From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 151758240679824.358798933225785; Fri, 2 Feb 2018 06:40:06 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id AFFBA22393654; Fri, 2 Feb 2018 06:34:25 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 6EA7D2215BD97 for ; Fri, 2 Feb 2018 06:34:24 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 74200765D5; Fri, 2 Feb 2018 14:40:02 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id 60A586A94B; Fri, 2 Feb 2018 14:40:00 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:41 +0100 Message-Id: <20180202143954.7357-2-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Fri, 02 Feb 2018 14:40:02 +0000 (UTC) Subject: [edk2] [PATCH 01/14] MdePkg/BaseLib.h: state preprocessing conditions in comments after #endifs X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ruiyu Ni , Eric Dong , Ard Biesheuvel , Liming Gao , Jiewen Yao , Leif Lindholm , Michael D Kinney MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" "#endif" preprocessing directives near the top of "BaseLib.h" helpfully repeat the preprocessing conditions from their matching "#if", "#ifdef", and "#ifndef" directives. This practice has been less followed recently; supplement the missing comments. Cc: Ard Biesheuvel Cc: Eric Dong Cc: Jiewen Yao Cc: Leif Lindholm Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- MdePkg/Include/Library/BaseLib.h | 24 +++++++++----------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/Base= Lib.h index 39573db0c8da..e4455e71d5c3 100644 --- a/MdePkg/Include/Library/BaseLib.h +++ b/MdePkg/Include/Library/BaseLib.h @@ -1119,7 +1119,7 @@ StrnCpy ( IN CONST CHAR16 *Source, IN UINTN Length ); -#endif +#endif // !defined (DISABLE_NEW_DEPRECATED_INTERFACES) =20 /** Returns the length of a Null-terminated Unicode string. @@ -1338,7 +1338,7 @@ StrnCat ( IN CONST CHAR16 *Source, IN UINTN Length ); -#endif +#endif // !defined (DISABLE_NEW_DEPRECATED_INTERFACES) =20 /** Returns the first occurrence of a Null-terminated Unicode sub-string @@ -1811,7 +1811,7 @@ UnicodeStrToAsciiStr ( OUT CHAR8 *Destination ); =20 -#endif +#endif // !defined (DISABLE_NEW_DEPRECATED_INTERFACES) =20 /** Convert a Null-terminated Unicode string to a Null-terminated @@ -1985,7 +1985,7 @@ AsciiStrnCpy ( IN CONST CHAR8 *Source, IN UINTN Length ); -#endif +#endif // !defined (DISABLE_NEW_DEPRECATED_INTERFACES) =20 /** Returns the length of a Null-terminated ASCII string. @@ -2229,7 +2229,7 @@ AsciiStrnCat ( IN CONST CHAR8 *Source, IN UINTN Length ); -#endif +#endif // !defined (DISABLE_NEW_DEPRECATED_INTERFACES) =20 /** Returns the first occurrence of a Null-terminated ASCII sub-string @@ -2670,7 +2670,7 @@ AsciiStrToUnicodeStr ( OUT CHAR16 *Destination ); =20 -#endif +#endif // !defined (DISABLE_NEW_DEPRECATED_INTERFACES) =20 /** Convert one Null-terminated ASCII string to a Null-terminated @@ -6495,7 +6495,7 @@ AsmPalCall ( IN UINT64 Arg3, IN UINT64 Arg4 ); -#endif +#endif // defined (MDE_CPU_IPF) =20 #if defined (MDE_CPU_IA32) || defined (MDE_CPU_X64) /// @@ -6730,7 +6730,7 @@ typedef union { } IA32_TSS_DESCRIPTOR; #pragma pack () =20 -#endif +#endif // defined (MDE_CPU_IA32) =20 #if defined (MDE_CPU_X64) /// @@ -6792,7 +6792,7 @@ typedef union { } IA32_TSS_DESCRIPTOR; #pragma pack () =20 -#endif +#endif // defined (MDE_CPU_X64) =20 /// /// Byte packed structure for an FP/SSE/SSE2 context. @@ -9068,7 +9068,5 @@ AsmWriteTr ( IN UINT16 Selector ); =20 -#endif -#endif - - +#endif // defined (MDE_CPU_IA32) || defined (MDE_CPU_X64) +#endif // !defined (__BASE_LIB__) --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1517582409339636.2352726291908; Fri, 2 Feb 2018 06:40:09 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 223592239364B; Fri, 2 Feb 2018 06:34:29 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 54CE62239364B for ; Fri, 2 Feb 2018 06:34:27 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4FA51C03674E; Fri, 2 Feb 2018 14:40:05 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id CBD3E6764F; Fri, 2 Feb 2018 14:40:02 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:42 +0100 Message-Id: <20180202143954.7357-3-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Fri, 02 Feb 2018 14:40:05 +0000 (UTC) Subject: [edk2] [PATCH 02/14] MdePkg/BaseLib: add PatchInstructionX86() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ruiyu Ni , Eric Dong , Ard Biesheuvel , Liming Gao , Jiewen Yao , Leif Lindholm , Michael D Kinney MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Some edk2 modules generate X86 machine code at module execution time by: - compiling "template" code with NASM at module build time, - linking the object code into the module, - and patching the immediate (constant) operands of some instructions when the module is executed. Add a helper function to BaseLib so that the C code performing the patching is easier to read and maintain. The implementation in this patch is taken mainly from Mike Kinney's mailing list message at . Cc: Ard Biesheuvel Cc: Eric Dong Cc: Jiewen Yao Cc: Leif Lindholm Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- MdePkg/Library/BaseLib/BaseLib.inf | 2 + MdePkg/Include/Library/BaseLib.h | 42 +++++++++ MdePkg/Library/BaseLib/X86PatchInstruction.c | 89 ++++++++++++++++++++ 3 files changed, 133 insertions(+) diff --git a/MdePkg/Library/BaseLib/BaseLib.inf b/MdePkg/Library/BaseLib/Ba= seLib.inf index fbfb0063b75f..4353e242f458 100644 --- a/MdePkg/Library/BaseLib/BaseLib.inf +++ b/MdePkg/Library/BaseLib/BaseLib.inf @@ -431,6 +431,7 @@ [Sources.Ia32] X86DisablePaging64.c X86DisablePaging32.c X86RdRand.c + X86PatchInstruction.c =20 [Sources.X64] X64/Thunk16.nasm @@ -757,6 +758,7 @@ [Sources.X64] X86DisablePaging64.c X86DisablePaging32.c X86RdRand.c + X86PatchInstruction.c X64/GccInline.c | GCC X64/Thunk16.S | XCODE=20 X64/SwitchStack.nasm| GCC diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/Base= Lib.h index e4455e71d5c3..0dcb394c9280 100644 --- a/MdePkg/Include/Library/BaseLib.h +++ b/MdePkg/Include/Library/BaseLib.h @@ -9068,5 +9068,47 @@ AsmWriteTr ( IN UINT16 Selector ); =20 +/** + Patch the immediate operand of an IA32 or X64 instruction such that the = byte, + word, dword or qword operand is encoded at the end of the instruction's + binary representation. + + This function should be used to update object code that was compiled with + NASM from assembly source code. Example: + + NASM source code: + + mov eax, strict dword 0 ; the imm32 zero operand will be patch= ed + ASM_PFX(gPatchCr3): + mov cr3, eax + + C source code: + + extern UINT8 gPatchCr3; + PatchInstructionX86 (&gPatchCr3, AsmReadCr3 (), 4); + + @param[out] InstructionEnd Pointer to the byte one past the instruction= to + patch. The immediate operand to patch is exp= ected + to comprise the trailing bytes of the + instruction. If InstructionEnd is closer to + address 0 than ValueSize permits, then ASSER= T(). + + @param[in] PatchValue The constant to write to the immediate opera= nd. + The caller is responsible for ensuring that + PatchValue can be represented in the byte, w= ord, + dword or qword operand (as indicated through + ValueSize); otherwise ASSERT(). + + @param[in] ValueSize The size of the operand in bytes; must be 1,= 2, + 4, or 8. ASSERT() otherwise. +**/ +VOID +EFIAPI +PatchInstructionX86 ( + OUT VOID *InstructionEnd, + IN UINT64 PatchValue, + IN UINTN ValueSize + ); + #endif // defined (MDE_CPU_IA32) || defined (MDE_CPU_X64) #endif // !defined (__BASE_LIB__) diff --git a/MdePkg/Library/BaseLib/X86PatchInstruction.c b/MdePkg/Library/= BaseLib/X86PatchInstruction.c new file mode 100644 index 000000000000..82c86244c9c0 --- /dev/null +++ b/MdePkg/Library/BaseLib/X86PatchInstruction.c @@ -0,0 +1,89 @@ +/** @file + IA-32/x64 PatchInstructionX86() + + Copyright (C) 2018, Intel Corporation. All rights reserved.
+ Copyright (C) 2018, Red Hat, Inc. + + This program and the accompanying materials are licensed and made availa= ble + under the terms and conditions of the BSD License which accompanies this + distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php. + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WI= THOUT + WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +**/ + +#include "BaseLibInternals.h" + +/** + Patch the immediate operand of an IA32 or X64 instruction such that the = byte, + word, dword or qword operand is encoded at the end of the instruction's + binary representation. + + This function should be used to update object code that was compiled with + NASM from assembly source code. Example: + + NASM source code: + + mov eax, strict dword 0 ; the imm32 zero operand will be patch= ed + ASM_PFX(gPatchCr3): + mov cr3, eax + + C source code: + + extern UINT8 gPatchCr3; + PatchInstructionX86 (&gPatchCr3, AsmReadCr3 (), 4); + + @param[out] InstructionEnd Pointer to the byte one past the instruction= to + patch. The immediate operand to patch is exp= ected + to comprise the trailing bytes of the + instruction. If InstructionEnd is closer to + address 0 than ValueSize permits, then ASSER= T(). + + @param[in] PatchValue The constant to write to the immediate opera= nd. + The caller is responsible for ensuring that + PatchValue can be represented in the byte, w= ord, + dword or qword operand (as indicated through + ValueSize); otherwise ASSERT(). + + @param[in] ValueSize The size of the operand in bytes; must be 1,= 2, + 4, or 8. ASSERT() otherwise. +**/ +VOID +EFIAPI +PatchInstructionX86 ( + OUT VOID *InstructionEnd, + IN UINT64 PatchValue, + IN UINTN ValueSize + ) +{ + // + // The equality ((UINTN)InstructionEnd =3D=3D ValueSize) would assume a = zero-size + // instruction at address 0; forbid it. + // + ASSERT ((UINTN)InstructionEnd > ValueSize); + + switch (ValueSize) { + case 1: + ASSERT (PatchValue <=3D MAX_UINT8); + *((UINT8 *)InstructionEnd - 1) =3D (UINT8)PatchValue; + break; + + case 2: + ASSERT (PatchValue <=3D MAX_UINT16); + WriteUnaligned16 ((UINT16 *)InstructionEnd - 1, (UINT16)PatchValue); + break; + + case 4: + ASSERT (PatchValue <=3D MAX_UINT32); + WriteUnaligned32 ((UINT32 *)InstructionEnd - 1, (UINT32)PatchValue); + break; + + case 8: + WriteUnaligned64 ((UINT64 *)InstructionEnd - 1, PatchValue); + break; + + default: + ASSERT (FALSE); + } +} --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1517582413628317.96350626009826; Fri, 2 Feb 2018 06:40:13 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id A32B5223AF815; Fri, 2 Feb 2018 06:34:33 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 9919B2215BD97 for ; Fri, 2 Feb 2018 06:34:31 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9EBA1C036741; Fri, 2 Feb 2018 14:40:09 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id A30FC67676; Fri, 2 Feb 2018 14:40:05 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:43 +0100 Message-Id: <20180202143954.7357-4-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Fri, 02 Feb 2018 14:40:09 +0000 (UTC) Subject: [edk2] [PATCH 03/14] UefiCpuPkg/PiSmmCpuDxeSmm: remove *.S and *.asm assembly files X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Ruiyu Ni , Jiewen Yao , Eric Dong , Liming Gao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" All edk2 toolchains use NASM for compiling X86 assembly source code. We plan to remove X86 *.S and *.asm files globally, in order to reduce maintenance and confusion: http://mid.mail-archive.com/4A89E2EF3DFEDB4C8BFDE51014F606A14E1B9F76@SHSMSX= 104.ccr.corp.intel.com Let's start with UefiCpuPkg/PiSmmCpuDxeSmm: remove the *.S and *.asm dialects (both Ia32 and X64) of the SmmInit, SmiEntry, SmiException and MpFuncs sources. Cc: Eric Dong Cc: Jiewen Yao Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek Reviewed-by: Andrew Fish --- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf | 20 - UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/MpFuncs.S | 165 ----- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/MpFuncs.asm | 168 ----- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.S | 215 ------ UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.asm | 223 ------ UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiException.S | 696 ------------------- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiException.asm | 713 -------------------- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.S | 84 --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.asm | 94 --- UefiCpuPkg/PiSmmCpuDxeSmm/X64/MpFuncs.S | 204 ------ UefiCpuPkg/PiSmmCpuDxeSmm/X64/MpFuncs.asm | 206 ------ UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.S | 243 ------- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.asm | 242 ------- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiException.S | 365 ---------- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiException.asm | 383 ----------- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.S | 141 ---- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.asm | 132 ---- 17 files changed, 4294 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf b/UefiCpuPkg/PiSm= mCpuDxeSmm/PiSmmCpuDxeSmm.inf index e37ac5f84ee1..52d8c550752b 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf @@ -53,42 +53,22 @@ [Sources.Ia32] Ia32/SmmFuncsArch.c Ia32/SmmProfileArch.c Ia32/SmmProfileArch.h - Ia32/SmmInit.asm - Ia32/SmiEntry.asm - Ia32/SmiException.asm - Ia32/MpFuncs.asm - Ia32/SmmInit.nasm Ia32/SmiEntry.nasm Ia32/SmiException.nasm Ia32/MpFuncs.nasm =20 - Ia32/SmmInit.S - Ia32/SmiEntry.S - Ia32/SmiException.S - Ia32/MpFuncs.S - [Sources.X64] X64/Semaphore.c X64/PageTbl.c X64/SmmFuncsArch.c X64/SmmProfileArch.c X64/SmmProfileArch.h - X64/SmmInit.asm - X64/SmiEntry.asm - X64/SmiException.asm - X64/MpFuncs.asm - X64/SmmInit.nasm X64/SmiEntry.nasm X64/SmiException.nasm X64/MpFuncs.nasm =20 - X64/SmmInit.S - X64/SmiEntry.S - X64/SmiException.S - X64/MpFuncs.S - [Packages] MdePkg/MdePkg.dec MdeModulePkg/MdeModulePkg.dec diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/MpFuncs.S b/UefiCpuPkg/PiSmmCpu= DxeSmm/Ia32/MpFuncs.S deleted file mode 100644 index 75aa312a6e8a..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/MpFuncs.S +++ /dev/null @@ -1,165 +0,0 @@ -#-------------------------------------------------------------------------= ----- -# -# Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
-# This program and the accompanying materials -# are licensed and made available under the terms and conditions of the BS= D License -# which accompanies this distribution. The full text of the license may b= e found at -# http://opensource.org/licenses/bsd-license.php. -# -# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -# -# Module Name: -# -# MpFuncs.S -# -# Abstract: -# -# This is the assembly code for Multi-processor S3 support -# -#-------------------------------------------------------------------------= ----- - -.equ VacantFlag, 0x0 -.equ NotVacantFlag, 0xff - -.equ LockLocation, RendezvousFunnelProcEnd - Rendezv= ousFunnelProcStart -.equ StackStart, RendezvousFunnelProcEnd - Rendezv= ousFunnelProcStart + 0x04 -.equ StackSize, RendezvousFunnelProcEnd - Rendezv= ousFunnelProcStart + 0x08 -.equ RendezvousProc, RendezvousFunnelProcEnd - Rendezv= ousFunnelProcStart + 0x0C -.equ GdtrProfile, RendezvousFunnelProcEnd - Rendezv= ousFunnelProcStart + 0x10 -.equ IdtrProfile, RendezvousFunnelProcEnd - Rendezv= ousFunnelProcStart + 0x16 -.equ BufferStart, RendezvousFunnelProcEnd - Rendezv= ousFunnelProcStart + 0x1C - -#-------------------------------------------------------------------------= ------------ -#RendezvousFunnelProc procedure follows. All APs execute their procedure.= This -#procedure serializes all the AP processors through an Init sequence. It m= ust be -#noted that APs arrive here very raw...ie: real mode, no stack. -#ALSO THIS PROCEDURE IS EXECUTED BY APs ONLY ON 16 BIT MODE. HENCE THIS PR= OC -#IS IN MACHINE CODE. -#-------------------------------------------------------------------------= ------------ -#RendezvousFunnelProc (&WakeUpBuffer,MemAddress); - -ASM_GLOBAL ASM_PFX(RendezvousFunnelProc) -ASM_PFX(RendezvousFunnelProc): -RendezvousFunnelProcStart: - -# At this point CS =3D 0x(vv00) and ip=3D 0x0. - - .byte 0x8c,0xc8 # mov ax, cs - .byte 0x8e,0xd8 # mov ds, ax - .byte 0x8e,0xc0 # mov es, ax - .byte 0x8e,0xd0 # mov ss, ax - .byte 0x33,0xc0 # xor ax, ax - .byte 0x8e,0xe0 # mov fs, ax - .byte 0x8e,0xe8 # mov gs, ax - -flat32Start: - - .byte 0xBE - .word BufferStart - .byte 0x66,0x8B,0x14 # mov edx,dword ptr [si] = ; EDX is keeping the start address of wakeup buffer - - .byte 0xBE - .word GdtrProfile - .byte 0x66 # db 66h - .byte 0x2E,0xF,0x1,0x14 # lgdt fword ptr cs:[si] - - .byte 0xBE - .word IdtrProfile - .byte 0x66 # db 66h - .byte 0x2E,0xF,0x1,0x1C # lidt fword ptr cs:[si] - - .byte 0x33,0xC0 # xor ax, ax - .byte 0x8E,0xD8 # mov ds, ax - - .byte 0xF,0x20,0xC0 # mov eax, cr0 = ; Get control register 0 - .byte 0x66,0x83,0xC8,0x1 # or eax, 000000001h = ; Set PE bit (bit #0) - .byte 0xF,0x22,0xC0 # mov cr0, eax - -FLAT32_JUMP: - - .byte 0x66,0x67,0xEA # far jump - .long 0x0 # 32-bit offset - .word 0x20 # 16-bit selector - -PMODE_ENTRY: # protected mode entry point - - movw $0x8,%ax - .byte 0x66 - movw %ax,%ds - .byte 0x66 - movw %ax,%es - .byte 0x66 - movw %ax,%fs - .byte 0x66 - movw %ax,%gs - .byte 0x66 - movw %ax,%ss # Flat mode setup. - - movl %edx,%esi - - movl %esi,%edi - addl $LockLocation, %edi - movb $NotVacantFlag, %al -TestLock: - xchgb (%edi), %al - cmpb $NotVacantFlag, %al - jz TestLock - -ProgramStack: - - movl %esi,%edi - addl $StackSize, %edi - movl (%edi),%eax - movl %esi,%edi - addl $StackStart, %edi - addl (%edi),%eax - movl %eax,%esp - movl %eax,(%edi) - -Releaselock: - - movb $VacantFlag, %al - movl %esi,%edi - addl $LockLocation, %edi - xchgb (%edi), %al - - # - # Call assembly function to initialize FPU. - # - lea ASM_PFX(InitializeFloatingPointUnits), %ebx - call *%ebx - # - # Call C Function - # - movl %esi,%edi - addl $RendezvousProc, %edi - movl (%edi),%eax - - testl %eax,%eax - jz GoToSleep - call *%eax # Call C function - -GoToSleep: - cli - hlt - jmp GoToSleep - -RendezvousFunnelProcEnd: -#-------------------------------------------------------------------------= ------------ -# AsmGetAddressMap (&AddressMap); -#-------------------------------------------------------------------------= ------------ -ASM_GLOBAL ASM_PFX(AsmGetAddressMap) -ASM_PFX(AsmGetAddressMap): - - pushal - movl %esp,%ebp - - movl 0x24(%ebp), %ebx - movl $RendezvousFunnelProcStart, (%ebx) - movl $(PMODE_ENTRY - RendezvousFunnelProcStart), 0x4(%ebx) - movl $(FLAT32_JUMP - RendezvousFunnelProcStart), 0x8(%ebx) - movl $(RendezvousFunnelProcEnd - RendezvousFunnelProcStart)= , 0x0c(%ebx) - - popal - ret diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/MpFuncs.asm b/UefiCpuPkg/PiSmmC= puDxeSmm/Ia32/MpFuncs.asm deleted file mode 100644 index 70e24a827048..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/MpFuncs.asm +++ /dev/null @@ -1,168 +0,0 @@ -;-------------------------------------------------------------------------= ----- ; -; Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
