSERT (SplitAttribute =3D=3D Page2M || SplitAttribute =3D=3D Page4K); - if (((SplitAttribute =3D=3D Page2M) || (SplitAttribute =3D=3D Page4K))= ) { - NewPageEntry =3D AllocatePageTableMemory (1); - DEBUG ((DEBUG_VERBOSE, "Split - 0x%x\n", NewPageEntry)); - if (NewPageEntry =3D=3D NULL) { - return RETURN_OUT_OF_RESOURCES; - } - - BaseAddress =3D *PageEntry & PAGING_1G_ADDRESS_MASK_64; - for (Index =3D 0; Index < SIZE_4KB / sizeof (UINT64); Index++) { - NewPageEntry[Index] =3D (BaseAddress + SIZE_2MB * Index) | mAddres= sEncMask | IA32_PG_PS | ((*PageEntry) & PAGE_PROGATE_BITS); - } - - (*PageEntry) =3D (UINT64)(UINTN)NewPageEntry | mAddressEncMask | PAG= E_ATTRIBUTE_BITS; - return RETURN_SUCCESS; - } else { - return RETURN_UNSUPPORTED; - } - } else { - return RETURN_UNSUPPORTED; - } -} - /** This function modifies the page attributes for the memory region specifi= ed by BaseAddress and Length from their current attributes to the attributes specified by Attr= ibutes. @@ -535,12 +309,11 @@ SplitPage ( Caller should make sure BaseAddress and Length is at page boundary. =20 @param[in] PageTableBase The page table base. - @param[in] EnablePML5Paging If PML5 paging is enabled. + @param[in] PagingMode The paging mode. @param[in] BaseAddress The physical address that is the start add= ress of a memory region. @param[in] Length The size in bytes of the memory region. @param[in] Attributes The bit mask of attributes to modify for t= he memory region. @param[in] IsSet TRUE means to set attributes. FALSE means = to clear attributes. - @param[out] IsSplitted TRUE means page table splitted. FALSE mean= s page table not splitted. @param[out] IsModified TRUE means page table modified. FALSE mean= s page table not modified. =20 @retval RETURN_SUCCESS The attributes were modified for the me= mory region. @@ -559,28 +332,30 @@ SplitPage ( RETURN_STATUS ConvertMemoryPageAttributes ( IN UINTN PageTableBase, - IN BOOLEAN EnablePML5Paging, + IN PAGING_MODE PagingMode, IN PHYSICAL_ADDRESS BaseAddress, IN UINT64 Length, IN UINT64 Attributes, IN BOOLEAN IsSet, - OUT BOOLEAN *IsSplitted OPTIONAL, OUT BOOLEAN *IsModified OPTIONAL ) { - UINT64 *PageEntry; - PAGE_ATTRIBUTE PageAttribute; - UINTN PageEntryLength; - PAGE_ATTRIBUTE SplitAttribute; RETURN_STATUS Status; - BOOLEAN IsEntryModified; + IA32_MAP_ATTRIBUTE PagingAttribute; + IA32_MAP_ATTRIBUTE PagingAttrMask; + UINTN PageTableBufferSize; + VOID *PageTableBuffer; EFI_PHYSICAL_ADDRESS MaximumSupportMemAddress; + IA32_MAP_ENTRY *Map; + UINTN Count; + UINTN Index; =20 ASSERT (Attributes !=3D 0); ASSERT ((Attributes & ~EFI_MEMORY_ATTRIBUTE_MASK) =3D=3D 0); =20 ASSERT ((BaseAddress & (SIZE_4KB - 1)) =3D=3D 0); ASSERT ((Length & (SIZE_4KB - 1)) =3D=3D 0); + ASSERT (PageTableBase !=3D 0); =20 if (Length =3D=3D 0) { return RETURN_INVALID_PARAMETER; @@ -599,61 +374,89 @@ ConvertMemoryPageAttributes ( return RETURN_UNSUPPORTED; } =20 - // DEBUG ((DEBUG_ERROR, "ConvertMemoryPageAttributes(%x) - %016lx, %016= lx, %02lx\n", IsSet, BaseAddress, Length, Attributes)); - - if (IsSplitted !=3D NULL) { - *IsSplitted =3D FALSE; - } - if (IsModified !=3D NULL) { *IsModified =3D FALSE; } =20 - // - // Below logic is to check 2M/4K page to make sure we do not waste memor= y. - // - while (Length !=3D 0) { - PageEntry =3D GetPageTableEntry (PageTableBase, EnablePML5Paging, Base= Address, &PageAttribute); - if (PageEntry =3D=3D NULL) { - return RETURN_UNSUPPORTED; - } + PagingAttribute.Uint64 =3D 0; + PagingAttribute.Uint64 =3D mAddressEncMask | BaseAddress; + PagingAttrMask.Uint64 =3D 0; =20 - PageEntryLength =3D PageAttributeToLength (PageAttribute); - SplitAttribute =3D NeedSplitPage (BaseAddress, Length, PageEntry, Pag= eAttribute); - if (SplitAttribute =3D=3D PageNone) { - ConvertPageEntryAttribute (PageEntry, Attributes, IsSet, &IsEntryMod= ified); - if (IsEntryModified) { - if (IsModified !=3D NULL) { - *IsModified =3D TRUE; - } + if ((Attributes & EFI_MEMORY_RO) !=3D 0) { + PagingAttrMask.Bits.ReadWrite =3D 1; + if (IsSet) { + PagingAttribute.Bits.ReadWrite =3D 0; + PagingAttrMask.Bits.Dirty =3D 1; + if (mIsShadowStack) { + // Environment setup + // ReadOnly page need set Dirty bit for shadow stack + PagingAttribute.Bits.Dirty =3D 1; + // Clear user bit for supervisor shadow stack + PagingAttribute.Bits.UserSupervisor =3D 0; + PagingAttrMask.Bits.UserSupervisor =3D 1; + } else { + // Runtime update + // Clear dirty bit for non shadow stack, to protect RO page. + PagingAttribute.Bits.Dirty =3D 0; } + } else { + PagingAttribute.Bits.ReadWrite =3D 1; + } + } =20 + if ((Attributes & EFI_MEMORY_XP) !=3D 0) { + if (mXdSupported) { + PagingAttribute.Bits.Nx =3D IsSet ? 1 : 0; + PagingAttrMask.Bits.Nx =3D 1; + } + } + + if ((Attributes & EFI_MEMORY_RP) !=3D 0) { + if (IsSet) { + PagingAttribute.Bits.Present =3D 0; // - // Convert success, move to next + // When map a range to non-present, all attributes except Present sh= ould not be provided. // - BaseAddress +=3D PageEntryLength; - Length -=3D PageEntryLength; + PagingAttrMask.Uint64 =3D 0; + PagingAttrMask.Bits.Present =3D 1; } else { - Status =3D SplitPage (PageEntry, PageAttribute, SplitAttribute); - if (RETURN_ERROR (Status)) { - return RETURN_UNSUPPORTED; - } - - if (IsSplitted !=3D NULL) { - *IsSplitted =3D TRUE; - } - - if (IsModified !=3D NULL) { - *IsModified =3D TRUE; - } + // + // When map range to present range, provide all attributes. + // + PagingAttribute.Bits.Present =3D 1; + PagingAttrMask.Uint64 =3D MAX_UINT64; =20 // - // Just split current page - // Convert success in next around + // By default memory is Ring 3 accessble. // + PagingAttribute.Bits.UserSupervisor =3D 1; } } =20 + if (PagingAttrMask.Uint64 =3D=3D 0) { + return RETURN_SUCCESS; + } + + PageTableBufferSize =3D 0; + Status =3D PageTableMap (&PageTableBase, PagingMode, NULL, = &PageTableBufferSize, BaseAddress, Length, &PagingAttribute, &PagingAttrMas= k, IsModified); + + if (Status =3D=3D RETURN_BUFFER_TOO_SMALL) { + PageTableBuffer =3D AllocatePageTableMemory (EFI_SIZE_TO_PAGES (PageTa= bleBufferSize)); + ASSERT (PageTableBuffer !=3D NULL); + Status =3D PageTableMap (&PageTableBase, PagingMode, PageTableBuffer, = &PageTableBufferSize, BaseAddress, Length, &PagingAttribute, &PagingAttrMas= k, IsModified); + } + + if (Status =3D=3D RETURN_INVALID_PARAMETER) { + // + // The only reason that PageTableMap returns RETURN_INVALID_PARAMETER = here is to modify other attributes + // of a non-present range but remains the non-present range still as n= on-present. + // + DEBUG ((DEBUG_ERROR, "SMM ConvertMemoryPageAttributes: Only change EFI= _MEMORY_XP/EFI_MEMORY_RO for non-present range in [0x%lx, 0x%lx] is not per= mitted\n", BaseAddress, BaseAddress + Length)); + } + + ASSERT_RETURN_ERROR (Status); + ASSERT (PageTableBufferSize =3D=3D 0); + return RETURN_SUCCESS; } =20 @@ -697,11 +500,10 @@ FlushTlbForAll ( Length from their current attributes to the attributes specified by Attr= ibutes. =20 @param[in] PageTableBase The page table base. - @param[in] EnablePML5Paging If PML5 paging is enabled. + @param[in] PagingMode The paging mode. @param[in] BaseAddress The physical address that is the start add= ress of a memory region. @param[in] Length The size in bytes of the memory region. @param[in] Attributes The bit mask of attributes to set for the = memory region. - @param[out] IsSplitted TRUE means page table splitted. FALSE mean= s page table not splitted. =20 @retval EFI_SUCCESS The attributes were set for the memory reg= ion. @retval EFI_ACCESS_DENIED The attributes for the memory resource ran= ge specified by @@ -720,17 +522,16 @@ FlushTlbForAll ( EFI_STATUS SmmSetMemoryAttributesEx ( IN UINTN PageTableBase, - IN BOOLEAN EnablePML5Paging, + IN PAGING_MODE PagingMode, IN EFI_PHYSICAL_ADDRESS BaseAddress, IN UINT64 Length, - IN UINT64 Attributes, - OUT BOOLEAN *IsSplitted OPTIONAL + IN UINT64 Attributes ) { EFI_STATUS Status; BOOLEAN IsModified; =20 - Status =3D ConvertMemoryPageAttributes (PageTableBase, EnablePML5Paging,= BaseAddress, Length, Attributes, TRUE, IsSplitted, &IsModified); + Status =3D ConvertMemoryPageAttributes (PageTableBase, PagingMode, BaseA= ddress, Length, Attributes, TRUE, &IsModified); if (!EFI_ERROR (Status)) { if (IsModified) { // @@ -748,11 +549,10 @@ SmmSetMemoryAttributesEx ( Length from their current attributes to the attributes specified by Attr= ibutes. =20 @param[in] PageTableBase The page table base. - @param[in] EnablePML5Paging If PML5 paging is enabled. + @param[in] PagingMode The paging mode. @param[in] BaseAddress The physical address that is the start add= ress of a memory region. @param[in] Length The size in bytes of the memory region. @param[in] Attributes The bit mask of attributes to clear for th= e memory region. - @param[out] IsSplitted TRUE means page table splitted. FALSE mean= s page table not splitted. =20 @retval EFI_SUCCESS The attributes were cleared for the memory= region. @retval EFI_ACCESS_DENIED The attributes for the memory resource ran= ge specified by @@ -771,17 +571,16 @@ SmmSetMemoryAttributesEx ( EFI_STATUS SmmClearMemoryAttributesEx ( IN UINTN PageTableBase, - IN BOOLEAN EnablePML5Paging, + IN PAGING_MODE PagingMode, IN EFI_PHYSICAL_ADDRESS BaseAddress, IN UINT64 Length, - IN UINT64 Attributes, - OUT BOOLEAN *IsSplitted OPTIONAL + IN UINT64 Attributes ) { EFI_STATUS Status; BOOLEAN IsModified; =20 - Status =3D ConvertMemoryPageAttributes (PageTableBase, EnablePML5Paging,= BaseAddress, Length, Attributes, FALSE, IsSplitted, &IsModified); + Status =3D ConvertMemoryPageAttributes (PageTableBase, PagingMode, BaseA= ddress, Length, Attributes, FALSE, &IsModified); if (!EFI_ERROR (Status)) { if (IsModified) { // @@ -823,14 +622,10 @@ SmmSetMemoryAttributes ( IN UINT64 Attributes ) { - IA32_CR4 Cr4; - UINTN PageTableBase; - BOOLEAN Enable5LevelPaging; - - PageTableBase =3D AsmReadCr3 () & PAGING_4K_ADDRESS_MASK_64; - Cr4.UintN =3D AsmReadCr4 (); - Enable5LevelPaging =3D (BOOLEAN)(Cr4.Bits.LA57 =3D=3D 1); - return SmmSetMemoryAttributesEx (PageTableBase, Enable5LevelPaging, Base= Address, Length, Attributes, NULL); + UINTN PageTableBase; + + PageTableBase =3D AsmReadCr3 () & PAGING_4K_ADDRESS_MASK_64; + return SmmSetMemoryAttributesEx (PageTableBase, mPagingMode, BaseAddress= , Length, Attributes); } =20 /** @@ -862,14 +657,10 @@ SmmClearMemoryAttributes ( IN UINT64 Attributes ) { - IA32_CR4 Cr4; - UINTN PageTableBase; - BOOLEAN Enable5LevelPaging; - - PageTableBase =3D AsmReadCr3 () & PAGING_4K_ADDRESS_MASK_64; - Cr4.UintN =3D AsmReadCr4 (); - Enable5LevelPaging =3D (BOOLEAN)(Cr4.Bits.LA57 =3D=3D 1); - return SmmClearMemoryAttributesEx (PageTableBase, Enable5LevelPaging, Ba= seAddress, Length, Attributes, NULL); + UINTN PageTableBase; + + PageTableBase =3D AsmReadCr3 () & PAGING_4K_ADDRESS_MASK_64; + return SmmClearMemoryAttributesEx (PageTableBase, mPagingMode, BaseAddre= ss, Length, Attributes); } =20 /** @@ -891,7 +682,7 @@ SetShadowStack ( EFI_STATUS Status; =20 mIsShadowStack =3D TRUE; - Status =3D SmmSetMemoryAttributesEx (Cr3, m5LevelPagingNeeded, B= aseAddress, Length, EFI_MEMORY_RO, NULL); + Status =3D SmmSetMemoryAttributesEx (Cr3, mPagingMode, BaseAddre= ss, Length, EFI_MEMORY_RO); mIsShadowStack =3D FALSE; =20 return Status; @@ -915,7 +706,7 @@ SetNotPresentPage ( { EFI_STATUS Status; =20 - Status =3D SmmSetMemoryAttributesEx (Cr3, m5LevelPagingNeeded, BaseAddre= ss, Length, EFI_MEMORY_RP, NULL); + Status =3D SmmSetMemoryAttributesEx (Cr3, mPagingMode, BaseAddress, Leng= th, EFI_MEMORY_RP); return Status; } =20 @@ -1799,7 +1590,7 @@ EnablePageTableProtection ( // // Set entire pool including header, used-memory and left free-memory = as ReadOnly in SMM page table. // - ConvertMemoryPageAttributes (PageTableBase, m5LevelPagingNeeded, Addre= ss, PoolSize, EFI_MEMORY_RO, TRUE, NULL, NULL); + ConvertMemoryPageAttributes (PageTableBase, mPagingMode, Address, Pool= Size, EFI_MEMORY_RO, TRUE, NULL); Pool =3D Pool->NextPool; } while (Pool !=3D HeadPool); } diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c b/UefiCpuPkg/PiSmmCpuD= xeSmm/X64/PageTbl.c index 3deb1ffd67..0bed857cae 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c @@ -1,7 +1,7 @@ /** @file Page Fault (#PF) handler for X64 processors =20 -Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.
