From nobody Mon Dec 23 18:15:23 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1516006494165148.0386606653866; Mon, 15 Jan 2018 00:54:54 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 0062021D2BF00; Mon, 15 Jan 2018 00:49:30 -0800 (PST) Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 9A25821D2BEE2 for ; Mon, 15 Jan 2018 00:49:27 -0800 (PST) Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 15 Jan 2018 00:54:45 -0800 Received: from jwang36-mobl2.ccr.corp.intel.com ([10.239.192.117]) by fmsmga004.fm.intel.com with ESMTP; 15 Jan 2018 00:54:44 -0800 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Permerror (SPF Permanent Error: Void lookup limit of 2 exceeded) identity=mailfrom; client-ip=192.55.52.120; helo=mga04.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.46,362,1511856000"; d="scan'208";a="21534513" From: Jian J Wang To: edk2-devel@lists.01.org Date: Mon, 15 Jan 2018 16:54:31 +0800 Message-Id: <20180115085433.25008-5-jian.j.wang@intel.com> X-Mailer: git-send-email 2.15.1.windows.2 In-Reply-To: <20180115085433.25008-1-jian.j.wang@intel.com> References: <20180115085433.25008-1-jian.j.wang@intel.com> Subject: [edk2] [PATCH 4/6] UefiCpuPkg/PiSmmCpuDxeSmm: Enable NXE if it's supported X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ruiyu Ni , Laszlo Ersek , Jiewen Yao , Eric Dong MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" If PcdDxeNxMemoryProtectionPolicy is set to enable protection for memory of EfiBootServicesCode, EfiConventionalMemory, the BIOS will hang at a page fault exception triggered by PiSmmCpuDxeSmm. The root cause is that PiSmmCpuDxeSmm will access default SMM RAM starting at 0x30000 which is marked as non-executable, but NX feature was not enabled during SMM initialization. Accessing memory which has invalid attributes set will cause page fault exception. This patch fixes it by checking NX capability in cpuid and enable NXE in EFER MSR if it's available. Cc: Jiewen Yao Cc: Ruiyu Ni Cc: Eric Dong Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang Reviewed-by: Eric Dong --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm | 14 ++++++++++++++ UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm | 12 +++++++++++- 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm b/UefiCpuPkg/PiSmm= CpuDxeSmm/Ia32/SmmInit.nasm index d9df3626c7..db172f108a 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm @@ -42,6 +42,11 @@ ASM_PFX(gcSmiInitGdtr): =20 global ASM_PFX(SmmStartup) ASM_PFX(SmmStartup): + DB 0x66 + mov eax, 0x80000001 ; read capability + cpuid + DB 0x66 + mov ebx, edx ; rdmsr will change edx. keep it i= n ebx. DB 0x66, 0xb8 ASM_PFX(gSmmCr3): DD 0 mov cr3, eax @@ -50,6 +55,15 @@ ASM_PFX(gSmmCr3): DD 0 DB 0x66, 0xb8 ASM_PFX(gSmmCr4): DD 0 mov cr4, eax + DB 0x66 + mov ecx, 0xc0000080 ; IA32_EFER MSR + rdmsr + DB 0x66 + test ebx, BIT20 ; check NXE capability + jz .1 + or ah, BIT3 ; set NXE bit + wrmsr +.1: DB 0x66, 0xb8 ASM_PFX(gSmmCr0): DD 0 DB 0xbf, PROTECT_MODE_DS, 0 ; mov di, PROTECT_MODE_DS diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm b/UefiCpuPkg/PiSmmC= puDxeSmm/X64/SmmInit.nasm index 9d05e2cb05..2a3a1141c3 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm @@ -42,6 +42,11 @@ ASM_PFX(gcSmiInitGdtr): =20 global ASM_PFX(SmmStartup) ASM_PFX(SmmStartup): + DB 0x66 + mov eax, 0x80000001 ; read capability + cpuid + DB 0x66 + mov ebx, edx ; rdmsr will change edx. keep it i= n ebx. DB 0x66, 0xb8 ; mov eax, imm32 ASM_PFX(gSmmCr3): DD 0 mov cr3, rax @@ -54,7 +59,12 @@ ASM_PFX(gSmmCr4): DD 0 DB 0x66 mov ecx, 0xc0000080 ; IA32_EFER MSR rdmsr - or ah, 1 ; set LME bit + or ah, BIT0 ; set LME bit + DB 0x66 + test ebx, BIT20 ; check NXE capability + jz .1 + or ah, BIT3 ; set NXE bit +.1: wrmsr DB 0x66, 0xb8 ; mov eax, imm32 ASM_PFX(gSmmCr0): DD 0 --=20 2.15.1.windows.2 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel