From nobody Tue Feb 10 01:15:22 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as
 permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+47933+1787277+3901457@groups.io;
 helo=web01.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted
 sender)  smtp.mailfrom=bounce+27952+47933+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1569324939; cv=none;
	d=zoho.com; s=zohoarc;
	b=SXcoEOEwMcafoB43HQdTIcq7YakiP90iGKxdyTwt3QpwYniE0Xu7F43tR3TWIa/KylqQwrlZZun+3jXINIPMMtHK+ewoH+JZ21/uVn1kjqXCrAbF33aiGM2YIiqHJwlhPolzIJCkQictqH6qMeFg1O22LLO9V/qQpQshtBdYflo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1569324939;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=hkUp0yV9y6NXl6G9eHPXNW0uewHedKkzbFNilB/LnKQ=;
	b=WHRVp0l7lozHrtYZSJPGSDpN2tUd8oZ5a4wgzyLVxgr3mOKwqrVc5NDKez4aLG1VoUco9wvuTlkByR6H7EWjiuqvjIl0BJS6f5jts9tkwDszk9KhsHTF0UHqtD9qn16dEtZiLEFLGVUXxaa47EK2NCl7/0CkjyvX3xm4lwzn8wk=
ARC-Authentication-Results: i=1; mx.zoho.com;
	dkim=pass;
	spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted
 sender)  smtp.mailfrom=bounce+27952+47933+1787277+3901457@groups.io;
	dmarc=fail header.from=<lersek@redhat.com> (p=none dis=none)
 header.from=<lersek@redhat.com>
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1569324939769445.1654955893208;
 Tue, 24 Sep 2019 04:35:39 -0700 (PDT)
Return-Path: <bounce+27952+47933+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id dSb9YY1788612xWqDGt8i8c9;
 Tue, 24 Sep 2019 04:35:38 -0700
X-Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 by groups.io with SMTP; Tue, 24 Sep 2019 04:35:38 -0700
X-Received: from smtp.corp.redhat.com
 (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 0DBDA877A64;
	Tue, 24 Sep 2019 11:35:38 +0000 (UTC)
X-Received: from lacos-laptop-7.usersys.redhat.com
 (ovpn-120-118.rdu2.redhat.com [10.10.120.118])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 621436012D;
	Tue, 24 Sep 2019 11:35:35 +0000 (UTC)
From: "Laszlo Ersek" <lersek@redhat.com>
To: edk2-devel-groups-io <devel@edk2.groups.io>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Boris Ostrovsky <boris.ostrovsky@oracle.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Igor Mammedov <imammedo@redhat.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Joao M Martins <joao.m.martins@oracle.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Jun Nakajima <jun.nakajima@intel.com>,
	Michael Kinney <michael.d.kinney@intel.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Phillip Goerl <phillip.goerl@oracle.com>,
	Yingwen Chen <yingwen.chen@intel.com>
Subject: [edk2-devel] [PATCH wave 1 09/10] OvmfPkg/SmmAccess: close and lock
 SMRAM at default SMBASE
Date: Tue, 24 Sep 2019 13:35:04 +0200
Message-Id: <20190924113505.27272-10-lersek@redhat.com>
In-Reply-To: <20190924113505.27272-1-lersek@redhat.com>
References: <20190924113505.27272-1-lersek@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.69]);
 Tue, 24 Sep 2019 11:35:38 +0000 (UTC)
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,lersek@redhat.com
X-Gm-Message-State: CvWVoR02ZxpjQ0xV1eVzLPZex1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1569324938;
 bh=AvWFUnmxPw+xrcHOrWA4WYq7/k1evx3yIYzgHawdbZM=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=cO1yXweRZ/Tdt4cK3atcSn15orft/jek4baS4j7Km6hWlGJEydFeIKRE5LxDl/i2o54
 +wjb41QdzxvTC+3mjqiUtaQKes/8mVUI2HvHPZJqSSArrVM9cFDlLvrS8elHpQgG/ssuJ
 lRZs5bXMNRjWrYjlk/+Whwc9+kw1VYpgHEc=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Type: text/plain; charset="utf-8"

During normal boot, when EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL is installed
by platform BDS, the SMM IPL locks SMRAM (TSEG) through
EFI_SMM_ACCESS2_PROTOCOL.Lock(). See SmmIplReadyToLockEventNotify() in
"MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c".