+Copyright (c) 2009 - 2023, Intel Corporation. All rights reserved.
Copyright (c) 2017, AMD Incorporated. All rights reserved.
=20 SPDX-License-Identifier: BSD-2-Clause-Patent @@ -354,6 +354,11 @@ SmmInitPageTable ( m5LevelPagingNeeded =3D Is5LevelPagingNeeded (); mPhysicalAddressBits =3D CalculateMaximumSupportAddress (); PatchInstructionX86 (gPatch5LevelPagingNeeded, m5LevelPagingNeeded, 1); + if (m5LevelPagingNeeded) { + mPagingMode =3D m1GPageTableSupport ? Paging5Level1GB : Paging5Level; + } else { + mPagingMode =3D m1GPageTableSupport ? Paging4Level1GB : Paging4Level; + } DEBUG ((DEBUG_INFO, "5LevelPaging Needed - %d\n", m5LevelPag= ingNeeded)); DEBUG ((DEBUG_INFO, "1GPageTable Support - %d\n", m1GPageTab= leSupport)); DEBUG ((DEBUG_INFO, "PcdCpuSmmRestrictedMemoryAccess - %d\n", mCpuSmmRes= trictedMemoryAccess)); --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105896): https://edk2.groups.io/g/devel/message/105896 Mute This Topic: https://groups.io/mt/99399227/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105897+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105897+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191317; cv=none; d=zohomail.com; s=zohoarc; b=KvnqEj7JnnAEqcRJWRwReJFrqmxt5//r2KHQbXwLfC86ArnpRPxlm2UyeKuOY1A8hlCYZwJh3Iq3RIaKsf0qlLSa1NoQLojIjkPGcOrFAQDO6nz5OTGV6jge7/003FmgYKpn2+5Eb7tNKKLX2K36TuQJU5Dfxiy11p9PbO7Rukc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191317; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=P6x6KMZKjUq/Q0VI6dc4DIfWJM4914AzQ5NOhBOB0WQ=; b=NJrzR1sfAEpNAN5NPyBJfOjdh6nfRDsM6mPbp6NZXXDmKlJpmMpIMKB50LwmaInmPCxEDjObxZGYwfAuWIdDfOugcl1fbgOxEEDWIJY4onLbGbyIJqnJyCeZdB4PDebmz6edyx2zkjiycwrbcyYm70mg7Z6yVp6dpNYiFsBO15Q= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105897+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1686191317575351.9800348619849; Wed, 7 Jun 2023 19:28:37 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id j5pzYY1788612xuWtB75aXtg; Wed, 07 Jun 2023 19:28:37 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.379.1686191316401101708 for ; Wed, 07 Jun 2023 19:28:36 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184226" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184226" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:36 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877744" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877744" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:34 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V5 04/14] UefiCpuPkg: Add DEBUG_CODE for special case when clear RP Date: Thu, 8 Jun 2023 10:27:32 +0800 Message-Id: <20230608022742.1292-5-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: 59FAD6l0EKJoa5Bwn7ZClGTcx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191317; bh=6mP817voWOrHlcD81yE301AZFTeZEjj3iedMjI8m/Zc=; h=Cc:Date:From:Reply-To:Subject:To; b=XqLFBEP7GAbbWMa4UwI/ckakaOQ8aoS08P148D1lkViZf63CFO61As9/D0ISi/0vons WFZtqvsGu5zndn7qdWQW0Qa8ZhdFhVGDUBbiU4UJtjvxzSjplPi/I0dDlRqcXbd7s26Co tLeYooHA5N84SGuPNj1d7WGEfxgfYHL8ShE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191318384100003 Content-Type: text/plain; charset="utf-8" In ConvertMemoryPageAttributes() function, when clear RP for a specific range [BaseAddress, BaseAddress + Length], it means to set the present bit to 1 and assign default value for other attributes in page table. The default attributes for the input specific range are NX disabled and ReadOnly. If there is existing present range in [BaseAddress, BaseAddress + Length] and the attributes are not NX disabled or not ReadOnly, then output the DEBUG message to indicate that the NX and ReadOnly attributes of the existing present range are modified in the function. Signed-off-by: Dun Tan Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Reviewed-by: Ray Ni --- UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 48 ++++++++++++++++++= ++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c b/UefiCpuPk= g/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c index 12723e5750..862b3e9720 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c @@ -349,6 +349,8 @@ ConvertMemoryPageAttributes ( IA32_MAP_ENTRY *Map; UINTN Count; UINTN Index; + UINT64 OverlappedRangeBase; + UINT64 OverlappedRangeLimit; =20 ASSERT (Attributes !=3D 0); ASSERT ((Attributes & ~EFI_MEMORY_ATTRIBUTE_MASK) =3D=3D 0); @@ -430,6 +432,52 @@ ConvertMemoryPageAttributes ( // By default memory is Ring 3 accessble. // PagingAttribute.Bits.UserSupervisor =3D 1; + + DEBUG_CODE_BEGIN (); + if (((Attributes & EFI_MEMORY_RO) =3D=3D 0) || (((Attributes & EFI_M= EMORY_XP) =3D=3D 0) && (mXdSupported))) { + // + // When mapping a range to present and EFI_MEMORY_RO or EFI_MEMORY= _XP is not specificed, + // check if [BaseAddress, BaseAddress + Length] contains present r= ange. + // Existing Present range in [BaseAddress, BaseAddress + Length] i= s set to NX disable or ReadOnly. + // + Count =3D 0; + Map =3D NULL; + Status =3D PageTableParse (PageTableBase, mPagingMode, NULL, &Coun= t); + + while (Status =3D=3D RETURN_BUFFER_TOO_SMALL) { + if (Map !=3D NULL) { + FreePool (Map); + } + + Map =3D AllocatePool (Count * sizeof (IA32_MAP_ENTRY)); + ASSERT (Map !=3D NULL); + Status =3D PageTableParse (PageTableBase, mPagingMode, Map, &Cou= nt); + } + + ASSERT_RETURN_ERROR (Status); + for (Index =3D 0; Index < Count; Index++) { + if (Map[Index].LinearAddress >=3D BaseAddress + Length) { + break; + } + + if ((BaseAddress < Map[Index].LinearAddress + Map[Index].Length)= && (BaseAddress + Length > Map[Index].LinearAddress)) { + OverlappedRangeBase =3D MAX (BaseAddress, Map[Index].LinearAd= dress); + OverlappedRangeLimit =3D MIN (BaseAddress + Length, Map[Index]= .LinearAddress + Map[Index].Length); + + if (((Attributes & EFI_MEMORY_RO) =3D=3D 0) && (Map[Index].Att= ribute.Bits.ReadWrite =3D=3D 1)) { + DEBUG ((DEBUG_ERROR, "SMM ConvertMemoryPageAttributes: [0x%l= x, 0x%lx] is set from ReadWrite to ReadOnly\n", OverlappedRangeBase, Overla= ppedRangeLimit)); + } + + if (((Attributes & EFI_MEMORY_XP) =3D=3D 0) && (mXdSupported) = && (Map[Index].Attribute.Bits.Nx =3D=3D 1)) { + DEBUG ((DEBUG_ERROR, "SMM ConvertMemoryPageAttributes: [0x%l= x, 0x%lx] is set from NX enabled to NX disabled\n", OverlappedRangeBase, Ov= erlappedRangeLimit)); + } + } + } + + FreePool (Map); + } + + DEBUG_CODE_END (); } } =20 --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105897): https://edk2.groups.io/g/devel/message/105897 Mute This Topic: https://groups.io/mt/99399228/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105898+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105898+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191319; cv=none; d=zohomail.com; s=zohoarc; b=AtIYrplSAOtmvdyw0hTTOC4Hv4DpUbH5afnWux5+kc5XIvThjQCPDMXpK1BY9pAvX9M/K4h9FFPWRFKlH6qvX5oCmsjUJFUfwMJGzWgQH3bVOJ5wKqlADND+2frSds3h4Jf9SIgw2nzJuAYhCsZbwKK5GKGd4Mvm+NBRm0QSWV8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191319; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=7/UOuHIz1f2Zw2lLfl7dbEot3FDjLkbXPdZoZTojLyU=; b=S2qjjvDVi9mzNOPT22hPUorWcC0P9x3XgcX7gqtkPmOQIk6RSmcRrI69hn8chL25tGoXj+9/ZMj+ttvqUe/VaaDH7BGs2C3j0mNXe1+yR42OEPhHWmGXZWfXmM1Ns9CskkHg4MgW7cYQZIbdfNR4KpNIFQj3j8OjjE3wTabku9c= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105898+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 168619131967024.1788541712026; Wed, 7 Jun 2023 19:28:39 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id fNL1YY1788612xloO022Gk64; Wed, 07 Jun 2023 19:28:39 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.379.1686191316401101708 for ; Wed, 07 Jun 2023 19:28:38 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184249" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184249" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:38 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877758" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877758" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:37 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V5 05/14] UefiCpuPkg/PiSmmCpuDxeSmm: Avoid setting non-present range to RO/NX Date: Thu, 8 Jun 2023 10:27:33 +0800 Message-Id: <20230608022742.1292-6-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: ygm6bNKXSUMdfGuA7ct9RKItx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191319; bh=65C5ntTHcrG5BykxLYKJwSK9bxHh+V3ZufZtC94wBco=; h=Cc:Date:From:Reply-To:Subject:To; b=Wa6rnjzsJpz8wgHi1BOQDzcG7B5bbzqkbLPzHdXCCnNNnqIlYkXdedkOEuNgmYmMOyg CovPVor9UpIlwpU6B+HfkFNMKjAn/zHXKjV6zxJWYeKREQ9i9z9bknnn3fnDglQnJ5qJv w8z9fzSf6nv7CZZm7EZXr0z4iNVwMwBEo44= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191320844100001 Content-Type: text/plain; charset="utf-8" In PiSmmCpuDxeSmm code, SetMemMapAttributes() marks memory ranges in SmmMemoryAttributesTable to RO/NX. There may exist non-present range in these memory ranges. Set other attributes for a non-present range is not permitted in CpuPageTableMapLib. So add code to handle this case. Only map the present ranges in SmmMemoryAttributesTable to RO or NX. Signed-off-by: Dun Tan Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Reviewed-by: Ray Ni --- UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 129 +++++++++++++++++= +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++= +++++++++++++++---------------------- 1 file changed, 107 insertions(+), 22 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c b/UefiCpuPk= g/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c index 862b3e9720..3c79927c7b 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c @@ -918,6 +918,70 @@ PatchGdtIdtMap ( ); } =20 +/** + This function set [Base, Limit] to the input MemoryAttribute. + + @param Base Start address of range. + @param Limit Limit address of range. + @param Attribute The bit mask of attributes to modify for the memory = region. + @param Map Pointer to the array of Cr3 IA32_MAP_ENTRY. + @param Count Count of IA32_MAP_ENTRY in Map. +**/ +VOID +SetMemMapWithNonPresentRange ( + UINT64 Base, + UINT64 Limit, + UINT64 Attribute, + IA32_MAP_ENTRY *Map, + UINTN Count + ) +{ + UINTN Index; + UINT64 NonPresentRangeStart; + + NonPresentRangeStart =3D 0; + for (Index =3D 0; Index < Count; Index++) { + if ((Map[Index].LinearAddress > NonPresentRangeStart) && + (Base < Map[Index].LinearAddress) && (Limit > NonPresentRangeStart= )) + { + // + // We should NOT set attributes for non-present ragne. + // + // + // There is a non-present ( [NonPresentStart, Map[Index].LinearAddre= ss] ) range before current Map[Index] + // and it is overlapped with [Base, Limit]. + // + if (Base < NonPresentRangeStart) { + SmmSetMemoryAttributes ( + Base, + NonPresentRangeStart - Base, + Attribute + ); + } + + Base =3D Map[Index].LinearAddress; + } + + NonPresentRangeStart =3D Map[Index].LinearAddress + Map[Index].Length; + if (NonPresentRangeStart >=3D Limit) { + break; + } + } + + Limit =3D MIN (NonPresentRangeStart, Limit); + + if (Base < Limit) { + // + // There is no non-present range in current [Base, Limit] anymore. + // + SmmSetMemoryAttributes ( + Base, + Limit - Base, + Attribute + ); + } +} + /** This function sets memory attribute according to MemoryAttributesTable. **/ @@ -932,6 +996,11 @@ SetMemMapAttributes ( UINTN DescriptorSize; UINTN Index; EDKII_PI_SMM_MEMORY_ATTRIBUTES_TABLE *MemoryAttributesTable; + UINTN PageTable; + EFI_STATUS Status; + IA32_MAP_ENTRY *Map; + UINTN Count; + UINT64 MemoryAttribute; =20 SmmGetSystemConfigurationTable (&gEdkiiPiSmmMemoryAttributesTableGuid, (= VOID **)&MemoryAttributesTable); if (MemoryAttributesTable =3D=3D NULL) { @@ -958,36 +1027,52 @@ SetMemMapAttributes ( MemoryMap =3D NEXT_MEMORY_DESCRIPTOR (MemoryMap, DescriptorSize); } =20 + Count =3D 0; + Map =3D NULL; + PageTable =3D AsmReadCr3 (); + Status =3D PageTableParse (PageTable, mPagingMode, NULL, &Count); + while (Status =3D=3D RETURN_BUFFER_TOO_SMALL) { + if (Map !=3D NULL) { + FreePool (Map); + } + + Map =3D AllocatePool (Count * sizeof (IA32_MAP_ENTRY)); + ASSERT (Map !