-; This program and the accompanying materials -; are licensed and made available under the terms and conditions of the BS= D License -; which accompanies this distribution. The full text of the license may b= e found at -; http://opensource.org/licenses/bsd-license.php. -; -; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -; -; Module Name: -; -; MpFuncs.asm -; -; Abstract: -; -; This is the assembly code for Multi-processor S3 support -; -;-------------------------------------------------------------------------= ------ - -.686p -.model flat,C -.code - -EXTERN InitializeFloatingPointUnits:PROC - -VacantFlag Equ 00h -NotVacantFlag Equ 0ffh - -LockLocation equ RendezvousFunnelProcEnd - RendezvousFunnelP= rocStart -StackStart equ LockLocation + 4h -StackSize equ LockLocation + 8h -RendezvousProc equ LockLocation + 0Ch -GdtrProfile equ LockLocation + 10h -IdtrProfile equ LockLocation + 16h -BufferStart equ LockLocation + 1Ch - -;-------------------------------------------------------------------------= ------------ -;RendezvousFunnelProc procedure follows. All APs execute their procedure.= This -;procedure serializes all the AP processors through an Init sequence. It m= ust be -;noted that APs arrive here very raw...ie: real mode, no stack. -;ALSO THIS PROCEDURE IS EXECUTED BY APs ONLY ON 16 BIT MODE. HENCE THIS PR= OC -;IS IN MACHINE CODE. -;-------------------------------------------------------------------------= ------------ -;RendezvousFunnelProc (&WakeUpBuffer,MemAddress); - -RendezvousFunnelProc PROC near C PUBLIC -RendezvousFunnelProcStart:: - -; At this point CS =3D 0x(vv00) and ip=3D 0x0. - - db 8ch, 0c8h ; mov ax, cs - db 8eh, 0d8h ; mov ds, ax - db 8eh, 0c0h ; mov es, ax - db 8eh, 0d0h ; mov ss, ax - db 33h, 0c0h ; xor ax, ax - db 8eh, 0e0h ; mov fs, ax - db 8eh, 0e8h ; mov gs, ax - -flat32Start:: - - db 0BEh - dw BufferStart ; mov si, BufferStart - db 66h, 8Bh, 14h ; mov edx,dword ptr [si] = ; EDX is keeping the start address of wakeup buffer - - db 0BEh - dw GdtrProfile ; mov si, GdtrProfile - db 66h ; db 66h - db 2Eh, 0Fh, 01h, 14h ; lgdt fword ptr cs:[si] - - db 0BEh - dw IdtrProfile ; mov si, IdtrProfile - db 66h ; db 66h - db 2Eh, 0Fh, 01h, 1Ch ; lidt fword ptr cs:[si] - - db 33h, 0C0h ; xor ax, ax - db 8Eh, 0D8h ; mov ds, ax - - db 0Fh, 20h, 0C0h ; mov eax, cr0 = ; Get control register 0 - db 66h, 83h, 0C8h, 01h ; or eax, 000000001h = ; Set PE bit (bit #0) - db 0Fh, 22h, 0C0h ; mov cr0, eax - -FLAT32_JUMP:: - - db 66h, 67h, 0EAh ; far jump - dd 0h ; 32-bit offset - dw 20h ; 16-bit selector - -PMODE_ENTRY:: ; protected mode entry point - - mov ax, 8h - mov ds, ax - mov es, ax - mov fs, ax - mov gs, ax - mov ss, ax ; Flat mode setup. - - mov esi, edx - - mov edi, esi - add edi, LockLocation - mov al, NotVacantFlag -TestLock:: - xchg byte ptr [edi], al - cmp al, NotVacantFlag - jz TestLock - -ProgramStack:: - - mov edi, esi - add edi, StackSize - mov eax, dword ptr [edi] - mov edi, esi - add edi, StackStart - add eax, dword ptr [edi] - mov esp, eax - mov dword ptr [edi], eax - -Releaselock:: - - mov al, VacantFlag - mov edi, esi - add edi, LockLocation - xchg byte ptr [edi], al - - ; - ; Call assembly function to initialize FPU. - ; - mov ebx, InitializeFloatingPointUnits - call ebx - ; - ; Call C Function - ; - mov edi, esi - add edi, RendezvousProc - mov eax, dword ptr [edi] - - test eax, eax - jz GoToSleep - call eax ; Call C function - -GoToSleep:: - cli - hlt - jmp $-2 - -RendezvousFunnelProc ENDP -RendezvousFunnelProcEnd:: -;-------------------------------------------------------------------------= ------------ -; AsmGetAddressMap (&AddressMap); -;-------------------------------------------------------------------------= ------------ -AsmGetAddressMap PROC near C PUBLIC - - pushad - mov ebp,esp - - mov ebx, dword ptr [ebp+24h] - mov dword ptr [ebx], RendezvousFunnelProcStart - mov dword ptr [ebx+4h], PMODE_ENTRY - RendezvousFunnelProc= Start - mov dword ptr [ebx+8h], FLAT32_JUMP - RendezvousFunnelProc= Start - mov dword ptr [ebx+0ch], RendezvousFunnelProcEnd - Rendezv= ousFunnelProcStart - - popad - ret - -AsmGetAddressMap ENDP - -END diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.S b/UefiCpuPkg/PiSmmCp= uDxeSmm/Ia32/SmiEntry.S deleted file mode 100644 index 3243a91a1205..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.S +++ /dev/null @@ -1,215 +0,0 @@ -#-------------------------------------------------------------------------= ----- -# -# Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
-# This program and the accompanying materials -# are licensed and made available under the terms and conditions of the BS= D License -# which accompanies this distribution. The full text of the license may b= e found at -# http://opensource.org/licenses/bsd-license.php. -# -# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -# -# Module Name: -# -# SmiEntry.S -# -# Abstract: -# -# Code template of the SMI handler for a particular processor -# -#-------------------------------------------------------------------------= ----- - -ASM_GLOBAL ASM_PFX(gcSmiHandlerTemplate) -ASM_GLOBAL ASM_PFX(gcSmiHandlerSize) -ASM_GLOBAL ASM_PFX(gSmiCr3) -ASM_GLOBAL ASM_PFX(gSmiStack) -ASM_GLOBAL ASM_PFX(gSmbase) -ASM_GLOBAL ASM_PFX(mXdSupported) -ASM_GLOBAL ASM_PFX(FeaturePcdGet (PcdCpuSmmStackGuard)) -ASM_GLOBAL ASM_PFX(gSmiHandlerIdtr) - -.equ MSR_IA32_MISC_ENABLE, 0x1A0 -.equ MSR_EFER, 0xc0000080 -.equ MSR_EFER_XD, 0x800 - -# -# Constants relating to PROCESSOR_SMM_DESCRIPTOR -# -.equ DSC_OFFSET, 0xfb00 -.equ DSC_GDTPTR, 0x30 -.equ DSC_GDTSIZ, 0x38 -.equ DSC_CS, 14 -.equ DSC_DS, 16 -.equ DSC_SS, 18 -.equ DSC_OTHERSEG, 20 - -.equ PROTECT_MODE_CS, 0x08 -.equ PROTECT_MODE_DS, 0x20 -.equ TSS_SEGMENT, 0x40 - - .text - -ASM_PFX(gcSmiHandlerTemplate): - -_SmiEntryPoint: - .byte 0xbb # mov bx, imm16 - .word _GdtDesc - _SmiEntryPoint + 0x8000 - .byte 0x2e,0xa1 # mov ax, cs:[offset16] - .word DSC_OFFSET + DSC_GDTSIZ - decl %eax - movl %eax, %cs:(%edi) # mov cs:[bx], ax - .byte 0x66,0x2e,0xa1 # mov eax, cs:[offset16] - .word DSC_OFFSET + DSC_GDTPTR - movw %ax, %cs:2(%edi) - movw %ax, %bp # ebp =3D GDT base - .byte 0x66 - lgdt %cs:(%edi) -# Patch ProtectedMode Segment - .byte 0xb8 # mov ax, imm16 - .word PROTECT_MODE_CS # set AX for segment directly - movl %eax, %cs:-2(%edi) # mov cs:[bx - 2], ax -# Patch ProtectedMode entry - .byte 0x66, 0xbf # mov edi, SMBASE -ASM_PFX(gSmbase): .space 4 - .byte 0x67 - lea ((Start32bit - _SmiEntryPoint) + 0x8000)(%edi), %ax - movw %ax, %cs:-6(%edi) - movl %cr0, %ebx - .byte 0x66 - andl $0x9ffafff3, %ebx - .byte 0x66 - orl $0x23, %ebx - movl %ebx, %cr0 - .byte 0x66,0xea - .space 4 - .space 2 -_GdtDesc: .space 4 - .space 2 - -Start32bit: - movw $PROTECT_MODE_DS, %ax - movl %eax,%ds - movl %eax,%es - movl %eax,%fs - movl %eax,%gs - movl %eax,%ss - .byte 0xbc # mov esp, imm32 -ASM_PFX(gSmiStack): .space 4 - movl $ASM_PFX(gSmiHandlerIdtr), %eax - lidt (%eax) - jmp ProtFlatMode - -ProtFlatMode: - .byte 0xb8 # mov eax, imm32 -ASM_PFX(gSmiCr3): .space 4 - movl %eax, %cr3 -# -# Need to test for CR4 specific bit support -# - movl $1, %eax - cpuid # use CPUID to determine if spe= cific CR4 bits are supported - xorl %eax, %eax # Clear EAX - testl $BIT2, %edx # Check for DE capabilities - jz L8 - orl $BIT3, %eax -L8: - testl $BIT6, %edx # Check for PAE capabilities - jz L9 - orl $BIT5, %eax -L9: - testl $BIT7, %edx # Check for MCE capabilities - jz L10 - orl $BIT6, %eax -L10: - testl $BIT24, %edx # Check for FXSR capabilities - jz L11 - orl $BIT9, %eax -L11: - testl $BIT25, %edx # Check for SSE capabilities - jz L12 - orl $BIT10, %eax -L12: # as cr4.PGE is not set here, r= efresh cr3 - movl %eax, %cr4 # in PreModifyMtrrs() to flush = TLB. - - cmpb $0, ASM_PFX(FeaturePcdGet (PcdCpuSmmStackGuard)) - jz L5 -# Load TSS - movb $0x89, (TSS_SEGMENT + 5)(%ebp) # clear busy flag - movl $TSS_SEGMENT, %eax - ltrw %ax -L5: - -# enable NXE if supported - .byte 0xb0 # mov al, imm8 -ASM_PFX(mXdSupported): .byte 1 - cmpb $0, %al - jz SkipNxe -# -# Check XD disable bit -# - movl $MSR_IA32_MISC_ENABLE, %ecx - rdmsr - pushl %edx # save MSR_IA32_MISC_ENABLE[63-= 32] - testl $BIT2, %edx # MSR_IA32_MISC_ENABLE[34] - jz L13 - andw $0x0FFFB, %dx # clear XD Disable bit if it is= set - wrmsr -L13: - movl $MSR_EFER, %ecx - rdmsr - orw $MSR_EFER_XD,%ax # enable NXE - wrmsr - jmp NxeDone -SkipNxe: - subl $4, %esp -NxeDone: - - movl %cr0, %ebx - orl $0x080010023, %ebx # enable paging + WP + NE + MP = + PE - movl %ebx, %cr0 - leal DSC_OFFSET(%edi),%ebx - movw DSC_DS(%ebx),%ax - movl %eax, %ds - movw DSC_OTHERSEG(%ebx),%ax - movl %eax, %es - movl %eax, %fs - movl %eax, %gs - movw DSC_SS(%ebx),%ax - movl %eax, %ss - -# jmp _SmiHandler # instruction is not needed - -_SmiHandler: - movl 4(%esp), %ebx - - pushl %ebx - movl $ASM_PFX(CpuSmmDebugEntry), %eax - call *%eax - addl $4, %esp - - pushl %ebx - movl $ASM_PFX(SmiRendezvous), %eax - call *%eax - addl $4, %esp - - pushl %ebx - movl $ASM_PFX(CpuSmmDebugExit), %eax - call *%eax - addl $4, %esp - - movl $ASM_PFX(mXdSupported), %eax - movb (%eax), %al - cmpb $0, %al - jz L16 - popl %edx # get saved MSR_IA32_MISC_ENABLE[6= 3-32] - testl $BIT2, %edx - jz L16 - movl $MSR_IA32_MISC_ENABLE, %ecx - rdmsr - orw $BIT2, %dx # set XD Disable bit if it was set= before entering into SMM - wrmsr - -L16: - rsm - -ASM_PFX(gcSmiHandlerSize): .word . - _SmiEntryPoint diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.asm b/UefiCpuPkg/PiSmm= CpuDxeSmm/Ia32/SmiEntry.asm deleted file mode 100644 index 8296f36d2638..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.asm +++ /dev/null @@ -1,223 +0,0 @@ -;-------------------------------------------------------------------------= ----- ; -; Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
-; This program and the accompanying materials -; are licensed and made available under the terms and conditions of the BS= D License -; which accompanies this distribution. The full text of the license may b= e found at -; http://opensource.org/licenses/bsd-license.php. -; -; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -; -; Module Name: -; -; SmiEntry.asm -; -; Abstract: -; -; Code template of the SMI handler for a particular processor -; -;-------------------------------------------------------------------------= ------ - - .686p - .model flat,C - .xmm - -MSR_IA32_MISC_ENABLE EQU 1A0h -MSR_EFER EQU 0c0000080h -MSR_EFER_XD EQU 0800h - -; -; Constants relating to PROCESSOR_SMM_DESCRIPTOR -; -DSC_OFFSET EQU 0fb00h -DSC_GDTPTR EQU 30h -DSC_GDTSIZ EQU 38h -DSC_CS EQU 14 -DSC_DS EQU 16 -DSC_SS EQU 18 -DSC_OTHERSEG EQU 20 - -PROTECT_MODE_CS EQU 08h -PROTECT_MODE_DS EQU 20h -TSS_SEGMENT EQU 40h - -SmiRendezvous PROTO C -CpuSmmDebugEntry PROTO C -CpuSmmDebugExit PROTO C - -EXTERNDEF gcSmiHandlerTemplate:BYTE -EXTERNDEF gcSmiHandlerSize:WORD -EXTERNDEF gSmiCr3:DWORD -EXTERNDEF gSmiStack:DWORD -EXTERNDEF gSmbase:DWORD -EXTERNDEF mXdSupported:BYTE -EXTERNDEF FeaturePcdGet (PcdCpuSmmStackGuard):BYTE -EXTERNDEF gSmiHandlerIdtr:FWORD - - .code - -gcSmiHandlerTemplate LABEL BYTE - -_SmiEntryPoint: - DB 0bbh ; mov bx, imm16 - DW offset _GdtDesc - _SmiEntryPoint + 8000h - DB 2eh, 0a1h ; mov ax, cs:[offset16] - DW DSC_OFFSET + DSC_GDTSIZ - dec eax - mov cs:[edi], eax ; mov cs:[bx], ax - DB 66h, 2eh, 0a1h ; mov eax, cs:[offset16] - DW DSC_OFFSET + DSC_GDTPTR - mov cs:[edi + 2], ax ; mov cs:[bx + 2], eax - mov bp, ax ; ebp =3D GDT base - DB 66h - lgdt fword ptr cs:[edi] ; lgdt fword ptr cs:[bx] -; Patch ProtectedMode Segment - DB 0b8h ; mov ax, imm16 - DW PROTECT_MODE_CS ; set AX for segment directly - mov cs:[edi - 2], eax ; mov cs:[bx - 2], ax -; Patch ProtectedMode entry - DB 66h, 0bfh ; mov edi, SMBASE -gSmbase DD ? - DB 67h - lea ax, [edi + (@32bit - _SmiEntryPoint) + 8000h] - mov cs:[edi - 6], ax ; mov cs:[bx - 6], eax - mov ebx, cr0 - DB 66h - and ebx, 9ffafff3h - DB 66h - or ebx, 23h - mov cr0, ebx - DB 66h, 0eah - DD ? - DW ? -_GdtDesc FWORD ? - -@32bit: - mov ax, PROTECT_MODE_DS - mov ds, ax - mov es, ax - mov fs, ax - mov gs, ax - mov ss, ax - DB 0bch ; mov esp, imm32 -gSmiStack DD ? - mov eax, offset gSmiHandlerIdtr - lidt fword ptr [eax] - jmp ProtFlatMode - -ProtFlatMode: - DB 0b8h ; mov eax, imm32 -gSmiCr3 DD ? - mov cr3, eax -; -; Need to test for CR4 specific bit support -; - mov eax, 1 - cpuid ; use CPUID to determine if specif= ic CR4 bits are supported - xor eax, eax ; Clear EAX - test edx, BIT2 ; Check for DE capabilities - jz @f - or eax, BIT3 -@@: - test edx, BIT6 ; Check for PAE capabilities - jz @f - or eax, BIT5 -@@: - test edx, BIT7 ; Check for MCE capabilities - jz @f - or eax, BIT6 -@@: - test edx, BIT24 ; Check for FXSR capabilities - jz @f - or eax, BIT9 -@@: - test edx, BIT25 ; Check for SSE capabilities - jz @f - or eax, BIT10 -@@: ; as cr4.PGE is not set here, refr= esh cr3 - mov cr4, eax ; in PreModifyMtrrs() to flush TLB. - - cmp FeaturePcdGet (PcdCpuSmmStackGuard), 0 - jz @F -; Load TSS - mov byte ptr [ebp + TSS_SEGMENT + 5], 89h ; clear busy flag - mov eax, TSS_SEGMENT - ltr ax -@@: - -; enable NXE if supported - DB 0b0h ; mov al, imm8 -mXdSupported DB 1 - cmp al, 0 - jz @SkipXd -; -; Check XD disable bit -; - mov ecx, MSR_IA32_MISC_ENABLE - rdmsr - push edx ; save MSR_IA32_MISC_ENABLE[63-32] - test edx, BIT2 ; MSR_IA32_MISC_ENABLE[34] - jz @f - and dx, 0FFFBh ; clear XD Disable bit if it is set - wrmsr -@@: - mov ecx, MSR_EFER - rdmsr - or ax, MSR_EFER_XD ; enable NXE - wrmsr - jmp @XdDone -@SkipXd: - sub esp, 4 -@XdDone: - - mov ebx, cr0 - or ebx, 080010023h ; enable paging + WP + NE + MP + PE - mov cr0, ebx - lea ebx, [edi + DSC_OFFSET] - mov ax, [ebx + DSC_DS] - mov ds, eax - mov ax, [ebx + DSC_OTHERSEG] - mov es, eax - mov fs, eax - mov gs, eax - mov ax, [ebx + DSC_SS] - mov ss, eax - -; jmp _SmiHandler ; instruction is not needed - -_SmiHandler PROC - mov ebx, [esp + 4] ; CPU Index - push ebx - mov eax, CpuSmmDebugEntry - call eax - add esp, 4 - - push ebx - mov eax, SmiRendezvous - call eax - add esp, 4 - - push ebx - mov eax, CpuSmmDebugExit - call eax - add esp, 4 - - mov eax, offset mXdSupported - mov al, [eax] - cmp al, 0 - jz @f - pop edx ; get saved MSR_IA32_MISC_ENABLE[63-= 32] - test edx, BIT2 - jz @f - mov ecx, MSR_IA32_MISC_ENABLE - rdmsr - or dx, BIT2 ; set XD Disable bit if it was set b= efore entering into SMM - wrmsr - -@@: - rsm -_SmiHandler ENDP - -gcSmiHandlerSize DW $ - _SmiEntryPoint - - END diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiException.S b/UefiCpuPkg/PiS= mmCpuDxeSmm/Ia32/SmiException.S deleted file mode 100644 index 4600c7c36ee6..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiException.S +++ /dev/null @@ -1,696 +0,0 @@ -#-------------------------------------------------------------------------= ----- -# -# Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
-# This program and the accompanying materials -# are licensed and made available under the terms and conditions of the BS= D License -# which accompanies this distribution. The full text of the license may b= e found at -# http://opensource.org/licenses/bsd-license.php. -# -# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -# -# Module Name: -# -# SmiException.S -# -# Abstract: -# -# Exception handlers used in SM mode -# -#-------------------------------------------------------------------------= ----- - -ASM_GLOBAL ASM_PFX(SmiPFHandler) -ASM_GLOBAL ASM_PFX(PageFaultStubFunction) -ASM_GLOBAL ASM_PFX(gcSmiIdtr) -ASM_GLOBAL ASM_PFX(gcSmiGdtr) -ASM_GLOBAL ASM_PFX(gTaskGateDescriptor) -ASM_GLOBAL ASM_PFX(gcPsd) -ASM_GLOBAL ASM_PFX(FeaturePcdGet (PcdCpuSmmProfileEnable)) - - .data - -NullSeg: .quad 0 # reserved by architecture -CodeSeg32: - .word -1 # LimitLow - .word 0 # BaseLow - .byte 0 # BaseMid - .byte 0x9b - .byte 0xcf # LimitHigh - .byte 0 # BaseHigh -ProtModeCodeSeg32: - .word -1 # LimitLow - .word 0 # BaseLow - .byte 0 # BaseMid - .byte 0x9b - .byte 0xcf # LimitHigh - .byte 0 # BaseHigh -ProtModeSsSeg32: - .word -1 # LimitLow - .word 0 # BaseLow - .byte 0 # BaseMid - .byte 0x93 - .byte 0xcf # LimitHigh - .byte 0 # BaseHigh -DataSeg32: - .word -1 # LimitLow - .word 0 # BaseLow - .byte 0 # BaseMid - .byte 0x93 - .byte 0xcf # LimitHigh - .byte 0 # BaseHigh -CodeSeg16: - .word -1 - .word 0 - .byte 0 - .byte 0x9b - .byte 0x8f - .byte 0 -DataSeg16: - .word -1 - .word 0 - .byte 0 - .byte 0x93 - .byte 0x8f - .byte 0 -CodeSeg64: - .word -1 # LimitLow - .word 0 # BaseLow - .byte 0 # BaseMid - .byte 0x9b - .byte 0xaf # LimitHigh - .byte 0 # BaseHigh -.equ GDT_SIZE, .- NullSeg - -TssSeg: - .word TSS_DESC_SIZE -1 # LimitLow - .word 0 # BaseLow - .byte 0 # BaseMid - .byte 0x89 - .byte 0x00 # LimitHigh - .byte 0 # BaseHigh -ExceptionTssSeg: - .word TSS_DESC_SIZE - 1 # LimitLow - .word 0 # BaseLow - .byte 0 # BaseMid - .byte 0x89 - .byte 0x00 # LimitHigh - .byte 0 # BaseHigh - -.equ CODE_SEL, CodeSeg32 - NullSeg -.equ DATA_SEL, DataSeg32 - NullSeg -.equ TSS_SEL, TssSeg - NullSeg -.equ EXCEPTION_TSS_SEL, ExceptionTssSeg - NullSeg - -# IA32 TSS fields -.equ TSS_ESP0, 4 -.equ TSS_SS0, 8 -.equ TSS_ESP1, 12 -.equ TSS_SS1, 16 -.equ TSS_ESP2, 20 -.equ TSS_SS2, 24 -.equ TSS_CR3, 28 -.equ TSS_EIP, 32 -.equ TSS_EFLAGS, 36 -.equ TSS_EAX, 40 -.equ TSS_ECX, 44 -.equ TSS_EDX, 48 -.equ TSS_EBX, 52 -.equ TSS_ESP, 56 -.equ TSS_EBP, 60 -.equ TSS_ESI, 64 -.equ TSS_EDI, 68 -.equ TSS_ES, 72 -.equ TSS_CS, 76 -.equ TSS_SS, 80 -.equ TSS_DS, 84 -.equ TSS_FS, 88 -.equ TSS_GS, 92 -.equ TSS_LDT, 96 - -# Create 2 TSS segments just after GDT -TssDescriptor: - .word 0 # PreviousTaskLink - .word 0 # Reserved - .long 0 # ESP0 - .word 0 # SS0 - .word 0 # Reserved - .long 0 # ESP1 - .word 0 # SS1 - .word 0 # Reserved - .long 0 # ESP2 - .word 0 # SS2 - .word 0 # Reserved - .long 0 # CR3 - .long 0 # EIP - .long 0 # EFLAGS - .long 0 # EAX - .long 0 # ECX - .long 0 # EDX - .long 0 # EBX - .long 0 # ESP - .long 0 # EBP - .long 0 # ESI - .long 0 # EDI - .word 0 # ES - .word 0 # Reserved - .word 0 # CS - .word 0 # Reserved - .word 0 # SS - .word 0 # Reserved - .word 0 # DS - .word 0 # Reserved - .word 0 # FS - .word 0 # Reserved - .word 0 # GS - .word 0 # Reserved - .word 0 # LDT Selector - .word 0 # Reserved - .word 0 # T - .word 0 # I/O Map Base -.equ TSS_DESC_SIZE, . - TssDescriptor - -ExceptionTssDescriptor: - .word 0 # PreviousTaskLink - .word 0 # Reserved - .long 0 # ESP0 - .word 0 # SS0 - .word 0 # Reserved - .long 0 # ESP1 - .word 0 # SS1 - .word 0 # Reserved - .long 0 # ESP2 - .word 0 # SS2 - .word 0 # Reserved - .long 0 # CR3 - .long PFHandlerEntry # EIP - .long 00000002 # EFLAGS - .long 0 # EAX - .long 0 # ECX - .long 0 # EDX - .long 0 # EBX - .long 0 # ESP - .long 0 # EBP - .long 0 # ESI - .long 0 # EDI - .word DATA_SEL # ES - .word 0 # Reserved - .word CODE_SEL # CS - .word 0 # Reserved - .word DATA_SEL # SS - .word 0 # Reserved - .word DATA_SEL # DS - .word 0 # Reserved - .word DATA_SEL # FS - .word 0 # Reserved - .word DATA_SEL # GS - .word 0 # Reserved - .word 0 # LDT Selector - .word 0 # Reserved - .word 0 # T - .word 0 # I/O Map Base - -ASM_PFX(gcPsd): - .ascii "PSDSIG " - .word PSD_SIZE - .word 2 - .word 1 << 2 - .word CODE_SEL - .word DATA_SEL - .word DATA_SEL - .word DATA_SEL - .word 0 - .long 0 - .long 0 - .long 0 - .long 0 - .quad 0 - .long NullSeg - .long 0 - .long GDT_SIZE - .long 0 - .space 24, 0 - .long 0 - .long 0 -.equ PSD_SIZE, . - ASM_PFX(gcPsd) - -ASM_PFX(gcSmiGdtr): .word GDT_SIZE - 1 - .long NullSeg - -ASM_PFX(gcSmiIdtr): .word 0 - .long 0 - -ASM_PFX(gTaskGateDescriptor): - .word 0 # Reserved - .word EXCEPTION_TSS_SEL # TSS Segment selector - .byte 0 # Reserved - .byte 0x85 # Task Gate, present, DPL =3D 0 - .word 0 # Reserved - - .text - -#-------------------------------------------------------------------------= ----- -# PageFaultIdtHandlerSmmProfile is the entry point for all exceptions -# -# Stack: -#+---------------------+ -#+ EFlags + -#+---------------------+ -#+ CS + -#+---------------------+ -#+ EIP + -#+---------------------+ -#+ Error Code + -#+---------------------+ -#+ Vector Number + -#+---------------------+ -#+ EBP + -#+---------------------+ <-- EBP -# -# RSP set to odd multiple of 8 means ErrCode PRESENT -#-------------------------------------------------------------------------= ----- -ASM_GLOBAL ASM_PFX(PageFaultIdtHandlerSmmProfile) -ASM_PFX(PageFaultIdtHandlerSmmProfile): - pushl $0x0e # Page Fault - pushl %ebp - movl %esp, %ebp - - - # - # Align stack to make sure that EFI_FX_SAVE_STATE_IA32 of EFI_SYSTEM_C= ONTEXT_IA32 - # is 16-byte aligned - # - andl $0xfffffff0, %esp - subl $12, %esp - -## UINT32 Edi, Esi, Ebp, Esp, Ebx, Edx, Ecx, Eax; - pushl %eax - pushl %ecx - pushl %edx - pushl %ebx - leal (6*4)(%ebp), %ecx - pushl %ecx # ESP - pushl (%ebp) # EBP - pushl %esi - pushl %edi - -## UINT32 Gs, Fs, Es, Ds, Cs, Ss; - movl %ss, %eax - pushl %eax - movzwl (4*4)(%ebp), %eax - pushl %eax - movl %ds, %eax - pushl %eax - movl %es, %eax - pushl %eax - movl %fs, %eax - pushl %eax - movl %gs, %eax - pushl %eax - -## UINT32 Eip; - movl (3*4)(%ebp), %eax - pushl %eax - -## UINT32 Gdtr[2], Idtr[2]; - subl $8, %esp - sidt (%esp) - movl 2(%esp), %eax - xchgl (%esp), %eax - andl $0xffff, %eax - movl %eax, 4(%esp) - - subl $8, %esp - sgdt (%esp) - movl 2(%esp), %eax - xchgl (%esp), %eax - andl $0xffff, %eax - movl %eax, 4(%esp) - -## UINT32 Ldtr, Tr; - xorl %eax, %eax - strw %ax - pushl %eax - sldtw %ax - pushl %eax - -## UINT32 EFlags; - movl (5*4)(%ebp), %eax - pushl %eax - -## UINT32 Cr0, Cr1, Cr2, Cr3, Cr4; - movl %cr4, %eax - orl $0x208, %eax - movl %eax, %cr4 - pushl %eax - movl %cr3, %eax - pushl %eax - movl %cr2, %eax - pushl %eax - xorl %eax, %eax - pushl %eax - movl %cr0, %eax - pushl %eax - -## UINT32 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7; - movl %dr7, %eax - pushl %eax - movl %dr6, %eax - pushl %eax - movl %dr3, %eax - pushl %eax - movl %dr2, %eax - pushl %eax - movl %dr1, %eax - pushl %eax - movl %dr0, %eax - pushl %eax - -## FX_SAVE_STATE_IA32 FxSaveState; - subl $512, %esp - movl %esp, %edi - .byte 0x0f, 0xae, 0x07 #fxsave [edi] - -# UEFI calling convention for IA32 requires that Direction flag in EFLAGs = is clear - cld - -## UINT32 ExceptionData; - pushl (2*4)(%ebp) - -## call into exception handler - -## Prepare parameter and call - movl %esp, %edx - pushl %edx - movl (1*4)(%ebp), %edx - pushl %edx - - # - # Call External Exception Handler - # - movl $ASM_PFX(SmiPFHandler), %eax - call *%eax - addl $8, %esp - jmp L4 - -L4: -## UINT32 ExceptionData; - addl $4, %esp - -## FX_SAVE_STATE_IA32 FxSaveState; - movl %esp, %esi - .byte 0xf, 0xae, 0xe # fxrstor [esi] - addl $512, %esp - -## UINT32 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7; -## Skip restoration of DRx registers to support debuggers -## that set breakpoints in interrupt/exception context - addl $4*6, %esp - -## UINT32 Cr0, Cr1, Cr2, Cr3, Cr4; - popl %eax - movl %eax, %cr0 - addl $4, %esp # not for Cr1 - popl %eax - movl %eax, %cr2 - popl %eax - movl %eax, %cr3 - popl %eax - movl %eax, %cr4 - -## UINT32 EFlags; - popl (5*4)(%ebp) - -## UINT32 Ldtr, Tr; -## UINT32 Gdtr[2], Idtr[2]; -## Best not let anyone mess with these particular registers... - addl $24, %esp - -## UINT32 Eip; - popl (3*4)(%ebp) - -## UINT32 Gs, Fs, Es, Ds, Cs, Ss; -## NOTE - modified segment registers could hang the debugger... We -## could attempt to insulate ourselves against this possibility, -## but that poses risks as well. -## - popl %gs - popl %fs - popl %es - popl %ds - popl (4*4)(%ebp) - popl %ss - -## UINT32 Edi, Esi, Ebp, Esp, Ebx, Edx, Ecx, Eax; - popl %edi - popl %esi - addl $4, %esp # not for ebp - addl $4, %esp # not for esp - popl %ebx - popl %edx - popl %ecx - popl %eax - - movl %ebp, %esp - popl %ebp - -# Enable TF bit after page fault handler runs - btsl $8, 16(%esp) # EFLAGS - - addl $8, %esp # skip INT# & ErrCode -Return: - iret -# -# Page Fault Exception Handler entry when SMM Stack Guard is enabled -# Executiot starts here after a task switch -# -PFHandlerEntry: -# -# Get this processor's TSS -# - subl $8, %esp - sgdt 2(%esp) - movl 4(%esp), %eax # GDT base - addl $8, %esp - movl (TSS_SEL+2)(%eax), %ecx - shll $8, %ecx - movb (TSS_SEL+7)(%eax), %cl - rorl $8, %ecx # ecx =3D TSS base - - movl %esp, %ebp - - # - # Align stack to make sure that EFI_FX_SAVE_STATE_IA32 of EFI_SYSTEM_C= ONTEXT_IA32 - # is 16-byte aligned - # - andl $0xfffffff0, %esp - subl $12, %esp - -## UINT32 Edi, Esi, Ebp, Esp, Ebx, Edx, Ecx, Eax; - pushl TSS_EAX(%ecx) - pushl TSS_ECX(%ecx) - pushl TSS_EDX(%ecx) - pushl TSS_EBX(%ecx) - pushl TSS_ESP(%ecx) - pushl TSS_EBP(%ecx) - pushl TSS_ESI(%ecx) - pushl TSS_EDI(%ecx) - -## UINT32 Gs, Fs, Es, Ds, Cs, Ss; - movzwl TSS_SS(%ecx), %eax - pushl %eax - movzwl TSS_CS(%ecx), %eax - pushl %eax - movzwl TSS_DS(%ecx), %eax - pushl %eax - movzwl TSS_ES(%ecx), %eax - pushl %eax - movzwl TSS_FS(%ecx), %eax - pushl %eax - movzwl TSS_GS(%ecx), %eax - pushl %eax - -## UINT32 Eip; - pushl TSS_EIP(%ecx) - -## UINT32 Gdtr[2], Idtr[2]; - subl $8, %esp - sidt (%esp) - movl 2(%esp), %eax - xchgl (%esp), %eax - andl $0xFFFF, %eax - movl %eax, 4(%esp) - - subl $8, %esp - sgdt (%esp) - movl 2(%esp), %eax - xchgl (%esp), %eax - andl $0xFFFF, %eax - movl %eax, 4(%esp) - -## UINT32 Ldtr, Tr; - movl $TSS_SEL, %eax - pushl %eax - movzwl TSS_LDT(%ecx), %eax - pushl %eax - -## UINT32 EFlags; - pushl TSS_EFLAGS(%ecx) - -## UINT32 Cr0, Cr1, Cr2, Cr3, Cr4; - movl %cr4, %eax - orl $0x208, %eax - movl %eax, %cr4 - pushl %eax - movl %cr3, %eax - pushl %eax - movl %cr2, %eax - pushl %eax - xorl %eax, %eax - pushl %eax - movl %cr0, %eax - pushl %eax - -## UINT32 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7; - movl %dr7, %eax - pushl %eax - movl %dr6, %eax - pushl %eax - movl %dr3, %eax - pushl %eax - movl %dr2, %eax - pushl %eax - movl %dr1, %eax - pushl %eax - movl %dr0, %eax - pushl %eax - -## FX_SAVE_STATE_IA32 FxSaveState; -## Clear TS bit in CR0 to avoid Device Not Available Exception (#NM) -## when executing fxsave/fxrstor instruction - clts - subl $512, %esp - movl %esp, %edi - .byte 0x0f, 0xae, 0x07 #fxsave [edi] - -# UEFI calling convention for IA32 requires that Direction flag in EFLAGs = is clear - cld - -## UINT32 ExceptionData; - pushl (%ebp) - -## call into exception handler - movl %ecx, %ebx - movl $ASM_PFX(SmiPFHandler), %eax - -## Prepare parameter and call - movl %esp, %edx - pushl %edx - movl $14, %edx - pushl %edx - - # - # Call External Exception Handler - # - call *%eax - addl $8, %esp - - movl %ebx, %ecx -## UINT32 ExceptionData; - addl $4, %esp - -## FX_SAVE_STATE_IA32 FxSaveState; - movl %esp, %esi - .byte 0xf, 0xae, 0xe # fxrstor [esi] - addl $512, %esp - -## UINT32 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7; -## Skip restoration of DRx registers to support debuggers -## that set breakpoints in interrupt/exception context - addl $4*6, %esp - -## UINT32 Cr0, Cr1, Cr2, Cr3, Cr4; - popl %eax - movl %eax, %cr0 - addl $4, %esp # not for Cr1 - popl %eax - movl %eax, %cr2 - popl %eax - movl %eax, TSS_CR3(%ecx) - popl %eax - movl %eax, %cr4 - -## UINT32 EFlags; - popl TSS_EFLAGS(%ecx) - -## UINT32 Ldtr, Tr; -## UINT32 Gdtr[2], Idtr[2]; -## Best not let anyone mess with these particular registers... - addl $24, %esp - -## UINT32 Eip; - popl TSS_EIP(%ecx) - -## UINT32 Gs, Fs, Es, Ds, Cs, Ss; -## NOTE - modified segment registers could hang the debugger... We -## could attempt to insulate ourselves against this possibility, -## but that poses risks as well. -## - popl %eax - movw %ax, TSS_GS(%ecx) - popl %eax - movw %ax, TSS_FS(%ecx) - popl %eax - movw %ax, TSS_ES(%ecx) - popl %eax - movw %ax, TSS_DS(%ecx) - popl %eax - movw %ax, TSS_CS(%ecx) - popl %eax - movw %ax, TSS_SS(%ecx) - -## UINT32 Edi, Esi, Ebp, Esp, Ebx, Edx, Ecx, Eax; - popl TSS_EDI(%ecx) - popl TSS_ESI(%ecx) - addl $4, %esp # not for ebp - addl $4, %esp # not for esp - popl TSS_EBX(%ecx) - popl TSS_EDX(%ecx) - popl TSS_ECX(%ecx) - popl TSS_EAX(%ecx) - - movl %ebp, %esp - -# Set single step DB# if SMM profile is enabled and page fault exception h= appens - cmpb $0, ASM_PFX(FeaturePcdGet (PcdCpuSmmProfileEnable)) - jz Done2 -# Create return context for iret in stub function - movl TSS_ESP(%ecx), %eax # Get old stack pointer - movl TSS_EIP(%ecx), %ebx - movl %ebx, -0xc(%eax) # create EIP in old stack - movzwl TSS_CS(%ecx), %ebx - movl %ebx, -0x8(%eax) # create CS in old stack - movl TSS_EFLAGS(%ecx), %ebx - btsl $8,%ebx - movl %ebx, -0x4(%eax) # create eflags in old s= tack - movl TSS_ESP(%ecx), %eax # Get old stack pointer - subl $12, %eax # minus 12 byte - movl %eax, TSS_ESP(%ecx) # Set new stack pointer - -# Replace the EIP of interrupted task with stub function - movl $ASM_PFX(PageFaultStubFunction), %eax - movl %eax, TSS_EIP(%ecx) -# Jump to the iret so next page fault handler as a task will start again a= fter iret. - -Done2: - - addl $4, %esp # skip ErrCode - - jmp Return - -ASM_PFX(PageFaultStubFunction): -# -# we need clean TS bit in CR0 to execute -# x87 FPU/MMX/SSE/SSE2/SSE3/SSSE3/SSE4 instructions. -# - clts - iret diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiException.asm b/UefiCpuPkg/P= iSmmCpuDxeSmm/Ia32/SmiException.asm deleted file mode 100644 index 80a44b861fcb..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiException.asm +++ /dev/null @@ -1,713 +0,0 @@ -;-------------------------------------------------------------------------= ----- ; -; Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
-; This program and the accompanying materials -; are licensed and made available under the terms and conditions of the BS= D License -; which accompanies this distribution. The full text of the license may b= e found at -; http://opensource.org/licenses/bsd-license.php. -; -; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -; -; Module Name: -; -; SmiException.asm -; -; Abstract: -; -; Exception handlers used in SM mode -; -;-------------------------------------------------------------------------= ------ - - .686p - .model flat,C - -EXTERNDEF SmiPFHandler:PROC -EXTERNDEF PageFaultStubFunction:PROC -EXTERNDEF gcSmiIdtr:FWORD -EXTERNDEF gcSmiGdtr:FWORD -EXTERNDEF gTaskGateDescriptor:QWORD -EXTERNDEF gcPsd:BYTE -EXTERNDEF FeaturePcdGet (PcdCpuSmmProfileEnable):BYTE - - - .data - -NullSeg DQ 0 ; reserved by architecture -CodeSeg32 LABEL QWORD - DW -1 ; LimitLow - DW 0 ; BaseLow - DB 0 ; BaseMid - DB 9bh - DB 0cfh ; LimitHigh - DB 0 ; BaseHigh -ProtModeCodeSeg32 LABEL QWORD - DW -1 ; LimitLow - DW 0 ; BaseLow - DB 0 ; BaseMid - DB 9bh - DB 0cfh ; LimitHigh - DB 0 ; BaseHigh -ProtModeSsSeg32 LABEL QWORD - DW -1 ; LimitLow - DW 0 ; BaseLow - DB 0 ; BaseMid - DB 93h - DB 0cfh ; LimitHigh - DB 0 ; BaseHigh -DataSeg32 LABEL QWORD - DW -1 ; LimitLow - DW 0 ; BaseLow - DB 0 ; BaseMid - DB 93h - DB 0cfh ; LimitHigh - DB 0 ; BaseHigh -CodeSeg16 LABEL QWORD - DW -1 - DW 0 - DB 0 - DB 9bh - DB 8fh - DB 0 -DataSeg16 LABEL QWORD - DW -1 - DW 0 - DB 0 - DB 93h - DB 8fh - DB 0 -CodeSeg64 LABEL QWORD - DW -1 ; LimitLow - DW 0 ; BaseLow - DB 0 ; BaseMid - DB 9bh - DB 0afh ; LimitHigh - DB 0 ; BaseHigh -GDT_SIZE =3D $ - offset NullSeg - -TssSeg LABEL QWORD - DW TSS_DESC_SIZE - 1 ; LimitLow - DW 0 ; BaseLow - DB 0 ; BaseMid - DB 89h - DB 00h ; LimitHigh - DB 0 ; BaseHigh -ExceptionTssSeg LABEL QWORD - DW TSS_DESC_SIZE - 1 ; LimitLow - DW 0 ; BaseLow - DB 0 ; BaseMid - DB 89h - DB 00h ; LimitHigh - DB 0 ; BaseHigh - -CODE_SEL =3D offset CodeSeg32 - offset NullSeg -DATA_SEL =3D offset DataSeg32 - offset NullSeg -TSS_SEL =3D offset TssSeg - offset NullSeg -EXCEPTION_TSS_SEL =3D offset ExceptionTssSeg - offset NullSeg - -IA32_TSS STRUC - DW ? - DW ? - ESP0 DD ? - SS0 DW ? - DW ? - ESP1 DD ? - SS1 DW ? - DW ? - ESP2 DD ? - SS2 DW ? - DW ? - _CR3 DD ? - EIP DD ? - EFLAGS DD ? - _EAX DD ? - _ECX DD ? - _EDX DD ? - _EBX DD ? - _ESP DD ? - _EBP DD ? - _ESI DD ? - _EDI DD ? - _ES DW ? - DW ? - _CS DW ? - DW ? - _SS DW ? - DW ? - _DS DW ? - DW ? - _FS DW ? - DW ? - _GS DW ? - DW ? - LDT DW ? - DW ? - DW ? - DW ? -IA32_TSS ENDS - -; Create 2 TSS segments just after GDT -TssDescriptor LABEL BYTE - DW 0 ; PreviousTaskLink - DW 0 ; Reserved - DD 0 ; ESP0 - DW 0 ; SS0 - DW 0 ; Reserved - DD 0 ; ESP1 - DW 0 ; SS1 - DW 0 ; Reserved - DD 0 ; ESP2 - DW 0 ; SS2 - DW 0 ; Reserved - DD 0 ; CR3 - DD 0 ; EIP - DD 0 ; EFLAGS - DD 0 ; EAX - DD 0 ; ECX - DD 0 ; EDX - DD 0 ; EBX - DD 0 ; ESP - DD 0 ; EBP - DD 0 ; ESI - DD 0 ; EDI - DW 0 ; ES - DW 0 ; Reserved - DW 0 ; CS - DW 0 ; Reserved - DW 0 ; SS - DW 0 ; Reserved - DW 0 ; DS - DW 0 ; Reserved - DW 0 ; FS - DW 0 ; Reserved - DW 0 ; GS - DW 0 ; Reserved - DW 0 ; LDT Selector - DW 0 ; Reserved - DW 0 ; T - DW 0 ; I/O Map Base -TSS_DESC_SIZE =3D $ - offset TssDescriptor - -ExceptionTssDescriptor LABEL BYTE - DW 0 ; PreviousTaskLink - DW 0 ; Reserved - DD 0 ; ESP0 - DW 0 ; SS0 - DW 0 ; Reserved - DD 0 ; ESP1 - DW 0 ; SS1 - DW 0 ; Reserved - DD 0 ; ESP2 - DW 0 ; SS2 - DW 0 ; Reserved - DD 0 ; CR3 - DD offset PFHandlerEntry ; EIP - DD 00000002 ; EFLAGS - DD 0 ; EAX - DD 0 ; ECX - DD 0 ; EDX - DD 0 ; EBX - DD 0 ; ESP - DD 0 ; EBP - DD 0 ; ESI - DD 0 ; EDI - DW DATA_SEL ; ES - DW 0 ; Reserved - DW CODE_SEL ; CS - DW 0 ; Reserved - DW DATA_SEL ; SS - DW 0 ; Reserved - DW DATA_SEL ; DS - DW 0 ; Reserved - DW DATA_SEL ; FS - DW 0 ; Reserved - DW DATA_SEL ; GS - DW 0 ; Reserved - DW 0 ; LDT Selector - DW 0 ; Reserved - DW 0 ; T - DW 0 ; I/O Map Base - -gcPsd LABEL BYTE - DB 'PSDSIG ' - DW PSD_SIZE - DW 2 - DW 1 SHL 2 - DW CODE_SEL - DW DATA_SEL - DW DATA_SEL - DW DATA_SEL - DW 0 - DQ 0 - DQ 0 - DQ 0 - DQ offset NullSeg - DD GDT_SIZE - DD 0 - DB 24 dup (0) - DQ 0 -PSD_SIZE =3D $ - offset gcPsd - -gcSmiGdtr LABEL FWORD - DW GDT_SIZE - 1 - DD offset NullSeg - -gcSmiIdtr LABEL FWORD - DW 0 - DD 0 - -gTaskGateDescriptor LABEL QWORD - DW 0 ; Reserved - DW EXCEPTION_TSS_SEL ; TSS Segment selector - DB 0 ; Reserved - DB 85h ; Task Gate, present, DPL =3D 0 - DW 0 ; Reserved - - - .code -;-------------------------------------------------------------------------= ----- -; PageFaultIdtHandlerSmmProfile is the entry point page fault only -; -; -; Stack: -; +---------------------+ -; + EFlags + -; +---------------------+ -; + CS + -; +---------------------+ -; + EIP + -; +---------------------+ -; + Error Code + -; +---------------------+ -; + Vector Number + -; +---------------------+ -; + EBP + -; +---------------------+ <-- EBP -; -; -;-------------------------------------------------------------------------= ----- -PageFaultIdtHandlerSmmProfile PROC - push 0eh ; Page Fault - - push ebp - mov ebp, esp - - - ; - ; Align stack to make sure that EFI_FX_SAVE_STATE_IA32 of EFI_SYSTEM_C= ONTEXT_IA32 - ; is 16-byte aligned - ; - and esp, 0fffffff0h - sub esp, 12 - -;; UINT32 Edi, Esi, Ebp, Esp, Ebx, Edx, Ecx, Eax; - push eax - push ecx - push edx - push ebx - lea ecx, [ebp + 6 * 4] - push ecx ; ESP - push dword ptr [ebp] ; EBP - push esi - push edi - -;; UINT32 Gs, Fs, Es, Ds, Cs, Ss; - mov eax, ss - push eax - movzx eax, word ptr [ebp + 4 * 4] - push eax - mov eax, ds - push eax - mov eax, es - push eax - mov eax, fs - push eax - mov eax, gs - push eax - -;; UINT32 Eip; - mov eax, [ebp + 3 * 4] - push eax - -;; UINT32 Gdtr[2], Idtr[2]; - sub esp, 8 - sidt [esp] - mov eax, [esp + 2] - xchg eax, [esp] - and eax, 0FFFFh - mov [esp+4], eax - - sub esp, 8 - sgdt [esp] - mov eax, [esp + 2] - xchg eax, [esp] - and eax, 0FFFFh - mov [esp+4], eax - -;; UINT32 Ldtr, Tr; - xor eax, eax - str ax - push eax - sldt ax - push eax - -;; UINT32 EFlags; - mov eax, [ebp + 5 * 4] - push eax - -;; UINT32 Cr0, Cr1, Cr2, Cr3, Cr4; - mov eax, cr4 - or eax, 208h - mov cr4, eax - push eax - mov eax, cr3 - push eax - mov eax, cr2 - push eax - xor eax, eax - push eax - mov eax, cr0 - push eax - -;; UINT32 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7; - mov eax, dr7 - push eax - mov eax, dr6 - push eax - mov eax, dr3 - push eax - mov eax, dr2 - push eax - mov eax, dr1 - push eax - mov eax, dr0 - push eax - -;; FX_SAVE_STATE_IA32 FxSaveState; - sub esp, 512 - mov edi, esp - db 0fh, 0aeh, 07h ;fxsave [edi] - -; UEFI calling convention for IA32 requires that Direction flag in EFLAGs = is clear - cld - -;; UINT32 ExceptionData; - push dword ptr [ebp + 2 * 4] - -;; call into exception handler - -;; Prepare parameter and call - mov edx, esp - push edx - mov edx, dword ptr [ebp + 1 * 4] - push edx - - ; - ; Call External Exception Handler - ; - mov eax, SmiPFHandler - call eax - add esp, 8 - -;; UINT32 ExceptionData; - add esp, 4 - -;; FX_SAVE_STATE_IA32 FxSaveState; - mov esi, esp - db 0fh, 0aeh, 0eh ; fxrstor [esi] - add esp, 512 - -;; UINT32 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7; -;; Skip restoration of DRx registers to support debuggers -;; that set breakpoint in interrupt/exception context - add esp, 4 * 6 - -;; UINT32 Cr0, Cr1, Cr2, Cr3, Cr4; - pop eax - mov cr0, eax - add esp, 4 ; not for Cr1 - pop eax - mov cr2, eax - pop eax - mov cr3, eax - pop eax - mov cr4, eax - -;; UINT32 EFlags; - pop dword ptr [ebp + 5 * 4] - -;; UINT32 Ldtr, Tr; -;; UINT32 Gdtr[2], Idtr[2]; -;; Best not let anyone mess with these particular registers... - add esp, 24 - -;; UINT32 Eip; - pop dword ptr [ebp + 3 * 4] - -;; UINT32 Gs, Fs, Es, Ds, Cs, Ss; -;; NOTE - modified segment registers could hang the debugger... We -;; could attempt to insulate ourselves against this possibility, -;; but that poses risks as well. -;; - pop gs - pop fs - pop es - pop ds - pop dword ptr [ebp + 4 * 4] - pop ss - -;; UINT32 Edi, Esi, Ebp, Esp, Ebx, Edx, Ecx, Eax; - pop edi - pop esi - add esp, 4 ; not for ebp - add esp, 4 ; not for esp - pop ebx - pop edx - pop ecx - pop eax - - mov esp, ebp - pop ebp - -; Enable TF bit after page fault handler runs - bts dword ptr [esp + 16], 8 ; EFLAGS - - add esp, 8 ; skip INT# & ErrCode -Return: - iretd -; -; Page Fault Exception Handler entry when SMM Stack Guard is enabled -; Executiot starts here after a task switch -; -PFHandlerEntry:: -; -; Get this processor's TSS -; - sub esp, 8 - sgdt [esp + 2] - mov eax, [esp + 4] ; GDT base - add esp, 8 - mov ecx, [eax + TSS_SEL + 2] - shl ecx, 8 - mov cl, [eax + TSS_SEL + 7] - ror ecx, 8 ; ecx =3D TSS base - - mov ebp, esp - - ; - ; Align stack to make sure that EFI_FX_SAVE_STATE_IA32 of EFI_SYSTEM_C= ONTEXT_IA32 - ; is 16-byte aligned - ; - and esp, 0fffffff0h - sub esp, 12 - -;; UINT32 Edi, Esi, Ebp, Esp, Ebx, Edx, Ecx, Eax; - push (IA32_TSS ptr [ecx])._EAX - push (IA32_TSS ptr [ecx])._ECX - push (IA32_TSS ptr [ecx])._EDX - push (IA32_TSS ptr [ecx])._EBX - push (IA32_TSS ptr [ecx])._ESP - push (IA32_TSS ptr [ecx])._EBP - push (IA32_TSS ptr [ecx])._ESI - push (IA32_TSS ptr [ecx])._EDI - -;; UINT32 Gs, Fs, Es, Ds, Cs, Ss; - movzx eax, (IA32_TSS ptr [ecx])._SS - push eax - movzx eax, (IA32_TSS ptr [ecx])._CS - push eax - movzx eax, (IA32_TSS ptr [ecx])._DS - push eax - movzx eax, (IA32_TSS ptr [ecx])._ES - push eax - movzx eax, (IA32_TSS ptr [ecx])._FS - push eax - movzx eax, (IA32_TSS ptr [ecx])._GS - push eax - -;; UINT32 Eip; - push (IA32_TSS ptr [ecx]).EIP - -;; UINT32 Gdtr[2], Idtr[2]; - sub esp, 8 - sidt [esp] - mov eax, [esp + 2] - xchg eax, [esp] - and eax, 0FFFFh - mov [esp+4], eax - - sub esp, 8 - sgdt [esp] - mov eax, [esp + 2] - xchg eax, [esp] - and eax, 0FFFFh - mov [esp+4], eax - -;; UINT32 Ldtr, Tr; - mov eax, TSS_SEL - push eax - movzx eax, (IA32_TSS ptr [ecx]).LDT - push eax - -;; UINT32 EFlags; - push (IA32_TSS ptr [ecx]).EFLAGS - -;; UINT32 Cr0, Cr1, Cr2, Cr3, Cr4; - mov eax, cr4 - or eax, 208h - mov cr4, eax - push eax - mov eax, cr3 - push eax - mov eax, cr2 - push eax - xor eax, eax - push eax - mov eax, cr0 - push eax - -;; UINT32 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7; - mov eax, dr7 - push eax - mov eax, dr6 - push eax - mov eax, dr3 - push eax - mov eax, dr2 - push eax - mov eax, dr1 - push eax - mov eax, dr0 - push eax - -;; FX_SAVE_STATE_IA32 FxSaveState; -;; Clear TS bit in CR0 to avoid Device Not Available Exception (#NM) -;; when executing fxsave/fxrstor instruction - clts - sub esp, 512 - mov edi, esp - db 0fh, 0aeh, 07h ;fxsave [edi] - -; UEFI calling convention for IA32 requires that Direction flag in EFLAGs = is clear - cld - -;; UINT32 ExceptionData; - push dword ptr [ebp] - -;; call into exception handler - mov ebx, ecx - mov eax, SmiPFHandler - -;; Prepare parameter and call - mov edx, esp - push edx - mov edx, 14 - push edx - - ; - ; Call External Exception Handler - ; - call eax - add esp, 8 - - mov ecx, ebx -;; UINT32 ExceptionData; - add esp, 4 - -;; FX_SAVE_STATE_IA32 FxSaveState; - mov esi, esp - db 0fh, 0aeh, 0eh ; fxrstor [esi] - add esp, 512 - -;; UINT32 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7; -;; Skip restoration of DRx registers to support debuggers -;; that set breakpoints in interrupt/exception context - add esp, 4 * 6 - -;; UINT32 Cr0, Cr1, Cr2, Cr3, Cr4; - pop eax - mov cr0, eax - add esp, 4 ; not for Cr1 - pop eax - mov cr2, eax - pop eax - mov (IA32_TSS ptr [ecx])._CR3, eax - pop eax - mov cr4, eax - -;; UINT32 EFlags; - pop (IA32_TSS ptr [ecx]).EFLAGS - -;; UINT32 Ldtr, Tr; -;; UINT32 Gdtr[2], Idtr[2]; -;; Best not let anyone mess with these particular registers... - add esp, 24 - -;; UINT32 Eip; - pop (IA32_TSS ptr [ecx]).EIP - -;; UINT32 Gs, Fs, Es, Ds, Cs, Ss; -;; NOTE - modified segment registers could hang the debugger... We -;; could attempt to insulate ourselves against this possibility, -;; but that poses risks as well. -;; - pop eax - mov (IA32_TSS ptr [ecx])._GS, ax - pop eax - mov (IA32_TSS ptr [ecx])._FS, ax - pop eax - mov (IA32_TSS ptr [ecx])._ES, ax - pop eax - mov (IA32_TSS ptr [ecx])._DS, ax - pop eax - mov (IA32_TSS ptr [ecx])._CS, ax - pop eax - mov (IA32_TSS ptr [ecx])._SS, ax - -;; UINT32 Edi, Esi, Ebp, Esp, Ebx, Edx, Ecx, Eax; - pop (IA32_TSS ptr [ecx])._EDI - pop (IA32_TSS ptr [ecx])._ESI - add esp, 4 ; not for ebp - add esp, 4 ; not for esp - pop (IA32_TSS ptr [ecx])._EBX - pop (IA32_TSS ptr [ecx])._EDX - pop (IA32_TSS ptr [ecx])._ECX - pop (IA32_TSS ptr [ecx])._EAX - - mov esp, ebp - -; Set single step DB# if SMM profile is enabled and page fault exception h= appens - cmp FeaturePcdGet (PcdCpuSmmProfileEnable), 0 - jz @Done2 - -; Create return context for iretd in stub function - mov eax, (IA32_TSS ptr [ecx])._ESP ; Get old stack pointer - mov ebx, (IA32_TSS ptr [ecx]).EIP - mov [eax - 0ch], ebx ; create EIP in old stack - movzx ebx, (IA32_TSS ptr [ecx])._CS - mov [eax - 08h], ebx ; create CS in old stack - mov ebx, (IA32_TSS ptr [ecx]).EFLAGS - bts ebx, 8 - mov [eax - 04h], ebx ; create eflags in old st= ack - mov eax, (IA32_TSS ptr [ecx])._ESP ; Get old stack pointer - sub eax, 0ch ; minus 12 byte - mov (IA32_TSS ptr [ecx])._ESP, eax ; Set new stack pointer -; Replace the EIP of interrupted task with stub function - mov eax, PageFaultStubFunction - mov (IA32_TSS ptr [ecx]).EIP, eax -; Jump to the iretd so next page fault handler as a task will start again = after iretd. -@Done2: - add esp, 4 ; skip ErrCode - - jmp Return -PageFaultIdtHandlerSmmProfile ENDP - -PageFaultStubFunction PROC -; -; we need clean TS bit in CR0 to execute -; x87 FPU/MMX/SSE/SSE2/SSE3/SSSE3/SSE4 instructions. -; - clts - iretd -PageFaultStubFunction ENDP - - END diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.S b/UefiCpuPkg/PiSmmCpu= DxeSmm/Ia32/SmmInit.S deleted file mode 100644 index e8db33a45a4d..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.S +++ /dev/null @@ -1,84 +0,0 @@ -#-------------------------------------------------------------------------= ----- -# -# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
