From nobody Mon Sep 16 19:01:43 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+104934+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+104934+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1684231245; cv=none; d=zohomail.com; s=zohoarc; b=eMEa0IFhAN2vphndfKRQkNRoHKuOzU7Mln42cx+bK3ICkgd/hchbwUtBnntgsj9s3XSRVRr8pUqOPQZ/iG5wJ5emb2RPGTwh2aDXpLXsSSWld5+ezSfvnJRmuCCQcIPF9yyeevMWuJjD1YrRr+FljEgB3ANl/cGbo9mygJGOovY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1684231245; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=JCqIdY/byqtQsCdc10EC/zc85Ikn4EvVJ1sf+4MBYsU=; b=GDXGgkwmwiJc33mt81qazYqDHU4eY/RSOqrXu65rU+fYJrfvYob2VlyiF22FHCJnjDVBIl54by2pDk65TYlt/7znW7HaAVEXRLtJI9kbqGKlGhvqDHGRnVtQ1cj7lZJJfIE4VJBUKZokP8pbmQx5X979nEJi7S5g8k07uqUMplA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+104934+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1684231245449766.4505702404239; Tue, 16 May 2023 03:00:45 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 2jfIYY1788612xP919WNDcDa; Tue, 16 May 2023 03:00:45 -0700 X-Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by mx.groups.io with SMTP id smtpd.web11.17915.1684231210780691710 for ; Tue, 16 May 2023 03:00:44 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10711"; a="417093422" X-IronPort-AV: E=Sophos;i="5.99,278,1677571200"; d="scan'208";a="417093422" X-Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 May 2023 03:00:44 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10711"; a="791019751" X-IronPort-AV: E=Sophos;i="5.99,278,1677571200"; d="scan'208";a="791019751" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 May 2023 03:00:42 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V4 14/15] UefiCpuPkg: Refinement to smm runtime InitPaging() code Date: Tue, 16 May 2023 17:59:31 +0800 Message-Id: <20230516095932.1525-15-dun.tan@intel.com> In-Reply-To: <20230516095932.1525-1-dun.tan@intel.com> References: <20230516095932.1525-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: IO2DEX2fcZiGwHPZmLsd7AH4x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1684231245; bh=75hQ0jDXuyZw0AKLURuzr5giDBPseMnPksVEpCc3vDI=; h=Cc:Date:From:Reply-To:Subject:To; b=oZIdCeWqeFSP/RNw7h/2h/VAfYkhP46iJ890Kbq4zAHDZQkqx9L8s4a3rtCdRwqdt1I OAeGoqjqeRJg16bbvPcMcD6z9UKVz+KmNiBm7zrbxP8A6t62jYuWblCxEYPOAbt9zrbhQ PuqIlcDPQ0Ig5phorL4NhbYrRGgcIkxX8Zk= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1684231247094100041 Content-Type: text/plain; charset="utf-8" This commit is code refinement to current smm runtime InitPaging() page table update code. In InitPaging(), if PcdCpuSmmProfileEnable is TRUE, use ConvertMemoryPageAttributes() API to map the range in mProtectionMemRange to the attrbute recorded in the attribute field of mProtectionMemRange, map the range outside mProtectionMemRange as non-present. If PcdCpuSmmProfileEnable is FALSE, only need to set the ranges not in mSmmCpuSmramRanges as NX. Signed-off-by: Dun Tan Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann --- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 37 +++++++++++++++++++++++++= ++++++++++++ UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 293 +++++++++++++++++++++++++= +++++++++++++++++++++++++++++++++++++++------------------------------------= ---------------------------------------------------------------------------= ---------------------------------------------------------------------------= ------------------------------------------- 2 files changed, 101 insertions(+), 229 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index 5399659bc0..12ad86028e 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -725,6 +725,43 @@ SmmBlockingStartupThisAp ( IN OUT