=3D NULL); + Status =3D PageTableParse (PageTable, mPagingMode, Map, &Count); + } + + ASSERT_RETURN_ERROR (Status); + MemoryMap =3D MemoryMapStart; for (Index =3D 0; Index < MemoryMapEntryCount; Index++) { DEBUG ((DEBUG_VERBOSE, "SetAttribute: Memory Entry - 0x%lx, 0x%x\n", M= emoryMap->PhysicalStart, MemoryMap->NumberOfPages)); - switch (MemoryMap->Type) { - case EfiRuntimeServicesCode: - SmmSetMemoryAttributes ( - MemoryMap->PhysicalStart, - EFI_PAGES_TO_SIZE ((UINTN)MemoryMap->NumberOfPages), - EFI_MEMORY_RO - ); - break; - case EfiRuntimeServicesData: - SmmSetMemoryAttributes ( - MemoryMap->PhysicalStart, - EFI_PAGES_TO_SIZE ((UINTN)MemoryMap->NumberOfPages), - EFI_MEMORY_XP - ); - break; - default: - SmmSetMemoryAttributes ( - MemoryMap->PhysicalStart, - EFI_PAGES_TO_SIZE ((UINTN)MemoryMap->NumberOfPages), - EFI_MEMORY_XP - ); - break; + if (MemoryMap->Type =3D=3D EfiRuntimeServicesCode) { + MemoryAttribute =3D EFI_MEMORY_RO; + } else { + ASSERT ((MemoryMap->Type =3D=3D EfiRuntimeServicesData) || (MemoryMa= p->Type =3D=3D EfiConventionalMemory)); + // + // Set other type memory as NX. + // + MemoryAttribute =3D EFI_MEMORY_XP; } =20 + // + // There may exist non-present range overlaps with the MemoryMap range. + // Do not change other attributes of non-present range while still rem= aining it as non-present + // + SetMemMapWithNonPresentRange ( + MemoryMap->PhysicalStart, + MemoryMap->PhysicalStart + EFI_PAGES_TO_SIZE ((UINTN)MemoryMap->Numb= erOfPages), + MemoryAttribute, + Map, + Count + ); + MemoryMap =3D NEXT_MEMORY_DESCRIPTOR (MemoryMap, DescriptorSize); } =20 + FreePool (Map); + PatchSmmSaveStateMap (); PatchGdtIdtMap (); =20 --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105898): https://edk2.groups.io/g/devel/message/105898 Mute This Topic: https://groups.io/mt/99399229/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105899+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105899+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191321; cv=none; d=zohomail.com; s=zohoarc; b=jHK7BeGRA1b68fPW9iJESxxGFltxEFfLnbydCVT7a+08yM8LdPu9dV0Rq7crAvjWFJGH/5LNwWK2lNDVHdKB2iEuDFQrq47SHo5XDk6FqrXnHnQY1u6QuafpAOuAXMW3aoJfgv0TBfc+F2yWDKivOTnQywmfm/OD9bJ7PAkrudg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191321; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=r7zH1/eYQNsew5MMd/wY12p9hIuFHVPa/VuquqASFxI=; b=Oj3udjiAJ7bMJHPVqs8Zv4a2u5uE8GrZVdq9JL2i3w2wLbWWfqm1FVXXmIyzbABsR/sKIpDQVRtIQ+b+1PN3Qs3QrCeErvY7gDBmxi6RQ9oTC2lKG7DD0Vm9KLGJ3P85k82XmCyDaymzLxIskFm59wh1psk4VvXnsacc59Io/oo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105899+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1686191321916615.5932890942443; Wed, 7 Jun 2023 19:28:41 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id RcaYYY1788612xD5RCpIg9Dz; Wed, 07 Jun 2023 19:28:41 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.379.1686191316401101708 for ; Wed, 07 Jun 2023 19:28:41 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184266" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184266" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:40 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877780" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877780" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:39 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V5 06/14] UefiCpuPkg/PiSmmCpuDxeSmm: Add 2 function to disable/enable CR0.WP Date: Thu, 8 Jun 2023 10:27:34 +0800 Message-Id: <20230608022742.1292-7-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: mG6p8v3GAikC0Pg5ubImXsMzx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191321; bh=bXavE2GvAS8cuBJsTR3OCss26Ou2NduuCkTwKJzW2hk=; h=Cc:Date:From:Reply-To:Subject:To; b=UZ/Hjw+34uX9pPF/rMUZhHpbM/8VdLXyYnQV+qX90f+8BQFgAcxNSFJpaQnXT/IIoua NmPtfrmtGrNERCTrAQlPiSVDFk1atwC1prutcbDF5+CorvxUg7+YDfxqBQ5+qZnc0DE8D cGFdHA72xBI39JCmcVfqcmJvc7aclyQfLaQ= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191322378100005 Content-Type: text/plain; charset="utf-8" Add two functions to disable/enable CR0.WP. These two unctions will also be used in later commits. This commit doesn't change any functionality. Signed-off-by: Dun Tan Cc: Eric Dong Reviewed-by: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann --- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 24 +++++++++++++++++= +++++++ UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 115 +++++++++++++++++= +++++++++++++++++++++++++++++++++++++++++++++++++--------------------------= ----------------------- 2 files changed, 90 insertions(+), 49 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index ba341cadc6..e0c4ca76dc 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -1565,4 +1565,28 @@ SmmWaitForApArrival ( VOID ); =20 +/** + Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1. + + @param[out] WpEnabled If Cr0.WP is enabled. + @param[out] CetEnabled If CET is enabled. +**/ +VOID +DisableReadOnlyPageWriteProtect ( + OUT BOOLEAN *WpEnabled, + OUT BOOLEAN *CetEnabled + ); + +/** + Enable Write Protect on pages marked as read-only. + + @param[out] WpEnabled If Cr0.WP should be enabled. + @param[out] CetEnabled If CET should be enabled. +**/ +VOID +EnableReadOnlyPageWriteProtect ( + BOOLEAN WpEnabled, + BOOLEAN CetEnabled + ); + #endif diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c b/UefiCpuPk= g/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c index 3c79927c7b..d35058ed00 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c @@ -40,6 +40,64 @@ PAGE_TABLE_POOL *mPageTablePool =3D NULL; // BOOLEAN mIsReadOnlyPageTable =3D FALSE; =20 +/** + Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1. + + @param[out] WpEnabled If Cr0.WP is enabled. + @param[out] CetEnabled If CET is enabled. +**/ +VOID +DisableReadOnlyPageWriteProtect ( + OUT BOOLEAN *WpEnabled, + OUT BOOLEAN *CetEnabled + ) +{ + IA32_CR0 Cr0; + + *CetEnabled =3D ((AsmReadCr4 () & CR4_CET_ENABLE) !=3D 0) ? TRUE : FALSE; + Cr0.UintN =3D AsmReadCr0 (); + *WpEnabled =3D (Cr0.Bits.WP !=3D 0) ? TRUE : FALSE; + if (*WpEnabled) { + if (*CetEnabled) { + // + // CET must be disabled if WP is disabled. Disable CET before cleari= ng CR0.WP. + // + DisableCet (); + } + + Cr0.Bits.WP =3D 0; + AsmWriteCr0 (Cr0.UintN); + } +} + +/** + Enable Write Protect on pages marked as read-only. + + @param[out] WpEnabled If Cr0.WP should be enabled. + @param[out] CetEnabled If CET should be enabled. +**/ +VOID +EnableReadOnlyPageWriteProtect ( + BOOLEAN WpEnabled, + BOOLEAN CetEnabled + ) +{ + IA32_CR0 Cr0; + + if (WpEnabled) { + Cr0.UintN =3D AsmReadCr0 (); + Cr0.Bits.WP =3D 1; + AsmWriteCr0 (Cr0.UintN); + + if (CetEnabled) { + // + // re-enable CET. + // + EnableCet (); + } + } +} + /** Initialize a buffer pool for page table use only. =20 @@ -62,10 +120,9 @@ InitializePageTablePool ( IN UINTN PoolPages ) { - VOID *Buffer; - BOOLEAN CetEnabled; - BOOLEAN WpEnabled; - IA32_CR0 Cr0; + VOID *Buffer; + BOOLEAN WpEnabled; + BOOLEAN CetEnabled; =20 // // Always reserve at least PAGE_TABLE_POOL_UNIT_PAGES, including one pag= e for @@ -102,34 +159,9 @@ InitializePageTablePool ( // If page table memory has been marked as RO, mark the new pool pages a= s read-only. // if (mIsReadOnlyPageTable) { - CetEnabled =3D ((AsmReadCr4 () & CR4_CET_ENABLE) !=3D 0) ? TRUE : FALS= E; - Cr0.UintN =3D AsmReadCr0 (); - WpEnabled =3D (Cr0.Bits.WP !=3D 0) ? TRUE : FALSE; - if (WpEnabled) { - if (CetEnabled) { - // - // CET must be disabled if WP is disabled. Disable CET before clea= ring CR0.WP. - // - DisableCet (); - } - - Cr0.Bits.WP =3D 0; - AsmWriteCr0 (Cr0.UintN); - } - + DisableReadOnlyPageWriteProtect (&WpEnabled, &CetEnabled); SmmSetMemoryAttributes ((EFI_PHYSICAL_ADDRESS)(UINTN)Buffer, EFI_PAGES= _TO_SIZE (PoolPages), EFI_MEMORY_RO); - if (WpEnabled) { - Cr0.UintN =3D AsmReadCr0 (); - Cr0.Bits.WP =3D 1; - AsmWriteCr0 (Cr0.UintN); - - if (CetEnabled) { - // - // re-enable CET. - // - EnableCet (); - } - } + EnableReadOnlyPageWriteProtect (WpEnabled, CetEnabled); } =20 return TRUE; @@ -1780,6 +1812,7 @@ SetPageTableAttributes ( VOID ) { + BOOLEAN WpEnabled; BOOLEAN CetEnabled; =20 if (!IfReadOnlyPageTableNeeded ()) { @@ -1792,15 +1825,7 @@ SetPageTableAttributes ( // Disable write protection, because we need mark page table to be write= protected. // We need *write* page table memory, to mark itself to be *read only*. // - CetEnabled =3D ((AsmReadCr4 () & CR4_CET_ENABLE) !=3D 0) ? TRUE : FALSE; - if (CetEnabled) { - // - // CET must be disabled if WP is disabled. - // - DisableCet (); - } - - AsmWriteCr0 (AsmReadCr0 () & ~CR0_WP); + DisableReadOnlyPageWriteProtect (&WpEnabled, &CetEnabled); =20 // Set memory used by page table as Read Only. DEBUG ((DEBUG_INFO, "Start...\n")); @@ -1809,20 +1834,12 @@ SetPageTableAttributes ( // // Enable write protection, after page table attribute updated. // - AsmWriteCr0 (AsmReadCr0 () | CR0_WP); + EnableReadOnlyPageWriteProtect (TRUE, CetEnabled); mIsReadOnlyPageTable =3D TRUE; =20 // // Flush TLB after mark all page table pool as read only. // FlushTlbForAll (); - - if (CetEnabled) { - // - // re-enable CET. - // - EnableCet (); - } - return; } --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105899): https://edk2.groups.io/g/devel/message/105899 Mute This Topic: https://groups.io/mt/99399230/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105900+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105900+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191330; cv=none; d=zohomail.com; s=zohoarc; b=WcrIWT2isqwqE8zEguvP6GeQ5UhcK2E5lWkPmKe1bXMb70YG6iK1khEkc1BWwtrukJ8fnOBxRDCRD4o5QsS4MDp1zE/8zgGhN6y7a2545QTUYaNaRySeOgh63+4yIVrlbaFW67ST6HU/4LzNIFgz6bAJtVH+0HK6h9vzfOljCC4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191330; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=llIqyAmSEx166TZktKJiYUJ5Tfnltiyat7jxgmCDEVw=; b=aM4ISTaObIY2sfcoHD5iqnU59C6ZjEjnLZZZLHqEW4FFxMAfjylKYMRKIZyHonETjbhWYOxShqPolo9oXSjm7uySGmDy/4wVzPd3NlPSDBCi5HMfhSGImVBsPqeWBihYBBLch35lRcrhddfU4LJv7Ttrq7hITAk9rMyz+phRQTM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105900+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1686191330571677.9900121874207; Wed, 7 Jun 2023 19:28:50 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id c06GYY1788612x36axKliWG9; Wed, 07 Jun 2023 19:28:50 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.379.1686191316401101708 for ; Wed, 07 Jun 2023 19:28:44 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184288" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184288" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:44 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877811" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877811" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:42 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V5 07/14] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR0.WP before modify page table Date: Thu, 8 Jun 2023 10:27:35 +0800 Message-Id: <20230608022742.1292-8-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: Vi8naBMwZXdNc0TezCyFBrrIx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191330; bh=69hVHKNTfyH2eUHpmJgHmwJT8agoCRsZwls2cQTFNdM=; h=Cc:Date:From:Reply-To:Subject:To; b=Zs/QjR/r/TKiryvQy70Adk8BmeFAf+8034TWy/C+ADKiQYa9UlD+13QwHe02HkGwhLY aQKMbM5sGZKDsvtrkaKu88t7O5S6R7CCUo3zEnOSfJ1FUsXm/87dECZA2gIKkJ7Anr1z6 0FhCy3mx5SkgOwNLy4oGAuh1FUDdGs6qx4s= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191330872100002 Content-Type: text/plain; charset="utf-8" Clear CR0.WP before modify smm page table. Currently, there is an assumption that smm pagetable is always RW before ReadyToLock. However, when AMD SEV is enabled, FvbServicesSmm driver calls MemEncryptSevClearMmioPageEncMask to clear AddressEncMask bit in smm page table for this range: [PcdOvmfFdBaseAddress,PcdOvmfFdBaseAddress+PcdOvmfFirmwareFdSize] If page slpit happens in this process, new memory for smm page table is allocated. Then the newly allocated page table memory is marked as RO in smm page table in this FvbServicesSmm driver, which may lead to PF if smm code doesn't clear CR0.WP before modify smm page table when ReadyToLock. Signed-off-by: Dun Tan Cc: Eric Dong Reviewed-by: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann --- UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 11 +++++++++++ UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 5 +++++ 2 files changed, 16 insertions(+) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c b/UefiCpuPk= g/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c index d35058ed00..4ee99d06d7 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c @@ -1033,6 +1033,8 @@ SetMemMapAttributes ( IA32_MAP_ENTRY *Map; UINTN Count; UINT64 MemoryAttribute; + BOOLEAN WpEnabled; + BOOLEAN CetEnabled; =20 SmmGetSystemConfigurationTable (&gEdkiiPiSmmMemoryAttributesTableGuid, (= VOID **)&MemoryAttributesTable); if (MemoryAttributesTable =3D=3D NULL) { @@ -1075,6 +1077,8 @@ SetMemMapAttributes ( =20 ASSERT_RETURN_ERROR (Status); =20 + DisableReadOnlyPageWriteProtect (&WpEnabled, &CetEnabled); + MemoryMap =3D MemoryMapStart; for (Index =3D 0; Index < MemoryMapEntryCount; Index++) { DEBUG ((DEBUG_VERBOSE, "SetAttribute: Memory Entry - 0x%lx, 0x%x\n", M= emoryMap->PhysicalStart, MemoryMap->NumberOfPages)); @@ -1103,6 +1107,7 @@ SetMemMapAttributes ( MemoryMap =3D NEXT_MEMORY_DESCRIPTOR (MemoryMap, DescriptorSize); } =20 + EnableReadOnlyPageWriteProtect (WpEnabled, CetEnabled); FreePool (Map); =20 PatchSmmSaveStateMap (); @@ -1409,9 +1414,13 @@ SetUefiMemMapAttributes ( UINTN MemoryMapEntryCount; UINTN Index; EFI_MEMORY_DESCRIPTOR *Entry; + BOOLEAN WpEnabled; + BOOLEAN CetEnabled; =20 DEBUG ((DEBUG_INFO, "SetUefiMemMapAttributes\n")); =20 + DisableReadOnlyPageWriteProtect (&WpEnabled, &CetEnabled); + if (mUefiMemoryMap !