-# This program and the accompanying materials -# are licensed and made available under the terms and conditions of the BS= D License -# which accompanies this distribution. The full text of the license may b= e found at -# http://opensource.org/licenses/bsd-license.php. -# -# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -# -# Module Name: -# -# SmmInit.S -# -# Abstract: -# -# Functions for relocating SMBASE's for all processors -# -#-------------------------------------------------------------------------= ----- - -ASM_GLOBAL ASM_PFX(gSmmCr0) -ASM_GLOBAL ASM_PFX(gSmmCr3) -ASM_GLOBAL ASM_PFX(gSmmCr4) -ASM_GLOBAL ASM_PFX(gcSmmInitTemplate) -ASM_GLOBAL ASM_PFX(gcSmmInitSize) -ASM_GLOBAL ASM_PFX(gSmmJmpAddr) -ASM_GLOBAL ASM_PFX(SmmRelocationSemaphoreComplete) -ASM_GLOBAL ASM_PFX(gSmmInitStack) -ASM_GLOBAL ASM_PFX(gcSmiInitGdtr) - -.equ PROTECT_MODE_CS, 0x08 -.equ PROTECT_MODE_DS, 0x20 - - .text - -ASM_PFX(gcSmiInitGdtr): - .word 0 - .quad 0 - -SmmStartup: - .byte 0x66,0xb8 -ASM_PFX(gSmmCr3): .space 4 - movl %eax, %cr3 - .byte 0x67,0x66 - lgdt %cs:(ASM_PFX(gcSmiInitGdtr) - SmmStartup)(%ebp) - .byte 0x66,0xb8 -ASM_PFX(gSmmCr4): .space 4 - movl %eax, %cr4 - .byte 0x66,0xb8 -ASM_PFX(gSmmCr0): .space 4 - .byte 0xbf, PROTECT_MODE_DS, 0 # mov di, PROTECT_MODE_DS - movl %eax, %cr0 - .byte 0x66,0xea # jmp far [ptr48] -ASM_PFX(gSmmJmpAddr): .long Start32bit - .word PROTECT_MODE_CS -Start32bit: - movl %edi,%ds - movl %edi,%es - movl %edi,%fs - movl %edi,%gs - movl %edi,%ss - .byte 0xbc # mov esp, imm32 -ASM_PFX(gSmmInitStack): .space 4 - call ASM_PFX(SmmInitHandler) - rsm - -ASM_PFX(gcSmmInitTemplate): - -_SmmInitTemplate: - .byte 0x66 - movl $SmmStartup, %ebp - .byte 0x66, 0x81, 0xed, 0, 0, 3, 0 # sub ebp, 0x30000 - jmp *%bp # jmp ebp actually - -ASM_PFX(gcSmmInitSize): .word . - ASM_PFX(gcSmmInitTemplate) - - -ASM_PFX(SmmRelocationSemaphoreComplete): - pushl %eax - movl ASM_PFX(mRebasedFlag), %eax - movb $1, (%eax) - popl %eax - jmp *ASM_PFX(mSmmRelocationOriginalAddress) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.asm b/UefiCpuPkg/PiSmmC= puDxeSmm/Ia32/SmmInit.asm deleted file mode 100644 index 9ba2aebe6925..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.asm +++ /dev/null @@ -1,94 +0,0 @@ -;-------------------------------------------------------------------------= ----- ; -; Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
-; This program and the accompanying materials -; are licensed and made available under the terms and conditions of the BS= D License -; which accompanies this distribution. The full text of the license may b= e found at -; http://opensource.org/licenses/bsd-license.php. -; -; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -; -; Module Name: -; -; SmmInit.Asm -; -; Abstract: -; -; Functions for relocating SMBASE's for all processors -; -;-------------------------------------------------------------------------= ------ - - .686p - .xmm - .model flat,C - -SmmInitHandler PROTO C - -EXTERNDEF C gSmmCr0:DWORD -EXTERNDEF C gSmmCr3:DWORD -EXTERNDEF C gSmmCr4:DWORD -EXTERNDEF C gcSmmInitTemplate:BYTE -EXTERNDEF C gcSmmInitSize:WORD -EXTERNDEF C gSmmJmpAddr:QWORD -EXTERNDEF C mRebasedFlag:PTR BYTE -EXTERNDEF C mSmmRelocationOriginalAddress:DWORD -EXTERNDEF C gSmmInitStack:DWORD -EXTERNDEF C gcSmiInitGdtr:FWORD - -PROTECT_MODE_CS EQU 08h -PROTECT_MODE_DS EQU 20h - - .code - -gcSmiInitGdtr LABEL FWORD - DW 0 - DQ 0 - -SmmStartup PROC - DB 66h, 0b8h -gSmmCr3 DD ? - mov cr3, eax - DB 67h, 66h - lgdt fword ptr cs:[ebp + (offset gcSmiInitGdtr - SmmStartup)] - DB 66h, 0b8h -gSmmCr4 DD ? - mov cr4, eax - DB 66h, 0b8h -gSmmCr0 DD ? - DB 0bfh, PROTECT_MODE_DS, 0 ; mov di, PROTECT_MODE_DS - mov cr0, eax - DB 66h, 0eah ; jmp far [ptr48] -gSmmJmpAddr LABEL QWORD - DD @32bit - DW PROTECT_MODE_CS -@32bit: - mov ds, edi - mov es, edi - mov fs, edi - mov gs, edi - mov ss, edi - DB 0bch ; mov esp, imm32 -gSmmInitStack DD ? - call SmmInitHandler - rsm -SmmStartup ENDP - -gcSmmInitTemplate LABEL BYTE - -_SmmInitTemplate PROC - DB 66h - mov ebp, SmmStartup - DB 66h, 81h, 0edh, 00h, 00h, 03h, 00 ; sub ebp, 30000h - jmp bp ; jmp ebp actually -_SmmInitTemplate ENDP - -gcSmmInitSize DW $ - gcSmmInitTemplate - -SmmRelocationSemaphoreComplete PROC - push eax - mov eax, mRebasedFlag - mov byte ptr [eax], 1 - pop eax - jmp [mSmmRelocationOriginalAddress] -SmmRelocationSemaphoreComplete ENDP - END diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/MpFuncs.S b/UefiCpuPkg/PiSmmCpuD= xeSmm/X64/MpFuncs.S deleted file mode 100644 index d7cbc8cdc50b..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/MpFuncs.S +++ /dev/null @@ -1,204 +0,0 @@ -#-------------------------------------------------------------------------= ----- -# -# Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
-# This program and the accompanying materials -# are licensed and made available under the terms and conditions of the BS= D License -# which accompanies this distribution. The full text of the license may b= e found at -# http://opensource.org/licenses/bsd-license.php. -# -# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -# -# Module Name: -# -# MpFuncs.S -# -# Abstract: -# -# This is the assembly code for Multi-processor S3 support -# -#-------------------------------------------------------------------------= ----- - -.equ VacantFlag, 0x0 -.equ NotVacantFlag, 0xff - -.equ LockLocation, RendezvousFunnelProcEnd = - RendezvousFunnelProcStart -.equ StackStartAddressLocation, RendezvousFunnelProcEnd = - RendezvousFunnelProcStart + 0x08 -.equ StackSizeLocation, RendezvousFunnelProcEnd = - RendezvousFunnelProcStart + 0x10 -.equ CProcedureLocation, RendezvousFunnelProcEnd = - RendezvousFunnelProcStart + 0x18 -.equ GdtrLocation, RendezvousFunnelProcEnd = - RendezvousFunnelProcStart + 0x20 -.equ IdtrLocation, RendezvousFunnelProcEnd = - RendezvousFunnelProcStart + 0x2A -.equ BufferStartLocation, RendezvousFunnelProcEnd = - RendezvousFunnelProcStart + 0x34 -.equ Cr3OffsetLocation, RendezvousFunnelProcEnd = - RendezvousFunnelProcStart + 0x38 - -#-------------------------------------------------------------------------= ------------ -#RendezvousFunnelProc procedure follows. All APs execute their procedure.= This -#procedure serializes all the AP processors through an Init sequence. It m= ust be -#noted that APs arrive here very raw...ie: real mode, no stack. -#ALSO THIS PROCEDURE IS EXECUTED BY APs ONLY ON 16 BIT MODE. HENCE THIS PR= OC -#IS IN MACHINE CODE. -#-------------------------------------------------------------------------= ------------ -#RendezvousFunnelProc (&WakeUpBuffer,MemAddress); - -.code: - -ASM_GLOBAL ASM_PFX(RendezvousFunnelProc) -ASM_PFX(RendezvousFunnelProc): -RendezvousFunnelProcStart: - -# At this point CS =3D 0x(vv00) and ip=3D 0x0. - - .byte 0x8c,0xc8 # mov ax, cs - .byte 0x8e,0xd8 # mov ds, ax - .byte 0x8e,0xc0 # mov es, ax - .byte 0x8e,0xd0 # mov ss, ax - .byte 0x33,0xc0 # xor ax, ax - .byte 0x8e,0xe0 # mov fs, ax - .byte 0x8e,0xe8 # mov gs, ax - -flat32Start: - - .byte 0xBE - .word BufferStartLocation - .byte 0x66,0x8B,0x14 # mov edx,dword ptr [si] = ; EDX is keeping the start address of wakeup buffer - - .byte 0xBE - .word Cr3OffsetLocation - .byte 0x66,0x8B,0xC # mov ecx,dword ptr [si] = ; ECX is keeping the value of CR3 - - .byte 0xBE - .word GdtrLocation - .byte 0x66 # db 66h - .byte 0x2E,0xF,0x1,0x14 # lgdt fword ptr cs:[si] - - .byte 0xBE - .word IdtrLocation - .byte 0x66 # db 66h - .byte 0x2E,0xF,0x1,0x1C # lidt fword ptr cs:[si] - - .byte 0x33,0xC0 # xor ax, ax - .byte 0x8E,0xD8 # mov ds, ax - - .byte 0xF,0x20,0xC0 # mov eax, cr0 = ; Get control register 0 - .byte 0x66,0x83,0xC8,0x1 # or eax, 000000001h = ; Set PE bit (bit #0) - .byte 0xF,0x22,0xC0 # mov cr0, eax - -FLAT32_JUMP: - - .byte 0x66,0x67,0xEA # far jump - .long 0x0 # 32-bit offset - .word 0x20 # 16-bit selector - -PMODE_ENTRY: # protected mode entry point - - .byte 0x66,0xB8,0x18,0x0 # mov ax, 18h - .byte 0x66,0x8E,0xD8 # mov ds, ax - .byte 0x66,0x8E,0xC0 # mov es, ax - .byte 0x66,0x8E,0xE0 # mov fs, ax - .byte 0x66,0x8E,0xE8 # mov gs, ax - .byte 0x66,0x8E,0xD0 # mov ss, ax = ; Flat mode setup. - - .byte 0xF,0x20,0xE0 # mov eax, cr4 - .byte 0xF,0xBA,0xE8,0x5 # bts eax, 5 - .byte 0xF,0x22,0xE0 # mov cr4, eax - - .byte 0xF,0x22,0xD9 # mov cr3, ecx - - .byte 0x8B,0xF2 # mov esi, edx = ; Save wakeup buffer address - - .byte 0xB9 - .long 0xC0000080 # mov ecx, 0c0000080h = ; EFER MSR number. - .byte 0xF,0x32 # rdmsr = ; Read EFER. - .byte 0xF,0xBA,0xE8,0x8 # bts eax, 8 = ; Set LME=3D1. - .byte 0xF,0x30 # wrmsr = ; Write EFER. - - .byte 0xF,0x20,0xC0 # mov eax, cr0 = ; Read CR0. - .byte 0xF,0xBA,0xE8,0x1F # bts eax, 31 = ; Set PG=3D1. - .byte 0xF,0x22,0xC0 # mov cr0, eax = ; Write CR0. - -LONG_JUMP: - - .byte 0x67,0xEA # far jump - .long 0x0 # 32-bit offset - .word 0x38 # 16-bit selector - -LongModeStart: - - movw $0x30,%ax - .byte 0x66 - movw %ax,%ds - .byte 0x66 - movw %ax,%es - .byte 0x66 - movw %ax,%ss - - movl %esi,%edi - addl $LockLocation, %edi - movb $NotVacantFlag, %al -TestLock: - xchgb (%edi), %al - cmpb $NotVacantFlag, %al - jz TestLock - -ProgramStack: - - movl %esi,%edi - addl $StackSizeLocation, %edi - movq (%edi), %rax - movl %esi,%edi - addl $StackStartAddressLocation, %edi - addq (%edi), %rax - movq %rax, %rsp - movq %rax, (%edi) - -Releaselock: - - movb $VacantFlag, %al - movl %esi,%edi - addl $LockLocation, %edi - xchgb (%edi), %al - - # - # Call assembly function to initialize FPU. - # - movabsq $ASM_PFX(InitializeFloatingPointUnits), %rax - subq $0x20, %rsp - call *%rax - addq $0x20, %rsp - # - # Call C Function - # - movl %esi,%edi - addl $CProcedureLocation, %edi - movq (%edi), %rax - - testq %rax, %rax - jz GoToSleep - - subq $0x20, %rsp - call *%rax - addq $0x20, %rsp - -GoToSleep: - cli - hlt - jmp .-2 - -RendezvousFunnelProcEnd: - - -#-------------------------------------------------------------------------= ------------ -# AsmGetAddressMap (&AddressMap); -#-------------------------------------------------------------------------= ------------ -# comments here for definition of address map -ASM_GLOBAL ASM_PFX(AsmGetAddressMap) -ASM_PFX(AsmGetAddressMap): - movabsq $RendezvousFunnelProcStart, %rax - movq %rax, (%rcx) - movq $(PMODE_ENTRY - RendezvousFunnelProcStart), 0x08(%rcx) - movq $(FLAT32_JUMP - RendezvousFunnelProcStart), 0x10(%rcx) - movq $(RendezvousFunnelProcEnd - RendezvousFunnelProcStart= ), 0x18(%rcx) - movq $(LongModeStart - RendezvousFunnelProcStart), 0x20(%r= cx) - movq $(LONG_JUMP - RendezvousFunnelProcStart), 0x28(%rcx) - ret - diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/MpFuncs.asm b/UefiCpuPkg/PiSmmCp= uDxeSmm/X64/MpFuncs.asm deleted file mode 100644 index 2c5a7c9bc2db..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/MpFuncs.asm +++ /dev/null @@ -1,206 +0,0 @@ -;-------------------------------------------------------------------------= ----- ; -; Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
-; This program and the accompanying materials -; are licensed and made available under the terms and conditions of the BS= D License -; which accompanies this distribution. The full text of the license may b= e found at -; http://opensource.org/licenses/bsd-license.php. -; -; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -; -; Module Name: -; -; MpFuncs.asm -; -; Abstract: -; -; This is the assembly code for Multi-processor S3 support -; -;-------------------------------------------------------------------------= ------ - -EXTERN InitializeFloatingPointUnits:PROC - -VacantFlag Equ 00h -NotVacantFlag Equ 0ffh - -LockLocation equ RendezvousFunnelProcEnd - Rendezv= ousFunnelProcStart -StackStartAddressLocation equ LockLocation + 08h -StackSizeLocation equ LockLocation + 10h -CProcedureLocation equ LockLocation + 18h -GdtrLocation equ LockLocation + 20h -IdtrLocation equ LockLocation + 2Ah -BufferStartLocation equ LockLocation + 34h -Cr3OffsetLocation equ LockLocation + 38h - -;-------------------------------------------------------------------------= ------------ -;RendezvousFunnelProc procedure follows. All APs execute their procedure.= This -;procedure serializes all the AP processors through an Init sequence. It m= ust be -;noted that APs arrive here very raw...ie: real mode, no stack. -;ALSO THIS PROCEDURE IS EXECUTED BY APs ONLY ON 16 BIT MODE. HENCE THIS PR= OC -;IS IN MACHINE CODE. -;-------------------------------------------------------------------------= ------------ -;RendezvousFunnelProc (&WakeUpBuffer,MemAddress); - -;text SEGMENT -.code - -RendezvousFunnelProc PROC -RendezvousFunnelProcStart:: - -; At this point CS =3D 0x(vv00) and ip=3D 0x0. - - db 8ch, 0c8h ; mov ax, cs - db 8eh, 0d8h ; mov ds, ax - db 8eh, 0c0h ; mov es, ax - db 8eh, 0d0h ; mov ss, ax - db 33h, 0c0h ; xor ax, ax - db 8eh, 0e0h ; mov fs, ax - db 8eh, 0e8h ; mov gs, ax - -flat32Start:: - - db 0BEh - dw BufferStartLocation ; mov si, BufferStartLocation - db 66h, 8Bh, 14h ; mov edx,dword ptr [si] = ; EDX is keeping the start address of wakeup buffer - - db 0BEh - dw Cr3OffsetLocation ; mov si, Cr3Location - db 66h, 8Bh, 0Ch ; mov ecx,dword ptr [si] = ; ECX is keeping the value of CR3 - - db 0BEh - dw GdtrLocation ; mov si, GdtrProfile - db 66h ; db 66h - db 2Eh, 0Fh, 01h, 14h ; lgdt fword ptr cs:[si] - - db 0BEh - dw IdtrLocation ; mov si, IdtrProfile - db 66h ; db 66h - db 2Eh, 0Fh, 01h, 1Ch ; lidt fword ptr cs:[si] - - db 33h, 0C0h ; xor ax, ax - db 8Eh, 0D8h ; mov ds, ax - - db 0Fh, 20h, 0C0h ; mov eax, cr0 = ; Get control register 0 - db 66h, 83h, 0C8h, 01h ; or eax, 000000001h = ; Set PE bit (bit #0) - db 0Fh, 22h, 0C0h ; mov cr0, eax - -FLAT32_JUMP:: - - db 66h, 67h, 0EAh ; far jump - dd 0h ; 32-bit offset - dw 20h ; 16-bit selector - -PMODE_ENTRY:: ; protected mode entry point - - db 66h, 0B8h, 18h, 00h ; mov ax, 18h - db 66h, 8Eh, 0D8h ; mov ds, ax - db 66h, 8Eh, 0C0h ; mov es, ax - db 66h, 8Eh, 0E0h ; mov fs, ax - db 66h, 8Eh, 0E8h ; mov gs, ax - db 66h, 8Eh, 0D0h ; mov ss, ax = ; Flat mode setup. - - db 0Fh, 20h, 0E0h ; mov eax, cr4 - db 0Fh, 0BAh, 0E8h, 05h ; bts eax, 5 - db 0Fh, 22h, 0E0h ; mov cr4, eax - - db 0Fh, 22h, 0D9h ; mov cr3, ecx - - db 8Bh, 0F2h ; mov esi, edx = ; Save wakeup buffer address - - db 0B9h - dd 0C0000080h ; mov ecx, 0c0000080h = ; EFER MSR number. - db 0Fh, 32h ; rdmsr = ; Read EFER. - db 0Fh, 0BAh, 0E8h, 08h ; bts eax, 8 = ; Set LME=3D1. - db 0Fh, 30h ; wrmsr = ; Write EFER. - - db 0Fh, 20h, 0C0h ; mov eax, cr0 = ; Read CR0. - db 0Fh, 0BAh, 0E8h, 1Fh ; bts eax, 31 = ; Set PG=3D1. - db 0Fh, 22h, 0C0h ; mov cr0, eax = ; Write CR0. - -LONG_JUMP:: - - db 67h, 0EAh ; far jump - dd 0h ; 32-bit offset - dw 38h ; 16-bit selector - -LongModeStart:: - - mov ax, 30h - mov ds, ax - mov es, ax - mov ss, ax - - mov edi, esi - add edi, LockLocation - mov al, NotVacantFlag -TestLock:: - xchg byte ptr [edi], al - cmp al, NotVacantFlag - jz TestLock - -ProgramStack:: - - mov edi, esi - add edi, StackSizeLocation - mov rax, qword ptr [edi] - mov edi, esi - add edi, StackStartAddressLocation - add rax, qword ptr [edi] - mov rsp, rax - mov qword ptr [edi], rax - -Releaselock:: - - mov al, VacantFlag - mov edi, esi - add edi, LockLocation - xchg byte ptr [edi], al - - ; - ; Call assembly function to initialize FPU. - ; - mov rax, InitializeFloatingPointUnits - sub rsp, 20h - call rax - add rsp, 20h - - ; - ; Call C Function - ; - mov edi, esi - add edi, CProcedureLocation - mov rax, qword ptr [edi] - - test rax, rax - jz GoToSleep - - sub rsp, 20h - call rax - add rsp, 20h - -GoToSleep:: - cli - hlt - jmp $-2 - -RendezvousFunnelProcEnd:: -RendezvousFunnelProc ENDP - - -;-------------------------------------------------------------------------= ------------ -; AsmGetAddressMap (&AddressMap); -;-------------------------------------------------------------------------= ------------ -; comments here for definition of address map -AsmGetAddressMap PROC - mov rax, offset RendezvousFunnelProcStart - mov qword ptr [rcx], rax - mov qword ptr [rcx+8h], PMODE_ENTRY - RendezvousFunnelProc= Start - mov qword ptr [rcx+10h], FLAT32_JUMP - RendezvousFunnelPro= cStart - mov qword ptr [rcx+18h], RendezvousFunnelProcEnd - Rendezv= ousFunnelProcStart - mov qword ptr [rcx+20h], LongModeStart - RendezvousFunnelP= rocStart - mov qword ptr [rcx+28h], LONG_JUMP - RendezvousFunnelProcS= tart - ret - -AsmGetAddressMap ENDP - -END diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.S b/UefiCpuPkg/PiSmmCpu= DxeSmm/X64/SmiEntry.S deleted file mode 100644 index 600d8623cd26..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.S +++ /dev/null @@ -1,243 +0,0 @@ -#-------------------------------------------------------------------------= ----- -# -# Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
-# This program and the accompanying materials -# are licensed and made available under the terms and conditions of the BS= D License -# which accompanies this distribution. The full text of the license may b= e found at -# http://opensource.org/licenses/bsd-license.php. -# -# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -# -# Module Name: -# -# SmiEntry.S -# -# Abstract: -# -# Code template of the SMI handler for a particular processor -# -#-------------------------------------------------------------------------= ----- - -ASM_GLOBAL ASM_PFX(gcSmiHandlerTemplate) -ASM_GLOBAL ASM_PFX(gcSmiHandlerSize) -ASM_GLOBAL ASM_PFX(gSmiCr3) -ASM_GLOBAL ASM_PFX(gSmiStack) -ASM_GLOBAL ASM_PFX(gSmbase) -ASM_GLOBAL ASM_PFX(mXdSupported) -ASM_GLOBAL ASM_PFX(gSmiHandlerIdtr) - -.equ MSR_IA32_MISC_ENABLE, 0x1A0 -.equ MSR_EFER, 0xc0000080 -.equ MSR_EFER_XD, 0x800 - -# -# Constants relating to PROCESSOR_SMM_DESCRIPTOR -# -.equ DSC_OFFSET, 0xfb00 -.equ DSC_GDTPTR, 0x30 -.equ DSC_GDTSIZ, 0x38 -.equ DSC_CS, 14 -.equ DSC_DS, 16 -.equ DSC_SS, 18 -.equ DSC_OTHERSEG, 20 -# -# Constants relating to CPU State Save Area -# -.equ SSM_DR6, 0xffd0 -.equ SSM_DR7, 0xffc8 - -.equ PROTECT_MODE_CS, 0x08 -.equ PROTECT_MODE_DS, 0x20 -.equ LONG_MODE_CS, 0x38 -.equ TSS_SEGMENT, 0x40 -.equ GDT_SIZE, 0x50 - - .text - -ASM_PFX(gcSmiHandlerTemplate): - -_SmiEntryPoint: - # - # The encoding of BX in 16-bit addressing mode is the same as of RDI i= n 64- - # bit addressing mode. And that coincidence has been used in the follo= wing - # "64-bit like" 16-bit code. Be aware that once RDI is referenced as a - # base address register, it is actually BX that is referenced. - # - .byte 0xbb # mov bx, imm16 - .word _GdtDesc - _SmiEntryPoint + 0x8000 - # - # fix GDT descriptor - # - .byte 0x2e,0xa1 # mov ax, cs:[offset16] - .word DSC_OFFSET + DSC_GDTSIZ - .byte 0x48 # dec ax - .byte 0x2e - movl %eax, (%rdi) # mov cs:[bx], ax - .byte 0x66,0x2e,0xa1 # mov eax, cs:[offset16] - .word DSC_OFFSET + DSC_GDTPTR - .byte 0x2e - movw %ax, 2(%rdi) - .byte 0x66,0x2e - lgdt (%rdi) - # - # Patch ProtectedMode Segment - # - .byte 0xb8 - .word PROTECT_MODE_CS - .byte 0x2e - movl %eax, -2(%rdi) - # - # Patch ProtectedMode entry - # - .byte 0x66, 0xbf # mov edi, SMBASE -ASM_PFX(gSmbase): .space 4 - lea ((ProtectedMode - _SmiEntryPoint) + 0x8000)(%edi), %ax - .byte 0x2e - movw %ax, -6(%rdi) - # - # Switch into ProtectedMode - # - movq %cr0, %rbx - .byte 0x66 - andl $0x9ffafff3, %ebx - .byte 0x66 - orl $0x00000023, %ebx - - movq %rbx, %cr0 - .byte 0x66, 0xea - .space 6 - -_GdtDesc: .space 6 - -ProtectedMode: - movw $PROTECT_MODE_DS, %ax - movl %eax, %ds - movl %eax, %es - movl %eax, %fs - movl %eax, %gs - movl %eax, %ss - .byte 0xbc # mov esp, imm32 -ASM_PFX(gSmiStack): .space 4 - jmp ProtFlatMode - -ProtFlatMode: - .byte 0xb8 -ASM_PFX(gSmiCr3): .space 4 - movq %rax, %cr3 - movl $0x668,%eax # as cr4.PGE is not set here, refr= esh cr3 - movq %rax, %cr4 # in PreModifyMtrrs() to flush TLB. -# Load TSS - subl $8, %esp # reserve room in stack - sgdt (%rsp) - movl 2(%rsp), %eax # eax =3D GDT base - addl $8, %esp - movb $0x89, %dl - movb %dl, (TSS_SEGMENT + 5)(%rax) # clear busy flag - movl $TSS_SEGMENT, %eax - ltr %ax - -# enable NXE if supported - .byte 0xb0 # mov al, imm8 -ASM_PFX(mXdSupported): .byte 1 - cmpb $0, %al - jz SkipNxe -# -# Check XD disable bit -# - movl $MSR_IA32_MISC_ENABLE, %ecx - rdmsr - subl $4, %esp - pushq %rdx # save MSR_IA32_MISC_ENABLE[63-32] - testl $BIT2, %edx # MSR_IA32_MISC_ENABLE[34] - jz L13 - andw $0x0FFFB, %dx # clear XD Disable bit if it is set - wrmsr -L13: - movl $MSR_EFER, %ecx - rdmsr - orw $MSR_EFER_XD,%ax # enable NXE - wrmsr - jmp NxeDone -SkipNxe: - subl $8, %esp -NxeDone: - - # - # Switch to LongMode - # - pushq $LONG_MODE_CS # push cs hardcore here - call Base # push return address for retf l= ater -Base: - addl $(LongMode - Base), (%rsp) # offset for far retf, seg is the = 1st arg - - movl $MSR_EFER, %ecx - rdmsr - orb $1,%ah # enable LME - wrmsr - movq %cr0, %rbx - orl $0x080010023, %ebx # enable paging + WP + NE + MP + PE - movq %rbx, %cr0 - retf -LongMode: # long mode (64-bit code) starts h= ere - movabsq $ASM_PFX(gSmiHandlerIdtr), %rax - lidt (%rax) - lea (DSC_OFFSET)(%rdi), %ebx - movw DSC_DS(%rbx), %ax - movl %eax,%ds - movw DSC_OTHERSEG(%rbx), %ax - movl %eax,%es - movl %eax,%fs - movl %eax,%gs - movw DSC_SS(%rbx), %ax - movl %eax,%ss -# jmp _SmiHandler ; instruction is not needed - -_SmiHandler: - movq 8(%rsp), %rbx - # Save FP registers - - subq $0x200, %rsp - .byte 0x48 # FXSAVE64 - fxsave (%rsp) - - addq $-0x20, %rsp - - movq %rbx, %rcx - movabsq $ASM_PFX(CpuSmmDebugEntry), %rax - call *%rax - - movq %rbx, %rcx - movabsq $ASM_PFX(SmiRendezvous), %rax - call *%rax - - movq %rbx, %rcx - movabsq $ASM_PFX(CpuSmmDebugExit), %rax - call *%rax - - addq $0x20, %rsp - - # - # Restore FP registers - # - .byte 0x48 # FXRSTOR64 - fxrstor (%rsp) - - addq $0x200, %rsp - - movabsq $ASM_PFX(mXdSupported), %rax - movb (%rax), %al - cmpb $0, %al - jz L16 - popq %rdx # get saved MSR_IA32_MISC_ENABLE[6= 3-32] - testl $BIT2, %edx - jz L16 - movl $MSR_IA32_MISC_ENABLE, %ecx - rdmsr - orw $BIT2, %dx # set XD Disable bit if it was set= before entering into SMM - wrmsr - -L16: - rsm - -ASM_PFX(gcSmiHandlerSize): .word . - _SmiEntryPoint diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.asm b/UefiCpuPkg/PiSmmC= puDxeSmm/X64/SmiEntry.asm deleted file mode 100644 index c74f82aac8e0..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.asm +++ /dev/null @@ -1,242 +0,0 @@ -;-------------------------------------------------------------------------= ----- ; -; Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
