From nobody Sat May 4 05:29:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+44687+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+44687+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1564591176; cv=none; d=zoho.com; s=zohoarc; b=nSfj1DkxNKtA8ibczjUnubDKXvvj5YoDh3drm5BI5awLBfz7o6V7yljyNDmwL9ILXxgA5TRZOFH0vOlc3IHQZawt4+JVi5KV3il1mUtRBelXvfcJf88QY8unkaKlMhncch2F9B7UrdByEravNX0+hT3Y6+lUCtBACv5S7eK57MI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1564591176; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results; bh=HokYZxNQK1fDaUvpM1y+Lq19dv5sfK5HQJWxygfyOuc=; b=msX6CRo7dV3kM9VN4iHySiALfFfV8v8uxQnrVyr+hWqbZ8eW2g+2RJoGbsr448f5EnxOtnEKormcRUeRlR351bDPBY0KZ83b8IJLm574OdqlOht6Z79JASKazEa0w57lGx7DLTPc+P/YslymGUQN4xXdZx1bFarlNpzZopF0aCU= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+44687+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1564591176675200.0000283379942; Wed, 31 Jul 2019 09:39:36 -0700 (PDT) Return-Path: X-Received: from mga12.intel.com (mga12.intel.com []) by groups.io with SMTP; Wed, 31 Jul 2019 09:39:35 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 31 Jul 2019 09:39:35 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,330,1559545200"; d="scan'208";a="323797171" X-Received: from ray-dev.ccr.corp.intel.com ([10.239.9.9]) by orsmga004.jf.intel.com with ESMTP; 31 Jul 2019 09:39:33 -0700 From: "Ni, Ray" To: devel@edk2.groups.io Cc: Eric Dong , Laszlo Ersek , Jiewen Yao Subject: [edk2-devel] [PATCH v2 1/2] UefiCpuPkg: Add PCD PcdCpuSmmAccessOut to control SMM access out Date: Thu, 1 Aug 2019 00:38:51 +0800 Message-Id: <20190731163852.191708-2-ray.ni@intel.com> In-Reply-To: <20190731163852.191708-1-ray.ni@intel.com> References: <20190731163852.191708-1-ray.ni@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ray.ni@intel.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1564591176; bh=nhuV/Is3xLl3Ax4v45oMxpzJbyrAvr1jvvUIrUuVHZM=; h=Cc:Date:From:Reply-To:Subject:To; b=YS5FSB44GvzPE+h0DRX7M5D6WVHqd+FZGL7my3Kf6MRPzYMY9PPkVj38XFCB0lGPDG2 KQDIssn8YhFZ+/GBFen/kLAVdzRCZ4lt4FihY0H08UaeDW2aSjTJWw0hIEsa9WoyktHF3 q81Ap+DeJuLbjtwT/eb6d3T8QwxqpeCJ7iU= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" There is a requirement to allow SMM code access non-SMRAM memory after ReadyToLock. The requirement was expected to be satisfied by commit: c60d36b4d1ee1f69b7cca897d3621dfa951895c2 * UefiCpuPkg/SmmCpu: Block access-out only when static paging is used Commit c60d36b4 re-interpreted the PcdCpuSmmStaticPageTable as a way to control whether SMM module can access non-SMRAM memory after ReadyToLock. It brought confusion because "static page table" means the page table is created in advance and there is no dynamic page table modification at runtime. It only applies to 64bit environment because page table for memory below 4GB is always created in advance. But the control of whether allowing SMM module access non-SMRAM memory can also be applied to 32bit environment. It makes more sense to have a separate PCD as proposed in this patch to control the policy. Signed-off-by: Ray Ni Cc: Eric Dong Cc: Laszlo Ersek Cc: Jiewen Yao Reviewed-by: Laszlo Ersek --- UefiCpuPkg/UefiCpuPkg.dec | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index 6ddf0cd224..24b44bae39 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -246,6 +246,13 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic,= PcdsDynamicEx] # @Prompt Use static page table for all memory in SMM. gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStaticPageTable|TRUE|BOOLEAN|0x321321= 0D =20 + ## Controls whether SMM modules can access all non-SMRAM memory after Sm= mReadyToLock. + # TRUE - SMM modules can access all non-SMRAM memory after SmmReadyTo= Lock.
+ # FALSE - SMM modules can only access reserved, runtime and ACPI NVS t= ype of non-SMRAM memory + # after SmmReadyToLock.