=3D NULL) { MemoryMapEntryCount =3D mUefiMemoryMapSize/mUefiDescriptorSize; MemoryMap =3D mUefiMemoryMap; @@ -1490,6 +1499,8 @@ SetUefiMemMapAttributes ( } } =20 + EnableReadOnlyPageWriteProtect (WpEnabled, CetEnabled); + // // Do not free mUefiMemoryAttributesTable, it will be checked in IsSmmCo= mmBufferForbiddenAddress(). // diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c b/UefiCpuPkg/PiSmmCpuDx= eSmm/SmmProfile.c index 1b0b6673e1..5625ba0cac 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c @@ -574,6 +574,8 @@ InitPaging ( BOOLEAN Nx; IA32_CR4 Cr4; BOOLEAN Enable5LevelPaging; + BOOLEAN WpEnabled; + BOOLEAN CetEnabled; =20 Cr4.UintN =3D AsmReadCr4 (); Enable5LevelPaging =3D (BOOLEAN)(Cr4.Bits.LA57 =3D=3D 1); @@ -620,6 +622,7 @@ InitPaging ( NumberOfPdptEntries =3D 4; } =20 + DisableReadOnlyPageWriteProtect (&WpEnabled, &CetEnabled); // // Go through page table and change 2MB-page into 4KB-page. // @@ -800,6 +803,8 @@ InitPaging ( } // end for PML4 } // end for PML5 =20 + EnableReadOnlyPageWriteProtect (WpEnabled, CetEnabled); + // // Flush TLB // --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105900): https://edk2.groups.io/g/devel/message/105900 Mute This Topic: https://groups.io/mt/99399231/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105901+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105901+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191329; cv=none; d=zohomail.com; s=zohoarc; b=BeFl+Pi5sWE8m5gkS8AHbTNVZqZc6BPyeXjqnXCGjYQ8SEsANRt9qxhTsJEK+0Ht9tF5M3VeFWswmwOpStPm+B4iMqn59eT7nuNCKSKL2NoXADQUiCAUxvmRQilR1qhH6FJfKfkO2cVYxYh5hXmXYYxijEriuVGFornYNCq0u0Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191329; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=kVbxo8ke4hhXOXNRmOUa8suLj6HVhbAnVqM91RoPv8U=; b=cVBY4Vyfty6ILZgaQ0e/L9Rm5ucBUVhR629bhEV4IeROyp8bhy1DhnXqLzQaedJsczdCGTBukP9sQKYeaGMMQR5OOpbCrEP2lqcMiL0ySa5Az2h+FNBBLiPI62KSwy9OoHFvzCoeqmPoGfyPYB1dYaysHioDfZoBeqbB4E67yx8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105901+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1686191329218868.5457204986168; Wed, 7 Jun 2023 19:28:49 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 7qYOYY1788612xSfqBm6bcen; Wed, 07 Jun 2023 19:28:48 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.379.1686191316401101708 for ; Wed, 07 Jun 2023 19:28:48 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184302" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184302" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:47 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877832" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877832" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:28:46 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V5 08/14] UefiCpuPkg: Extern mSmmShadowStackSize in PiSmmCpuDxeSmm.h Date: Thu, 8 Jun 2023 10:27:36 +0800 Message-Id: <20230608022742.1292-9-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: U8NesYdGuF3wwcdWXuPAgPC4x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191328; bh=T20UCBEJ1bOzMR/OrbC/8BOvMxZTPZyOyESz3v62wb8=; h=Cc:Date:From:Reply-To:Subject:To; b=NUDXNk4sG1WlztWtX6/U44atv65RANRP7RQG3e2y+ElJmT8Ktg3hqgX0BmsdROVaa3f P+VD3juN/2JJEXVsfjbbTcZ11HQow68vcjqfvtovGersGFH4f5H2RuxaUdCWSkPco5Kgm uGrN40HzqI6lp4G22ghxH/Db3EHFy+MVK8k= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191331179100005 Content-Type: text/plain; charset="utf-8" Extern mSmmShadowStackSize in PiSmmCpuDxeSmm.h and remove extern for mSmmShadowStackSize in c files to simplify code. Signed-off-by: Dun Tan Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Reviewed-by: Ray Ni --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c | 3 +-- UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 2 -- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 1 + UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 2 -- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c | 3 +-- 5 files changed, 3 insertions(+), 8 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c b/UefiCpuPkg/PiS= mmCpuDxeSmm/Ia32/SmmFuncsArch.c index 6c48a53f67..636dc8d92f 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c @@ -1,7 +1,7 @@ /** @file SMM CPU misc functions for Ia32 arch specific. =20 -Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2023, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -14,7 +14,6 @@ EFI_PHYSICAL_ADDRESS mGdtBuffer; UINTN mGdtBufferSize; =20 extern BOOLEAN mCetSupported; -extern UINTN mSmmShadowStackSize; =20 X86_ASSEMBLY_PATCH_LABEL mPatchCetPl0Ssp; X86_ASSEMBLY_PATCH_LABEL mPatchCetInterruptSsp; diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c b/UefiCpuPkg/PiSmmCpuDxe= Smm/MpService.c index baf827cf9d..1878252eac 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c @@ -29,8 +29,6 @@ MM_COMPLETION mSmmStartupThisApToken; // UINT32 *mPackageFirstThreadIndex =3D NULL; =20 -extern UINTN mSmmShadowStackSize; - /** Performs an atomic compare exchange operation to get semaphore. The compare exchange operation must be performed using diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index e0c4ca76dc..a7da9673a5 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -262,6 +262,7 @@ extern EFI_SMM_CPU_PROTOCOL mSmmCpu; extern EFI_MM_MP_PROTOCOL mSmmMp; extern BOOLEAN m5LevelPagingNeeded; extern PAGING_MODE mPagingMode; +extern UINTN mSmmShadowStackSize; =20 /// /// The mode of the CPU at the time an SMI occurs diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c b/UefiCpuPkg/PiSmmCpuD= xeSmm/X64/PageTbl.c index 0bed857cae..46d8ff5d4e 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c @@ -13,8 +13,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #define PAGE_TABLE_PAGES 8 #define ACC_MAX_BIT BIT3 =20 -extern UINTN mSmmShadowStackSize; - LIST_ENTRY mPagePool =3D INITIALIZE_LIST_HEAD_VAR= IABLE (mPagePool); BOOLEAN m1GPageTableSupport =3D FALSE; BOOLEAN mCpuSmmRestrictedMemoryAccess; diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c b/UefiCpuPkg/PiSm= mCpuDxeSmm/X64/SmmFuncsArch.c index 00a284c369..c4f21e2155 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c @@ -1,7 +1,7 @@ /** @file SMM CPU misc functions for x64 arch specific. =20 -Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2023, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -12,7 +12,6 @@ EFI_PHYSICAL_ADDRESS mGdtBuffer; UINTN mGdtBufferSize; =20 extern BOOLEAN mCetSupported; -extern UINTN mSmmShadowStackSize; =20 X86_ASSEMBLY_PATCH_LABEL mPatchCetPl0Ssp; X86_ASSEMBLY_PATCH_LABEL mPatchCetInterruptSsp; --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105901): https://edk2.groups.io/g/devel/message/105901 Mute This Topic: https://groups.io/mt/99399232/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105902+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105902+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191345; cv=none; d=zohomail.com; s=zohoarc; b=aTmKDHIyujzubvX3jUfklmWx65/scE8UgbgLQ6ymYUIe5+OkZvV4oHOuDX7lbSFW/crDG2sUiFhCjPjo8iKV0BzGiyS+X6rUD7n7FYiODWpIY53gCiCHiGi5ZWM0Mj9s34zLcxX385x7/sNXFrefQfQ3dU+Wjud9lFRIEdq+0IU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191345; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=Spa9YpNKNnXuncWxL8olgoDj1VuHajq+x36+J0eMHc4=; b=ArIOkrxqy2MMVpNh+WYE704FTkNlVeVrpdL++Nai70lKbD9BTbLekVlmLsYTWMNTxb0AzzP4Bv9NFYsFOjIBHfZCi9Zudy/QVb0Ib5H9ttWpStlXt8KAUs8UpOgcSMtXC7dbdAKpB6JaM9TSMBQU1dENgJUW4JimTBSm4XIS7Hk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105902+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 168619134538782.87032292575668; Wed, 7 Jun 2023 19:29:05 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id ywyIYY1788612xySEq310g6E; Wed, 07 Jun 2023 19:29:05 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.386.1686191344244208222 for ; Wed, 07 Jun 2023 19:29:04 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184372" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184372" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:29:04 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877874" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877874" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:29:02 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V5 09/14] UefiCpuPkg: Add GenSmmPageTable() to create smm page table Date: Thu, 8 Jun 2023 10:27:37 +0800 Message-Id: <20230608022742.1292-10-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: gt2x50Q2vFWNogv9sbUIqyk6x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191345; bh=JnBpaw169iaADp054C3Fv/hsZ6AvW3Yk9Jd6QzMHnt0=; h=Cc:Date:From:Reply-To:Subject:To; b=VHJ7EQ4/3z1AZmduafpxqar+ZJD+bZ6lVMhBVCM786Hx1tiEPK5eXRVH+nNREHWK9Vf FdzrawxD4U8jYcv8B5byhuETnKOFGw6OQ/G7fkMRoXOVhjtOfRUAdj0ZfU08X8r+9W67A M7hLmvFGV0S7EhA3L0vyCR72gEYOip7L5oQ= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191346965100003 Content-Type: text/plain; charset="utf-8" This commit is code refinement to current smm pagetable generation code. Add a new GenSmmPageTable() API to create smm page table based on the PageTableMap() API in CpuPageTableLib. Caller only needs to specify the paging mode and the PhysicalAddressBits to map. This function can be used to create both IA32 pae paging and X64 5level, 4level paging. Signed-off-by: Dun Tan Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Reviewed-by: Ray Ni --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 15 +++++++++++++++ UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 65 +++++++++++++++++= ++++++++++++++++++++++++++++++++++++++++++++++++ UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 220 +++++++++++++++++= +++++++++------------------------------------------------------------------= ---------------------------------------------------------------------------= ----------------------------------------------------- 4 files changed, 107 insertions(+), 195 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c b/UefiCpuPkg/PiSmmCpu= DxeSmm/Ia32/PageTbl.c index 9c8107080a..b11264ce4a 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c @@ -63,7 +63,7 @@ SmmInitPageTable ( InitializeIDTSmmStackGuard (); } =20 - return Gen4GPageTable (TRUE); + return GenSmmPageTable (PagingPae, mPhysicalAddressBits); } =20 /** diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index a7da9673a5..5399659bc0 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -553,6 +553,21 @@ Gen4GPageTable ( IN BOOLEAN Is32BitPageTable ); =20 +/** + Create page table based on input PagingMode and PhysicalAddressBits in s= mm. + + @param[in] PagingMode The paging mode. + @param[in] PhysicalAddressBits