-; This program and the accompanying materials -; are licensed and made available under the terms and conditions of the BS= D License -; which accompanies this distribution. The full text of the license may b= e found at -; http://opensource.org/licenses/bsd-license.php. -; -; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -; -; Module Name: -; -; SmiEntry.asm -; -; Abstract: -; -; Code template of the SMI handler for a particular processor -; -;-------------------------------------------------------------------------= ------ - -; -; Variables referenced by C code -; -EXTERNDEF SmiRendezvous:PROC -EXTERNDEF CpuSmmDebugEntry:PROC -EXTERNDEF CpuSmmDebugExit:PROC -EXTERNDEF gcSmiHandlerTemplate:BYTE -EXTERNDEF gcSmiHandlerSize:WORD -EXTERNDEF gSmiCr3:DWORD -EXTERNDEF gSmiStack:DWORD -EXTERNDEF gSmbase:DWORD -EXTERNDEF mXdSupported:BYTE -EXTERNDEF gSmiHandlerIdtr:FWORD - -MSR_IA32_MISC_ENABLE EQU 1A0h -MSR_EFER EQU 0c0000080h -MSR_EFER_XD EQU 0800h - -; -; Constants relating to PROCESSOR_SMM_DESCRIPTOR -; -DSC_OFFSET EQU 0fb00h -DSC_GDTPTR EQU 30h -DSC_GDTSIZ EQU 38h -DSC_CS EQU 14 -DSC_DS EQU 16 -DSC_SS EQU 18 -DSC_OTHERSEG EQU 20 -; -; Constants relating to CPU State Save Area -; -SSM_DR6 EQU 0ffd0h -SSM_DR7 EQU 0ffc8h - -PROTECT_MODE_CS EQU 08h -PROTECT_MODE_DS EQU 20h -LONG_MODE_CS EQU 38h -TSS_SEGMENT EQU 40h -GDT_SIZE EQU 50h - - .code - -gcSmiHandlerTemplate LABEL BYTE - -_SmiEntryPoint: - ; - ; The encoding of BX in 16-bit addressing mode is the same as of RDI i= n 64- - ; bit addressing mode. And that coincidence has been used in the follo= wing - ; "64-bit like" 16-bit code. Be aware that once RDI is referenced as a - ; base address register, it is actually BX that is referenced. - ; - DB 0bbh ; mov bx, imm16 - DW offset _GdtDesc - _SmiEntryPoint + 8000h ; bx =3D GdtDesc off= set -; fix GDT descriptor - DB 2eh, 0a1h ; mov ax, cs:[offset16] - DW DSC_OFFSET + DSC_GDTSIZ - DB 48h ; dec ax - DB 2eh - mov [rdi], eax ; mov cs:[bx], ax - DB 66h, 2eh, 0a1h ; mov eax, cs:[offset16] - DW DSC_OFFSET + DSC_GDTPTR - DB 2eh - mov [rdi + 2], ax ; mov cs:[bx + 2], eax - DB 66h, 2eh - lgdt fword ptr [rdi] ; lgdt fword ptr cs:[bx] -; Patch ProtectedMode Segment - DB 0b8h ; mov ax, imm16 - DW PROTECT_MODE_CS ; set AX for segment directly - DB 2eh - mov [rdi - 2], eax ; mov cs:[bx - 2], ax -; Patch ProtectedMode entry - DB 66h, 0bfh ; mov edi, SMBASE -gSmbase DD ? - lea ax, [edi + (@ProtectedMode - _SmiEntryPoint) + 8000h] - DB 2eh - mov [rdi - 6], ax ; mov cs:[bx - 6], eax -; Switch into @ProtectedMode - mov rbx, cr0 - DB 66h - and ebx, 9ffafff3h - DB 66h - or ebx, 00000023h - - mov cr0, rbx - DB 66h, 0eah - DD ? - DW ? - -_GdtDesc FWORD ? -@ProtectedMode: - mov ax, PROTECT_MODE_DS - mov ds, ax - mov es, ax - mov fs, ax - mov gs, ax - mov ss, ax - DB 0bch ; mov esp, imm32 -gSmiStack DD ? - jmp ProtFlatMode - -ProtFlatMode: - DB 0b8h ; mov eax, offset gSmiCr3 -gSmiCr3 DD ? - mov cr3, rax - mov eax, 668h ; as cr4.PGE is not set here, refr= esh cr3 - mov cr4, rax ; in PreModifyMtrrs() to flush TLB. -; Load TSS - sub esp, 8 ; reserve room in stack - sgdt fword ptr [rsp] - mov eax, [rsp + 2] ; eax =3D GDT base - add esp, 8 - mov dl, 89h - mov [rax + TSS_SEGMENT + 5], dl ; clear busy flag - mov eax, TSS_SEGMENT - ltr ax - -; enable NXE if supported - DB 0b0h ; mov al, imm8 -mXdSupported DB 1 - cmp al, 0 - jz @SkipXd -; -; Check XD disable bit -; - mov ecx, MSR_IA32_MISC_ENABLE - rdmsr - sub esp, 4 - push rdx ; save MSR_IA32_MISC_ENABLE[63-32] - test edx, BIT2 ; MSR_IA32_MISC_ENABLE[34] - jz @f - and dx, 0FFFBh ; clear XD Disable bit if it is set - wrmsr -@@: - mov ecx, MSR_EFER - rdmsr - or ax, MSR_EFER_XD ; enable NXE - wrmsr - jmp @XdDone -@SkipXd: - sub esp, 8 -@XdDone: - -; Switch into @LongMode - push LONG_MODE_CS ; push cs hardcore here - call Base ; push return address for retf later -Base: - add dword ptr [rsp], @LongMode - Base; offset for far retf, seg is= the 1st arg - - mov ecx, MSR_EFER - rdmsr - or ah, 1 ; enable LME - wrmsr - mov rbx, cr0 - or ebx, 080010023h ; enable paging + WP + NE + MP + PE - mov cr0, rbx - retf -@LongMode: ; long mode (64-bit code) starts h= ere - mov rax, offset gSmiHandlerIdtr - lidt fword ptr [rax] - lea ebx, [rdi + DSC_OFFSET] - mov ax, [rbx + DSC_DS] - mov ds, eax - mov ax, [rbx + DSC_OTHERSEG] - mov es, eax - mov fs, eax - mov gs, eax - mov ax, [rbx + DSC_SS] - mov ss, eax -; jmp _SmiHandler ; instruction is not needed - -_SmiHandler: - mov rbx, [rsp] ; rbx <- CpuIndex - - ; - ; Save FP registers - ; - sub rsp, 200h - DB 48h ; FXSAVE64 - fxsave [rsp] - - add rsp, -20h - - mov rcx, rbx - mov rax, CpuSmmDebugEntry - call rax - - mov rcx, rbx - mov rax, SmiRendezvous ; rax <- absolute addr of SmiRedez= vous - call rax - - mov rcx, rbx - mov rax, CpuSmmDebugExit - call rax - - add rsp, 20h - - ; - ; Restore FP registers - ; - DB 48h ; FXRSTOR64 - fxrstor [rsp] - - add rsp, 200h - - mov rax, offset ASM_PFX(mXdSupported) - mov al, [rax] - cmp al, 0 - jz @f - pop rdx ; get saved MSR_IA32_MISC_ENABLE[63-= 32] - test edx, BIT2 - jz @f - mov ecx, MSR_IA32_MISC_ENABLE - rdmsr - or dx, BIT2 ; set XD Disable bit if it was set b= efore entering into SMM - wrmsr - -@@: - rsm - -gcSmiHandlerSize DW $ - _SmiEntryPoint - - END diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiException.S b/UefiCpuPkg/PiSm= mCpuDxeSmm/X64/SmiException.S deleted file mode 100644 index 338bb70dd821..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiException.S +++ /dev/null @@ -1,365 +0,0 @@ -#-------------------------------------------------------------------------= ----- -# -# Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
-# This program and the accompanying materials -# are licensed and made available under the terms and conditions of the BS= D License -# which accompanies this distribution. The full text of the license may b= e found at -# http://opensource.org/licenses/bsd-license.php. -# -# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -# -# Module Name: -# -# SmiException.S -# -# Abstract: -# -# Exception handlers used in SM mode -# -#-------------------------------------------------------------------------= ----- - -ASM_GLOBAL ASM_PFX(SmiPFHandler) -ASM_GLOBAL ASM_PFX(gcSmiIdtr) -ASM_GLOBAL ASM_PFX(gcSmiGdtr) -ASM_GLOBAL ASM_PFX(gcPsd) - - .data - -NullSeg: .quad 0 # reserved by architecture -CodeSeg32: - .word -1 # LimitLow - .word 0 # BaseLow - .byte 0 # BaseMid - .byte 0x9b - .byte 0xcf # LimitHigh - .byte 0 # BaseHigh -ProtModeCodeSeg32: - .word -1 # LimitLow - .word 0 # BaseLow - .byte 0 # BaseMid - .byte 0x9b - .byte 0xcf # LimitHigh - .byte 0 # BaseHigh -ProtModeSsSeg32: - .word -1 # LimitLow - .word 0 # BaseLow - .byte 0 # BaseMid - .byte 0x93 - .byte 0xcf # LimitHigh - .byte 0 # BaseHigh -DataSeg32: - .word -1 # LimitLow - .word 0 # BaseLow - .byte 0 # BaseMid - .byte 0x93 - .byte 0xcf # LimitHigh - .byte 0 # BaseHigh -CodeSeg16: - .word -1 - .word 0 - .byte 0 - .byte 0x9b - .byte 0x8f - .byte 0 -DataSeg16: - .word -1 - .word 0 - .byte 0 - .byte 0x93 - .byte 0x8f - .byte 0 -CodeSeg64: - .word -1 # LimitLow - .word 0 # BaseLow - .byte 0 # BaseMid - .byte 0x9b - .byte 0xaf # LimitHigh - .byte 0 # BaseHigh -# TSS Segment for X64 specially -TssSeg: - .word TSS_DESC_SIZE - 1 # LimitLow - .word 0 # BaseLow - .byte 0 # BaseMid - .byte 0x89 - .byte 0x00 # LimitHigh - .byte 0 # BaseHigh - .long 0 # BaseUpper - .long 0 # Reserved -.equ GDT_SIZE, .- NullSeg - -TssDescriptor: - .space 104, 0 -.equ TSS_DESC_SIZE, .- TssDescriptor - -# -# This structure serves as a template for all processors. -# -ASM_PFX(gcPsd): - .ascii "PSDSIG " - .word PSD_SIZE - .word 2 - .word 1 << 2 - .word CODE_SEL - .word DATA_SEL - .word DATA_SEL - .word DATA_SEL - .word 0 - .quad 0 - .quad 0 - .quad 0 # fixed in InitializeMpServiceData= () - .quad NullSeg - .long GDT_SIZE - .long 0 - .space 24, 0 - .quad 0 -.equ PSD_SIZE, . - ASM_PFX(gcPsd) - -# -# CODE & DATA segments for SMM runtime -# -.equ CODE_SEL, CodeSeg64 - NullSeg -.equ DATA_SEL, DataSeg32 - NullSeg -.equ CODE32_SEL, CodeSeg32 - NullSeg - -ASM_PFX(gcSmiGdtr): - .word GDT_SIZE - 1 - .quad NullSeg - -ASM_PFX(gcSmiIdtr): - .word 0 - .quad 0 - - .text - -#-------------------------------------------------------------------------= ----- -# _SmiExceptionEntryPoints is the collection of exception entry points fol= lowed -# by a common exception handler. -# -# Stack frame would be as follows as specified in IA32 manuals: -# +---------------------+ <-- 16-byte aligned ensured by processor -# + Old SS + -# +---------------------+ -# + Old RSP + -# +---------------------+ -# + RFlags + -# +---------------------+ -# + CS + -# +---------------------+ -# + RIP + -# +---------------------+ -# + Error Code + -# +---------------------+ -# + Vector Number + -# +---------------------+ -# + RBP + -# +---------------------+ <-- RBP, 16-byte aligned -# -# RSP set to odd multiple of 8 at @CommonEntryPoint means ErrCode PRESENT -#-------------------------------------------------------------------------= ----- -ASM_GLOBAL ASM_PFX(PageFaultIdtHandlerSmmProfile) -ASM_PFX(PageFaultIdtHandlerSmmProfile): - pushq $0x0e # Page Fault - .byte 0x40, 0xf6, 0xc4, 0x08 #test spl, 8 - jnz L1 - pushq (%rsp) - movq $0, 8(%rsp) -L1: - pushq %rbp - movq %rsp, %rbp - - # - # Since here the stack pointer is 16-byte aligned, so - # EFI_FX_SAVE_STATE_X64 of EFI_SYSTEM_CONTEXT_x64 - # is 16-byte aligned - # - -## UINT64 Rdi, Rsi, Rbp, Rsp, Rbx, Rdx, Rcx, Rax; -## UINT64 R8, R9, R10, R11, R12, R13, R14, R15; - pushq %r15 - pushq %r14 - pushq %r13 - pushq %r12 - pushq %r11 - pushq %r10 - pushq %r9 - pushq %r8 - pushq %rax - pushq %rcx - pushq %rdx - pushq %rbx - pushq 48(%rbp) # RSP - pushq (%rbp) # RBP - pushq %rsi - pushq %rdi - -## UINT64 Gs, Fs, Es, Ds, Cs, Ss; insure high 16 bits of each is zero - movzwq 56(%rbp), %rax - pushq %rax # for ss - movzwq 32(%rbp), %rax - pushq %rax # for cs - movq %ds, %rax - pushq %rax - movq %es, %rax - pushq %rax - movq %fs, %rax - pushq %rax - movq %gs, %rax - pushq %rax - -## UINT64 Rip; - pushq 24(%rbp) - -## UINT64 Gdtr[2], Idtr[2]; - subq $16, %rsp - sidt (%rsp) - subq $16, %rsp - sgdt (%rsp) - -## UINT64 Ldtr, Tr; - xorq %rax, %rax - strw %ax - pushq %rax - sldtw %ax - pushq %rax - -## UINT64 RFlags; - pushq 40(%rbp) - -## UINT64 Cr0, Cr1, Cr2, Cr3, Cr4, Cr8; - movq %cr8, %rax - pushq %rax - movq %cr4, %rax - orq $0x208, %rax - movq %rax, %cr4 - pushq %rax - movq %cr3, %rax - pushq %rax - movq %cr2, %rax - pushq %rax - xorq %rax, %rax - pushq %rax - movq %cr0, %rax - pushq %rax - -## UINT64 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7; - movq %dr7, %rax - pushq %rax - movq %dr6, %rax - pushq %rax - movq %dr3, %rax - pushq %rax - movq %dr2, %rax - pushq %rax - movq %dr1, %rax - pushq %rax - movq %dr0, %rax - pushq %rax - -## FX_SAVE_STATE_X64 FxSaveState; - - subq $512, %rsp - movq %rsp, %rdi - .byte 0xf, 0xae, 0x7 # fxsave [rdi] - -# UEFI calling convention for x64 requires that Direction flag in EFLAGs i= s clear - cld - -## UINT32 ExceptionData; - pushq 16(%rbp) - -## call into exception handler - movq 8(%rbp), %rcx - movabsq $ASM_PFX(SmiPFHandler), %rax - -## Prepare parameter and call - movq %rsp, %rdx - # - # Per X64 calling convention, allocate maximum parameter stack space - # and make sure RSP is 16-byte aligned - # - subq $4 * 8 + 8, %rsp - call *%rax - addq $4 * 8 + 8, %rsp - jmp L5 - -L5: -## UINT64 ExceptionData; - addq $8, %rsp - -## FX_SAVE_STATE_X64 FxSaveState; - - movq %rsp, %rsi - .byte 0xf, 0xae, 0xe # fxrstor [rsi] - addq $512, %rsp - -## UINT64 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7; -## Skip restoration of DRx registers to support debuggers -## that set breakpoints in interrupt/exception context - addq $8 * 6, %rsp - -## UINT64 Cr0, Cr1, Cr2, Cr3, Cr4, Cr8; - popq %rax - movq %rax, %cr0 - addq $8, %rsp # not for Cr1 - popq %rax - movq %rax, %cr2 - popq %rax - movq %rax, %cr3 - popq %rax - movq %rax, %cr4 - popq %rax - movq %rax, %cr8 - -## UINT64 RFlags; - popq 40(%rbp) - -## UINT64 Ldtr, Tr; -## UINT64 Gdtr[2], Idtr[2]; -## Best not let anyone mess with these particular registers... - addq $48, %rsp - -## UINT64 Rip; - popq 24(%rbp) - -## UINT64 Gs, Fs, Es, Ds, Cs, Ss; - popq %rax - # mov gs, rax ; not for gs - popq %rax - # mov fs, rax ; not for fs - # (X64 will not use fs and gs, so we do not restore it) - popq %rax - movq %rax, %es - popq %rax - movq %rax, %ds - popq 32(%rbp) # for cs - popq 56(%rbp) # for ss - -## UINT64 Rdi, Rsi, Rbp, Rsp, Rbx, Rdx, Rcx, Rax; -## UINT64 R8, R9, R10, R11, R12, R13, R14, R15; - popq %rdi - popq %rsi - addq $8, %rsp # not for rbp - popq 48(%rbp) # for rsp - popq %rbx - popq %rdx - popq %rcx - popq %rax - popq %r8 - popq %r9 - popq %r10 - popq %r11 - popq %r12 - popq %r13 - popq %r14 - popq %r15 - - movq %rbp, %rsp - -# Enable TF bit after page fault handler runs - btsl $8, 40(%rsp) #RFLAGS - - popq %rbp - addq $16, %rsp # skip INT# & ErrCode - iretq - diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiException.asm b/UefiCpuPkg/Pi= SmmCpuDxeSmm/X64/SmiException.asm deleted file mode 100644 index 80bd739ff4c8..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiException.asm +++ /dev/null @@ -1,383 +0,0 @@ -;-------------------------------------------------------------------------= ----- ; -; Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
-; This program and the accompanying materials -; are licensed and made available under the terms and conditions of the BS= D License -; which accompanies this distribution. The full text of the license may b= e found at -; http://opensource.org/licenses/bsd-license.php. -; -; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -; -; Module Name: -; -; SmiException.asm -; -; Abstract: -; -; Exception handlers used in SM mode -; -;-------------------------------------------------------------------------= ------ - -EXTERNDEF SmiPFHandler:PROC -EXTERNDEF gcSmiIdtr:FWORD -EXTERNDEF gcSmiGdtr:FWORD -EXTERNDEF gcPsd:BYTE - - .const - -NullSeg DQ 0 ; reserved by architecture -CodeSeg32 LABEL QWORD - DW -1 ; LimitLow - DW 0 ; BaseLow - DB 0 ; BaseMid - DB 9bh - DB 0cfh ; LimitHigh - DB 0 ; BaseHigh -ProtModeCodeSeg32 LABEL QWORD - DW -1 ; LimitLow - DW 0 ; BaseLow - DB 0 ; BaseMid - DB 9bh - DB 0cfh ; LimitHigh - DB 0 ; BaseHigh -ProtModeSsSeg32 LABEL QWORD - DW -1 ; LimitLow - DW 0 ; BaseLow - DB 0 ; BaseMid - DB 93h - DB 0cfh ; LimitHigh - DB 0 ; BaseHigh -DataSeg32 LABEL QWORD - DW -1 ; LimitLow - DW 0 ; BaseLow - DB 0 ; BaseMid - DB 93h - DB 0cfh ; LimitHigh - DB 0 ; BaseHigh -CodeSeg16 LABEL QWORD - DW -1 - DW 0 - DB 0 - DB 9bh - DB 8fh - DB 0 -DataSeg16 LABEL QWORD - DW -1 - DW 0 - DB 0 - DB 93h - DB 8fh - DB 0 -CodeSeg64 LABEL QWORD - DW -1 ; LimitLow - DW 0 ; BaseLow - DB 0 ; BaseMid - DB 9bh - DB 0afh ; LimitHigh - DB 0 ; BaseHigh -; TSS Segment for X64 specially -TssSeg LABEL QWORD - DW TSS_DESC_SIZE - 1 ; LimitLow - DW 0 ; BaseLow - DB 0 ; BaseMid - DB 89h - DB 00h ; LimitHigh - DB 0 ; BaseHigh - DD 0 ; BaseUpper - DD 0 ; Reserved -GDT_SIZE =3D $ - offset NullSeg - -; Create TSS Descriptor just after GDT -TssDescriptor LABEL BYTE - DD 0 ; Reserved - DQ 0 ; RSP0 - DQ 0 ; RSP1 - DQ 0 ; RSP2 - DD 0 ; Reserved - DD 0 ; Reserved - DQ 0 ; IST1 - DQ 0 ; IST2 - DQ 0 ; IST3 - DQ 0 ; IST4 - DQ 0 ; IST5 - DQ 0 ; IST6 - DQ 0 ; IST7 - DD 0 ; Reserved - DD 0 ; Reserved - DW 0 ; Reserved - DW 0 ; I/O Map Base Address -TSS_DESC_SIZE =3D $ - offset TssDescriptor - -; -; This structure serves as a template for all processors. -; -gcPsd LABEL BYTE - DB 'PSDSIG ' - DW PSD_SIZE - DW 2 - DW 1 SHL 2 - DW CODE_SEL - DW DATA_SEL - DW DATA_SEL - DW DATA_SEL - DW 0 - DQ 0 - DQ 0 - DQ 0 ; fixed in InitializeMpServiceData= () - DQ offset NullSeg - DD GDT_SIZE - DD 0 - DB 24 dup (0) - DQ 0 -PSD_SIZE =3D $ - offset gcPsd - -; -; CODE & DATA segments for SMM runtime -; -CODE_SEL =3D offset CodeSeg64 - offset NullSeg -DATA_SEL =3D offset DataSeg32 - offset NullSeg -CODE32_SEL =3D offset CodeSeg32 - offset NullSeg - -gcSmiGdtr LABEL FWORD - DW GDT_SIZE - 1 - DQ offset NullSeg - -gcSmiIdtr LABEL FWORD - DW 0 - DQ 0 - - .code - -;-------------------------------------------------------------------------= ----- -; _SmiExceptionEntryPoints is the collection of exception entry points fol= lowed -; by a common exception handler. -; -; Stack frame would be as follows as specified in IA32 manuals: -; -; +---------------------+ <-- 16-byte aligned ensured by processor -; + Old SS + -; +---------------------+ -; + Old RSP + -; +---------------------+ -; + RFlags + -; +---------------------+ -; + CS + -; +---------------------+ -; + RIP + -; +---------------------+ -; + Error Code + -; +---------------------+ -; + Vector Number + -; +---------------------+ -; + RBP + -; +---------------------+ <-- RBP, 16-byte aligned -; -; RSP set to odd multiple of 8 at @CommonEntryPoint means ErrCode PRESENT -;-------------------------------------------------------------------------= ----- -PageFaultIdtHandlerSmmProfile PROC - push 0eh ; Page Fault - test spl, 8 ; odd multiple of 8 =3D> ErrCode p= resent - jnz @F - push [rsp] ; duplicate INT# if no ErrCode - mov qword ptr [rsp + 8], 0 -@@: - push rbp - mov rbp, rsp - - ; - ; Since here the stack pointer is 16-byte aligned, so - ; EFI_FX_SAVE_STATE_X64 of EFI_SYSTEM_CONTEXT_x64 - ; is 16-byte aligned - ; - -;; UINT64 Rdi, Rsi, Rbp, Rsp, Rbx, Rdx, Rcx, Rax; -;; UINT64 R8, R9, R10, R11, R12, R13, R14, R15; - push r15 - push r14 - push r13 - push r12 - push r11 - push r10 - push r9 - push r8 - push rax - push rcx - push rdx - push rbx - push qword ptr [rbp + 48] ; RSP - push qword ptr [rbp] ; RBP - push rsi - push rdi - -;; UINT64 Gs, Fs, Es, Ds, Cs, Ss; insure high 16 bits of each is zero - movzx rax, word ptr [rbp + 56] - push rax ; for ss - movzx rax, word ptr [rbp + 32] - push rax ; for cs - mov rax, ds - push rax - mov rax, es - push rax - mov rax, fs - push rax - mov rax, gs - push rax - -;; UINT64 Rip; - push qword ptr [rbp + 24] - -;; UINT64 Gdtr[2], Idtr[2]; - sub rsp, 16 - sidt fword ptr [rsp] - sub rsp, 16 - sgdt fword ptr [rsp] - -;; UINT64 Ldtr, Tr; - xor rax, rax - str ax - push rax - sldt ax - push rax - -;; UINT64 RFlags; - push qword ptr [rbp + 40] - -;; UINT64 Cr0, Cr1, Cr2, Cr3, Cr4, Cr8; - mov rax, cr8 - push rax - mov rax, cr4 - or rax, 208h - mov cr4, rax - push rax - mov rax, cr3 - push rax - mov rax, cr2 - push rax - xor rax, rax - push rax - mov rax, cr0 - push rax - -;; UINT64 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7; - mov rax, dr7 - push rax - mov rax, dr6 - push rax - mov rax, dr3 - push rax - mov rax, dr2 - push rax - mov rax, dr1 - push rax - mov rax, dr0 - push rax - -;; FX_SAVE_STATE_X64 FxSaveState; - - sub rsp, 512 - mov rdi, rsp - db 0fh, 0aeh, 00000111y ;fxsave [rdi] - -; UEFI calling convention for x64 requires that Direction flag in EFLAGs i= s clear - cld - -;; UINT32 ExceptionData; - push qword ptr [rbp + 16] - -;; call into exception handler - mov rcx, [rbp + 8] - mov rax, SmiPFHandler - -;; Prepare parameter and call - mov rdx, rsp - ; - ; Per X64 calling convention, allocate maximum parameter stack space - ; and make sure RSP is 16-byte aligned - ; - sub rsp, 4 * 8 + 8 - call rax - add rsp, 4 * 8 + 8 - jmp @F - -@@: -;; UINT64 ExceptionData; - add rsp, 8 - -;; FX_SAVE_STATE_X64 FxSaveState; - - mov rsi, rsp - db 0fh, 0aeh, 00001110y ; fxrstor [rsi] - add rsp, 512 - -;; UINT64 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7; -;; Skip restoration of DRx registers to support debuggers -;; that set breakpoints in interrupt/exception context - add rsp, 8 * 6 - -;; UINT64 Cr0, Cr1, Cr2, Cr3, Cr4, Cr8; - pop rax - mov cr0, rax - add rsp, 8 ; not for Cr1 - pop rax - mov cr2, rax - pop rax - mov cr3, rax - pop rax - mov cr4, rax - pop rax - mov cr8, rax - -;; UINT64 RFlags; - pop qword ptr [rbp + 40] - -;; UINT64 Ldtr, Tr; -;; UINT64 Gdtr[2], Idtr[2]; -;; Best not let anyone mess with these particular registers... - add rsp, 48 - -;; UINT64 Rip; - pop qword ptr [rbp + 24] - -;; UINT64 Gs, Fs, Es, Ds, Cs, Ss; - pop rax - ; mov gs, rax ; not for gs - pop rax - ; mov fs, rax ; not for fs - ; (X64 will not use fs and gs, so we do not restore it) - pop rax - mov es, rax - pop rax - mov ds, rax - pop qword ptr [rbp + 32] ; for cs - pop qword ptr [rbp + 56] ; for ss - -;; UINT64 Rdi, Rsi, Rbp, Rsp, Rbx, Rdx, Rcx, Rax; -;; UINT64 R8, R9, R10, R11, R12, R13, R14, R15; - pop rdi - pop rsi - add rsp, 8 ; not for rbp - pop qword ptr [rbp + 48] ; for rsp - pop rbx - pop rdx - pop rcx - pop rax - pop r8 - pop r9 - pop r10 - pop r11 - pop r12 - pop r13 - pop r14 - pop r15 - - mov rsp, rbp - -; Enable TF bit after page fault handler runs - bts dword ptr [rsp + 40], 8 ;RFLAGS - - pop rbp - add rsp, 16 ; skip INT# & ErrCode - iretq -PageFaultIdtHandlerSmmProfile ENDP - - END diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.S b/UefiCpuPkg/PiSmmCpuD= xeSmm/X64/SmmInit.S deleted file mode 100644 index 5e352f57c379..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.S +++ /dev/null @@ -1,141 +0,0 @@ -#-------------------------------------------------------------------------= ----- -# -# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