During S3 resume, S3Resume2Pei locks SMRAM (TSEG) through
PEI_SMM_ACCESS_PPI.Lock(), before executing the boot script. See
S3ResumeExecuteBootScript() in
"UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c".

Those are precisely the places where the SMRAM at the default SMBASE
should be locked too. Add such an action to SmramAccessLock().

Notes:

- The SMRAM at the default SMBASE doesn't support the "closed and
  unlocked" state (and so it can't be closed without locking it, and it
  cannot be opened after closing it).

- The SMRAM at the default SMBASE isn't (and shouldn't) be exposed with
  another EFI_SMRAM_DESCRIPTOR in the GetCapabilities() members of
  EFI_SMM_ACCESS2_PROTOCOL / PEI_SMM_ACCESS_PPI. That's because the SMRAM
  in question is not "general purpose"; it's only QEMU's solution to
  protect the initial SMI handler from the OS, when a VCPU is hot-plugged.

  Consequently, the state of the SMRAM at the default SMBASE is not
  reflected in the "OpenState" / "LockState" fields of the protocol and
  PPI.

- An alternative to extending SmramAccessLock() would be to register an
  EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL notify in SmmAccess2Dxe (for locking
  at normal boot), and an EDKII_S3_SMM_INIT_DONE_GUID PPI notify in
  SmmAccessPei (for locking at S3 resume).

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Joao M Martins <joao.m.martins@oracle.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Jun Nakajima <jun.nakajima@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Phillip Goerl <phillip.goerl@oracle.com>
Cc: Yingwen Chen <yingwen.chen@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1512
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
---
 OvmfPkg/SmmAccess/SmmAccess2Dxe.inf |  1 +
 OvmfPkg/SmmAccess/SmmAccessPei.inf  |  1 +
 OvmfPkg/SmmAccess/SmramInternal.h   |  8 +++++++
 OvmfPkg/SmmAccess/SmmAccess2Dxe.c   |  7 ++++++
 OvmfPkg/SmmAccess/SmmAccessPei.c    |  6 +++++
 OvmfPkg/SmmAccess/SmramInternal.c   | 25 ++++++++++++++++++++
 6 files changed, 48 insertions(+)