The bits of physical address to map. + + @retval PageTable Address + +**/ +UINTN +GenSmmPageTable ( + IN PAGING_MODE PagingMode, + IN UINT8 PhysicalAddressBits + ); + /** Initialize global data for MP synchronization. =20 diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c b/UefiCpuPk= g/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c index 4ee99d06d7..4e93d26eb4 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c @@ -1640,6 +1640,71 @@ EdkiiSmmClearMemoryAttributes ( return SmmClearMemoryAttributes (BaseAddress, Length, Attributes); } =20 +/** + Create page table based on input PagingMode and PhysicalAddressBits in s= mm. + + @param[in] PagingMode The paging mode. + @param[in] PhysicalAddressBits The bits of physical address to map. + + @retval PageTable Address + +**/ +UINTN +GenSmmPageTable ( + IN PAGING_MODE PagingMode, + IN UINT8 PhysicalAddressBits + ) +{ + UINTN PageTableBufferSize; + UINTN PageTable; + VOID *PageTableBuffer; + IA32_MAP_ATTRIBUTE MapAttribute; + IA32_MAP_ATTRIBUTE MapMask; + RETURN_STATUS Status; + UINTN GuardPage; + UINTN Index; + UINT64 Length; + + Length =3D LShiftU64 (1, PhysicalAddressBits); + PageTable =3D 0; + PageTableBufferSize =3D 0; + MapMask.Uint64 =3D MAX_UINT64; + MapAttribute.Uint64 =3D mAddressEncMask; + MapAttribute.Bits.Present =3D 1; + MapAttribute.Bits.ReadWrite =3D 1; + MapAttribute.Bits.UserSupervisor =3D 1; + MapAttribute.Bits.Accessed =3D 1; + MapAttribute.Bits.Dirty =3D 1; + + Status =3D PageTableMap (&PageTable, PagingMode, NULL, &PageTableBufferS= ize, 0, Length, &MapAttribute, &MapMask, NULL); + ASSERT (Status =3D=3D RETURN_BUFFER_TOO_SMALL); + DEBUG ((DEBUG_INFO, "GenSMMPageTable: 0x%x bytes needed for initial SMM = page table\n", PageTableBufferSize)); + PageTableBuffer =3D AllocatePageTableMemory (EFI_SIZE_TO_PAGES (PageTabl= eBufferSize)); + ASSERT (PageTableBuffer !=3D NULL); + Status =3D PageTableMap (&PageTable, PagingMode, PageTableBuffer, &PageT= ableBufferSize, 0, Length, &MapAttribute, &MapMask, NULL); + ASSERT (Status =3D=3D RETURN_SUCCESS); + ASSERT (PageTableBufferSize =3D=3D 0); + + if (FeaturePcdGet (PcdCpuSmmStackGuard)) { + // + // Mark the 4KB guard page between known good stack and smm stack as n= on-present + // + for (Index =3D 0; Index < gSmmCpuPrivate->SmmCoreEntryContext.NumberOf= Cpus; Index++) { + GuardPage =3D mSmmStackArrayBase + EFI_PAGE_SIZE + Index * (mSmmStac= kSize + mSmmShadowStackSize); + Status =3D ConvertMemoryPageAttributes (PageTable, PagingMode, Gu= ardPage, SIZE_4KB, EFI_MEMORY_RP, TRUE, NULL); + } + } + + if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT1) !=3D 0) { + // + // Mark [0, 4k] as non-present + // + Status =3D ConvertMemoryPageAttributes (PageTable, PagingMode, 0, SIZE= _4KB, EFI_MEMORY_RP, TRUE, NULL); + } + + return (UINTN)PageTable; +} + /** This function retrieves the attributes of the memory region specified by BaseAddress and Length. If different attributes are got from different p= art diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c b/UefiCpuPkg/PiSmmCpuD= xeSmm/X64/PageTbl.c index 46d8ff5d4e..ddd9be66b5 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c @@ -167,160 +167,6 @@ CalculateMaximumSupportAddress ( return PhysicalAddressBits; } =20 -/** - Set static page table. - - @param[in] PageTable Address of page table. - @param[in] PhysicalAddressBits The maximum physical address bits supp= orted. -**/ -VOID -SetStaticPageTable ( - IN UINTN PageTable, - IN UINT8 PhysicalAddressBits - ) -{ - UINT64 PageAddress; - UINTN NumberOfPml5EntriesNeeded; - UINTN NumberOfPml4EntriesNeeded; - UINTN NumberOfPdpEntriesNeeded; - UINTN IndexOfPml5Entries; - UINTN IndexOfPml4Entries; - UINTN IndexOfPdpEntries; - UINTN IndexOfPageDirectoryEntries; - UINT64 *PageMapLevel5Entry; - UINT64 *PageMapLevel4Entry; - UINT64 *PageMap; - UINT64 *PageDirectoryPointerEntry; - UINT64 *PageDirectory1GEntry; - UINT64 *PageDirectoryEntry; - - // - // IA-32e paging translates 48-bit linear addresses to 52-bit physical a= ddresses - // when 5-Level Paging is disabled. - // - ASSERT (PhysicalAddressBits <=3D 52); - if (!m5LevelPagingNeeded && (PhysicalAddressBits > 48)) { - PhysicalAddressBits =3D 48; - } - - NumberOfPml5EntriesNeeded =3D 1; - if (PhysicalAddressBits > 48) { - NumberOfPml5EntriesNeeded =3D (UINTN)LShiftU64 (1, PhysicalAddressBits= - 48); - PhysicalAddressBits =3D 48; - } - - NumberOfPml4EntriesNeeded =3D 1; - if (PhysicalAddressBits > 39) { - NumberOfPml4EntriesNeeded =3D (UINTN)LShiftU64 (1, PhysicalAddressBits= - 39); - PhysicalAddressBits =3D 39; - } - - NumberOfPdpEntriesNeeded =3D 1; - ASSERT (PhysicalAddressBits > 30); - NumberOfPdpEntriesNeeded =3D (UINTN)LShiftU64 (1, PhysicalAddressBits - = 30); - - // - // By architecture only one PageMapLevel4 exists - so lets allocate stor= age for it. - // - PageMap =3D (VOID *)PageTable; - - PageMapLevel4Entry =3D PageMap; - PageMapLevel5Entry =3D NULL; - if (m5LevelPagingNeeded) { - // - // By architecture only one PageMapLevel5 exists - so lets allocate st= orage for it. - // - PageMapLevel5Entry =3D PageMap; - } - - PageAddress =3D 0; - - for ( IndexOfPml5Entries =3D 0 - ; IndexOfPml5Entries < NumberOfPml5EntriesNeeded - ; IndexOfPml5Entries++, PageMapLevel5Entry++) - { - // - // Each PML5 entry points to a page of PML4 entires. - // So lets allocate space for them and fill them in in the IndexOfPml4= Entries loop. - // When 5-Level Paging is disabled, below allocation happens only once. - // - if (m5LevelPagingNeeded) { - PageMapLevel4Entry =3D (UINT64 *)((*PageMapLevel5Entry) & ~mAddressE= ncMask & gPhyMask); - if (PageMapLevel4Entry =3D=3D NULL) { - PageMapLevel4Entry =3D AllocatePageTableMemory (1); - ASSERT (PageMapLevel4Entry !=3D NULL); - ZeroMem (PageMapLevel4Entry, EFI_PAGES_TO_SIZE (1)); - - *PageMapLevel5Entry =3D (UINT64)(UINTN)PageMapLevel4Entry | mAddre= ssEncMask | PAGE_ATTRIBUTE_BITS; - } - } - - for (IndexOfPml4Entries =3D 0; IndexOfPml4Entries < (NumberOfPml5Entri= esNeeded =3D=3D 1 ? NumberOfPml4EntriesNeeded : 512); IndexOfPml4Entries++,= PageMapLevel4Entry++) { - // - // Each PML4 entry points to a page of Page Directory Pointer entrie= s. - // - PageDirectoryPointerEntry =3D (UINT64 *)((*PageMapLevel4Entry) & ~mA= ddressEncMask & gPhyMask); - if (PageDirectoryPointerEntry =3D=3D NULL) { - PageDirectoryPointerEntry =3D AllocatePageTableMemory (1); - ASSERT (PageDirectoryPointerEntry !=3D NULL); - ZeroMem (PageDirectoryPointerEntry, EFI_PAGES_TO_SIZE (1)); - - *PageMapLevel4Entry =3D (UINT64)(UINTN)PageDirectoryPointerEntry |= mAddressEncMask | PAGE_ATTRIBUTE_BITS; - } - - if (m1GPageTableSupport) { - PageDirectory1GEntry =3D PageDirectoryPointerEntry; - for (IndexOfPageDirectoryEntries =3D 0; IndexOfPageDirectoryEntrie= s < 512; IndexOfPageDirectoryEntries++, PageDirectory1GEntry++, PageAddress= +=3D SIZE_1GB) { - if ((IndexOfPml4Entries =3D=3D 0) && (IndexOfPageDirectoryEntrie= s < 4)) { - // - // Skip the < 4G entries - // - continue; - } - - // - // Fill in the Page Directory entries - // - *PageDirectory1GEntry =3D PageAddress | mAddressEncMask | IA32_P= G_PS | PAGE_ATTRIBUTE_BITS; - } - } else { - PageAddress =3D BASE_4GB; - for (IndexOfPdpEntries =3D 0; IndexOfPdpEntries < (NumberOfPml4Ent= riesNeeded =3D=3D 1 ? NumberOfPdpEntriesNeeded : 512); IndexOfPdpEntries++,= PageDirectoryPointerEntry++) { - if ((IndexOfPml4Entries =3D=3D 0) && (IndexOfPdpEntries < 4)) { - // - // Skip the < 4G entries - // - continue; - } - - // - // Each Directory Pointer entries points to a page of Page Direc= tory entires. - // So allocate space for them and fill them in in the IndexOfPag= eDirectoryEntries loop. - // - PageDirectoryEntry =3D (UINT64 *)((*PageDirectoryPointerEntry) &= ~mAddressEncMask & gPhyMask); - if (PageDirectoryEntry =3D=3D NULL) { - PageDirectoryEntry =3D AllocatePageTableMemory (1); - ASSERT (PageDirectoryEntry !=3D NULL); - ZeroMem (PageDirectoryEntry, EFI_PAGES_TO_SIZE (1)); - - // - // Fill in a Page Directory Pointer Entries - // - *PageDirectoryPointerEntry =3D (UINT64)(UINTN)PageDirectoryEnt= ry | mAddressEncMask | PAGE_ATTRIBUTE_BITS; - } - - for (IndexOfPageDirectoryEntries =3D 0; IndexOfPageDirectoryEntr= ies < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PageAddress= +=3D SIZE_2MB) { - // - // Fill in the Page Directory entries - // - *PageDirectoryEntry =3D PageAddress | mAddressEncMask | IA32_P= G_PS | PAGE_ATTRIBUTE_BITS; - } - } - } - } - } -} - /** Create PageTable for SMM use. =20 @@ -332,15 +178,16 @@ SmmInitPageTable ( VOID ) { - EFI_PHYSICAL_ADDRESS Pages; - UINT64 *PTEntry; + UINTN PageTable; LIST_ENTRY *FreePage; UINTN Index; UINTN PageFaultHandlerHookAddress; IA32_IDT_GATE_DESCRIPTOR *IdtEntry; EFI_STATUS Status; + UINT64 *PdptEntry; UINT64 *Pml4Entry; UINT64 *Pml5Entry; + UINT8 PhysicalAddressBits; =20 // // Initialize spin lock @@ -357,59 +204,44 @@ SmmInitPageTable ( } else { mPagingMode =3D m1GPageTableSupport ? Paging4Level1GB : Paging4Level; } + DEBUG ((DEBUG_INFO, "5LevelPaging Needed - %d\n", m5LevelPag= ingNeeded)); DEBUG ((DEBUG_INFO, "1GPageTable Support - %d\n", m1GPageTab= leSupport)); DEBUG ((DEBUG_INFO, "PcdCpuSmmRestrictedMemoryAccess - %d\n", mCpuSmmRes= trictedMemoryAccess)); DEBUG ((DEBUG_INFO, "PhysicalAddressBits - %d\n", mPhysicalA= ddressBits)); - // - // Generate PAE page table for the first 4GB memory space - // - Pages =3D Gen4GPageTable (FALSE); =20 // - // Set IA32_PG_PMNT bit to mask this entry + // Generate initial SMM page table. + // Only map [0, 4G] when PcdCpuSmmRestrictedMemoryAccess is FALSE. // - PTEntry =3D (UINT64 *)(UINTN)Pages; - for (Index =3D 0; Index < 4; Index++) { - PTEntry[Index] |=3D IA32_PG_PMNT; - } - - // - // Fill Page-Table-Level4 (PML4) entry - // - Pml4Entry =3D (UINT64 *)AllocatePageTableMemory (1); - ASSERT (Pml4Entry !=3D NULL); - *Pml4Entry =3D Pages | mAddressEncMask | PAGE_ATTRIBUTE_BITS; - ZeroMem (Pml4Entry + 1, EFI_PAGE_SIZE - sizeof (*Pml4Entry)); - - // - // Set sub-entries number - // - SetSubEntriesNum (Pml4Entry, 3); - PTEntry =3D Pml4Entry; + PhysicalAddressBits =3D mCpuSmmRestrictedMemoryAccess ? mPhysicalAddress= Bits : 32; + PageTable =3D GenSmmPageTable (mPagingMode, PhysicalAddressBit= s); =20 if (m5LevelPagingNeeded) { + Pml5Entry =3D (UINT64 *)PageTable; // - // Fill PML5 entry - // - Pml5Entry =3D (UINT64 *)AllocatePageTableMemory (1); - ASSERT (Pml5Entry !