-# This program and the accompanying materials -# are licensed and made available under the terms and conditions of the BS= D License -# which accompanies this distribution. The full text of the license may b= e found at -# http://opensource.org/licenses/bsd-license.php. -# -# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -# -# Module Name: -# -# SmmInit.S -# -# Abstract: -# -# Functions for relocating SMBASE's for all processors -# -#-------------------------------------------------------------------------= ----- - -ASM_GLOBAL ASM_PFX(gSmmCr0) -ASM_GLOBAL ASM_PFX(gSmmCr3) -ASM_GLOBAL ASM_PFX(gSmmCr4) -ASM_GLOBAL ASM_PFX(gSmmJmpAddr) -ASM_GLOBAL ASM_PFX(gcSmmInitTemplate) -ASM_GLOBAL ASM_PFX(gcSmmInitSize) -ASM_GLOBAL ASM_PFX(mRebasedFlagAddr32) -ASM_GLOBAL ASM_PFX(SmmRelocationSemaphoreComplete) -ASM_GLOBAL ASM_PFX(SmmRelocationSemaphoreComplete32) -ASM_GLOBAL ASM_PFX(mSmmRelocationOriginalAddressPtr32) -ASM_GLOBAL ASM_PFX(gSmmInitStack) -ASM_GLOBAL ASM_PFX(gcSmiInitGdtr) - - - .text - -ASM_PFX(gcSmiInitGdtr): - .word 0 - .quad 0 - -SmmStartup: - .byte 0x66,0xb8 # mov eax, imm32 -ASM_PFX(gSmmCr3): .space 4 - movq %rax, %cr3 - .byte 0x66,0x2e - lgdt (ASM_PFX(gcSmiInitGdtr) - SmmStartup)(%ebp) - .byte 0x66,0xb8 # mov eax, imm32 -ASM_PFX(gSmmCr4): .space 4 - orb $2, %ah # enable XMM registers access - movq %rax, %cr4 - .byte 0x66 - movl $0xc0000080,%ecx # IA32_EFER MSR - rdmsr - orb $1,%ah # set LME bit - wrmsr - .byte 0x66,0xb8 # mov eax, imm32 -ASM_PFX(gSmmCr0): .space 4 - movq %rax, %cr0 - .byte 0x66,0xea # far jmp to long mode -ASM_PFX(gSmmJmpAddr): .quad LongMode -LongMode: # long-mode starts here - .byte 0x48,0xbc # mov rsp, imm64 -ASM_PFX(gSmmInitStack): .space 8 - andw $0xfff0, %sp # make sure RSP is 16-byte aligned - # - # Accoring to X64 calling convention, XMM0~5 are volatile, we need to = save - # them before calling C-function. - # - subq $0x60, %rsp - movdqa %xmm0, 0x0(%rsp) - movdqa %xmm1, 0x10(%rsp) - movdqa %xmm2, 0x20(%rsp) - movdqa %xmm3, 0x30(%rsp) - movdqa %xmm4, 0x40(%rsp) - movdqa %xmm5, 0x50(%rsp) - - - addq $-0x20, %rsp - call ASM_PFX(SmmInitHandler) - addq $0x20, %rsp - # - # Restore XMM0~5 after calling C-function. - # - movdqa 0x0(%rsp), %xmm0 - movdqa 0x10(%rsp), %xmm1 - movdqa 0x20(%rsp), %xmm2 - movdqa 0x30(%rsp), %xmm3 - movdqa 0x40(%rsp), %xmm4 - movdqa 0x50(%rsp), %xmm5 - - rsm - -ASM_PFX(gcSmmInitTemplate): - -_SmmInitTemplate: - .byte 0x66,0x2e,0x8b,0x2e # mov ebp, cs:[@F] - .word L1 - _SmmInitTemplate + 0x8000 - .byte 0x66, 0x81, 0xed, 0, 0, 3, 0 # sub ebp, 0x30000 - jmp *%bp # jmp ebp actually -L1: - .quad SmmStartup - -ASM_PFX(gcSmmInitSize): .word . - ASM_PFX(gcSmmInitTemplate) - -ASM_PFX(SmmRelocationSemaphoreComplete): - # Create a simple stack frame to store RAX and the original RSM locati= on - pushq %rax # Used to store return address - pushq %rax - - # Load the original RSM location onto stack - movabsq $ASM_PFX(mSmmRelocationOriginalAddress), %rax - movq (%rax), %rax - movq %rax, 0x08(%rsp) - - # Update rebase flag - movabsq $ASM_PFX(mRebasedFlag), %rax - movq (%rax), %rax - movb $1, (%rax) - - #restore RAX and return to original RSM location - popq %rax - retq - -# -# Semaphore code running in 32-bit mode -# -ASM_PFX(SmmRelocationSemaphoreComplete32): - # - # movb $1, () - # - .byte 0xc6, 0x05 -ASM_PFX(mRebasedFlagAddr32): - .long 0 - .byte 1 - # - # jmpd () - # - .byte 0xff, 0x25 -ASM_PFX(mSmmRelocationOriginalAddressPtr32): - .long 0 diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.asm b/UefiCpuPkg/PiSmmCp= uDxeSmm/X64/SmmInit.asm deleted file mode 100644 index 9182f0293a6f..000000000000 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.asm +++ /dev/null @@ -1,132 +0,0 @@ -;-------------------------------------------------------------------------= ----- ; -; Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
-; This program and the accompanying materials -; are licensed and made available under the terms and conditions of the BS= D License -; which accompanies this distribution. The full text of the license may b= e found at -; http://opensource.org/licenses/bsd-license.php. -; -; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. -; -; Module Name: -; -; SmmInit.Asm -; -; Abstract: -; -; Functions for relocating SMBASE's for all processors -; -;-------------------------------------------------------------------------= ------ - -EXTERNDEF SmmInitHandler:PROC -EXTERNDEF gSmmCr0:DWORD -EXTERNDEF gSmmCr3:DWORD -EXTERNDEF gSmmCr4:DWORD -EXTERNDEF gSmmJmpAddr:QWORD -EXTERNDEF gcSmmInitTemplate:BYTE -EXTERNDEF gcSmmInitSize:WORD -EXTERNDEF mRebasedFlag:PTR BYTE -EXTERNDEF mSmmRelocationOriginalAddress:QWORD -EXTERNDEF mRebasedFlagAddr32:DWORD -EXTERNDEF mSmmRelocationOriginalAddressPtr32:DWORD -EXTERNDEF gSmmInitStack:QWORD -EXTERNDEF gcSmiInitGdtr:FWORD - - .code - -gcSmiInitGdtr LABEL FWORD - DW 0 - DQ 0 - -SmmStartup PROC - DB 66h, 0b8h ; mov eax, imm32 -gSmmCr3 DD ? - mov cr3, rax - DB 66h, 2eh - lgdt fword ptr [ebp + (offset gcSmiInitGdtr - SmmStartup)] - DB 66h, 0b8h ; mov eax, imm32 -gSmmCr4 DD ? - or ah, 2 ; enable XMM registers access - mov cr4, rax - DB 66h - mov ecx, 0c0000080h ; IA32_EFER MSR - rdmsr - or ah, 1 ; set LME bit - wrmsr - DB 66h, 0b8h ; mov eax, imm32 -gSmmCr0 DD ? - mov cr0, rax ; enable protected mode & paging - DB 66h, 0eah ; far jmp to long mode -gSmmJmpAddr DQ @LongMode -@LongMode: ; long-mode starts here - DB 48h, 0bch ; mov rsp, imm64 -gSmmInitStack DQ ? - and sp, 0fff0h ; make sure RSP is 16-byte aligned - ; - ; Accoring to X64 calling convention, XMM0~5 are volatile, we need to = save - ; them before calling C-function. - ; - sub rsp, 60h - movdqa [rsp], xmm0 - movdqa [rsp + 10h], xmm1 - movdqa [rsp + 20h], xmm2 - movdqa [rsp + 30h], xmm3 - movdqa [rsp + 40h], xmm4 - movdqa [rsp + 50h], xmm5 - - add rsp, -20h - call SmmInitHandler - add rsp, 20h - - ; - ; Restore XMM0~5 after calling C-function. - ; - movdqa xmm0, [rsp] - movdqa xmm1, [rsp + 10h] - movdqa xmm2, [rsp + 20h] - movdqa xmm3, [rsp + 30h] - movdqa xmm4, [rsp + 40h] - movdqa xmm5, [rsp + 50h] - - rsm -SmmStartup ENDP - -gcSmmInitTemplate LABEL BYTE - -_SmmInitTemplate PROC - DB 66h, 2eh, 8bh, 2eh ; mov ebp, cs:[@F] - DW @L1 - _SmmInitTemplate + 8000h - DB 66h, 81h, 0edh, 00h, 00h, 03h, 00 ; sub ebp, 30000h - jmp bp ; jmp ebp actually -@L1: - DQ SmmStartup -_SmmInitTemplate ENDP - -gcSmmInitSize DW $ - gcSmmInitTemplate - -SmmRelocationSemaphoreComplete PROC - push rax - mov rax, mRebasedFlag - mov byte ptr [rax], 1 - pop rax - jmp [mSmmRelocationOriginalAddress] -SmmRelocationSemaphoreComplete ENDP - -; -; Semaphore code running in 32-bit mode -; -SmmRelocationSemaphoreComplete32 PROC - ; - ; mov byte ptr [], 1 - ; - db 0c6h, 05h -mRebasedFlagAddr32 dd 0 - db 1 - ; - ; jmp dword ptr [] - ; - db 0ffh, 25h -mSmmRelocationOriginalAddressPtr32 dd 0 -SmmRelocationSemaphoreComplete32 ENDP - - END --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1517582416317149.01644411677034; Fri, 2 Feb 2018 06:40:16 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 1C1A2223AF817; Fri, 2 Feb 2018 06:34:35 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D676F223AF817 for ; Fri, 2 Feb 2018 06:34:33 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9F18EC057FA0; Fri, 2 Feb 2018 14:40:11 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id 03A0817DEA; Fri, 2 Feb 2018 14:40:09 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:44 +0100 Message-Id: <20180202143954.7357-5-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Fri, 02 Feb 2018 14:40:11 +0000 (UTC) Subject: [edk2] [PATCH 04/14] UefiCpuPkg/PiSmmCpuDxeSmm: patch "gSmbase" with PatchInstructionX86() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Ruiyu Ni , Jiewen Yao , Eric Dong , Liming Gao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Rename the variable to "gPatchSmbase" so that its association with PatchInstructionX86() is clear from the declaration, change its type to UINT8, and patch it with PatchInstructionX86(). This lets us remove the binary (DB) encoding of some instructions in "SmiEntry.nasm". Cc: Eric Dong Cc: Jiewen Yao Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c | 4 ++-- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 6 +++--- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 6 +++--- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c b/UefiCpuPkg/PiSmmC= puDxeSmm/SmramSaveState.c index 3188d438181c..c13692127fcf 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c @@ -105,7 +105,7 @@ typedef struct { /// /// Variables from SMI Handler /// -extern UINT32 gSmbase; +extern UINT8 gPatchSmbase; extern volatile UINT32 gSmiStack; extern UINT32 gSmiCr3; extern volatile UINT8 gcSmiHandlerTemplate[]; @@ -718,7 +718,7 @@ InstallSmiHandler ( // gSmiStack =3D (UINT32)((UINTN)SmiStack + StackSize - sizeof = (UINTN)); gSmiCr3 =3D Cr3; - gSmbase =3D SmBase; + PatchInstructionX86 (&gPatchSmbase, SmBase, 4); gSmiHandlerIdtr.Base =3D IdtBase; gSmiHandlerIdtr.Limit =3D (UINT16)(IdtSize - 1); =20 diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm b/UefiCpuPkg/PiSm= mCpuDxeSmm/Ia32/SmiEntry.nasm index a8324a7f4a84..e6e29128e64e 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm @@ -46,7 +46,7 @@ global ASM_PFX(gcSmiHandlerTemplate) global ASM_PFX(gcSmiHandlerSize) global ASM_PFX(gSmiCr3) global ASM_PFX(gSmiStack) -global ASM_PFX(gSmbase) +global ASM_PFX(gPatchSmbase) global ASM_PFX(mXdSupported) extern ASM_PFX(gSmiHandlerIdtr) =20 @@ -65,8 +65,8 @@ _SmiEntryPoint: o32 lgdt [cs:bx] ; lgdt fword ptr cs:[bx] mov ax, PROTECT_MODE_CS mov [cs:bx-0x2],ax - DB 0x66, 0xbf ; mov edi, SMBASE -ASM_PFX(gSmbase): DD 0 + mov edi, strict dword 0 ; source operand will be patched +ASM_PFX(gPatchSmbase): lea eax, [edi + (@32bit - _SmiEntryPoint) + 0x8000] mov [cs:bx-0x6],eax mov ebx, cr0 diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmm= CpuDxeSmm/X64/SmiEntry.nasm index 697fd2bec7c6..0e314279a541 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm @@ -53,7 +53,7 @@ extern ASM_PFX(gSmiHandlerIdtr) extern ASM_PFX(CpuSmmDebugEntry) extern ASM_PFX(CpuSmmDebugExit) =20 -global ASM_PFX(gSmbase) +global ASM_PFX(gPatchSmbase) global ASM_PFX(mXdSupported) global ASM_PFX(gSmiStack) global ASM_PFX(gSmiCr3) @@ -75,8 +75,8 @@ _SmiEntryPoint: o32 lgdt [cs:bx] ; lgdt fword ptr cs:[bx] mov ax, PROTECT_MODE_CS mov [cs:bx-0x2],ax - DB 0x66, 0xbf ; mov edi, SMBASE -ASM_PFX(gSmbase): DD 0 + mov edi, strict dword 0 ; source operand will be patched +ASM_PFX(gPatchSmbase): lea eax, [edi + (@ProtectedMode - _SmiEntryPoint) + 0x8000] mov [cs:bx-0x6],eax mov ebx, cr0 --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1517582420117402.00897978522346; Fri, 2 Feb 2018 06:40:20 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 81855223AF814; Fri, 2 Feb 2018 06:34:40 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 13FAF2215BD97 for ; Fri, 2 Feb 2018 06:34:39 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1E6CEC058ED8; Fri, 2 Feb 2018 14:40:17 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id 79D5017DEA; Fri, 2 Feb 2018 14:40:15 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:45 +0100 Message-Id: <20180202143954.7357-6-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Fri, 02 Feb 2018 14:40:17 +0000 (UTC) Subject: [edk2] [PATCH 05/14] UefiCpuPkg/PiSmmCpuDxeSmm: patch "gSmiStack" with PatchInstructionX86() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Ruiyu Ni , Jiewen Yao , Eric Dong , Liming Gao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Rename the variable to "gPatchSmiStack" so that its association with PatchInstructionX86() is clear from the declaration. Also change its type to UINT8. Unlike "gSmbase" in the previous patch, "gSmiStack"'s patched value is also de-referenced by C code (in other words, it is read back after patching): the InstallSmiHandler() function stores "CpuIndex" to the given CPU's SMI stack through "gSmiStack". Introduce the local variable "CpuSmiStack" in InstallSmiHandler() for calculating the stack location separately, then use this variable for both patching into the assembly code, and for storing "CpuIndex" through it. It's assumed that "volatile" stood in the declaration of "gSmiStack" because we used to read "gSmiStack" back for de-referencing; with that use gone, we can remove "volatile" too. (Note that the *target* of the pointer was never volatile-qualified.) Finally, replace the binary (DB) encoding of "mov esp, imm32" in "SmiEntry.nasm". Cc: Eric Dong Cc: Jiewen Yao Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c | 8 +++++--- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 6 +++--- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 6 +++--- 3 files changed, 11 insertions(+), 9 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c b/UefiCpuPkg/PiSmmC= puDxeSmm/SmramSaveState.c index c13692127fcf..73253016060d 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c @@ -106,7 +106,7 @@ typedef struct { /// Variables from SMI Handler /// extern UINT8 gPatchSmbase; -extern volatile UINT32 gSmiStack; +extern UINT8 gPatchSmiStack; extern UINT32 gSmiCr3; extern volatile UINT8 gcSmiHandlerTemplate[]; extern CONST UINT16 gcSmiHandlerSize; @@ -686,6 +686,7 @@ InstallSmiHandler ( ) { PROCESSOR_SMM_DESCRIPTOR *Psd; + UINT32 CpuSmiStack; =20 // // Initialize PROCESSOR_SMM_DESCRIPTOR @@ -716,7 +717,8 @@ InstallSmiHandler ( // // Initialize values in template before copy // - gSmiStack =3D (UINT32)((UINTN)SmiStack + StackSize - sizeof = (UINTN)); + CpuSmiStack =3D (UINT32)((UINTN)SmiStack + StackSize - sizeof (UINTN)); + PatchInstructionX86 (&gPatchSmiStack, CpuSmiStack, 4); gSmiCr3 =3D Cr3; PatchInstructionX86 (&gPatchSmbase, SmBase, 4); gSmiHandlerIdtr.Base =3D IdtBase; @@ -725,7 +727,7 @@ InstallSmiHandler ( // // Set the value at the top of the CPU stack to the CPU Index // - *(UINTN*)(UINTN)gSmiStack =3D CpuIndex; + *(UINTN*)(UINTN)CpuSmiStack =3D CpuIndex; =20 // // Copy template to CPU specific SMI handler location diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm b/UefiCpuPkg/PiSm= mCpuDxeSmm/Ia32/SmiEntry.nasm index e6e29128e64e..0ea3c1e4498d 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm @@ -45,7 +45,7 @@ extern ASM_PFX(CpuSmmDebugExit) global ASM_PFX(gcSmiHandlerTemplate) global ASM_PFX(gcSmiHandlerSize) global ASM_PFX(gSmiCr3) -global ASM_PFX(gSmiStack) +global ASM_PFX(gPatchSmiStack) global ASM_PFX(gPatchSmbase) global ASM_PFX(mXdSupported) extern ASM_PFX(gSmiHandlerIdtr) @@ -86,8 +86,8 @@ o16 mov es, ax o16 mov fs, ax o16 mov gs, ax o16 mov ss, ax - DB 0xbc ; mov esp, imm32 -ASM_PFX(gSmiStack): DD 0 + mov esp, strict dword 0 ; source operand will be patched +ASM_PFX(gPatchSmiStack): mov eax, ASM_PFX(gSmiHandlerIdtr) lidt [eax] jmp ProtFlatMode diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmm= CpuDxeSmm/X64/SmiEntry.nasm index 0e314279a541..9cfa8e7fc8f4 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm @@ -55,7 +55,7 @@ extern ASM_PFX(CpuSmmDebugExit) =20 global ASM_PFX(gPatchSmbase) global ASM_PFX(mXdSupported) -global ASM_PFX(gSmiStack) +global ASM_PFX(gPatchSmiStack) global ASM_PFX(gSmiCr3) global ASM_PFX(gcSmiHandlerTemplate) global ASM_PFX(gcSmiHandlerSize) @@ -96,8 +96,8 @@ o16 mov es, ax o16 mov fs, ax o16 mov gs, ax o16 mov ss, ax - DB 0xbc ; mov esp, imm32 -ASM_PFX(gSmiStack): DD 0 + mov esp, strict dword 0 ; source operand will be patched +ASM_PFX(gPatchSmiStack): jmp ProtFlatMode =20 BITS 64 --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1517582422561940.1672916327828; Fri, 2 Feb 2018 06:40:22 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id E1470223AF81E; Fri, 2 Feb 2018 06:34:41 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 36E212215BD97 for ; Fri, 2 Feb 2018 06:34:41 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 2F5555D5E9; Fri, 2 Feb 2018 14:40:19 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id 795FE6764F; Fri, 2 Feb 2018 14:40:17 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:46 +0100 Message-Id: <20180202143954.7357-7-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Fri, 02 Feb 2018 14:40:19 +0000 (UTC) Subject: [edk2] [PATCH 06/14] UefiCpuPkg/PiSmmCpuDxeSmm: patch "gSmiCr3" with PatchInstructionX86() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Ruiyu Ni , Jiewen Yao , Eric Dong , Liming Gao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Rename the variable to "gPatchSmiCr3" so that its association with PatchInstructionX86() is clear from the declaration, change its type to UINT8, and patch it with PatchInstructionX86(). This lets us remove the binary (DB) encoding of some instructions in "SmiEntry.nasm". Cc: Eric Dong Cc: Jiewen Yao Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c | 4 ++-- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 6 +++--- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 6 +++--- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c b/UefiCpuPkg/PiSmmC= puDxeSmm/SmramSaveState.c index 73253016060d..c61963403477 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c @@ -107,7 +107,7 @@ typedef struct { /// extern UINT8 gPatchSmbase; extern UINT8 gPatchSmiStack; -extern UINT32 gSmiCr3; +extern UINT8 gPatchSmiCr3; extern volatile UINT8 gcSmiHandlerTemplate[]; extern CONST UINT16 gcSmiHandlerSize; =20 @@ -719,7 +719,7 @@ InstallSmiHandler ( // CpuSmiStack =3D (UINT32)((UINTN)SmiStack + StackSize - sizeof (UINTN)); PatchInstructionX86 (&gPatchSmiStack, CpuSmiStack, 4); - gSmiCr3 =3D Cr3; + PatchInstructionX86 (&gPatchSmiCr3, Cr3, 4); PatchInstructionX86 (&gPatchSmbase, SmBase, 4); gSmiHandlerIdtr.Base =3D IdtBase; gSmiHandlerIdtr.Limit =3D (UINT16)(IdtSize - 1); diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm b/UefiCpuPkg/PiSm= mCpuDxeSmm/Ia32/SmiEntry.nasm index 0ea3c1e4498d..0023cb328d6a 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm @@ -44,7 +44,7 @@ extern ASM_PFX(CpuSmmDebugExit) =20 global ASM_PFX(gcSmiHandlerTemplate) global