From nobody Mon Sep 16 19:47:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+104841+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+104841+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1684120570; cv=none; d=zohomail.com; s=zohoarc; b=N6xNeAdVN1D3ggdYO2g8ZELMtKxV6n/LZksDt5PNVE9BRpGGsHzjdn6mRJUy/wkEx650ksO/XAyXzM68yfn/Kz28kLqVdsA9psY0yNdW0aMJ1eCeVB7FT9sZQVL+lSSubUXP3meVyDD/V2kD0p/h9z8GqZs/iSjTvi6Mu0Cae8o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1684120570; h=Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To; bh=yX4pKBGt0S9DnVLjIIt9Mtr68zss+wLLTv2vhTdph5Y=; b=ZyzSYxE9pQjtUp3+CsSNrNzKwiO4y8d1tHluA2de6OBU75f533Oqss996NFLN5FTVJJKsUH1RnmRs2FJZxRzOC3Qv/yzoQ0dqdPzn+dQNyQIGdyfGhDdcWegruoGNrGwA1s6cbZENLP/wWqIWnSUgXbCFG3qKxgOyGk6j6kIpjw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+104841+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1684120570408159.6238715406845; Sun, 14 May 2023 20:16:10 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 7m5EYY1788612xPi4HGtLGHi; Sun, 14 May 2023 20:16:10 -0700 X-Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by mx.groups.io with SMTP id smtpd.web10.79852.1684116965727635794 for ; Sun, 14 May 2023 19:16:09 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10710"; a="416739578" X-IronPort-AV: E=Sophos;i="5.99,275,1677571200"; d="scan'208";a="416739578" X-Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 May 2023 19:16:09 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10710"; a="947260461" X-IronPort-AV: E=Sophos;i="5.99,275,1677571200"; d="scan'208";a="947260461" X-Received: from sh1gapp1009.ccr.corp.intel.com ([10.239.189.219]) by fmsmga006.fm.intel.com with ESMTP; 14 May 2023 19:16:07 -0700 From: "Wu, Jiaxin" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Zeng Star , Gerd Hoffmann , Rahul Kumar Subject: [edk2-devel] [PATCH v3 2/5] UefiCpuPkg/CpuMpPei: Conditionally enable PAE paging in 32bit mode Date: Mon, 15 May 2023 10:15:58 +0800 Message-Id: <20230515021601.6244-3-jiaxin.wu@intel.com> In-Reply-To: <20230515021601.6244-1-jiaxin.wu@intel.com> References: <20230515021601.6244-1-jiaxin.wu@intel.com> Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,jiaxin.wu@intel.com X-Gm-Message-State: Py7aYs7PsQ8HmYFQ3Dvns9nzx1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1684120570; bh=pX60Ow06L2WTRxy4tShxi5q7WrstCfO0ucC+CmV8Jcg=; h=Cc:Date:From:Reply-To:Subject:To; b=uJ4n9E4mAMV4sXvDS+YmmExIw9YW9rf94jTnyZ1zw43KXO8X/HK2LllihYO/uy2t4JH Y6jCfMt58I2iO58SgXjN+tMjGqfEQDHknzxnbyHKglXJdrMxLzB8NZINVSW9KvEseumrR r/Y1Tqc+0NaxfJDZs6u3kQP4SG8/L8xO9+s= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1684120572478100005 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Some security features depend on the page table enabling. So, This patch is to enable paging if it is not enabled (32bit mode)" Cc: Eric Dong Cc: Ray Ni Cc: Zeng Star Cc: Gerd Hoffmann Cc: Rahul Kumar Signed-off-by: Jiaxin Wu --- UefiCpuPkg/CpuMpPei/CpuMpPei.h | 1 + UefiCpuPkg/CpuMpPei/CpuMpPei.inf | 1 + UefiCpuPkg/CpuMpPei/CpuPaging.c | 202 ++++++++++++++---------------------= ---- 3 files changed, 75 insertions(+), 129 deletions(-) diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.h b/UefiCpuPkg/CpuMpPei/CpuMpPei.h index 0649c48d14..1b9a94e18f 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.h +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.h @@ -26,10 +26,11 @@ #include #include #include #include #include +#include =20 extern EFI_PEI_PPI_DESCRIPTOR mPeiCpuMpPpiDesc; =20 /** This service retrieves the number of logical processor in the platform diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.inf b/UefiCpuPkg/CpuMpPei/CpuMpPe= i.inf index 7444bdb968..865be5627e 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.inf +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.inf @@ -44,10 +44,11 @@ CpuExceptionHandlerLib MpInitLib BaseMemoryLib CpuLib MemoryAllocationLib + CpuPageTableLib =20 [Guids] gEdkiiMigratedFvInfoGuid ## = SOMETIMES_CONSUMES ## HOB =20 [Ppis] diff --git a/UefiCpuPkg/CpuMpPei/CpuPaging.c b/UefiCpuPkg/CpuMpPei/CpuPagin= g.c index a471f089c8..976a912741 100644 --- a/UefiCpuPkg/CpuMpPei/CpuPaging.c +++ b/UefiCpuPkg/CpuMpPei/CpuPaging.c @@ -115,42 +115,10 @@ AllocatePageTableMemory ( } =20 return Address; } =20 -/** - Get the address width supported by current processor. - - @retval 32 If processor is in 32-bit mode. - @retval 36-48 If processor is in 64-bit mode. - -**/ -UINTN -GetPhysicalAddressWidth ( - VOID - ) -{ - UINT32 RegEax; - - if (sizeof (UINTN) =3D=3D 4) { - return 32; - } - - AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); - if (RegEax >=3D CPUID_VIR_PHY_ADDRESS_SIZE) { - AsmCpuid (CPUID_VIR_PHY_ADDRESS_SIZE, &RegEax, NULL, NULL, NULL); - RegEax &=3D 0xFF; - if (RegEax > 48) { - return 48; - } - - return (UINTN)RegEax; - } - - return 36; -} - /** Get the type of top level page table. =20 @retval Page512G PML4 paging. @retval Page1G PAE paging. @@ -381,120 +349,84 @@ ConvertMemoryPageAttributes ( =20 return RETURN_SUCCESS; } =20 /** - Get maximum size of page memory supported by current processor. - - @param[in] TopLevelType The type of top level page entry. - - @retval Page1G If processor supports 1G page and PML4. - @retval Page2M For all other situations. - -**/ -PAGE_ATTRIBUTE -GetMaxMemoryPage ( - IN PAGE_ATTRIBUTE TopLevelType - ) -{ - UINT32 RegEax; - UINT32 RegEdx; - - if (TopLevelType =3D=3D Page512G) { - AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); - if (RegEax >=3D CPUID_EXTENDED_CPU_SIG) { - AsmCpuid (CPUID_EXTENDED_CPU_SIG, NULL, NULL, NULL, &RegEdx); - if ((RegEdx & BIT26) !=3D 0) { - return Page1G; - } - } - } - - return Page2M; -} - -/** - Create PML4 or PAE page table. + Enable PAE Page Table. =20 - @return The address of page table. + @retval EFI_SUCCESS The PAE Page Table was enabled successfu= lly. + @retval EFI_OUT_OF_RESOURCES The PAE Page Table could not be enabled = due to lack of available memory. =20 **/ -UINTN -CreatePageTable ( +EFI_STATUS +EnablePaePageTable ( VOID ) { - RETURN_STATUS Status; - UINTN PhysicalAddressBits; - UINTN NumberOfEntries; - PAGE_ATTRIBUTE TopLevelPageAttr; - UINTN PageTable; - PAGE_ATTRIBUTE MaxMemoryPage; - UINTN Index; - UINT64 AddressEncMask; - UINT64 *PageEntry; - EFI_PHYSICAL_ADDRESS PhysicalAddress; + EFI_STATUS Status; + + UINTN PageTable; + VOID *Buffer; + UINTN BufferSize; + IA32_MAP_ATTRIBUTE MapAttribute; + IA32_MAP_ATTRIBUTE MapMask; + + PageTable =3D 0; + Buffer =3D NULL; + BufferSize =3D 0; + MapAttribute.Uint64 =3D 0; + MapMask.Uint64 =3D MAX_UINT64; + MapAttribute.Bits.Present =3D 1; + MapAttribute.Bits.ReadWrite =3D 1; =20 - TopLevelPageAttr =3D (PAGE_ATTRIBUTE)GetPageTableTopLevelType (); - PhysicalAddressBits =3D GetPhysicalAddressWidth (); - NumberOfEntries =3D (UINTN)1 << (PhysicalAddressBits - - mPageAttributeTable[TopLevelPageAttr]= .AddressBitOffset); - - PageTable =3D (UINTN)AllocatePageTableMemory (1); - if (PageTable =3D=3D 0) { - return 0; + // + // 1:1 map 4GB in 32bit mode + // + Status =3D PageTableMap (&PageTable, PagingPae, 0, &BufferSize, 0, SIZE_= 4GB, &MapAttribute, &MapMask, NULL); + ASSERT (Status =3D=3D EFI_BUFFER_TOO_SMALL); + if (Status !=3D EFI_BUFFER_TOO_SMALL) { + return Status; } =20 - AddressEncMask =3D PcdGet64 (PcdPteMemoryEncryptionAddressOrMask); - AddressEncMask &=3D mPageAttributeTable[TopLevelPageAttr].AddressMask; - MaxMemoryPage =3D GetMaxMemoryPage (TopLevelPageAttr); - PageEntry =3D (UINT64 *)PageTable; - - PhysicalAddress =3D 0; - for (Index =3D 0; Index < NumberOfEntries; ++Index) { - *PageEntry =3D PhysicalAddress | AddressEncMask | PAGE_ATTRIBUTE_BITS; + // + // Allocate required Buffer. + // + Buffer =3D AllocatePageTableMemory (EFI_SIZE_TO_PAGES (BufferSize)); + ASSERT (Buffer !=3D NULL); + if (Buffer =3D=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } =20 - // - // Split the top page table down to the maximum page size supported - // - if (MaxMemoryPage < TopLevelPageAttr) { - Status =3D SplitPage (PageEntry, TopLevelPageAttr, MaxMemoryPage, TR= UE); - ASSERT_EFI_ERROR (Status); - } + Status =3D PageTableMap (&PageTable, PagingPae, Buffer, &BufferSize, 0, = SIZE_4GB, &MapAttribute, &MapMask, NULL); + ASSERT_EFI_ERROR (Status); + if (EFI_ERROR (Status) || (PageTable =3D=3D 0)) { + return EFI_OUT_OF_RESOURCES; + } =20 - if (TopLevelPageAttr =3D=3D Page1G) { - // - // PDPTE[2:1] (PAE Paging) must be 0. SplitPage() might change them = to 1. - // - *PageEntry &=3D ~(UINT64)(IA32_PG_RW | IA32_PG_U); - } + // + // Write the Pagetable to CR3. + // + AsmWriteCr3 (PageTable); =20 - PageEntry +=3D 1; - PhysicalAddress +=3D mPageAttributeTable[TopLevelPageAttr].Length; - } + // + // Enable CR4.PAE + // + AsmWriteCr4 (AsmReadCr4 () | BIT5); =20 - return PageTable; -} + // + // Enable CR0.PG + // + AsmWriteCr0 (AsmReadCr0 () | BIT31); =20 -/** - Setup page tables and make them work. + DEBUG (( + DEBUG_INFO, + "EnablePaePageTable: Created PageTable =3D 0x%x, BufferSize =3D %x\n", + PageTable, + BufferSize + )); =20 -**/ -VOID -EnablePaging ( - VOID - ) -{ - UINTN PageTable; - - PageTable =3D CreatePageTable (); - ASSERT (PageTable !=3D 0); - if (PageTable !=3D 0) { - AsmWriteCr3 (PageTable); - AsmWriteCr4 (AsmReadCr4 () | BIT5); // CR4.PAE - AsmWriteCr0 (AsmReadCr0 () | BIT31); // CR0.PG - } + return Status; } =20 /** Get the base address of current AP's stack. =20 @@ -622,10 +554,11 @@ MemoryDiscoveredPpiNotifyCallback ( { EFI_STATUS Status; BOOLEAN InitStackGuard; EDKII_MIGRATED_FV_INFO *MigratedFvInfo; EFI_PEI_HOB_POINTERS Hob; + IA32_CR0 Cr0; =20 // // Paging must be setup first. Otherwise the exception TSS setup during = MP // initialization later will not contain paging information and then fail // the task switch (for the sake of stack switch). @@ -635,12 +568,23 @@ MemoryDiscoveredPpiNotifyCallback ( if (IsIa32PaeSupported ()) { Hob.Raw =3D GetFirstGuidHob (&gEdkiiMigratedFvInfoGuid); InitStackGuard =3D PcdGetBool (PcdCpuStackGuard); } =20 - if (InitStackGuard || (Hob.Raw !=3D NULL)) { - EnablePaging (); + // + // Some security features depend on the page table enabling. So, here + // is to enable paging if it is not enabled (only in 32bit mode). + // + Cr0.UintN =3D AsmReadCr0 (); + if ((Cr0.Bits.PG =3D=3D 0) && (InitStackGuard || (Hob.Raw !=3D NULL))) { + ASSERT (sizeof (UINTN) =3D=3D sizeof (UINT32)); + + Status =3D EnablePaePageTable (); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "MemoryDiscoveredPpiNotifyCallback: Failed to e= nable PAE page table: %r.\n", Status)); + CpuDeadLoop (); + } } =20 Status =3D InitializeCpuMpWorker ((CONST EFI_PEI_SERVICES **)PeiServices= ); ASSERT_EFI_ERROR (Status); =20 --=20 2.16.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104841): https://edk2.groups.io/g/devel/message/104841 Mute This Topic: https://groups.io/mt/98895182/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-