=3D NULL); - *Pml5Entry =3D (UINTN)Pml4Entry | mAddressEncMask | PAGE_ATTRIBUTE_BIT= S; - ZeroMem (Pml5Entry + 1, EFI_PAGE_SIZE - sizeof (*Pml5Entry)); - // - // Set sub-entries number + // Set Pml5Entry sub-entries number for smm PF handler usage. // SetSubEntriesNum (Pml5Entry, 1); - PTEntry =3D Pml5Entry; + Pml4Entry =3D (UINT64 *)((*Pml5Entry) & ~mAddressEncMask & gPhyMask); + } else { + Pml4Entry =3D (UINT64 *)PageTable; + } + + // + // Set IA32_PG_PMNT bit to mask first 4 PdptEntry. + // + PdptEntry =3D (UINT64 *)((*Pml4Entry) & ~mAddressEncMask & gPhyMask); + for (Index =3D 0; Index < 4; Index++) { + PdptEntry[Index] |=3D IA32_PG_PMNT; } =20 - if (mCpuSmmRestrictedMemoryAccess) { + if (!mCpuSmmRestrictedMemoryAccess) { // - // When access to non-SMRAM memory is restricted, create page table - // that covers all memory space. + // Set Pml4Entry sub-entries number for smm PF handler usage. // - SetStaticPageTable ((UINTN)PTEntry, mPhysicalAddressBits); - } else { + SetSubEntriesNum (Pml4Entry, 3); + // // Add pages to page pool // @@ -466,7 +298,7 @@ SmmInitPageTable ( // // Return the address of PML4/PML5 (to set CR3) // - return (UINT32)(UINTN)PTEntry; + return (UINT32)PageTable; } =20 /** --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105902): https://edk2.groups.io/g/devel/message/105902 Mute This Topic: https://groups.io/mt/99399237/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105903+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105903+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191347; cv=none; d=zohomail.com; s=zohoarc; b=BgK8DDENWTlM9d+oUFojf9Md29VpvZU0QlipZ88cbvTQV6gVOeYP6PoL1WSSAd6BYTqRzzMrPRTOC9Y4wuwpaj/DYinYb8H5NCHIECsfu3s80RiTEStcqIoiBFo3k6VtvJQqnKIzOt/iKArtx4g9onMKMCoJGskO7fDdGFiTJqQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191347; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=zA/Yu3FmPSdo2iV3v1lWJnfn1XS3aXL2Tm9cX10+D1I=; b=ZCDnXY5Cx1S67jJ/uJnmNxGWjYfTF6+4naEmPmaNuYGl+OSygNTdyc8eTlFn0g8bqI1Ngd67c4TYD1NG4pFUMmlJG/MctulRFpQrs70ltSvWqBRwz7MM4xtyRaSk4WXV6+HX0ota6Kb8bVztt8yQ8FBh7H41otjs06oA+uAbwTA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105903+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1686191347514407.47220682568127; Wed, 7 Jun 2023 19:29:07 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id TInnYY1788612xHohpq9ZP8a; Wed, 07 Jun 2023 19:29:07 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.386.1686191344244208222 for ; Wed, 07 Jun 2023 19:29:06 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184392" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184392" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:29:06 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877886" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877886" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:29:04 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V5 10/14] UefiCpuPkg: Use GenSmmPageTable() to create Smm S3 page table Date: Thu, 8 Jun 2023 10:27:38 +0800 Message-Id: <20230608022742.1292-11-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: Jx30YXj5duGalRmkss34IUD2x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191347; bh=3V4NLbphAgxUeyv0H6ic+dCWWICj8itWAFPpPGf9YXs=; h=Cc:Date:From:Reply-To:Subject:To; b=R07Vq7z7HQOQO6apbD6Pqd7353xv4J1YWX4GpJ2z/vEzdqBEpzooa/Wx0khILeO2mfP 9i0qEe66+Fxt/xEJP2pn8BnCZ3xGleU9xxArDNQxVPlfdkMj3kmhIXqi+tiWxqxo/obyD 8+Bx7PGkC77bYWKE3foI0IRDGmVZbXNgrGE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191348919100007 Content-Type: text/plain; charset="utf-8" Use GenSmmPageTable() to create both IA32 and X64 Smm S3 page table. Signed-off-by: Dun Tan Cc: Eric Dong Reviewed-by: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmProfileArch.c | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 130 --------------------= ---------------------------------------------------------------------------= ----------------------------------- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmProfileArch.c | 20 ++++---------------- 3 files changed, 5 insertions(+), 147 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmProfileArch.c b/UefiCpuPkg/P= iSmmCpuDxeSmm/Ia32/SmmProfileArch.c index bba4a6f058..650090e534 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmProfileArch.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmProfileArch.c @@ -18,7 +18,7 @@ InitSmmS3Cr3 ( VOID ) { - mSmmS3ResumeState->SmmS3Cr3 =3D Gen4GPageTable (TRUE); + mSmmS3ResumeState->SmmS3Cr3 =3D GenSmmPageTable (PagingPae, mPhysicalAdd= ressBits); =20 return; } diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c b/UefiCpuPkg/PiSmmCpuDxe= Smm/MpService.c index 1878252eac..f8b81fc96e 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c @@ -999,136 +999,6 @@ APHandler ( ReleaseSemaphore (mSmmMpSyncData->CpuData[BspIndex].Run); } =20 -/** - Create 4G PageTable in SMRAM. - - @param[in] Is32BitPageTable Whether the page table is 32-bit PAE - @return PageTable Address - -**/ -UINT32 -Gen4GPageTable ( - IN BOOLEAN Is32BitPageTable - ) -{ - VOID *PageTable; - UINTN Index; - UINT64 *Pte; - UINTN PagesNeeded; - UINTN Low2MBoundary; - UINTN High2MBoundary; - UINTN Pages; - UINTN GuardPage; - UINT64 *Pdpte; - UINTN PageIndex; - UINTN PageAddress; - - Low2MBoundary =3D 0; - High2MBoundary =3D 0; - PagesNeeded =3D 0; - if (FeaturePcdGet (PcdCpuSmmStackGuard)) { - // - // Add one more page for known good stack, then find the lower 2MB ali= gned address. - // - Low2MBoundary =3D (mSmmStackArrayBase + EFI_PAGE_SIZE) & ~(SIZE_2MB-1); - // - // Add two more pages for known good stack and stack guard page, - // then find the lower 2MB aligned address. - // - High2MBoundary =3D (mSmmStackArrayEnd - mSmmStackSize - mSmmShadowStac= kSize + EFI_PAGE_SIZE * 2) & ~(SIZE_2MB-1); - PagesNeeded =3D ((High2MBoundary - Low2MBoundary) / SIZE_2MB) + 1; - } - - // - // Allocate the page table - // - PageTable =3D AllocatePageTableMemory (5 + PagesNeeded); - ASSERT (PageTable !=3D NULL); - - PageTable =3D (VOID *)((UINTN)PageTable); - Pte =3D (UINT64 *)PageTable; - - // - // Zero out all page table entries first - // - ZeroMem (Pte, EFI_PAGES_TO_SIZE (1)); - - // - // Set Page Directory Pointers - // - for (Index =3D 0; Index < 4; Index++) { - Pte[Index] =3D ((UINTN)PageTable + EFI_PAGE_SIZE * (Index + 1)) | mAdd= ressEncMask | - (Is32BitPageTable ? IA32_PAE_PDPTE_ATTRIBUTE_BITS : PAGE_= ATTRIBUTE_BITS); - } - - Pte +=3D EFI_PAGE_SIZE / sizeof (*Pte); - - // - // Fill in Page Directory Entries - // - for (Index =3D 0; Index < EFI_PAGE_SIZE * 4 / sizeof (*Pte); Index++) { - Pte[Index] =3D (Index << 21) | mAddressEncMask | IA32_PG_PS | PAGE_ATT= RIBUTE_BITS; - } - - Pdpte =3D (UINT64 *)PageTable; - if (FeaturePcdGet (PcdCpuSmmStackGuard)) { - Pages =3D (UINTN)PageTable + EFI_PAGES_TO_SIZE (5); - GuardPage =3D mSmmStackArrayBase + EFI_PAGE_SIZE; - for (PageIndex =3D Low2MBoundary; PageIndex <=3D High2MBoundary; PageI= ndex +=3D SIZE_2MB) { - Pte =3D (UINT64 *)(UINTN= )(Pdpte[BitFieldRead32 ((UINT32)PageIndex, 30, 31)] & ~mAddressEncMask & ~(= EFI_PAGE_SIZE - 1)); - Pte[BitFieldRead32 ((UINT32)PageIndex, 21, 29)] =3D (UINT64)Pages | = mAddressEncMask | PAGE_ATTRIBUTE_BITS; - // - // Fill in Page Table Entries - // - Pte =3D (UINT64 *)Pages; - PageAddress =3D PageIndex; - for (Index =3D 0; Index < EFI_PAGE_SIZE / sizeof (*Pte); Index++) { - if (PageAddress =3D=3D GuardPage) { - // - // Mark the guard page as non-present - // - Pte[Index] =3D PageAddress | mAddressEncMask; - GuardPage +=3D (mSmmStackSize + mSmmShadowStackSize); - if (GuardPage > mSmmStackArrayEnd) { - GuardPage =3D 0; - } - } else { - Pte[Index] =3D PageAddress | mAddressEncMask | PAGE_ATTRIBUTE_BI= TS; - } - - PageAddress +=3D EFI_PAGE_SIZE; - } - - Pages +=3D EFI_PAGE_SIZE; - } - } - - if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT1) !=3D 0) { - Pte =3D (UINT64 *)(UINTN)(Pdpte[0] & ~mAddressEncMask & ~(EFI_PAGE_SIZ= E - 1)); - if ((Pte[0] & IA32_PG_PS) =3D=3D 0) { - // 4K-page entries are already mapped. Just hide the first one anywa= y. - Pte =3D (UINT64 *)(UINTN)(Pte[0] & ~mAddressEncMask & ~(EFI_PAGE= _SIZE - 1)); - Pte[0] &=3D ~(UINT64)IA32_PG_P; // Hide page 0 - } else { - // Create 4K-page entries - Pages =3D (UINTN)AllocatePageTableMemory (1); - ASSERT (Pages !=3D 0); - - Pte[0] =3D (UINT64)(Pages | mAddressEncMask | PAGE_ATTRIBUTE_BITS); - - Pte =3D (UINT64 *)Pages; - PageAddress =3D 0; - Pte[0] =3D PageAddress | mAddressEncMask; // Hide page 0 but pr= esent left - for (Index =3D 1; Index < EFI_PAGE_SIZE / sizeof (*Pte); Index++) { - PageAddress +=3D EFI_PAGE_SIZE; - Pte[Index] =3D PageAddress | mAddressEncMask | PAGE_ATTRIBUTE_BI= TS; - } - } - } - - return (UINT32)(UINTN)PageTable; -} - /** Checks whether the input token is the current used token. =20 diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmProfileArch.c b/UefiCpuPkg/Pi= SmmCpuDxeSmm/X64/SmmProfileArch.c index cb7a691745..01432d466c 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmProfileArch.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmProfileArch.c @@ -35,26 +35,14 @@ InitSmmS3Cr3 ( VOID ) { - EFI_PHYSICAL_ADDRESS Pages; - UINT64 *PTEntry; - - // - // Generate PAE page table for the first 4GB memory space - // - Pages =3D Gen4GPageTable (FALSE); - // - // Fill Page-Table-Level4 (PML4) entry + // Generate level4 page table for the first 4GB memory space + // Return the address of PML4 (to set CR3) // - PTEntry =3D (UINT64 *)AllocatePageTableMemory (1); - ASSERT (PTEntry !=3D NULL); - *PTEntry =3D Pages | mAddressEncMask | PAGE_ATTRIBUTE_BITS; - ZeroMem (PTEntry + 1, EFI_PAGE_SIZE - sizeof (*PTEntry)); - // - // Return the address of PML4 (to set CR3) + // The SmmS3Cr3 is only used by S3Resume PEIM to switch CPU from 32bit t= o 64bit // - mSmmS3ResumeState->SmmS3Cr3 =3D (UINT32)(UINTN)PTEntry; + mSmmS3ResumeState->SmmS3Cr3 =3D (UINT32)GenSmmPageTable (Paging4Level, 3= 2); =20 return; } --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105903): https://edk2.groups.io/g/devel/message/105903 Mute This Topic: https://groups.io/mt/99399238/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105904+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105904+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191350; cv=none; d=zohomail.com; s=zohoarc; b=T+q9rO2fQNYVV+ZZ7AB+JsTYx182JiC7SpnsyItMXoR77vhpESQ2EExfacJm3/bjkUmnXvQbzxK9x6wx1txAnkO5FIYpquYl67gcEAv/5EUfufVG4IvMPfR9wTD1c8oUsCEnirE2+9esTEpre7ZZpO7GEGj+H2aYOJsHUJaA44k= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191350; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=zf++0KEzA5dofLF/Aj74nxIaiIH8RMLg+ahxtO0jUDc=; b=P2FVb9RqRF+xv27ZAKe89DHvzCvLnxwDF++w5n3eO5VgrOi4RGlz/LtOA+AYFr+BqQGUC25x46aTk2XEnOv/fpMWqaEh1dH6V7MBUrWdVeE++qOQVgJpbhWm3kw95r1ocQrwGz7sJ2akXcPKfzwzkB6diH5ienhB0s0vhB0MEs8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105904+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1686191350357597.8491112524403; Wed, 7 Jun 2023 19:29:10 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 3Z8rYY1788612xaiD1UxlKU2; Wed, 07 Jun 2023 19:29:10 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.386.1686191344244208222 for ; Wed, 07 Jun 2023 19:29:09 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184422" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184422" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:29:08 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877911" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877911" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:29:07 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V5 11/14] UefiCpuPkg: Sort mSmmCpuSmramRanges in FindSmramInfo Date: Thu, 8 Jun 2023 10:27:39 +0800 Message-Id: <20230608022742.1292-12-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: 236Y95vrb70AVfVZMaQ5uzBlx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191350; bh=Ko+HpZNbxiOltit+Z2drxW3ci3eyoF76kiwdLZi8SCk=; h=Cc:Date:From:Reply-To:Subject:To; b=kYX7lNmVSdBtxxVQOuwNM76uMw3gPwX/a66uSKrEV03ZF9ZrvoKe+KVyorfC5rFZmYA dEvSWJh4iHo9HJOXqGU95cWxgYZjfWTDk5aYolGA+v6dbeQyRa0w+DrWESLbstui+gMKP mgOoKwDcIg7+HEpYUIgLx3j6+o1SLG7sPEo= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191351266100011 Content-Type: text/plain; charset="utf-8" Sort mSmmCpuSmramRanges after get the SMRAM info in FindSmramInfo() function. Signed-off-by: Dun Tan Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Reviewed-by: Ray Ni --- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 32 ++++++++++++++++++++++++++= ++++++ 1 file changed, 32 insertions(+) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.c index 2144d6ade8..2568ffd677 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c @@ -1197,6 +1197,32 @@ PiCpuSmmEntry ( return EFI_SUCCESS; } =20 +/** + Function to compare 2 EFI_SMRAM_DESCRIPTOR based on CpuStart. + + @param[in] Buffer1 pointer to Device Path poiner to compare + @param[in] Buffer2 pointer to second DevicePath pointer to co= mpare + + @retval 0 Buffer1 equal to Buffer2 + @retval <0 Buffer1 is less than Buffer2 + @retval >0 Buffer1 is greater than Buffer2 +**/ +INTN +EFIAPI +CpuSmramRangeCompare ( + IN CONST VOID *Buffer1, + IN CONST VOID *Buffer2 + ) +{ + if (((EFI_SMRAM_DESCRIPTOR *)Buffer1)->CpuStart > ((EFI_SMRAM_DESCRIPTOR= *)Buffer2)->CpuStart) { + return 1; + } else if (((EFI_SMRAM_DESCRIPTOR *)Buffer1)->CpuStart < ((EFI_SMRAM_DES= CRIPTOR *)Buffer2)->CpuStart) { + return -1; + } + + return 0; +} + /** =20 Find out SMRAM information including SMRR base and SMRR size. @@ -1218,6 +1244,7 @@ FindSmramInfo ( UINTN Index; UINT64 MaxSize; BOOLEAN Found; + EFI_SMRAM_DESCRIPTOR SmramDescriptor; =20 // // Get SMM Access Protocol @@ -1240,6 +1267,11 @@ FindSmramInfo ( =20 mSmmCpuSmramRangeCount =3D Size / sizeof (EFI_SMRAM_DESCRIPTOR); =20 + // + // Sort the mSmmCpuSmramRanges + // + QuickSort (mSmmCpuSmramRanges, mSmmCpuSmramRangeCount, sizeof (EFI_SMRAM= _DESCRIPTOR), (BASE_SORT_COMPARE)CpuSmramRangeCompare, &SmramDescriptor); + // // Find the largest SMRAM range between 1MB and 4GB that is at least 256= K - 4K in size // --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105904): https://edk2.groups.io/g/devel/message/105904 Mute This Topic: https://groups.io/mt/99399239/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105905+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105905+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191352; cv=none; d=zohomail.com; s=zohoarc; b=I7jfw/Qdkad8ZM6Gi87MBkHrL18Jix7bb8rou1YyVqWqNHKzTacpxcr5DRDm/lC8gByzMQsuiICpNiOZA77/qqnjsY62zyWLAe2p3ok0ZgniMZOU4xFx7hz8sutK9aK1jo415lK/CbVpWgTP2XpeOyqTc22+jR+x/Zd9bt/N768= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191352; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=F8N7UHcCEcISupJ/Ul9DIwSJNXVvC/FAkej9+8ai0gQ=; b=VD7HCdh0aTKmriYkwGkomfZvWolozNtOdjKN42fx6bqHMtU9gNIjZvpOIg5ErmkeqmDyN86fr/5Fp+08FOpVSyjVbjFo97rkUL0uvIZBPSnrjTlZmmymPLUHZb8AEZCrw3N45BueTCJ/toJU3ARJ+X6Gp+kvr7Js1bJ+uFjee/w= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105905+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1686191352166265.77987609778734; Wed, 7 Jun 2023 19:29:12 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id foHlYY1788612xYLCuN1aQrI; Wed, 07 Jun 2023 19:29:11 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.386.1686191344244208222 for ; Wed, 07 Jun 2023 19:29:11 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184439" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184439" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:29:10 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877933" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877933" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:29:09 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V5 12/14] UefiCpuPkg: Sort mProtectionMemRange when ReadyToLock Date: Thu, 8 Jun 2023 10:27:40 +0800 Message-Id: <20230608022742.1292-13-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: sUW0XbX4KPs4m3E2jc3G3tdox1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191351; bh=fkYnlcBS8HNGnCildyr0/cVWeS1Oo/2bv17ojgy6Jms=; h=Cc:Date:From:Reply-To:Subject:To; b=d4RTYqhvvKg5YjMiGoD/1jWXX4qVbL9w/6rN9CgUIn5mNnK7iPjEamB4vHv6yrIFCIW FFiBnD5v12u+QJKjGsTneQKY21041/xxhoYcZOAY7Js6pwXEL3oLh/el4f4BU0E2D/Y5I aTh3DB0sWA0p32hex/s/N9OM4eFHPcL4wHc= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191352978100015 Content-Type: text/plain; charset="utf-8" Sort mProtectionMemRange in InitProtectedMemRange() when ReadyToLock. Signed-off-by: Dun Tan Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Reviewed-by: Ray Ni --- UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 32 ++++++++++++++++++++++++++++++= ++ 1 file changed, 32 insertions(+) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c b/UefiCpuPkg/PiSmmCpuDx= eSmm/SmmProfile.c index 5625ba0cac..2a1f132b29 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c @@ -375,6 +375,32 @@ IsAddressSplit ( return FALSE; } =20 +/** + Function to compare 2 MEMORY_PROTECTION_RANGE based on range base. + + @param[in] Buffer1 pointer to Device Path poiner to compare + @param[in] Buffer2 pointer to second DevicePath pointer to co= mpare + + @retval 0 Buffer1 equal to Buffer2 + @retval <0 Buffer1 is less than Buffer2 + @retval >0 Buffer1 is greater than Buffer2 +**/ +INTN +EFIAPI +ProtectionRangeCompare ( + IN CONST VOID *Buffer1, + IN CONST VOID *Buffer2 + ) +{ + if (((MEMORY_PROTECTION_RANGE *)Buffer1)->Range.Base > ((MEMORY_PROTECTI= ON_RANGE *)Buffer2)->Range.Base) { + return 1; + } else if (((MEMORY_PROTECTION_RANGE *)Buffer1)->Range.Base < ((MEMORY_P= ROTECTION_RANGE *)Buffer2)->Range.Base) { + return -1; + } + + return 0; +} + /** Initialize the protected memory ranges and the 4KB-page mapped memory ra= nges. =20 @@ -397,6 +423,7 @@ InitProtectedMemRange ( EFI_PHYSICAL_ADDRESS Base2MBAlignedAddress; UINT64 High4KBPageSize; UINT64 Low4KBPageSize; + MEMORY_PROTECTION_RANGE MemProtectionRange; =20 NumberOfDescriptors =3D 0; NumberOfAddedDescriptors =3D mSmmCpuSmramRangeCount; @@ -533,6 +560,11 @@ InitProtectedMemRange ( =20 mSplitMemRangeCount =3D NumberOfSpliteRange; =20 + // + // Sort the mProtectionMemRange + // + QuickSort (mProtectionMemRange, mProtectionMemRangeCount, sizeof (MEMORY= _PROTECTION_RANGE), (BASE_SORT_COMPARE)ProtectionRangeCompare, &MemProtecti= onRange); + DEBUG ((DEBUG_INFO, "SMM Profile Memory Ranges:\n")); for (Index =3D 0; Index < mProtectionMemRangeCount; Index++) { DEBUG ((DEBUG_INFO, "mProtectionMemRange[%d].Base =3D %lx\n", Index, m= ProtectionMemRange[Index].Range.Base)); --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105905): https://edk2.groups.io/g/devel/message/105905 Mute This Topic: https://groups.io/mt/99399240/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105906+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105906+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191354; cv=none; d=zohomail.com; s=zohoarc; b=hY+/IIPsvbn6s8557aby1ZGSAJwLdF2yjui4GJUTzShFcNxJIf8OYZoU2B6jrW0ON43T6iTquW8HmzUuAW3vK9Hw7CnWFN1wV5vqyhwtrFZw8/LT0hn4MW1TDjXMLXYCZYwzSXd8/Y8oo9gbJzkVF8zwloDj8dM6JdPWcB1F/RE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191354; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=jSH3OEu+oCNk2ngh7jOUWudTdFjkEeVt49luqez7ysc=; b=FiHVxAwkXGIklVUwR3UlghOoekTonKKlZCIS0BP5p9/9FvKXH8X/csbl0OQY96EZJDDFGtAnVj9NvH0Lhm/cj9UK3TvEnihn0RakGZwqAkBOmXTSZTcxUB7EUnoaSYSu4kECtHcPCBK//gfyTpMnZomp77SUpRfpaEgehVS/Efo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105906+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1686191354901167.0070324115335; Wed, 7 Jun 2023 19:29:14 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 6wyoYY1788612xLrV6uVoNqX; Wed, 07 Jun 2023 19:29:14 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.386.1686191344244208222 for ; Wed, 07 Jun 2023 19:29:13 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184458" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184458" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:29:13 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877959" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877959" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:29:11 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V5 13/14] UefiCpuPkg: Refinement to smm runtime InitPaging() code Date: Thu, 8 Jun 2023 10:27:41 +0800 Message-Id: <20230608022742.1292-14-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: 4rTLhbCC7lRiV4UNU9AMZTsdx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191354; bh=C85+Vnrk1/ELbhOW7F8yu1j41Mhnc11IeR8gdVHAhsE=; h=Cc:Date:From:Reply-To:Subject:To; b=vlrIiKCtpQmjYlzJlwnot/bndNnkQdzhl3neoyVg/qfMkU256Z1pxoRQwFUHDV66o8l mUT3OBIvcZW5jp1AiE1dziFYb5ZLLAqzGasqInvgoCkxfCW9jJvl8QqDLovR8UTft2Ugg lxVe/0qUExxYBty+GfRGT1raT6UCraoq6v0= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191355309100001 Content-Type: text/plain; charset="utf-8" This commit is code refinement to current smm runtime InitPaging() page table update code. In InitPaging(), if PcdCpuSmmProfileEnable is TRUE, use ConvertMemoryPageAttributes() API to map the range in mProtectionMemRange to the attrbute recorded in the attribute field of mProtectionMemRange, map the range outside mProtectionMemRange as non-present. If PcdCpuSmmProfileEnable is FALSE, only need to set the ranges not in mSmmCpuSmramRanges as NX. Signed-off-by: Dun Tan Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann Reviewed-by: Ray Ni --- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 37 +++++++++++++++++++++++++= ++++++++++++ UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 293 +++++++++++++++++++++++++= +++++++++++++++++++++++++++++++++++++++------------------------------------= ---------------------------------------------------------------------------= ---------------------------------------------------------------------------= ------------------------------------------- 2 files changed, 101 insertions(+), 229 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index 5399659bc0..12ad86028e 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -725,6 +725,43 @@ SmmBlockingStartupThisAp ( IN OUT VOID *ProcArguments OPTIONAL ); =20 +/** + This function modifies the page attributes for the memory region specifi= ed by BaseAddress and + Length from their current attributes to the attributes specified by Attr= ibutes. + + Caller should make sure BaseAddress and Length is at page boundary. + + @param[in] PageTableBase The page table base. + @param[in] BaseAddress The physical address that is the start add= ress of a memory region. + @param[in] Length The size in bytes of the memory region. + @param[in] Attributes The bit mask of attributes to modify for t= he memory region. + @param[in] IsSet TRUE means to set attributes. FALSE means = to clear attributes. + @param[out] IsModified TRUE means page table modified. FALSE mean= s page table not modified. + + @retval RETURN_SUCCESS The attributes were modified for the me= mory region. + @retval RETURN_ACCESS_DENIED The attributes for the memory resource = range specified by + BaseAddress and Length cannot be modifi= ed. + @retval RETURN_INVALID_PARAMETER Length is zero. + Attributes specified an illegal combina= tion of attributes that + cannot be set together. + @retval RETURN_OUT_OF_RESOURCES There are not enough system resources t= o modify the attributes of + the memory resource range. + @retval RETURN_UNSUPPORTED The processor does not support one or m= ore bytes of the memory + resource range specified by BaseAddress= and Length. + The bit mask of attributes is not suppo= rt for the memory resource + range specified by BaseAddress and Leng= th. +**/ +RETURN_STATUS +ConvertMemoryPageAttributes ( + IN UINTN PageTableBase, + IN PAGING_MODE PagingMode, + IN PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 Attributes, + IN BOOLEAN IsSet, + OUT BOOLEAN *IsModified OPTIONAL + ); + /** This function sets the attributes for the memory region specified by Bas= eAddress and Length from their current attributes to the attributes specified by Attr= ibutes. diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c b/UefiCpuPkg/PiSmmCpuDx= eSmm/SmmProfile.c index 2a1f132b29..ab6b79ddf4 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c @@ -586,254 +586,89 @@ InitPaging ( VOID ) { - UINT64 Pml5Entry; - UINT64 Pml4Entry; - UINT64 *Pml5; - UINT64 *Pml4; - UINT64 *Pdpt; - UINT64 *Pd; - UINT64 *Pt; - UINTN Address; - UINTN Pml5Index; - UINTN Pml4Index; - UINTN PdptIndex; - UINTN PdIndex; - UINTN PtIndex; - UINTN NumberOfPdptEntries; - UINTN NumberOfPml4Entries; - UINTN NumberOfPml5Entries; - UINTN SizeOfMemorySpace; - BOOLEAN Nx; - IA32_CR4 Cr4; - BOOLEAN Enable5LevelPaging; - BOOLEAN WpEnabled; - BOOLEAN CetEnabled; - - Cr4.UintN =3D AsmReadCr4 (); - Enable5LevelPaging =3D (BOOLEAN)(Cr4.Bits.LA57 =3D=3D 1); - - if (sizeof (UINTN) =3D=3D sizeof (UINT64)) { - if (!Enable5LevelPaging) { - Pml5Entry =3D (UINTN)mSmmProfileCr3 | IA32_PG_P; - Pml5 =3D &Pml5Entry; - } else { - Pml5 =3D (UINT64 *)(UINTN)mSmmProfileCr3; - } - - SizeOfMemorySpace =3D HighBitSet64 (gPhyMask) + 1; - ASSERT (SizeOfMemorySpace <=3D 52); - - // - // Calculate the table entries of PML5E, PML4E and PDPTE. - // - NumberOfPml5Entries =3D 1; - if (SizeOfMemorySpace > 48) { - if (Enable5LevelPaging) { - NumberOfPml5Entries =3D (UINTN)LShiftU64 (1, SizeOfMemorySpace - 4= 8); - } - - SizeOfMemorySpace =3D 48; - } - - NumberOfPml4Entries =3D 1; - if (SizeOfMemorySpace > 39) { - NumberOfPml4Entries =3D (UINTN)LShiftU64 (1, SizeOfMemorySpace - 39); - SizeOfMemorySpace =3D 39; - } - - NumberOfPdptEntries =3D 1; - ASSERT (SizeOfMemorySpace > 30); - NumberOfPdptEntries =3D (UINTN)LShiftU64 (1, SizeOfMemorySpace - 30); + RETURN_STATUS Status; + UINTN Index; + UINTN PageTable; + UINT64 Base; + UINT64 Length; + UINT64 Limit; + UINT64 PreviousAddress; + UINT64 MemoryAttrMask; + BOOLEAN WpEnabled; + BOOLEAN CetEnabled; + + PageTable =3D AsmReadCr3 (); + if (sizeof (UINTN) =3D=3D sizeof (UINT32)) { + Limit =3D BASE_4GB; } else { - Pml4Entry =3D (UINTN)mSmmProfileCr3 | IA32_PG_P; - Pml4 =3D &Pml4Entry; - Pml5Entry =3D (UINTN)Pml4 | IA32_PG_P; - Pml5 =3D &Pml5Entry; - NumberOfPml5Entries =3D 1; - NumberOfPml4Entries =3D 1; - NumberOfPdptEntries =3D 4; + Limit =3D (IsRestrictedMemoryAccess ()) ? LShiftU64 (1, mPhysicalAddre= ssBits) : BASE_4GB; } =20 DisableReadOnlyPageWriteProtect (&WpEnabled, &CetEnabled); // - // Go through page table and change 2MB-page into 4KB-page. + // [0, 4k] may be non-present. // - for (Pml5Index =3D 0; Pml5Index < NumberOfPml5Entries; Pml5Index++) { - if ((Pml5[Pml5Index] & IA32_PG_P) =3D=3D 0) { - // - // If PML5 entry does not exist, skip it - // - continue; - } + PreviousAddress =3D ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BI= T1) !