ASM_PFX(gcSmiHandlerSize) -global ASM_PFX(gSmiCr3) +global ASM_PFX(gPatchSmiCr3) global ASM_PFX(gPatchSmiStack) global ASM_PFX(gPatchSmbase) global ASM_PFX(mXdSupported) @@ -93,8 +93,8 @@ ASM_PFX(gPatchSmiStack): jmp ProtFlatMode =20 ProtFlatMode: - DB 0xb8 ; mov eax, imm32 -ASM_PFX(gSmiCr3): DD 0 + mov eax, strict dword 0 ; source operand will be patched +ASM_PFX(gPatchSmiCr3): mov cr3, eax ; ; Need to test for CR4 specific bit support diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmm= CpuDxeSmm/X64/SmiEntry.nasm index 9cfa8e7fc8f4..9971ae6f064a 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm @@ -56,7 +56,7 @@ extern ASM_PFX(CpuSmmDebugExit) global ASM_PFX(gPatchSmbase) global ASM_PFX(mXdSupported) global ASM_PFX(gPatchSmiStack) -global ASM_PFX(gSmiCr3) +global ASM_PFX(gPatchSmiCr3) global ASM_PFX(gcSmiHandlerTemplate) global ASM_PFX(gcSmiHandlerSize) =20 @@ -102,8 +102,8 @@ ASM_PFX(gPatchSmiStack): =20 BITS 64 ProtFlatMode: - DB 0xb8 ; mov eax, offset gSmiCr3 -ASM_PFX(gSmiCr3): DD 0 + mov eax, strict dword 0 ; source operand will be patched +ASM_PFX(gPatchSmiCr3): mov cr3, rax mov eax, 0x668 ; as cr4.PGE is not set here, ref= resh cr3 mov cr4, rax ; in PreModifyMtrrs() to flush TLB. --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1517582425504571.662553353875; Fri, 2 Feb 2018 06:40:25 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 58A23223AF81C; Fri, 2 Feb 2018 06:34:45 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 9814C223AF820 for ; Fri, 2 Feb 2018 06:34:43 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 78BF1C057F87; Fri, 2 Feb 2018 14:40:21 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id D711060C1A; Fri, 2 Feb 2018 14:40:19 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:47 +0100 Message-Id: <20180202143954.7357-8-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Fri, 02 Feb 2018 14:40:21 +0000 (UTC) Subject: [edk2] [PATCH 07/14] UefiCpuPkg/PiSmmCpuDxeSmm: patch "XdSupported" with PatchInstructionX86() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Ruiyu Ni , Jiewen Yao , Eric Dong , Liming Gao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" "mXdSupported" is a global BOOLEAN variable, initialized to TRUE. The CheckFeatureSupported() function is executed on all processors (not concurrently though), called from SmmInitHandler(). If XD support is found to be missing on any CPU, then "mXdSupported" is set to FALSE, and further processors omit the check. Afterwards, "mXdSupported" is read by several assembly and C code locations. The tricky part is *where* "mXdSupported" is allocated (defined): - Before commit 717fb60443fb ("UefiCpuPkg/PiSmmCpuDxeSmm: Add paging protection.", 2016-11-17), it used to be a normal global variable, defined (allocated) in "SmmProfile.c". - With said commit, we moved the definition (allocation) of "mXdSupported" into "SmiEntry.nasm". The variable was defined over the last byte of a "mov al, 1" instruction, so that setting it to FALSE in CheckFeatureSupported() would patch the instruction to "mov al, 0". The subsequent conditional jump would change behavior, plus all further read references to "mXdSupported" (in C and assembly code) would read back the source (imm8) operand of the patched MOV instruction as data. This trick required that the MOV instruction be encoded with DB. In order to get rid of the DB, we have to split both roles: we need a helper variable for the code patching, and "mXdSupported" has to be defined (allocated) independently of the code patching. Of course, their values must always remain in sync. (1) Reinstate the "mXdSupported" definition and initialization in "SmmProfile.c" from before commit 717fb60443fb. Change the assembly language definition ("global") to a declaration ("extern"). (2) Define the "gPatchXdSupported" helper (type UINT8) in "SmiEntry.nasm", and add the C-language declaration to "SmmProfileInternal.h". Replace the DB with the MOV mnemonic (keeping the imm8 source operand with value 1). (3) In CheckFeatureSupported(), whenever "mXdSupported" is set to FALSE, patch the assembly code in sync, with PatchInstructionX86(). Cc: Eric Dong Cc: Jiewen Yao Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h | 1 + UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 7 +++++++ UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 7 ++++--- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 7 ++++--- 4 files changed, 16 insertions(+), 6 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h b/UefiCpuPkg/Pi= SmmCpuDxeSmm/SmmProfileInternal.h index a21689145bb4..1c8b899f9455 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h @@ -100,6 +100,7 @@ typedef struct { extern SMM_S3_RESUME_STATE *mSmmS3ResumeState; extern UINTN gSmiExceptionHandlers[]; extern BOOLEAN mXdSupported; +extern UINT8 gPatchXdSupported; extern UINTN *mPFEntryCount; extern UINT64 (*mLastPFEntryValue)[MAX_PF_ENTRY_COUNT]; extern UINT64 *(*mLastPFEntryPointer)[MAX_PF_ENTRY_COUN= T]; diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c b/UefiCpuPkg/PiSmmCpuDx= eSmm/SmmProfile.c index 9588eaf02964..fb0d0b365e05 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c @@ -31,6 +31,11 @@ UINTN mSmmProfileSize; // UINTN mMsrDsAreaSize =3D SMM_PROFILE_DTS_SIZE; =20 +// +// The flag indicates if execute-disable is supported by processor. +// +BOOLEAN mXdSupported =3D TRUE; + // // The flag indicates if execute-disable is enabled on processor. // @@ -1010,6 +1015,7 @@ CheckFeatureSupported ( // Extended CPUID functions are not supported on this processor. // mXdSupported =3D FALSE; + PatchInstructionX86 (&gPatchXdSupported, mXdSupported, 1); } =20 AsmCpuid (CPUID_EXTENDED_CPU_SIG, NULL, NULL, NULL, &RegEdx); @@ -1018,6 +1024,7 @@ CheckFeatureSupported ( // Execute Disable Bit feature is not supported on this processor. // mXdSupported =3D FALSE; + PatchInstructionX86 (&gPatchXdSupported, mXdSupported, 1); } } =20 diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm b/UefiCpuPkg/PiSm= mCpuDxeSmm/Ia32/SmiEntry.nasm index 0023cb328d6a..509e7a0a665f 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm @@ -47,7 +47,8 @@ global ASM_PFX(gcSmiHandlerSize) global ASM_PFX(gPatchSmiCr3) global ASM_PFX(gPatchSmiStack) global ASM_PFX(gPatchSmbase) -global ASM_PFX(mXdSupported) +extern ASM_PFX(mXdSupported) +global ASM_PFX(gPatchXdSupported) extern ASM_PFX(gSmiHandlerIdtr) =20 SECTION .text @@ -133,8 +134,8 @@ ASM_PFX(gPatchSmiCr3): .6: =20 ; enable NXE if supported - DB 0b0h ; mov al, imm8 -ASM_PFX(mXdSupported): DB 1 + mov al, strict byte 1 ; source operand may be patched +ASM_PFX(gPatchXdSupported): cmp al, 0 jz @SkipXd ; diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmm= CpuDxeSmm/X64/SmiEntry.nasm index 9971ae6f064a..5d731e228095 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm @@ -54,7 +54,8 @@ extern ASM_PFX(CpuSmmDebugEntry) extern ASM_PFX(CpuSmmDebugExit) =20 global ASM_PFX(gPatchSmbase) -global ASM_PFX(mXdSupported) +extern ASM_PFX(mXdSupported) +global ASM_PFX(gPatchXdSupported) global ASM_PFX(gPatchSmiStack) global ASM_PFX(gPatchSmiCr3) global ASM_PFX(gcSmiHandlerTemplate) @@ -118,8 +119,8 @@ ASM_PFX(gPatchSmiCr3): ltr ax =20 ; enable NXE if supported - DB 0xb0 ; mov al, imm8 -ASM_PFX(mXdSupported): DB 1 + mov al, strict byte 1 ; source operand may be patched +ASM_PFX(gPatchXdSupported): cmp al, 0 jz @SkipXd ; --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1517582428468973.4309021986004; Fri, 2 Feb 2018 06:40:28 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id B832B223AF825; Fri, 2 Feb 2018 06:34:47 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 88193223AF823 for ; Fri, 2 Feb 2018 06:34:45 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6DABF5D5E9; Fri, 2 Feb 2018 14:40:23 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id CFF2560C1A; Fri, 2 Feb 2018 14:40:21 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:48 +0100 Message-Id: <20180202143954.7357-9-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Fri, 02 Feb 2018 14:40:23 +0000 (UTC) Subject: [edk2] [PATCH 08/14] UefiCpuPkg/PiSmmCpuDxeSmm: remove unneeded DBs from X64 SmmStartup() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Ruiyu Ni , Jiewen Yao , Eric Dong , Liming Gao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" (This patch is the 64-bit variant of commit e75ee97224e5, "UefiCpuPkg/PiSmmCpuDxeSmm: remove unneeded DBs from IA32 SmmStartup()", 2018-01-31.) The SmmStartup() function executes in SMM, which is very similar to real mode. Add "BITS 16" before it and "BITS 64" after it (just before the @LongMode label). Remove the manual 0x66 operand-size override prefixes, for selecting 32-bit operands -- the sizes of our operands trigger NASM to insert the prefixes automatically in almost every spot. The one place where we have to add it back manually is the LGDT instruction. In the LGDT instruction we also replace the binary 0x2E prefix with the normal NASM syntax for CS segment override. The stores to the Control Registers were always 32-bit wide; the source code only used RAX as source operand because it generated the expected object code (with NASM compiling the source as if in BITS 64). With BITS 16 added, we can use the actual register width in the source operands (EAX). This patch causes NASM to generate byte-identical object code (determined by disassembling both the pre-patch and post-patch versions, and comparing the listings), except: > @@ -231,7 +231,7 @@ > 000001D2 6689D3 mov ebx,edx > 000001D5 66B800000000 mov eax,0x0 > 000001DB 0F22D8 mov cr3,eax > -000001DE 662E670F0155F6 o32 lgdt [cs:ebp-0xa] > +000001DE 2E66670F0155F6 o32 lgdt [cs:ebp-0xa] > 000001E5 66B800000000 mov eax,0x0 > 000001EB 80CC02 or ah,0x2 > 000001EE 0F22E0 mov cr4,eax The only difference is the prefix list order, it changes from: - 0x66, 0x2E, 0x67 to - 0x2E, 0x66, 0x67 Cc: Eric Dong Cc: Jiewen Yao Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm b/UefiCpuPkg/PiSmmC= puDxeSmm/X64/SmmInit.nasm index b147e7218019..2eaf1433dcd6 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm @@ -41,26 +41,23 @@ ASM_PFX(gcSmiInitGdtr): DQ 0 =20 global ASM_PFX(SmmStartup) + +BITS 16 ASM_PFX(SmmStartup): - DB 0x66 mov eax, 0x80000001 ; read capability cpuid - DB 0x66 mov ebx, edx ; rdmsr will change edx. keep it i= n ebx. DB 0x66, 0xb8 ; mov eax, imm32 ASM_PFX(gSmmCr3): DD 0 - mov cr3, rax - DB 0x66, 0x2e - lgdt [ebp + (ASM_PFX(gcSmiInitGdtr) - ASM_PFX(SmmStartup))] + mov cr3, eax +o32 lgdt [cs:ebp + (ASM_PFX(gcSmiInitGdtr) - ASM_PFX(SmmStartup))] DB 0x66, 0xb8 ; mov eax, imm32 ASM_PFX(gSmmCr4): DD 0 or ah, 2 ; enable XMM registers access - mov cr4, rax - DB 0x66 + mov cr4, eax mov ecx, 0xc0000080 ; IA32_EFER MSR rdmsr or ah, BIT0 ; set LME bit - DB 0x66 test ebx, BIT20 ; check NXE capability jz .1 or ah, BIT3 ; set NXE bit @@ -68,9 +65,11 @@ ASM_PFX(gSmmCr4): DD 0 wrmsr DB 0x66, 0xb8 ; mov eax, imm32 ASM_PFX(gSmmCr0): DD 0 - mov cr0, rax ; enable protected mode & paging + mov cr0, eax ; enable protected mode & paging DB 0x66, 0xea ; far jmp to long mode ASM_PFX(gSmmJmpAddr): DQ 0;@LongMode + +BITS 64 @LongMode: ; long-mode starts here DB 0x48, 0xbc ; mov rsp, imm64 ASM_PFX(gSmmInitStack): DQ 0 --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1517582431351534.7113968821026; Fri, 2 Feb 2018 06:40:31 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 1F298223AF827; Fri, 2 Feb 2018 06:34:49 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 67D8E223648AB for ; Fri, 2 Feb 2018 06:34:47 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6C81FC04BD4A; Fri, 2 Feb 2018 14:40:25 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id C748960C1A; Fri, 2 Feb 2018 14:40:23 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:49 +0100 Message-Id: <20180202143954.7357-10-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Fri, 02 Feb 2018 14:40:25 +0000 (UTC) Subject: [edk2] [PATCH 09/14] UefiCpuPkg/PiSmmCpuDxeSmm: patch "gSmmCr3" with PatchInstructionX86() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Ruiyu Ni , Jiewen Yao , Eric Dong , Liming Gao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Rename the variable to "gPatchSmmCr3" so that its association with PatchInstructionX86() is clear from the declaration, change its type to UINT8, and patch it with PatchInstructionX86(). This lets us remove the binary (DB) encoding of some instructions in "SmmInit.nasm". Cc: Eric Dong Cc: Jiewen Yao Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm | 6 +++--- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm | 6 +++--- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index a2babb987732..c862f48a2fea 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -309,7 +309,7 @@ extern IA32_FAR_ADDRESS gSmmJmpAddr; extern CONST UINT8 gcSmmInitTemplate[]; extern CONST UINT16 gcSmmInitSize; extern UINT32 gSmmCr0; -extern UINT32 gSmmCr3; +extern UINT8 gPatchSmmCr3; extern UINT32 gSmmCr4; extern UINTN gSmmInitStack; =20 diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.c index a27d1f4684f5..804727acc218 100755 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c @@ -406,7 +406,7 @@ SmmRelocateBases ( // Patch ASM code template with current CR0, CR3, and CR4 values // gSmmCr0 =3D (UINT32)AsmReadCr0 (); - gSmmCr3 =3D (UINT32)AsmReadCr3 (); + PatchInstructionX86 (&gPatchSmmCr3, AsmReadCr3 (), 4); gSmmCr4 =3D (UINT32)AsmReadCr4 (); =20 // diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm b/UefiCpuPkg/PiSmm= CpuDxeSmm/Ia32/SmmInit.nasm index d64fcd48d03e..f7bb9b9a82e5 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm @@ -22,7 +22,7 @@ extern ASM_PFX(SmmInitHandler) extern ASM_PFX(mRebasedFlag) extern ASM_PFX(mSmmRelocationOriginalAddress) =20 -global ASM_PFX(gSmmCr3) +global ASM_PFX(gPatchSmmCr3) global ASM_PFX(gSmmCr4) global ASM_PFX(gSmmCr0) global ASM_PFX(gSmmJmpAddr) @@ -49,8 +49,8 @@ ASM_PFX(SmmStartup): mov ebx, edx ; rdmsr will change edx. keep it i= n ebx. and ebx, BIT20 ; extract NX capability bit shr ebx, 9 ; shift bit to IA32_EFER.NXE[BIT11= ] position - DB 0x66, 0xb8 ; mov eax, imm32 -ASM_PFX(gSmmCr3): DD 0 + mov eax, strict dword 0 ; source operand will be patched +ASM_PFX(gPatchSmmCr3): mov cr3, eax o32 lgdt [cs:ebp + (ASM_PFX(gcSmiInitGdtr) - ASM_PFX(SmmStartup))] DB 0x66, 0xb8 ; mov eax, imm32 diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm b/UefiCpuPkg/PiSmmC= puDxeSmm/X64/SmmInit.nasm index 2eaf1433dcd6..2df22a1f6cd1 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm @@ -22,7 +22,7 @@ extern ASM_PFX(SmmInitHandler) extern ASM_PFX(mRebasedFlag) extern ASM_PFX(mSmmRelocationOriginalAddress) =20 -global ASM_PFX(gSmmCr3) +global ASM_PFX(gPatchSmmCr3) global ASM_PFX(gSmmCr4) global ASM_PFX(gSmmCr0) global ASM_PFX(gSmmJmpAddr) @@ -47,8 +47,8 @@ ASM_PFX(SmmStartup): mov eax, 0x80000001 ; read capability cpuid mov ebx, edx ; rdmsr will change edx. keep it i= n ebx. - DB 0x66, 0xb8 ; mov eax, imm32 -ASM_PFX(gSmmCr3): DD 0 + mov eax, strict dword 0 ; source operand will be patched +ASM_PFX(gPatchSmmCr3): mov cr3, eax o32 lgdt [cs:ebp + (ASM_PFX(gcSmiInitGdtr) - ASM_PFX(SmmStartup))] DB 0x66, 0xb8 ; mov eax, imm32 --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1517582434519689.0470657169983; Fri, 2 Feb 2018 06:40:34 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 87AEE223AF82C; Fri, 2 Feb 2018 06:34:51 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 6BF86223AF829 for ; Fri, 2 Feb 2018 06:34:49 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 73256C05090A; Fri, 2 Feb 2018 14:40:27 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id C4B8260C1A; Fri, 2 Feb 2018 14:40:25 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:50 +0100 Message-Id: <20180202143954.7357-11-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Fri, 02 Feb 2018 14:40:27 +0000 (UTC) Subject: [edk2] [PATCH 10/14] UefiCpuPkg/PiSmmCpuDxeSmm: patch "gSmmCr4" with PatchInstructionX86() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Ruiyu Ni , Jiewen Yao , Eric Dong , Liming Gao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Unlike "gSmmCr3" in the previous patch, "gSmmCr4" is not only used for machine code patching, but also as a means to communicate the initial CR4 value from SmmRelocateBases() to InitSmmS3ResumeState(). In other words, the last four bytes of the "mov eax, Cr4Value" instruction's binary representation are utilized as normal data too. In order to get rid of the DB for "mov eax, Cr4Value", we have to split both roles, patching and data flow. Introduce the "mSmmCr4" global (SMRAM) variable for the data flow purpose. Rename the "gSmmCr4" variable to "gPatchSmmCr4" so that its association with PatchInstructionX86() is clear from the declaration, change its type to UINT8, and patch it with PatchInstructionX86(), to the value now contained in "mSmmCr4". This lets us remove the binary (DB) encoding of "mov eax, Cr4Value" in "SmmInit.nasm". Cc: Eric Dong Cc: Jiewen Yao Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 3 ++- UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 8 +++++++- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm | 6 +++--- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm | 6 +++--- 5 files changed, 16 insertions(+), 9 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index c862f48a2fea..adf341586f03 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -310,7 +310,8 @@ extern CONST UINT8 gcSmmInitTemplate[]; extern CONST UINT16 gcSmmInitSize; extern UINT32 gSmmCr0; extern UINT8 gPatchSmmCr3; -extern UINT32 gSmmCr4; +extern UINT32 mSmmCr4; +extern UINT8 gPatchSmmCr4; extern UINTN gSmmInitStack; =20 /** diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c b/UefiCpuPkg/PiSmmCpuDxeSmm/= CpuS3.c index 554629536a5d..b4ed0a56a814 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c @@ -746,7 +746,7 @@ InitSmmS3ResumeState ( =20 SmmS3ResumeState->SmmS3Cr0 =3D gSmmCr0; SmmS3ResumeState->SmmS3Cr3 =3D Cr3; - SmmS3ResumeState->SmmS3Cr4 =3D gSmmCr4; + SmmS3ResumeState->SmmS3Cr4 =3D mSmmCr4; =20 if (sizeof (UINTN) =3D=3D sizeof (UINT64)) { SmmS3ResumeState->Signature =3D SMM_S3_RESUME_SMM_64; diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.c index 804727acc218..be1d8e9978e0 100755 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c @@ -125,6 +125,11 @@ UINTN mSmmCpuSmramRangeCount; =20 UINT8 mPhysicalAddressBits; =20 +// +// Control register contents saved for SMM S3 resume state initialization. +// +UINT32 mSmmCr4; + /** Initialize IDT to setup exception handlers for SMM. =20 @@ -407,7 +412,8 @@ SmmRelocateBases ( // gSmmCr0 =3D (UINT32)AsmReadCr0 (); PatchInstructionX86 (&gPatchSmmCr3, AsmReadCr3 (), 4); - gSmmCr4 =3D (UINT32)AsmReadCr4 (); + mSmmCr4 =3D (UINT32)AsmReadCr4 (); + PatchInstructionX86 (&gPatchSmmCr4, mSmmCr4, 4); =20 // // Patch GDTR for SMM base relocation diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm b/UefiCpuPkg/PiSmm= CpuDxeSmm/Ia32/SmmInit.nasm index f7bb9b9a82e5..bd07a6e4f536 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm @@ -23,7 +23,7 @@ extern ASM_PFX(mRebasedFlag) extern ASM_PFX(mSmmRelocationOriginalAddress) =20 global ASM_PFX(gPatchSmmCr3) -global ASM_PFX(gSmmCr4) +global ASM_PFX(gPatchSmmCr4) global ASM_PFX(gSmmCr0) global ASM_PFX(gSmmJmpAddr) global ASM_PFX(gSmmInitStack) @@ -53,8 +53,8 @@ ASM_PFX(SmmStartup): ASM_PFX(gPatchSmmCr3): mov cr3, eax o32 lgdt [cs:ebp + (ASM_PFX(gcSmiInitGdtr) - ASM_PFX(SmmStartup))] - DB 0x66, 0xb8 ; mov eax, imm32 -ASM_PFX(gSmmCr4): DD 0 + mov eax, strict dword 0 ; source operand will be patched +ASM_PFX(gPatchSmmCr4): mov cr4, eax mov ecx, 0xc0000080 ; IA32_EFER MSR rdmsr diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm b/UefiCpuPkg/PiSmmC= puDxeSmm/X64/SmmInit.nasm index 2df22a1f6cd1..971bd118132f 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm @@ -23,7 +23,7 @@ extern ASM_PFX(mRebasedFlag) extern ASM_PFX(mSmmRelocationOriginalAddress) =20 global ASM_PFX(gPatchSmmCr3) -global ASM_PFX(gSmmCr4) +global ASM_PFX(gPatchSmmCr4) global ASM_PFX(gSmmCr0) global ASM_PFX(gSmmJmpAddr) global ASM_PFX(gSmmInitStack) @@ -51,8 +51,8 @@ ASM_PFX(SmmStartup): ASM_PFX(gPatchSmmCr3): mov cr3, eax o32 lgdt [cs:ebp + (ASM_PFX(gcSmiInitGdtr) - ASM_PFX(SmmStartup))] - DB 0x66, 0xb8 ; mov eax, imm32 -ASM_PFX(gSmmCr4): DD 0 + mov eax, strict dword 0 ; source operand will be patched +ASM_PFX(gPatchSmmCr4): or ah, 2 ; enable XMM registers access mov cr4, eax mov ecx, 0xc0000080 ; IA32_EFER MSR --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1517582437694593.4232525401828; Fri, 2 Feb 2018 06:40:37 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 01D0F223AF830; Fri, 2 Feb 2018 06:34:53 