From nobody Thu May 16 08:21:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+110884+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+110884+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1699410027; cv=none; d=zohomail.com; s=zohoarc; b=n3XrnGU+2zZ4+a4HZx1f1euVRT6d3PNhSaZRsdFkCHYcmDv0H/OKP6ZN3BiFFa26DzXMFOQwzYzTTI8Iofru7u4linBPV6ArQoir/M6pEOFfNeNymgSvvg0eygB5ulsGx5oyjohmP5vV7uDmunbL1WTPHvOKC+4v+8yW6prLz9E= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1699410027; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id; bh=5ZQdbBHXSy1ylYWQ2uMsp+VOjxHBb2cewKu5rLhauUY=; b=C5ou2pTaY3yXiaMCZvQbiF5Dg1IqxPA7RsrLui9w5Mcb27KdclOy3s3BD27IVSoAAqD2kfW8cp92i3V6vg3DnUGhLu9g2RPfBQ01s1mF7drL1UNSsoxXYm+C0B+gd3uvWncLZFUfngE/phdZapHz/L/XTdXFy6Sl+Lx9aDMKoFI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+110884+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1699410027080210.1280255508317; Tue, 7 Nov 2023 18:20:27 -0800 (PST) Return-Path: DKIM-Signature: a=rsa-sha256; bh=VIO6WWNvOwwv94r4jF9RKcFUYnHdYkD03xjRPpBKsro=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1699410026; v=1; b=ZCcUMJXcCEkCND7zUE8RlsL+fSIgycpmrpR9aHdS15GjXStUZSBltgVMqWk/vspuaEnQRNL2 BmvzltSnNc2FFKCQuvEGrmU2Zj0xasZitn5zp5Q8WDBKGSl2fHEOofduXKEjqOFujdN4CrctF0e GYeXw6oOfddneKqd5F2pQXqo= X-Received: by 127.0.0.2 with SMTP id DtU5YY1788612xVJ0ADI11p7; Tue, 07 Nov 2023 18:20:26 -0800 X-Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web11.5520.1699410024118966955 for ; Tue, 07 Nov 2023 18:20:26 -0800 X-IronPort-AV: E=McAfee;i="6600,9927,10887"; a="392543218" X-IronPort-AV: E=Sophos;i="6.03,285,1694761200"; d="scan'208";a="392543218" X-Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2023 18:20:26 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10887"; a="712788843" X-IronPort-AV: E=Sophos;i="6.03,285,1694761200"; d="scan'208";a="712788843" X-Received: from shwdesssddpdwei.ccr.corp.intel.com ([10.239.157.28]) by orsmga003.jf.intel.com with ESMTP; 07 Nov 2023 18:20:24 -0800 From: "Sheng Wei" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Laszlo Ersek , Wu Jiaxin , Tan Dun Subject: [edk2-devel] [PATCH v3 1/2] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR4.CET before restoring MSR IA32_S_CET Date: Wed, 8 Nov 2023 10:20:08 +0800 Message-Id: <20231108022009.312-2-w.sheng@intel.com> In-Reply-To: <20231108022009.312-1-w.sheng@intel.com> References: <20231108022009.312-1-w.sheng@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,w.sheng@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 3t9HREpVr81txGbhxaTxXgO0x1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1699410027904100005 Content-Type: text/plain; charset="utf-8" Clear CR4.CET bit before restoring MSR IA32_S_CET. Backup/restore MSR IA32_U_CET in SMI. Signed-off-by: Sheng Wei Cc: Eric Dong Cc: Ray Ni Cc: Laszlo Ersek Cc: Wu Jiaxin Cc: Tan Dun --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 53 ++++++++++++--- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 69 ++++++++++++++++---- 2 files changed, 98 insertions(+), 