=3D 0) ? BASE_4KB : 0; =20 - Pml4 =3D (UINT64 *)(UINTN)(Pml5[Pml5Index] & PHYSICAL_ADDRESS_MASK); - for (Pml4Index =3D 0; Pml4Index < NumberOfPml4Entries; Pml4Index++) { - if ((Pml4[Pml4Index] & IA32_PG_P) =3D=3D 0) { - // - // If PML4 entry does not exist, skip it - // - continue; + DEBUG ((DEBUG_INFO, "Patch page table start ...\n")); + if (FeaturePcdGet (PcdCpuSmmProfileEnable)) { + for (Index =3D 0; Index < mProtectionMemRangeCount; Index++) { + MemoryAttrMask =3D 0; + if (mProtectionMemRange[Index].Nx =3D=3D TRUE) { + MemoryAttrMask |=3D EFI_MEMORY_XP; } =20 - Pdpt =3D (UINT64 *)(UINTN)(Pml4[Pml4Index] & ~mAddressEncMask & PHYS= ICAL_ADDRESS_MASK); - for (PdptIndex =3D 0; PdptIndex < NumberOfPdptEntries; PdptIndex++, = Pdpt++) { - if ((*Pdpt & IA32_PG_P) =3D=3D 0) { - // - // If PDPT entry does not exist, skip it - // - continue; - } - - if ((*Pdpt & IA32_PG_PS) !=3D 0) { - // - // This is 1G entry, skip it - // - continue; - } - - Pd =3D (UINT64 *)(UINTN)(*Pdpt & ~mAddressEncMask & PHYSICAL_ADDRE= SS_MASK); - if (Pd =3D=3D 0) { - continue; - } - - for (PdIndex =3D 0; PdIndex < SIZE_4KB / sizeof (*Pd); PdIndex++, = Pd++) { - if ((*Pd & IA32_PG_P) =3D=3D 0) { - // - // If PD entry does not exist, skip it - // - continue; - } - - Address =3D (UINTN)LShiftU64 ( - LShiftU64 ( - LShiftU64 ((Pml5Index << 9) + Pml4Index, 9)= + PdptIndex, - 9 - ) + PdIndex, - 21 - ); - - // - // If it is 2M page, check IsAddressSplit() - // - if (((*Pd & IA32_PG_PS) !=3D 0) && IsAddressSplit (Address)) { - // - // Based on current page table, create 4KB page table for spli= t area. - // - ASSERT (Address =3D=3D (*Pd & PHYSICAL_ADDRESS_MASK)); - - Pt =3D AllocatePageTableMemory (1); - ASSERT (Pt !=3D NULL); + if (mProtectionMemRange[Index].Present =3D=3D FALSE) { + MemoryAttrMask =3D EFI_MEMORY_RP; + } =20 - // Split it - for (PtIndex =3D 0; PtIndex < SIZE_4KB / sizeof (*Pt); PtIndex= ++) { - Pt[PtIndex] =3D Address + ((PtIndex << 12) | mAddressEncMask= | PAGE_ATTRIBUTE_BITS); - } // end for PT + Base =3D mProtectionMemRange[Index].Range.Base; + Length =3D mProtectionMemRange[Index].Range.Top - Base; + if (MemoryAttrMask !=3D 0) { + Status =3D ConvertMemoryPageAttributes (PageTable, mPagingMode, Ba= se, Length, MemoryAttrMask, TRUE, NULL); + ASSERT_RETURN_ERROR (Status); + } =20 - *Pd =3D (UINT64)(UINTN)Pt | mAddressEncMask | PAGE_ATTRIBUTE_B= ITS; - } // end if IsAddressSplit - } // end for PD - } // end for PDPT - } // end for PML4 - } // end for PML5 + if (Base > PreviousAddress) { + // + // Mark the ranges not in mProtectionMemRange as non-present. + // + MemoryAttrMask =3D EFI_MEMORY_RP; + Status =3D ConvertMemoryPageAttributes (PageTable, mPaging= Mode, PreviousAddress, Base - PreviousAddress, MemoryAttrMask, TRUE, NULL); + ASSERT_RETURN_ERROR (Status); + } =20 - // - // Go through page table and set several page table entries to absent or= execute-disable. - // - DEBUG ((DEBUG_INFO, "Patch page table start ...\n")); - for (Pml5Index =3D 0; Pml5Index < NumberOfPml5Entries; Pml5Index++) { - if ((Pml5[Pml5Index] & IA32_PG_P) =3D=3D 0) { - // - // If PML5 entry does not exist, skip it - // - continue; + PreviousAddress =3D Base + Length; } =20 - Pml4 =3D (UINT64 *)(UINTN)(Pml5[Pml5Index] & PHYSICAL_ADDRESS_MASK); - for (Pml4Index =3D 0; Pml4Index < NumberOfPml4Entries; Pml4Index++) { - if ((Pml4[Pml4Index] & IA32_PG_P) =3D=3D 0) { + // + // This assignment is for setting the last remaining range + // + MemoryAttrMask =3D EFI_MEMORY_RP; + } else { + MemoryAttrMask =3D EFI_MEMORY_XP; + for (Index =3D 0; Index < mSmmCpuSmramRangeCount; Index++) { + Base =3D mSmmCpuSmramRanges[Index].CpuStart; + if (Base > PreviousAddress) { // - // If PML4 entry does not exist, skip it + // Mark the ranges not in mSmmCpuSmramRanges as NX. // - continue; + Status =3D ConvertMemoryPageAttributes (PageTable, mPagingMode, Pr= eviousAddress, Base - PreviousAddress, MemoryAttrMask, TRUE, NULL); + ASSERT_RETURN_ERROR (Status); } =20 - Pdpt =3D (UINT64 *)(UINTN)(Pml4[Pml4Index] & ~mAddressEncMask & PHYS= ICAL_ADDRESS_MASK); - for (PdptIndex =3D 0; PdptIndex < NumberOfPdptEntries; PdptIndex++, = Pdpt++) { - if ((*Pdpt & IA32_PG_P) =3D=3D 0) { - // - // If PDPT entry does not exist, skip it - // - continue; - } - - if ((*Pdpt & IA32_PG_PS) !=3D 0) { - // - // This is 1G entry, set NX bit and skip it - // - if (mXdSupported) { - *Pdpt =3D *Pdpt | IA32_PG_NX; - } - - continue; - } - - Pd =3D (UINT64 *)(UINTN)(*Pdpt & ~mAddressEncMask & PHYSICAL_ADDRE= SS_MASK); - if (Pd =3D=3D 0) { - continue; - } + PreviousAddress =3D mSmmCpuSmramRanges[Index].CpuStart + mSmmCpuSmra= mRanges[Index].PhysicalSize; + } + } =20 - for (PdIndex =3D 0; PdIndex < SIZE_4KB / sizeof (*Pd); PdIndex++, = Pd++) { - if ((*Pd & IA32_PG_P) =3D=3D 0) { - // - // If PD entry does not exist, skip it - // - continue; - } - - Address =3D (UINTN)LShiftU64 ( - LShiftU64 ( - LShiftU64 ((Pml5Index << 9) + Pml4Index, 9)= + PdptIndex, - 9 - ) + PdIndex, - 21 - ); - - if ((*Pd & IA32_PG_PS) !=3D 0) { - // 2MB page - - if (!IsAddressValid (Address, &Nx)) { - // - // Patch to remove Present flag and RW flag - // - *Pd =3D *Pd & (INTN)(INT32)(~PAGE_ATTRIBUTE_BITS); - } - - if (Nx && mXdSupported) { - *Pd =3D *Pd | IA32_PG_NX; - } - } else { - // 4KB page - Pt =3D (UINT64 *)(UINTN)(*Pd & ~mAddressEncMask & PHYSICAL_ADD= RESS_MASK); - if (Pt =3D=3D 0) { - continue; - } - - for (PtIndex =3D 0; PtIndex < SIZE_4KB / sizeof (*Pt); PtIndex= ++, Pt++) { - if (!IsAddressValid (Address, &Nx)) { - *Pt =3D *Pt & (INTN)(INT32)(~PAGE_ATTRIBUTE_BITS); - } - - if (Nx && mXdSupported) { - *Pt =3D *Pt | IA32_PG_NX; - } - - Address +=3D SIZE_4KB; - } // end for PT - } // end if PS - } // end for PD - } // end for PDPT - } // end for PML4 - } // end for PML5 + if (PreviousAddress < Limit) { + // + // Set the last remaining range to EFI_MEMORY_RP/EFI_MEMORY_XP. + // This path applies to both SmmProfile enable/disable case. + // + Status =3D ConvertMemoryPageAttributes (PageTable, mPagingMode, Previo= usAddress, Limit - PreviousAddress, MemoryAttrMask, TRUE, NULL); + ASSERT_RETURN_ERROR (Status); + } =20 EnableReadOnlyPageWriteProtect (WpEnabled, CetEnabled); =20 --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105906): https://edk2.groups.io/g/devel/message/105906 Mute This Topic: https://groups.io/mt/99399241/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+105907+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105907+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1686191357; cv=none; d=zohomail.com; s=zohoarc; b=TlAgyTgBLWRvNbB3nnsjhHiWV8wyDaGRVXiFcleZ2hDHdbgQeqjRjPlrCP3T3zUMqBZdrz4mVFvVg/p4LRI2Tl5EhzO3EdC2p011lvJwXI8o2Eo+amNgWYHpVIVmvYGpwWJxonpfoM2khURk+QHNTs42a/zqma++TP1WRGMZdWE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686191357; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=c/6cvoG2sINxshSjVaEWMgkcxJwyJH/jgdc1IJ5gAw8=; b=QZYzPvCqKKDU96Mf+TR/xdgnR7dl4XEe1X/o9NYy52OUJDLRBWi67ZbBwLT1hcajFU8QhvQIHhof3yS+z19C7j6YQDr1X9vcYHjZf9rnw4NVSW4+SmRn0oBtND9g6dgYm0wS7+IwpgkusVoBKGz3Cb0rl3dnHDaE2Aco+rFCgp8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+105907+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1686191357346390.68884058928563; Wed, 7 Jun 2023 19:29:17 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id idB3YY1788612xD3tgCuFbkX; Wed, 07 Jun 2023 19:29:17 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.386.1686191344244208222 for ; Wed, 07 Jun 2023 19:29:16 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="357184479" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="357184479" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:29:15 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="774877968" X-IronPort-AV: E=Sophos;i="6.00,225,1681196400"; d="scan'208";a="774877968" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 19:29:14 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V5 14/14] UefiCpuPkg/PiSmmCpuDxeSmm: Remove unnecessary function Date: Thu, 8 Jun 2023 10:27:42 +0800 Message-Id: <20230608022742.1292-15-dun.tan@intel.com> In-Reply-To: <20230608022742.1292-1-dun.tan@intel.com> References: <20230608022742.1292-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: guZo6JZXM8e8gJ2ssCKteXU9x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1686191357; bh=QHnD0v6dJDmyl8J/cAjqoRjEb2t4l01eDFrgrt0gVWs=; h=Cc:Date:From:Reply-To:Subject:To; b=mV0daEW7z1r3MJA+rhQRUDA1Dcla84pL5FgcX5cc7CBBATpdHlcNJLQQGORwcfll+RN cU/LVaKdVfqbaf867KyssSPc4n252h8WA0CjChFuaPcF5PZWvohURr368k4oBUT5gwZEs 2s/rij4pFLWSTtBEjkECz+yw98cyZpZaC+k= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1686191359023100002 Content-Type: text/plain; charset="utf-8" Remove unnecessary function SetNotPresentPage(). We can directly use ConvertMemoryPageAttributes to set a range to non-present. Signed-off-by: Dun Tan Cc: Eric Dong Reviewed-by: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann --- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 8 ++++++-- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 16 ---------------- UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 22 ------------------= ---- 3 files changed, 6 insertions(+), 40 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.c index 2568ffd677..c2452e6a29 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c @@ -1074,10 +1074,14 @@ PiCpuSmmEntry ( mSmmShadowStackSize ); if (FeaturePcdGet (PcdCpuSmmStackGuard)) { - SetNotPresentPage ( + ConvertMemoryPageAttributes ( Cr3, + mPagingMode, (EFI_PHYSICAL_ADDRESS)(UINTN)Stacks + mSmmStackSize + EFI_PAGES_= TO_SIZE (1) + (mSmmStackSize + mSmmShadowStackSize) * Index, - EFI_PAGES_TO_SIZE (1) + EFI_PAGES_TO_SIZE (1), + EFI_MEMORY_RP, + TRUE, + NULL ); } } diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index 12ad86028e..0dc4d758cc 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -1247,22 +1247,6 @@ SetShadowStack ( IN UINT64 Length ); =20 -/** - Set not present memory. - - @param[in] Cr3 The page table base address. - @param[in] BaseAddress The physical address that is the start addr= ess of a memory region. - @param[in] Length The size in bytes of the memory region. - - @retval EFI_SUCCESS The not present memory is set. -**/ -EFI_STATUS -SetNotPresentPage ( - IN UINTN Cr3, - IN EFI_PHYSICAL_ADDRESS BaseAddress, - IN UINT64 Length - ); - /** Initialize the shadow stack related data structure. =20 diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c b/UefiCpuPk= g/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c index 4e93d26eb4..ab502b800b 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c @@ -768,28 +768,6 @@ SetShadowStack ( return Status; } =20 -/** - Set not present memory. - - @param[in] Cr3 The page table base address. - @param[in] BaseAddress The physical address that is the start addr= ess of a memory region. - @param[in] Length The size in bytes of the memory region. - - @retval EFI_SUCCESS The not present memory is set. -**/ -EFI_STATUS -SetNotPresentPage ( - IN UINTN Cr3, - IN EFI_PHYSICAL_ADDRESS BaseAddress, - IN UINT64 Length - ) -{ - EFI_STATUS Status; - - Status =3D SmmSetMemoryAttributesEx (Cr3, mPagingMode, BaseAddress, Leng= th, EFI_MEMORY_RP); - return Status; -} - /** Retrieves a pointer to the system configuration table from the SMM Syste= m Table based on a specified GUID. --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105907): https://edk2.groups.io/g/devel/message/105907 Mute This Topic: https://groups.io/mt/99399244/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-