+ # @Prompt SMM modules can access all non-SMRAM memory after SmmReadyToLo= ck. + gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmAccessOut|FALSE|BOOLEAN|0x3213210F + ## Specifies timeout value in microseconds for the BSP in SMM to wait fo= r all APs to come into SMM. # @Prompt AP synchronization timeout value in SMM. gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmApSyncTimeout|1000000|UINT64|0x321321= 04 --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#44687): https://edk2.groups.io/g/devel/message/44687 Mute This Topic: https://groups.io/mt/32668871/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 4 05:29:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+44688+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+44688+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1564591178; cv=none; d=zoho.com; s=zohoarc; b=jOvz3UrQGc0uKOkhB9otLOK+EQVGyQ2Vi3+zQkz+qC2wb9h26qYgZiW6vDF9jF45YEqkiPAEowvSDKYVek+NX8gS/Jcjsq3wANaroc+WumE2g/qk4vZyuJuw6c4s8DIHpWWGfT9ArUZa129iurQ8Qvka8aGVhiOGHsdjZOUx6i8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1564591178; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results; bh=D3iRrNXGOjC5DsVDZCy1bqSSEySauaqrb73MzgkuVn8=; b=DpJyNAUetiWLNrSiNi5DQPskg9ytU0SI1YlQii0aOU0oqz8aGlqYr3C/WFkJ3G/8Bb1iiX3scolQ/3cGcQENesUnE2PrnEheR8qbc8O+zYKzx0UB9melIFVACVsxCrI0+LbHClWJ5URflwUGtHsJyLpuomSAPfuvgqER/ja+5wc= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+44688+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 156459117899433.94880727662212; Wed, 31 Jul 2019 09:39:38 -0700 (PDT) Return-Path: X-Received: from mga12.intel.com (mga12.intel.com []) by groups.io with SMTP; Wed, 31 Jul 2019 09:39:37 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 31 Jul 2019 09:39:37 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,330,1559545200"; d="scan'208";a="323797214" X-Received: from ray-dev.ccr.corp.intel.com ([10.239.9.9]) by orsmga004.jf.intel.com with ESMTP; 31 Jul 2019 09:39:35 -0700 From: "Ni, Ray" To: devel@edk2.groups.io Cc: Eric Dong , Jiewen Yao , Jian J Wang , Laszlo Ersek Subject: [edk2-devel] [PATCH v2 2/2] UefiCpuPkg/PiSmmCpu: PcdCpuSmmAccessOut controls SMM access-out policy Date: Thu, 1 Aug 2019 00:38:52 +0800 Message-Id: <20190731163852.191708-3-ray.ni@intel.com> In-Reply-To: <20190731163852.191708-1-ray.ni@intel.com> References: <20190731163852.191708-1-ray.ni@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ray.ni@intel.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1564591178; bh=stTUUg6BYbFUi9GhZjnchGZI8/yhJVa3h5bIciE8Wpo=; h=Cc:Date:From:Reply-To:Subject:To; b=kVO+VFSCSFYt3EMIxyooXABiPf8YdfS8LTvUFdUulnmkQxKPQxCCiPM3Pw4jqPHQ/eF iUoxqj3/FwdWYtGB+2t1FZYFVbyOkc76uuCGNV+ediXnHVARhKS7g9JSKNA7Rcrc1y9ct T/mRdtcRPpaWIe771vrJ13v72YI1SqsIxhA= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" This patch skips to update page table for non-SMRAM memory when PcdCpuSmmAccessOut is TRUE. So that when SMM accesses out, no page fault is triggered at all. Signed-off-by: Ray Ni Cc: Eric Dong Cc: Jiewen Yao Cc: Jian J Wang Cc: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 21 +++++++++++++++++---- UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 2 +- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.c index 69a04dfb23..427c33fb01 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c @@ -130,6 +130,11 @@ UINT8 mPhysicalAddressBits; UINT32 mSmmCr0; UINT32 mSmmCr4; =20 +// +// Cache of PcdCpuSmmAccessOut +// +BOOLEAN mSmmAccessOut; + /** Initialize IDT to setup exception handlers for SMM. =20 @@ -610,6 +615,12 @@ PiCpuSmmEntry ( mSmmCodeAccessCheckEnable =3D PcdGetBool (PcdCpuSmmCodeAccessCheckEnable= ); DEBUG ((EFI_D_INFO, "PcdCpuSmmCodeAccessCheckEnable =3D %d\n", mSmmCodeA= ccessCheckEnable)); =20 + // + // Save the PcdCpuSmmAccessOut value into a global variable. + // + mSmmAccessOut =3D PcdGetBool (PcdCpuSmmAccessOut); + DEBUG ((DEBUG_INFO, "PcdCpuSmmAccessOut =3D %d\n", mSmmAccessOut)); + // // Save the PcdPteMemoryEncryptionAddressOrMask value into a global vari= able. // Make sure AddressEncMask is contained to smallest supported address f= ield. @@ -1431,10 +1442,12 @@ PerformRemainingTasks ( // SetMemMapAttributes (); =20 - // - // For outside SMRAM, we only map SMM communication buffer or MMIO. - // - SetUefiMemMapAttributes (); + if (!mSmmAccessOut) { + // + // For outside SMRAM, we only map SMM communication buffer or MMIO. + // + SetUefiMemMapAttributes (); + } =20 // // Set page table itself to be read-only diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c b/UefiCpuPkg/PiSmmCpuD= xeSmm/X64/PageTbl.c index a3b62f7787..6699aac65d 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c @@ -1029,7 +1029,7 @@ SmiPFHandler ( goto Exit; } =20 - if (mCpuSmmStaticPageTable && IsSmmCommBufferForbiddenAddress (PFAddre= ss)) { + if (IsSmmCommBufferForbiddenAddress (PFAddress)) { DumpCpuContext (InterruptType, SystemContext); DEBUG ((DEBUG_ERROR, "Access SMM communication forbidden address (0x= %lx)!\n", PFAddress)); DEBUG_CODE ( --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#44688): https://edk2.groups.io/g/devel/message/44688 Mute This Topic: https://groups.io/mt/32668874/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-