24 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm b/UefiCpuPkg/PiSm= mCpuDxeSmm/Ia32/SmiEntry.nasm index 19de5f614e..68332e2c3f 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm @@ -16,18 +16,19 @@ %include "StuffRsbNasm.inc" %include "Nasm.inc" =20 +%define MSR_IA32_U_CET 0x6A0 %define MSR_IA32_S_CET 0x6A2 -%define MSR_IA32_CET_SH_STK_EN 0x1 -%define MSR_IA32_CET_WR_SHSTK_EN 0x2 -%define MSR_IA32_CET_ENDBR_EN 0x4 -%define MSR_IA32_CET_LEG_IW_EN 0x8 -%define MSR_IA32_CET_NO_TRACK_EN 0x10 -%define MSR_IA32_CET_SUPPRESS_DIS 0x20 -%define MSR_IA32_CET_SUPPRESS 0x400 -%define MSR_IA32_CET_TRACKER 0x800 +%define MSR_IA32_CET_SH_STK_EN 0x1 +%define MSR_IA32_CET_WR_SHSTK_EN 0x2 +%define MSR_IA32_CET_ENDBR_EN 0x4 +%define MSR_IA32_CET_LEG_IW_EN 0x8 +%define MSR_IA32_CET_NO_TRACK_EN 0x10 +%define MSR_IA32_CET_SUPPRESS_DIS 0x20 +%define MSR_IA32_CET_SUPPRESS 0x400 +%define MSR_IA32_CET_TRACKER 0x800 %define MSR_IA32_PL0_SSP 0x6A4 =20 -%define CR4_CET 0x800000 +%define CR4_CET_BIT 23 =20 %define MSR_IA32_MISC_ENABLE 0x1A0 %define MSR_EFER 0xc0000080 @@ -214,11 +215,21 @@ ASM_PFX(mPatchCetSupported): push edx push eax =20 + mov ecx, MSR_IA32_U_CET + rdmsr + push edx + push eax + mov ecx, MSR_IA32_PL0_SSP rdmsr push edx push eax =20 + mov ecx, MSR_IA32_U_CET + xor eax, eax + xor edx, edx + wrmsr + mov ecx, MSR_IA32_S_CET mov eax, MSR_IA32_CET_SH_STK_EN xor edx, edx @@ -276,6 +287,11 @@ CetDone: cmp al, 0 jz CetDone2 =20 + mov ecx, MSR_IA32_S_CET + xor eax, eax + xor edx, edx + wrmsr + mov eax, 0x668 mov cr4, eax ; disable CET =20 @@ -284,10 +300,15 @@ CetDone: pop edx wrmsr =20 - mov ecx, MSR_IA32_S_CET + mov ecx, MSR_IA32_U_CET pop eax pop edx wrmsr + + mov ecx, MSR_IA32_S_CET + pop eax + pop edx + mov ebx, eax CetDone2: =20 mov eax, ASM_PFX(mXdSupported) @@ -305,6 +326,18 @@ CetDone2: .7: =20 StuffRsb32 + + mov eax, ASM_PFX(mCetSupported) + mov al, [eax] + cmp al, 0 + jz CetDone3 + + mov ecx, MSR_IA32_S_CET + mov eax, ebx + xor edx, edx + wrmsr +CetDone3: + rsm =20 ASM_PFX(gcSmiHandlerSize): DW $ - _SmiEntryPoint diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmm= CpuDxeSmm/X64/SmiEntry.nasm index d302ca8d01..007fbff640 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm @@ -20,19 +20,20 @@ ; Variables referenced by C code ; =20 +%define MSR_IA32_U_CET 0x6A0 %define MSR_IA32_S_CET 0x6A2 -%define MSR_IA32_CET_SH_STK_EN 0x1 -%define MSR_IA32_CET_WR_SHSTK_EN 0x2 -%define MSR_IA32_CET_ENDBR_EN 0x4 -%define MSR_IA32_CET_LEG_IW_EN 0x8 -%define MSR_IA32_CET_NO_TRACK_EN 0x10 -%define MSR_IA32_CET_SUPPRESS_DIS 0x20 -%define MSR_IA32_CET_SUPPRESS 0x400 -%define MSR_IA32_CET_TRACKER 0x800 +%define MSR_IA32_CET_SH_STK_EN 0x1 +%define MSR_IA32_CET_WR_SHSTK_EN 0x2 +%define MSR_IA32_CET_ENDBR_EN 0x4 +%define MSR_IA32_CET_LEG_IW_EN 0x8 +%define MSR_IA32_CET_NO_TRACK_EN 0x10 +%define MSR_IA32_CET_SUPPRESS_DIS 0x20 +%define MSR_IA32_CET_SUPPRESS 0x400 +%define MSR_IA32_CET_TRACKER 0x800 %define MSR_IA32_PL0_SSP 0x6A4 %define MSR_IA32_INTERRUPT_SSP_TABLE_ADDR 0x6A8 =20 -%define CR4_CET 0x800000 +%define CR4_CET_BIT 23 =20 %define MSR_IA32_MISC_ENABLE 0x1A0 %define MSR_EFER 0xc0000080 @@ -230,6 +231,11 @@ ASM_PFX(mPatchCetSupported): push rdx push rax =20 + mov ecx, MSR_IA32_U_CET + rdmsr + push rdx + push rax + mov ecx, MSR_IA32_PL0_SSP rdmsr push rdx @@ -240,6 +246,11 @@ ASM_PFX(mPatchCetSupported): push rdx push rax =20 + mov ecx, MSR_IA32_U_CET + xor eax, eax + xor edx, edx + wrmsr + mov ecx, MSR_IA32_S_CET mov eax, MSR_IA32_CET_SH_STK_EN xor edx, edx @@ -316,13 +327,20 @@ CpuSmmDebugExitAbsAddr: add rsp, 0x200 =20 mov rax, strict qword 0 ; mov rax, ASM_PFX(mCetSuppo= rted) -mCetSupportedAbsAddr: +mCetSupportedAbsAddr1: mov al, [rax] cmp al, 0 jz CetDone2 =20 - mov eax, 0x668 - mov cr4, rax ; disable CET + mov ecx, MSR_IA32_S_CET + xor eax, eax + xor edx, edx + wrmsr + + ; clear CR4.CET bit + mov rax, cr4 + btr rax, CR4_CET_BIT + mov cr4, rax =20 mov ecx, MSR_IA32_INTERRUPT_SSP_TABLE_ADDR pop rax @@ -334,10 +352,15 @@ mCetSupportedAbsAddr: pop rdx wrmsr =20 - mov ecx, MSR_IA32_S_CET + mov ecx, MSR_IA32_U_CET pop rax pop rdx wrmsr + + mov ecx, MSR_IA32_S_CET + pop rax + pop rdx + mov ebx, eax CetDone2: =20 mov rax, strict qword 0 ; lea rax, [ASM_PFX(mXdS= upported)] @@ -356,6 +379,19 @@ mXdSupportedAbsAddr: .1: =20 StuffRsb64 + + mov rax, strict qword 0 ; mov rax, ASM_PFX(mCetSuppo= rted) +mCetSupportedAbsAddr2: + mov al, [rax] + cmp al, 0 + jz CetDone3 + + mov ecx, MSR_IA32_S_CET + mov eax, ebx + xor edx, edx + wrmsr +CetDone3: + rsm =20 ASM_PFX(gcSmiHandlerSize) DW $ - _SmiEntryPoint @@ -391,6 +427,11 @@ ASM_PFX(PiSmmCpuSmiEntryFixupAddress): mov qword [rcx - 8], rax =20 lea rax, [ASM_PFX(mCetSupported)] - lea rcx, [mCetSupportedAbsAddr] + lea rcx, [mCetSupportedAbsAddr1] mov qword [rcx - 8], rax + + lea rax, [ASM_PFX(mCetSupported)] + lea rcx, [mCetSupportedAbsAddr2] + mov qword [rcx - 8], rax + ret --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110884): https://edk2.groups.io/g/devel/message/110884 Mute This Topic: https://groups.io/mt/102457044/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 08:21:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+110885+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+110885+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1699410029; cv=none; d=zohomail.com; s=zohoarc; b=VR6u60LX3zihKe4I1HllVOsJyrSxLSXWZWwLzxPq7puvz+u8YG/8sTarjK7UQ75jMUBA6E5/vktusmFKyT8OTaiBIBlbDmzhk5wXhiIOEoL4WCvWAe6bXqHNmhZIpD3nWZbsHQwPkzFrbciZWRYQibaW/Nz6z0Pe0fOg5ObfzVk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1699410029; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id; bh=X+12QaNz34TJb64dG2oSYtcGaHHXnegtFECcf/BX7WY=; b=LzSmPhgKBtXoEJgZwTaTxwl4Moa5Qsiw/3fdVL82lrn2CBywOq5Ow+2GfCUTrdL0dPTgMx+eOQYjTghi8eoGIydsLyvAcGPWZn4DyYKK2UuMeGP5TWBAzFeuG2J42F/lUgQC1gSufTCVyDls/d+5/awQL3EkSrQgSDNNCx1LsgE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+110885+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1699410029213610.8724723111147; Tue, 7 Nov 2023 18:20:29 -0800 (PST) Return-Path: DKIM-Signature: a=rsa-sha256; bh=2N3abc1Jb5CY+Bfbzd6Ld7JVIAA5F4mHkBVlONVIvsI=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1699410028; v=1; b=VQQcrWoePbV7LMSiYY14eI80SFTbxy4NhCr5rxF1QhOzrQi1rTY4xQlXV4cfB9TwGzeWMguu VC4Oby7vdpQEOmjloQSpvMoxIYVQszu6uqxXrxNbgm+sVksfJYLC2ugITtLuXXZXkwEJ9NoqxKD +38SrfEdOxocI7FSsVgxnujM= X-Received: by 127.0.0.2 with SMTP id 3OjNYY1788612xzUJXHwRod4; Tue, 07 Nov 2023 18:20:28 -0800 X-Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web11.5520.1699410024118966955 for ; Tue, 07 Nov 2023 18:20:28 -0800 X-IronPort-AV: E=McAfee;i="6600,9927,10887"; a="392543223" X-IronPort-AV: E=Sophos;i="6.03,285,1694761200"; d="scan'208";a="392543223" X-Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2023 18:20:28 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10887"; a="712788863" X-IronPort-AV: E=Sophos;i="6.03,285,1694761200"; d="scan'208";a="712788863" X-Received: from shwdesssddpdwei.ccr.corp.intel.com ([10.239.157.28]) by orsmga003.jf.intel.com with ESMTP; 07 Nov 2023 18:20:26 -0800 From: "Sheng Wei" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Laszlo Ersek , Wu Jiaxin , Tan Dun Subject: [edk2-devel] [PATCH v3 2/2] UefiCpuPkg/PiSmmCpuDxeSmm: Change CR4.CET bit only Date: Wed, 8 Nov 2023 10:20:09 +0800 Message-Id: <20231108022009.312-3-w.sheng@intel.com> In-Reply-To: <20231108022009.312-1-w.sheng@intel.com> References: <20231108022009.312-1-w.sheng@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,w.sheng@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: L7rEVkycQyXDuCVOrrJh3pixx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1699410029925100009 Content-Type: text/plain; charset="utf-8" Do not use fixed CR4 value 0x668, change CR4.CET bit only. Signed-off-by: Sheng Wei Cc: Eric Dong Cc: Ray Ni Cc: Laszlo Ersek Cc: Wu Jiaxin Cc: Tan Dun --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 9 ++++++--- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 3 ++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm b/UefiCpuPkg/PiSm= mCpuDxeSmm/Ia32/SmiEntry.nasm index 68332e2c3f..a087576a54 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm @@ -260,7 +260,8 @@ CetInterruptDone: bts ecx, 16 ; set WP mov cr0, ecx =20 - mov eax, 0x668 | CR4_CET + mov eax, cr4 + bts eax, CR4_CET_BIT mov cr4, eax =20 setssbsy @@ -292,8 +293,10 @@ CetDone: xor edx, edx wrmsr =20 - mov eax, 0x668 - mov cr4, eax ; disable CET + ; clear CR4.CET bit + mov eax, cr4 + btr eax, CR4_CET_BIT + mov cr4, eax =20 mov ecx, MSR_IA32_PL0_SSP pop eax diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmm= CpuDxeSmm/X64/SmiEntry.nasm index 007fbff640..7aed7c8dda 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm @@ -287,7 +287,8 @@ CetInterruptDone: bts ecx, 16 ; set WP mov cr0, rcx =20 - mov eax, 0x668 | CR4_CET + mov rax, cr4 + bts rax, CR4_CET_BIT mov cr4, rax =20 setssbsy --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110885): https://edk2.groups.io/g/devel/message/110885 Mute This Topic: https://groups.io/mt/102457046/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-