VOID *ProcArguments OPTIONAL ); =20 +/** + This function modifies the page attributes for the memory region specifi= ed by BaseAddress and + Length from their current attributes to the attributes specified by Attr= ibutes. + + Caller should make sure BaseAddress and Length is at page boundary. + + @param[in] PageTableBase The page table base. + @param[in] BaseAddress The physical address that is the start add= ress of a memory region. + @param[in] Length The size in bytes of the memory region. + @param[in] Attributes The bit mask of attributes to modify for t= he memory region. + @param[in] IsSet TRUE means to set attributes. FALSE means = to clear attributes. + @param[out] IsModified TRUE means page table modified. FALSE mean= s page table not modified. + + @retval RETURN_SUCCESS The attributes were modified for the me= mory region. + @retval RETURN_ACCESS_DENIED The attributes for the memory resource = range specified by + BaseAddress and Length cannot be modifi= ed. + @retval RETURN_INVALID_PARAMETER Length is zero. + Attributes specified an illegal combina= tion of attributes that + cannot be set together. + @retval RETURN_OUT_OF_RESOURCES There are not enough system resources t= o modify the attributes of + the memory resource range. + @retval RETURN_UNSUPPORTED The processor does not support one or m= ore bytes of the memory + resource range specified by BaseAddress= and Length. + The bit mask of attributes is not suppo= rt for the memory resource + range specified by BaseAddress and Leng= th. +**/ +RETURN_STATUS +ConvertMemoryPageAttributes ( + IN UINTN PageTableBase, + IN PAGING_MODE PagingMode, + IN PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 Attributes, + IN BOOLEAN IsSet, + OUT BOOLEAN *IsModified OPTIONAL + ); + /** This function sets the attributes for the memory region specified by Bas= eAddress and Length from their current attributes to the attributes specified by Attr= ibutes. diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c b/UefiCpuPkg/PiSmmCpuDx= eSmm/SmmProfile.c index b298e2fb99..0b117b7b7b 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c @@ -589,254 +589,89 @@ InitPaging ( VOID ) { - UINT64 Pml5Entry; - UINT64 Pml4Entry; - UINT64 *Pml5; - UINT64 *Pml4; - UINT64 *Pdpt; - UINT64 *Pd; - UINT64 *Pt; - UINTN Address; - UINTN Pml5Index; - UINTN Pml4Index; - UINTN PdptIndex; - UINTN PdIndex; - UINTN PtIndex; - UINTN NumberOfPdptEntries; - UINTN NumberOfPml4Entries; - UINTN NumberOfPml5Entries; - UINTN SizeOfMemorySpace; - BOOLEAN Nx; - IA32_CR4 Cr4; - BOOLEAN Enable5LevelPaging; - BOOLEAN WpEnabled; - BOOLEAN CetEnabled; - - Cr4.UintN =3D AsmReadCr4 (); - Enable5LevelPaging =3D (BOOLEAN)(Cr4.Bits.LA57 =3D=3D 1); - - if (sizeof (UINTN) =3D=3D sizeof (UINT64)) { - if (!Enable5LevelPaging) { - Pml5Entry =3D (UINTN)mSmmProfileCr3 | IA32_PG_P; - Pml5 =3D &Pml5Entry; - } else { - Pml5 =3D (UINT64 *)(UINTN)mSmmProfileCr3; - } - - SizeOfMemorySpace =3D HighBitSet64 (gPhyMask) + 1; - ASSERT (SizeOfMemorySpace <=3D 52); - - // - // Calculate the table entries of PML5E, PML4E and PDPTE. - // - NumberOfPml5Entries =3D 1; - if (SizeOfMemorySpace > 48) { - if (Enable5LevelPaging) { - NumberOfPml5Entries =3D (UINTN)LShiftU64 (1, SizeOfMemorySpace - 4= 8); - } - - SizeOfMemorySpace =3D 48; - } - - NumberOfPml4Entries =3D 1; - if (SizeOfMemorySpace > 39) { - NumberOfPml4Entries =3D (UINTN)LShiftU64 (1, SizeOfMemorySpace - 39); - SizeOfMemorySpace =3D 39; - } - - NumberOfPdptEntries =3D 1; - ASSERT (SizeOfMemorySpace > 30); - NumberOfPdptEntries =3D (UINTN)LShiftU64 (1, SizeOfMemorySpace - 30); + RETURN_STATUS Status; + UINTN Index; + UINTN PageTable; + UINT64 Base; + UINT64 Length; + UINT64 Limit; + UINT64 PreviousAddress; + UINT64 MemoryAttrMask; + BOOLEAN WpEnabled; + BOOLEAN CetEnabled; + + PageTable =3D AsmReadCr3 (); + if (sizeof (UINTN) =3D=3D sizeof (UINT32)) { + Limit =3D BASE_4GB; } else { - Pml4Entry =3D (UINTN)mSmmProfileCr3 | IA32_PG_P; - Pml4 =3D &Pml4Entry; - Pml5Entry =3D (UINTN)Pml4 | IA32_PG_P; - Pml5 =3D &Pml5Entry; - NumberOfPml5Entries =3D 1; - NumberOfPml4Entries =3D 1; - NumberOfPdptEntries =3D 4; + Limit =3D (IsRestrictedMemoryAccess ()) ? LShiftU64 (1, mPhysicalAddre= ssBits) : BASE_4GB; } =20 DisableReadOnlyPageWriteProtect (&WpEnabled, &CetEnabled); // - // Go through page table and change 2MB-page into 4KB-page. + // [0, 4k] may be non-present. // - for (Pml5Index =3D 0; Pml5Index < NumberOfPml5Entries; Pml5Index++) { - if ((Pml5[Pml5Index] & IA32_PG_P) =3D=3D 0) { - // - // If PML5 entry does not exist, skip it - // - continue; - } + PreviousAddress =3D ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BI= T1) !=3D 0) ? BASE_4KB : 0; =20 - Pml4 =3D (UINT64 *)(UINTN)(Pml5[Pml5Index] & PHYSICAL_ADDRESS_MASK); - for (Pml4Index =3D 0; Pml4Index < NumberOfPml4Entries; Pml4Index++) { - if ((Pml4[Pml4Index] & IA32_PG_P) =3D=3D 0) { - // - // If PML4 entry does not exist, skip it - // - continue; + DEBUG ((DEBUG_INFO, "Patch page table start ...\n")); + if (FeaturePcdGet (PcdCpuSmmProfileEnable)) { + for (Index =3D 0; Index < mProtectionMemRangeCount; Index++) { + MemoryAttrMask =3D 0; + if ((mProtectionMemRange[Index].Nx =3D=3D TRUE) && mXdSupported) { + MemoryAttrMask |=3D EFI_MEMORY_XP; } =20 - Pdpt =3D (UINT64 *)(UINTN)(Pml4[Pml4Index] & ~mAddressEncMask & PHYS= ICAL_ADDRESS_MASK); - for (PdptIndex =3D 0; PdptIndex < NumberOfPdptEntries; PdptIndex++, = Pdpt++) { - if ((*Pdpt & IA32_PG_P) =3D=3D 0) { - // - // If PDPT entry does not exist, skip it - // - continue; - } - - if ((*Pdpt & IA32_PG_PS) !=3D 0) { - // - // This is 1G entry, skip it - // - continue; - } - - Pd =3D (UINT64 *)(UINTN)(*Pdpt & ~mAddressEncMask & PHYSICAL_ADDRE= SS_MASK); - if (Pd =3D=3D 0) { - continue; - } - - for (PdIndex =3D 0; PdIndex < SIZE_4KB / sizeof (*Pd); PdIndex++, = Pd++) { - if ((*Pd & IA32_PG_P) =3D=3D 0) { - // - // If PD entry does not exist, skip it - // - continue; - } - - Address =3D (UINTN)LShiftU64 ( - LShiftU64 ( - LShiftU64 ((Pml5Index << 9) + Pml4Index, 9)= + PdptIndex, - 9 - ) + PdIndex, - 21 - ); - - // - // If it is 2M page, check IsAddressSplit() - // - if (((*Pd & IA32_PG_PS) !=3D 0) && IsAddressSplit (Address)) { - // - // Based on current page table, create 4KB page table for spli= t area. - // - ASSERT (Address =3D=3D (*Pd & PHYSICAL_ADDRESS_MASK)); - - Pt =3D AllocatePageTableMemory (1); - ASSERT (Pt !=3D NULL); + if (mProtectionMemRange[Index].Present =3D=3D FALSE) { + MemoryAttrMask =3D EFI_MEMORY_RP; + } =20 - // Split it - for (PtIndex =3D 0; PtIndex < SIZE_4KB / sizeof (*Pt); PtIndex= ++) { - Pt[PtIndex] =3D Address + ((PtIndex << 12) | mAddressEncMask= | PAGE_ATTRIBUTE_BITS); - } // end for PT + Base =3D mProtectionMemRange[Index].Range.Base; + Length =3D mProtectionMemRange[Index].Range.Top - Base; + if (MemoryAttrMask !=3D 0) { + Status =3D ConvertMemoryPageAttributes (PageTable, mPagingMode, Ba= se, Length, MemoryAttrMask, TRUE, NULL); + ASSERT_RETURN_ERROR (Status); + } =20 - *Pd =3D (UINT64)(UINTN)Pt | mAddressEncMask | PAGE_ATTRIBUTE_B= ITS; - } // end if IsAddressSplit - } // end for PD - } // end for PDPT - } // end for PML4 - } // end for PML5 + if (Base > PreviousAddress) { + // + // Mark the ranges not in mProtectionMemRange as non-present. + // + MemoryAttrMask =3D EFI_MEMORY_RP; + Status =3D ConvertMemoryPageAttributes (PageTable, mPaging= Mode, PreviousAddress, Base - PreviousAddress, MemoryAttrMask, TRUE, NULL); + ASSERT_RETURN_ERROR (Status); + } =20 - // - // Go through page table and set several page table entries to absent or= execute-disable. - // - DEBUG ((DEBUG_INFO, "Patch page table start ...\n")); - for (Pml5Index =3D 0; Pml5Index < NumberOfPml5Entries; Pml5Index++) { - if ((Pml5[Pml5Index] & IA32_PG_P) =3D=3D 0) { - // - // If PML5 entry does not exist, skip it - // - continue; + PreviousAddress =3D Base + Length; } =20 - Pml4 =3D (UINT64 *)(UINTN)(Pml5[Pml5Index] & PHYSICAL_ADDRESS_MASK); - for (Pml4Index =3D 0; Pml4Index < NumberOfPml4Entries; Pml4Index++) { - if ((Pml4[Pml4Index] & IA32_PG_P) =3D=3D 0) { + // + // This assignment is for setting the last remaining range + // + MemoryAttrMask =3D EFI_MEMORY_RP; + } else { + MemoryAttrMask =3D EFI_MEMORY_XP; + for (Index =3D 0; Index < mSmmCpuSmramRangeCount; Index++) { + Base =3D mSmmCpuSmramRanges[Index].CpuStart; + if ((Base > PreviousAddress) && mXdSupported) { // - // If PML4 entry does not exist, skip it + // Mark the ranges not in mSmmCpuSmramRanges as NX. // - continue; + Status =3D ConvertMemoryPageAttributes (PageTable, mPagingMode, Pr= eviousAddress, Base - PreviousAddress, MemoryAttrMask, TRUE, NULL); + ASSERT_RETURN_ERROR (Status); } =20 - Pdpt =3D (UINT64 *)(UINTN)(Pml4[Pml4Index] & ~mAddressEncMask & PHYS= ICAL_ADDRESS_MASK); - for (PdptIndex =3D 0; PdptIndex < NumberOfPdptEntries; PdptIndex++, = Pdpt++) { - if ((*Pdpt & IA32_PG_P) =3D=3D 0) { - // - // If PDPT entry does not exist, skip it - // - continue; - } - - if ((*Pdpt & IA32_PG_PS) !=3D 0) { - // - // This is 1G entry, set NX bit and skip it - // - if (mXdSupported) { - *Pdpt =3D *Pdpt | IA32_PG_NX; - } - - continue; - } - - Pd =3D (UINT64 *)(UINTN)(*Pdpt & ~mAddressEncMask & PHYSICAL_ADDRE= SS_MASK); - if (Pd =3D=3D 0) { - continue; - } + PreviousAddress =3D mSmmCpuSmramRanges[Index].CpuStart + mSmmCpuSmra= mRanges[Index].PhysicalSize; + } + } =20 - for (PdIndex =3D 0; PdIndex < SIZE_4KB / sizeof (*Pd); PdIndex++, = Pd++) { - if ((*Pd & IA32_PG_P) =3D=3D 0) { - // - // If PD entry does not exist, skip it - // - continue; - } - - Address =3D (UINTN)LShiftU64 ( - LShiftU64 ( - LShiftU64 ((Pml5Index << 9) + Pml4Index, 9)= + PdptIndex, - 9 - ) + PdIndex, - 21 - ); - - if ((*Pd & IA32_PG_PS) !=3D 0) { - // 2MB page - - if (!IsAddressValid (Address, &Nx)) { - // - // Patch to remove Present flag and RW flag - // - *Pd =3D *Pd & (INTN)(INT32)(~PAGE_ATTRIBUTE_BITS); - } - - if (Nx && mXdSupported) { - *Pd =3D *Pd | IA32_PG_NX; - } - } else { - // 4KB page - Pt =3D (UINT64 *)(UINTN)(*Pd & ~mAddressEncMask & PHYSICAL_ADD= RESS_MASK); - if (Pt =3D=3D 0) { - continue; - } - - for (PtIndex =3D 0; PtIndex < SIZE_4KB / sizeof (*Pt); PtIndex= ++, Pt++) { - if (!IsAddressValid (Address, &Nx)) { - *Pt =3D *Pt & (INTN)(INT32)(~PAGE_ATTRIBUTE_BITS); - } - - if (Nx && mXdSupported) { - *Pt =3D *Pt | IA32_PG_NX; - } - - Address +=3D SIZE_4KB; - } // end for PT - } // end if PS - } // end for PD - } // end for PDPT - } // end for PML4 - } // end for PML5 + if (PreviousAddress < Limit) { + // + // Set the last remaining range to EFI_MEMORY_RP/EFI_MEMORY_XP. + // This path applies to both SmmProfile enable/disable case. + // + Status =3D ConvertMemoryPageAttributes (PageTable, mPagingMode, Previo= usAddress, Limit - PreviousAddress, MemoryAttrMask, TRUE, NULL); + ASSERT_RETURN_ERROR (Status); + } =20 EnableReadOnlyPageWriteProtect (WpEnabled, CetEnabled); =20 --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104934): https://edk2.groups.io/g/devel/message/104934 Mute This Topic: https://groups.io/mt/98922942/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-