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 79C2A223AF822 for ; Fri, 2 Feb 2018 06:34:51 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 697D5C0050CD; Fri, 2 Feb 2018 14:40:29 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id C5E276764E; Fri, 2 Feb 2018 14:40:27 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:51 +0100 Message-Id: <20180202143954.7357-12-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Fri, 02 Feb 2018 14:40:29 +0000 (UTC) Subject: [edk2] [PATCH 11/14] UefiCpuPkg/PiSmmCpuDxeSmm: patch "gSmmCr0" with PatchInstructionX86() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Ruiyu Ni , Jiewen Yao , Eric Dong , Liming Gao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Like "gSmmCr4" in the previous patch, "gSmmCr0" is not only used for machine code patching, but also as a means to communicate the initial CR0 value from SmmRelocateBases() to InitSmmS3ResumeState(). In other words, the last four bytes of the "mov eax, Cr0Value" instruction's binary representation are utilized as normal data too. In order to get rid of the DB for "mov eax, Cr0Value", we have to split both roles, patching and data flow. Introduce the "mSmmCr0" global (SMRAM) variable for the data flow purpose. Rename the "gSmmCr0" variable to "gPatchSmmCr0" so that its association with PatchInstructionX86() is clear from the declaration, change its type to UINT8, and patch it with PatchInstructionX86(), to the value now contained in "mSmmCr0". This lets us remove the binary (DB) encoding of "mov eax, Cr0Value" in "SmmInit.nasm". Cc: Eric Dong Cc: Jiewen Yao Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 3 ++- UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 4 +++- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm | 6 +++--- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm | 6 +++--- 5 files changed, 12 insertions(+), 9 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index adf341586f03..d4fca08aa695 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -308,7 +308,8 @@ extern IA32_FAR_ADDRESS gSmmJmpAddr; =20 extern CONST UINT8 gcSmmInitTemplate[]; extern CONST UINT16 gcSmmInitSize; -extern UINT32 gSmmCr0; +extern UINT8 gPatchSmmCr0; +extern UINT32 mSmmCr0; extern UINT8 gPatchSmmCr3; extern UINT32 mSmmCr4; extern UINT8 gPatchSmmCr4; diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c b/UefiCpuPkg/PiSmmCpuDxeSmm/= CpuS3.c index b4ed0a56a814..0b8ef7035903 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c @@ -744,7 +744,7 @@ InitSmmS3ResumeState ( SmmS3ResumeState->SmmS3StackSize =3D 0; } =20 - SmmS3ResumeState->SmmS3Cr0 =3D gSmmCr0; + SmmS3ResumeState->SmmS3Cr0 =3D mSmmCr0; SmmS3ResumeState->SmmS3Cr3 =3D Cr3; SmmS3ResumeState->SmmS3Cr4 =3D mSmmCr4; =20 diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.c index be1d8e9978e0..797d3e63358d 100755 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c @@ -128,6 +128,7 @@ UINT8 mPhysicalAddressBits; // // Control register contents saved for SMM S3 resume state initialization. // +UINT32 mSmmCr0; UINT32 mSmmCr4; =20 /** @@ -410,7 +411,8 @@ SmmRelocateBases ( // // Patch ASM code template with current CR0, CR3, and CR4 values // - gSmmCr0 =3D (UINT32)AsmReadCr0 (); + mSmmCr0 =3D (UINT32)AsmReadCr0 (); + PatchInstructionX86 (&gPatchSmmCr0, mSmmCr0, 4); PatchInstructionX86 (&gPatchSmmCr3, AsmReadCr3 (), 4); mSmmCr4 =3D (UINT32)AsmReadCr4 (); PatchInstructionX86 (&gPatchSmmCr4, mSmmCr4, 4); diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm b/UefiCpuPkg/PiSmm= CpuDxeSmm/Ia32/SmmInit.nasm index bd07a6e4f536..0f62fe448712 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm @@ -24,7 +24,7 @@ extern ASM_PFX(mSmmRelocationOriginalAddress) =20 global ASM_PFX(gPatchSmmCr3) global ASM_PFX(gPatchSmmCr4) -global ASM_PFX(gSmmCr0) +global ASM_PFX(gPatchSmmCr0) global ASM_PFX(gSmmJmpAddr) global ASM_PFX(gSmmInitStack) global ASM_PFX(gcSmiInitGdtr) @@ -60,8 +60,8 @@ ASM_PFX(gPatchSmmCr4): rdmsr or eax, ebx ; set NXE bit if NX is available wrmsr - DB 0x66, 0xb8 ; mov eax, imm32 -ASM_PFX(gSmmCr0): DD 0 + mov eax, strict dword 0 ; source operand will be patched +ASM_PFX(gPatchSmmCr0): mov di, PROTECT_MODE_DS mov cr0, eax DB 0x66, 0xea ; jmp far [ptr48] diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm b/UefiCpuPkg/PiSmmC= puDxeSmm/X64/SmmInit.nasm index 971bd118132f..1a0667bd97ba 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm @@ -24,7 +24,7 @@ extern ASM_PFX(mSmmRelocationOriginalAddress) =20 global ASM_PFX(gPatchSmmCr3) global ASM_PFX(gPatchSmmCr4) -global ASM_PFX(gSmmCr0) +global ASM_PFX(gPatchSmmCr0) global ASM_PFX(gSmmJmpAddr) global ASM_PFX(gSmmInitStack) global ASM_PFX(gcSmiInitGdtr) @@ -63,8 +63,8 @@ ASM_PFX(gPatchSmmCr4): or ah, BIT3 ; set NXE bit .1: wrmsr - DB 0x66, 0xb8 ; mov eax, imm32 -ASM_PFX(gSmmCr0): DD 0 + mov eax, strict dword 0 ; source operand will be patched +ASM_PFX(gPatchSmmCr0): mov cr0, eax ; enable protected mode & paging DB 0x66, 0xea ; far jmp to long mode ASM_PFX(gSmmJmpAddr): DQ 0;@LongMode --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1517582442289616.7733981668775; Fri, 2 Feb 2018 06:40:42 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 9EFC9223AF832; Fri, 2 Feb 2018 06:34:54 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 5B1C8223AF832 for ; Fri, 2 Feb 2018 06:34:53 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6299BC0587E5; Fri, 2 Feb 2018 14:40:31 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id C46FA6A947; Fri, 2 Feb 2018 14:40:29 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:52 +0100 Message-Id: <20180202143954.7357-13-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Fri, 02 Feb 2018 14:40:31 +0000 (UTC) Subject: [edk2] [PATCH 12/14] UefiCpuPkg/PiSmmCpuDxeSmm: eliminate "gSmmJmpAddr" and related DBs X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Ruiyu Ni , Jiewen Yao , Eric Dong , Liming Gao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" The IA32 version of "SmmInit.nasm" does not need "gSmmJmpAddr" at all (its PiSmmCpuSmmInitFixupAddress() variant doesn't do anything either). We can simply use the NASM syntax for the following Mixed-Size Jump: > jmp PROTECT_MODE_CS : dword @32bit The generated object code for the instruction is unchanged: > 00000182 66EA5A0000000800 jmp dword 0x8:0x5a (The NASM manual explains that putting the DWORD prefix after the colon ":" reflects the intent better, since it is the offset that is a DWORD. Thus, that's what I used. However, both syntaxes are interchangeable, hence the ndisasm output.) The X64 version of "SmmInit.nasm" appears to require "gSmmJmpAddr"; however that's accidental, not inherent: - Bring LONG_MODE_CODE_SEGMENT from "UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h" to "SmmInit.nasm" as LONG_MODE_CS, same as PROTECT_MODE_CODE_SEGMENT was brought to the IA32 version as PROTECT_MODE_CS earlier. - Apply the NASM-native Mixed-Size Jump syntax again, but jump to the fixed zero offset in LONG_MODE_CS. This will produce no relocation record at all. Add a label after the instruction. - Modify PiSmmCpuSmmInitFixupAddress() to patch the jump target backwards from the label. Because we modify the DWORD offset with a DWORD access, the segment selector is unharmed in the instruction, and we need not set it from PiCpuSmmEntry(). According to "objdump --reloc", the X64 version undergoes only the following relocations, after this patch: > RELOCATION RECORDS FOR [.text]: > OFFSET TYPE VALUE > 0000000000000095 R_X86_64_PC32 SmmInitHandler-0x0000000000000004 > 00000000000000e0 R_X86_64_PC32 mRebasedFlag-0x0000000000000004 > 00000000000000ea R_X86_64_PC32 mSmmRelocationOriginalAddress-0x000000= 0000000004 Therefore the patch does not regress ("Enable XCODE5 tool chain for UefiCpuPkg with nasm source code"). Cc: Eric Dong Cc: Jiewen Yao Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 11 ----------- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 7 ------- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm | 6 +----- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm | 11 ++++++----- 4 files changed, 7 insertions(+), 28 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index d4fca08aa695..5095c41af45e 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -295,17 +295,6 @@ WriteSaveStateRegister ( IN CONST VOID *Buffer ); =20 -// -// -// -typedef struct { - UINT32 Offset; - UINT16 Segment; - UINT16 Reserved; -} IA32_FAR_ADDRESS; - -extern IA32_FAR_ADDRESS gSmmJmpAddr; - extern CONST UINT8 gcSmmInitTemplate[]; extern CONST UINT16 gcSmmInitSize; extern UINT8 gPatchSmmCr0; diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.c index 797d3e63358d..0609ed3738c7 100755 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c @@ -569,13 +569,6 @@ PiCpuSmmEntry ( EFI_COMPUTING_UNIT_HOST_PROCESSOR | EFI_CU_HP_PC_SMM_INIT ); =20 - // - // Fix segment address of the long-mode-switch jump - // - if (sizeof (UINTN) =3D=3D sizeof (UINT64)) { - gSmmJmpAddr.Segment =3D LONG_MODE_CODE_SEGMENT; - } - // // Find out SMRR Base and SMRR Size // diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm b/UefiCpuPkg/PiSmm= CpuDxeSmm/Ia32/SmmInit.nasm index 0f62fe448712..f59413d9d4a3 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm @@ -25,7 +25,6 @@ extern ASM_PFX(mSmmRelocationOriginalAddress) global ASM_PFX(gPatchSmmCr3) global ASM_PFX(gPatchSmmCr4) global ASM_PFX(gPatchSmmCr0) -global ASM_PFX(gSmmJmpAddr) global ASM_PFX(gSmmInitStack) global ASM_PFX(gcSmiInitGdtr) global ASM_PFX(gcSmmInitSize) @@ -64,10 +63,7 @@ ASM_PFX(gPatchSmmCr4): ASM_PFX(gPatchSmmCr0): mov di, PROTECT_MODE_DS mov cr0, eax - DB 0x66, 0xea ; jmp far [ptr48] -ASM_PFX(gSmmJmpAddr): - DD @32bit - DW PROTECT_MODE_CS + jmp PROTECT_MODE_CS : dword @32bit =20 BITS 32 @32bit: diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm b/UefiCpuPkg/PiSmmC= puDxeSmm/X64/SmmInit.nasm index 1a0667bd97ba..2460e1eb2dee 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm @@ -25,7 +25,6 @@ extern ASM_PFX(mSmmRelocationOriginalAddress) global ASM_PFX(gPatchSmmCr3) global ASM_PFX(gPatchSmmCr4) global ASM_PFX(gPatchSmmCr0) -global ASM_PFX(gSmmJmpAddr) global ASM_PFX(gSmmInitStack) global ASM_PFX(gcSmiInitGdtr) global ASM_PFX(gcSmmInitSize) @@ -33,6 +32,8 @@ global ASM_PFX(gcSmmInitTemplate) global ASM_PFX(mRebasedFlagAddr32) global ASM_PFX(mSmmRelocationOriginalAddressPtr32) =20 +%define LONG_MODE_CS 0x38 + DEFAULT REL SECTION .text =20 @@ -66,8 +67,8 @@ ASM_PFX(gPatchSmmCr4): mov eax, strict dword 0 ; source operand will be patched ASM_PFX(gPatchSmmCr0): mov cr0, eax ; enable protected mode & paging - DB 0x66, 0xea ; far jmp to long mode -ASM_PFX(gSmmJmpAddr): DQ 0;@LongMode + jmp LONG_MODE_CS : dword 0 ; offset will be patched to @LongM= ode +@PatchLongModeOffset: =20 BITS 64 @LongMode: ; long-mode starts here @@ -141,8 +142,8 @@ ASM_PFX(mSmmRelocationOriginalAddressPtr32): dd 0 global ASM_PFX(PiSmmCpuSmmInitFixupAddress) ASM_PFX(PiSmmCpuSmmInitFixupAddress): lea rax, [@LongMode] - lea rcx, [ASM_PFX(gSmmJmpAddr)] - mov qword [rcx], rax + lea rcx, [@PatchLongModeOffset - 6] + mov dword [rcx], eax =20 lea rax, [ASM_PFX(SmmStartup)] lea rcx, [@L1] --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1517582446081889.1578062568211; Fri, 2 Feb 2018 06:40:46 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id F1A73223AF82E; Fri, 2 Feb 2018 06:34:58 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 48F94223AF829 for ; Fri, 2 Feb 2018 06:34:57 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 56D374E907; Fri, 2 Feb 2018 14:40:35 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id 559B66765F; Fri, 2 Feb 2018 14:40:33 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:53 +0100 Message-Id: <20180202143954.7357-14-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Fri, 02 Feb 2018 14:40:35 +0000 (UTC) Subject: [edk2] [PATCH 13/14] UefiCpuPkg/PiSmmCpuDxeSmm: patch "gSmmInitStack" with PatchInstructionX86() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Ruiyu Ni , Jiewen Yao , Eric Dong , Liming Gao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Rename the variable to "gPatchSmmInitStack" so that its association with PatchInstructionX86() is clear from the declaration, change its type to UINT8, and patch it with PatchInstructionX86(). This lets us remove the binary (DB) encoding of some instructions in "SmmInit.nasm". The size of the patched source operand is (sizeof (UINTN)). Cc: Eric Dong Cc: Jiewen Yao Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 6 +++++- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm | 6 +++--- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm | 6 +++--- 4 files changed, 12 insertions(+), 8 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index 5095c41af45e..d38d4782187f 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -302,7 +302,7 @@ extern UINT32 mSmmCr0; extern UINT8 gPatchSmmCr3; extern UINT32 mSmmCr4; extern UINT8 gPatchSmmCr4; -extern UINTN gSmmInitStack; +extern UINT8 gPatchSmmInitStack; =20 /** Semaphore operation for all processor relocate SMMBase. diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.c index 0609ed3738c7..501ebf0ed13f 100755 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c @@ -848,7 +848,11 @@ PiCpuSmmEntry ( // // Set SMI stack for SMM base relocation // - gSmmInitStack =3D (UINTN) (Stacks + mSmmStackSize - sizeof (UINTN)); + PatchInstructionX86 ( + &gPatchSmmInitStack, + (UINTN) (Stacks + mSmmStackSize - sizeof (UINTN)), + sizeof (UINTN) + ); =20 // // Initialize IDT diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm b/UefiCpuPkg/PiSmm= CpuDxeSmm/Ia32/SmmInit.nasm index f59413d9d4a3..5ff3cd2e731f 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm @@ -25,7 +25,7 @@ extern ASM_PFX(mSmmRelocationOriginalAddress) global ASM_PFX(gPatchSmmCr3) global ASM_PFX(gPatchSmmCr4) global ASM_PFX(gPatchSmmCr0) -global ASM_PFX(gSmmInitStack) +global ASM_PFX(gPatchSmmInitStack) global ASM_PFX(gcSmiInitGdtr) global ASM_PFX(gcSmmInitSize) global ASM_PFX(gcSmmInitTemplate) @@ -72,8 +72,8 @@ BITS 32 mov fs, edi mov gs, edi mov ss, edi - DB 0xbc ; mov esp, imm32 -ASM_PFX(gSmmInitStack): DD 0 + mov esp, strict dword 0 ; source operand will be patched +ASM_PFX(gPatchSmmInitStack): call ASM_PFX(SmmInitHandler) rsm =20 diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm b/UefiCpuPkg/PiSmmC= puDxeSmm/X64/SmmInit.nasm index 2460e1eb2dee..eae14c0549f0 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm @@ -25,7 +25,7 @@ extern ASM_PFX(mSmmRelocationOriginalAddress) global ASM_PFX(gPatchSmmCr3) global ASM_PFX(gPatchSmmCr4) global ASM_PFX(gPatchSmmCr0) -global ASM_PFX(gSmmInitStack) +global ASM_PFX(gPatchSmmInitStack) global ASM_PFX(gcSmiInitGdtr) global ASM_PFX(gcSmmInitSize) global ASM_PFX(gcSmmInitTemplate) @@ -72,8 +72,8 @@ ASM_PFX(gPatchSmmCr0): =20 BITS 64 @LongMode: ; long-mode starts here - DB 0x48, 0xbc ; mov rsp, imm64 -ASM_PFX(gSmmInitStack): DQ 0 + mov rsp, strict qword 0 ; source operand will be patched +ASM_PFX(gPatchSmmInitStack): and sp, 0xfff0 ; make sure RSP is 16-byte aligned ; ; Accoring to X64 calling convention, XMM0~5 are volatile, we need to = save --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 1 10:41:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1517582449645901.8274197065807; Fri, 2 Feb 2018 06:40:49 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 52A2E2239365A; Fri, 2 Feb 2018 06:35:01 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 4AB6A22393651 for ; Fri, 2 Feb 2018 06:35:00 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4D80E883B8; Fri, 2 Feb 2018 14:40:38 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-50.rdu2.redhat.com [10.10.121.50]) by smtp.corp.redhat.com (Postfix) with ESMTP id B190160841; Fri, 2 Feb 2018 14:40:35 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Feb 2018 15:39:54 +0100 Message-Id: <20180202143954.7357-15-lersek@redhat.com> In-Reply-To: <20180202143954.7357-1-lersek@redhat.com> References: <20180202143954.7357-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Fri, 02 Feb 2018 14:40:38 +0000 (UTC) Subject: [edk2] [PATCH 14/14] UefiCpuPkg/PiSmmCpuDxeSmm: remove DBs from SmmRelocationSemaphoreComplete32() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Ruiyu Ni , Jiewen Yao , Eric Dong , Liming Gao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" (1) SmmRelocationSemaphoreComplete32() runs in 32-bit mode, so wrap it in a (BITS 32 ... BITS 64) bracket. (2) SmmRelocationSemaphoreComplete32() currently compiles to: > 000002AE C6050000000001 mov byte [dword 0x0],0x1 > 000002B5 FF2500000000 jmp dword [dword 0x0] where the first instruction is patched with the contents of "mRebasedFlag" (so that (*mRebasedFlag) is set to 1), and the second instruction is patched with the address of "mSmmRelocationOriginalAddress" (so that we jump to "mSmmRelocationOriginalAddress"). In its current form the first instruction could not be patched with PatchInstructionX86(), given that the operand to patch is not encoded in the trailing bytes of the instruction. Therefore, adopt an EAX-based version, inspired by both the IA32 and X64 variants of SmmRelocationSemaphoreComplete(): > 000002AE 50 push eax > 000002AF B800000000 mov eax,0x0 > 000002B4 C60001 mov byte [eax],0x1 > 000002B7 58 pop eax > 000002B8 FF2500000000 jmp dword [dword 0x0] Here both instructions can be patched with PatchInstructionX86(), and the DBs can be replaced with native NASM syntax. (3) Turn the "mRebasedFlagAddr32" and "mSmmRelocationOriginalAddressPtr32" variables into markers that suit PatchInstructionX86(). This removes the last instructions encoded with DBs from PiSmmCpuDxeSmm. Cc: Eric Dong Cc: Jiewen Yao Cc: Liming Gao Cc: Michael D Kinney Cc: Ruiyu Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D866 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/X64/Semaphore.c | 16 +++++++++---- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm | 24 +++++++++----------- 2 files changed, 23 insertions(+), 17 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/Semaphore.c b/UefiCpuPkg/PiSmmCp= uDxeSmm/X64/Semaphore.c index 6dbcb086aa4d..1586bbb626bb 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/Semaphore.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/Semaphore.c @@ -15,8 +15,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER= EXPRESS OR IMPLIED. =20 #include "PiSmmCpuDxeSmm.h" =20 -extern UINT32 mSmmRelocationOriginalAddressPtr32; -extern UINT32 mRebasedFlagAddr32; +extern UINT8 gPatchSmmRelocationOriginalAddressPtr32; +extern UINT8 gPatchRebasedFlagAddr32; =20 UINTN mSmmRelocationOriginalAddress; volatile BOOLEAN *mRebasedFlag; @@ -49,7 +49,11 @@ SemaphoreHook ( UINTN TempValue; =20 mRebasedFlag =3D RebasedFlag; - mRebasedFlagAddr32 =3D (UINT32)(UINTN)mRebasedFlag; + PatchInstructionX86 ( + &gPatchRebasedFlagAddr32, + (UINT32)(UINTN)mRebasedFlag, + 4 + ); =20 CpuState =3D (SMRAM_SAVE_STATE_MAP *)(UINTN)(SMM_DEFAULT_SMBASE + SMRAM_= SAVE_STATE_MAP_OFFSET); mSmmRelocationOriginalAddress =3D HookReturnFromSmm ( @@ -63,5 +67,9 @@ SemaphoreHook ( // Use temp value to fix ICC complier warning // TempValue =3D (UINTN)&mSmmRelocationOriginalAddress; - mSmmRelocationOriginalAddressPtr32 =3D (UINT32)TempValue; + PatchInstructionX86 ( + &gPatchSmmRelocationOriginalAddressPtr32, + (UINT32)TempValue, + 4 + ); } diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm b/UefiCpuPkg/PiSmmC= puDxeSmm/X64/SmmInit.nasm index eae14c0549f0..0b0c3f28e53f 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm @@ -29,8 +29,8 @@ global ASM_PFX(gPatchSmmInitStack) global ASM_PFX(gcSmiInitGdtr) global ASM_PFX(gcSmmInitSize) global ASM_PFX(gcSmmInitTemplate) -global ASM_PFX(mRebasedFlagAddr32) -global ASM_PFX(mSmmRelocationOriginalAddressPtr32) +global ASM_PFX(gPatchRebasedFlagAddr32) +global ASM_PFX(gPatchSmmRelocationOriginalAddressPtr32) =20 %define LONG_MODE_CS 0x38 =20 @@ -125,20 +125,18 @@ ASM_PFX(SmmRelocationSemaphoreComplete): ; ; Semaphore code running in 32-bit mode ; +BITS 32 global ASM_PFX(SmmRelocationSemaphoreComplete32) ASM_PFX(SmmRelocationSemaphoreComplete32): - ; - ; mov byte ptr [], 1 - ; - db 0xc6, 0x5 -ASM_PFX(mRebasedFlagAddr32): dd 0 - db 1 - ; - ; jmp dword ptr [] - ; - db 0xff, 0x25 -ASM_PFX(mSmmRelocationOriginalAddressPtr32): dd 0 + push eax + mov eax, strict dword 0 ; source operand will be pa= tched +ASM_PFX(gPatchRebasedFlagAddr32): + mov byte [eax], 1 + pop eax + jmp dword [dword 0] ; destination will be patch= ed +ASM_PFX(gPatchSmmRelocationOriginalAddressPtr32): =20 +BITS 64 global ASM_PFX(PiSmmCpuSmmInitFixupAddress) ASM_PFX(PiSmmCpuSmmInitFixupAddress): lea rax, [@LongMode] --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel