If PcdDxeNxMemoryProtectionPolicy is set to enable protection for memory
of EfiReservedMemoryType, the BIOS will hang at a page fault exception
during starting SMM driver.
The root cause is that SMM RAM is type of EfiReservedMemoryType and
marked as non-executable. The fix is simply removing NX attribute for
those memory.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c
index a7663ca291..94d671bd74 100644
--- a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c
+++ b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c
@@ -1550,6 +1550,7 @@ SmmIplEntry (
EFI_CPU_ARCH_PROTOCOL *CpuArch;
EFI_STATUS SetAttrStatus;
EFI_SMRAM_DESCRIPTOR *SmramRangeSmmDriver;
+ EFI_GCD_MEMORY_SPACE_DESCRIPTOR MemDesc;
//
// Fill in the image handle of the SMM IPL so the SMM Core can use this as the
@@ -1616,7 +1617,8 @@ SmmIplEntry (
GetSmramCacheRange (mCurrentSmramRange, &mSmramCacheBase, &mSmramCacheSize);
//
- // If CPU AP is present, attempt to set SMRAM cacheability to WB
+ // If CPU AP is present, attempt to set SMRAM cacheability to WB and clear
+ // XP if it's set.
// Note that it is expected that cacheability of SMRAM has been set to WB if CPU AP
// is not available here.
//
@@ -1630,7 +1632,19 @@ SmmIplEntry (
);
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_WARN, "SMM IPL failed to set SMRAM window to EFI_MEMORY_WB\n"));
- }
+ }
+
+ Status = gDS->GetMemorySpaceDescriptor(
+ mCurrentSmramRange->PhysicalStart,
+ &MemDesc
+ );
+ if (!EFI_ERROR (Status) && (MemDesc.Attributes & EFI_MEMORY_XP) != 0) {
+ gDS->SetMemorySpaceAttributes (
+ mCurrentSmramRange->PhysicalStart,
+ mCurrentSmramRange->PhysicalSize,
+ MemDesc.Attributes & (~EFI_MEMORY_XP)
+ );
+ }
}
//
// if Loading module at Fixed Address feature is enabled, save the SMRAM base to Load
--
2.15.1.windows.2
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Reviewed-by: Star Zeng <star.zeng@intel.com> -----Original Message----- From: Wang, Jian J Sent: Monday, January 15, 2018 4:55 PM To: edk2-devel@lists.01.org Cc: Yao, Jiewen <jiewen.yao@intel.com>; Ni, Ruiyu <ruiyu.ni@intel.com>; Dong, Eric <eric.dong@intel.com>; Zeng, Star <star.zeng@intel.com> Subject: [PATCH 5/6] MdeModulePkg/PiSmmCore: remove NX attr for SMM RAM If PcdDxeNxMemoryProtectionPolicy is set to enable protection for memory of EfiReservedMemoryType, the BIOS will hang at a page fault exception during starting SMM driver. The root cause is that SMM RAM is type of EfiReservedMemoryType and marked as non-executable. The fix is simply removing NX attribute for those memory. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang <jian.j.wang@intel.com> --- MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c index a7663ca291..94d671bd74 100644 --- a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c +++ b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c @@ -1550,6 +1550,7 @@ SmmIplEntry ( EFI_CPU_ARCH_PROTOCOL *CpuArch; EFI_STATUS SetAttrStatus; EFI_SMRAM_DESCRIPTOR *SmramRangeSmmDriver; + EFI_GCD_MEMORY_SPACE_DESCRIPTOR MemDesc; // // Fill in the image handle of the SMM IPL so the SMM Core can use this as the @@ -1616,7 +1617,8 @@ SmmIplEntry ( GetSmramCacheRange (mCurrentSmramRange, &mSmramCacheBase, &mSmramCacheSize); // - // If CPU AP is present, attempt to set SMRAM cacheability to WB + // If CPU AP is present, attempt to set SMRAM cacheability to WB and clear + // XP if it's set. // Note that it is expected that cacheability of SMRAM has been set to WB if CPU AP // is not available here. // @@ -1630,7 +1632,19 @@ SmmIplEntry ( ); if (EFI_ERROR (Status)) { DEBUG ((DEBUG_WARN, "SMM IPL failed to set SMRAM window to EFI_MEMORY_WB\n")); - } + } + + Status = gDS->GetMemorySpaceDescriptor( + mCurrentSmramRange->PhysicalStart, + &MemDesc + ); + if (!EFI_ERROR (Status) && (MemDesc.Attributes & EFI_MEMORY_XP) != 0) { + gDS->SetMemorySpaceAttributes ( + mCurrentSmramRange->PhysicalStart, + mCurrentSmramRange->PhysicalSize, + MemDesc.Attributes & (~EFI_MEMORY_XP) + ); + } } // // if Loading module at Fixed Address feature is enabled, save the SMRAM base to Load -- 2.15.1.windows.2 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
© 2016 - 2024 Red Hat, Inc.