diff --git a/OvmfPkg/SmmAccess/SmmAccess2Dxe.inf b/OvmfPkg/SmmAccess/SmmAcc=
ess2Dxe.inf
index 7ced6b4e7ff4..d86381d0fbe2 100644
--- a/OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
+++ b/OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
@@ -49,6 +49,7 @@ [FeaturePcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire
=20
 [Pcd]
+  gUefiOvmfPkgTokenSpaceGuid.PcdQ35SmramAtDefaultSmbase
   gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes
=20
 [Depex]
diff --git a/OvmfPkg/SmmAccess/SmmAccessPei.inf b/OvmfPkg/SmmAccess/SmmAcce=
ssPei.inf
index d73a029cc790..1698c4ce6c92 100644
--- a/OvmfPkg/SmmAccess/SmmAccessPei.inf
+++ b/OvmfPkg/SmmAccess/SmmAccessPei.inf
@@ -54,6 +54,7 @@ [FeaturePcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire
=20
 [Pcd]
+  gUefiOvmfPkgTokenSpaceGuid.PcdQ35SmramAtDefaultSmbase
   gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes
=20
 [Ppis]
diff --git a/OvmfPkg/SmmAccess/SmramInternal.h b/OvmfPkg/SmmAccess/SmramInt=
ernal.h
index 74d962b4ecae..a4d8827adfe4 100644
--- a/OvmfPkg/SmmAccess/SmramInternal.h
+++ b/OvmfPkg/SmmAccess/SmramInternal.h
@@ -38,6 +38,14 @@ InitQ35TsegMbytes (
   VOID
   );
=20
+/**
+  Save PcdQ35SmramAtDefaultSmbase into mQ35SmramAtDefaultSmbase.
+**/
+VOID
+InitQ35SmramAtDefaultSmbase (
+  VOID
+  );
+
 /**
   Read the MCH_SMRAM and ESMRAMC registers, and update the LockState and
   OpenState fields in the PEI_SMM_ACCESS_PPI / EFI_SMM_ACCESS2_PROTOCOL ob=
ject,
diff --git a/OvmfPkg/SmmAccess/SmmAccess2Dxe.c b/OvmfPkg/SmmAccess/SmmAcces=
s2Dxe.c
index e098f6f15f77..3691a6cd1f10 100644
--- a/OvmfPkg/SmmAccess/SmmAccess2Dxe.c
+++ b/OvmfPkg/SmmAccess/SmmAccess2Dxe.c
@@ -145,6 +145,13 @@ SmmAccess2DxeEntryPoint (
=20
   InitQ35TsegMbytes ();
   GetStates (&mAccess2.LockState, &mAccess2.OpenState);
+
+  //
+  // SmramAccessLock() depends on "mQ35SmramAtDefaultSmbase"; init the lat=
ter
+  // just before exposing the former via EFI_SMM_ACCESS2_PROTOCOL.Lock().
+  //
+  InitQ35SmramAtDefaultSmbase ();
+
   return gBS->InstallMultipleProtocolInterfaces (&ImageHandle,
                 &gEfiSmmAccess2ProtocolGuid, &mAccess2,
                 NULL);
diff --git a/OvmfPkg/SmmAccess/SmmAccessPei.c b/OvmfPkg/SmmAccess/SmmAccess=
Pei.c
index d67850651c58..c8bbc17e907a 100644
--- a/OvmfPkg/SmmAccess/SmmAccessPei.c
+++ b/OvmfPkg/SmmAccess/SmmAccessPei.c
@@ -372,6 +372,12 @@ SmmAccessPeiEntryPoint (
   CopyMem (GuidHob, &SmramMap[DescIdxSmmS3ResumeState],
     sizeof SmramMap[DescIdxSmmS3ResumeState]);
=20
+  //
+  // SmramAccessLock() depends on "mQ35SmramAtDefaultSmbase"; init the lat=
ter
+  // just before exposing the former via PEI_SMM_ACCESS_PPI.Lock().
+  //
+  InitQ35SmramAtDefaultSmbase ();
+
   //
   // We're done. The next step should succeed, but even if it fails, we ca=
n't
   // roll back the above BuildGuidHob() allocation, because PEI doesn't su=
pport
diff --git a/OvmfPkg/SmmAccess/SmramInternal.c b/OvmfPkg/SmmAccess/SmramInt=
ernal.c
index 09657d0f9b0f..0b07dc667b3f 100644
--- a/OvmfPkg/SmmAccess/SmramInternal.c
+++ b/OvmfPkg/SmmAccess/SmramInternal.c
@@ -21,6 +21,12 @@
 //
 UINT16 mQ35TsegMbytes;
=20
+//
+// The value of PcdQ35SmramAtDefaultSmbase is saved into this variable at
+// module startup.
+//
+STATIC BOOLEAN mQ35SmramAtDefaultSmbase;
+
 /**
   Save PcdQ35TsegMbytes into mQ35TsegMbytes.
 **/
@@ -32,6 +38,17 @@ InitQ35TsegMbytes (
   mQ35TsegMbytes =3D PcdGet16 (PcdQ35TsegMbytes);
 }
=20
+/**
+  Save PcdQ35SmramAtDefaultSmbase into mQ35SmramAtDefaultSmbase.
+**/
+VOID
+InitQ35SmramAtDefaultSmbase (
+  VOID
+  )
+{
+  mQ35SmramAtDefaultSmbase =3D PcdGetBool (PcdQ35SmramAtDefaultSmbase);
+}
+
 /**
   Read the MCH_SMRAM and ESMRAMC registers, and update the LockState and
   OpenState fields in the PEI_SMM_ACCESS_PPI / EFI_SMM_ACCESS2_PROTOCOL ob=
ject,
@@ -125,6 +142,14 @@ SmramAccessLock (
   PciOr8 (DRAMC_REGISTER_Q35 (MCH_ESMRAMC), MCH_ESMRAMC_T_EN);
   PciOr8 (DRAMC_REGISTER_Q35 (MCH_SMRAM),   MCH_SMRAM_D_LCK);
=20
+  //
+  // Close & lock the SMRAM at the default SMBASE, if it exists.
+  //
+  if (mQ35SmramAtDefaultSmbase) {
+    PciWrite8 (DRAMC_REGISTER_Q35 (MCH_DEFAULT_SMBASE_CTL),
+      MCH_DEFAULT_SMBASE_LCK);
+  }
+
   GetStates (LockState, OpenState);
   if (*OpenState || !*LockState) {
     return EFI_DEVICE_ERROR;
--=20
2.19.1.3.g30247aa5d201



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#47933): https://edk2.groups.io/g/devel/message/47933
Mute This Topic: https://groups.io/mt/34274944/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-