From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 36F6821CFA60C for ; Thu, 24 Aug 2017 02:00:22 -0700 (PDT) Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga105.fm.intel.com with ESMTP; 24 Aug 2017 02:02:56 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.41,420,1498546800"; d="scan'208,217";a="144027580" Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205]) by fmsmga006.fm.intel.com with ESMTP; 24 Aug 2017 02:02:56 -0700 Received: from fmsmsx116.amr.corp.intel.com (10.18.116.20) by fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS) id 14.3.319.2; Thu, 24 Aug 2017 02:02:56 -0700 Received: from shsmsx104.ccr.corp.intel.com (10.239.4.70) by fmsmsx116.amr.corp.intel.com (10.18.116.20) with Microsoft SMTP Server (TLS) id 14.3.319.2; Thu, 24 Aug 2017 02:02:55 -0700 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.183]) by SHSMSX104.ccr.corp.intel.com ([169.254.5.117]) with mapi id 14.03.0319.002; Thu, 24 Aug 2017 17:02:54 +0800 From: "Zeng, Star" To: "Yao, Jiewen" , "edk2-devel@lists.01.org" CC: Laszlo Ersek , "Dong, Eric" , "Zeng, Star" Thread-Topic: [edk2] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Fix memory protection crash Thread-Index: AQHTHIf0iDrAg4RIVk2t8D1jiWakqKKSrUGAgACHlTA= Date: Thu, 24 Aug 2017 09:02:53 +0000 Message-ID: <0C09AFA07DD0434D9E2A0C6AEB0483103B91D32C@shsmsx102.ccr.corp.intel.com> References: <1503544809-166388-1-git-send-email-star.zeng@intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A995706@shsmsx102.ccr.corp.intel.com> In-Reply-To: <74D8A39837DF1E4DA445A8C0B3885C503A995706@shsmsx102.ccr.corp.intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 X-Content-Filtered-By: Mailman/MimeDel 2.1.22 Subject: Re: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Fix memory protection crash X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Aug 2017 09:00:22 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Thanks for the Reviewed-by. Sorry I did not check the whole thread at https://lists.01.org/pipermail/ed= k2-devel/2017-July/012283.html that has the discussion about the validity o= f BASE 0 + LENGTH 4G (Case1) and BASE 4G + LENGTH 0 (Case2). Current code has filtered Case2. @retval RETURN_INVALID_PARAMETER Length is zero. if (Length =3D=3D 0) { return RETURN_INVALID_PARAMETER; } If we agree Case1 needs to be considered, I am ok to update the patch accor= dingly. :) Thanks, Star From: Yao, Jiewen Sent: Thursday, August 24, 2017 4:52 PM To: Zeng, Star ; edk2-devel@lists.01.org Cc: Laszlo Ersek ; Dong, Eric ; Zen= g, Star Subject: RE: [edk2] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Fix memory protectio= n crash Reviewed-by: Jiewen.yao@intel.com From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Star= Zeng Sent: Thursday, August 24, 2017 11:20 AM To: edk2-devel@lists.01.org Cc: Laszlo Ersek >; Yao, Jiewen= >; Dong, Eric >; Zeng, Star > Subject: [edk2] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Fix memory protection cr= ash https://bugzilla.tianocore.org/show_bug.cgi?id=3D624 reports memory protection crash in PiSmmCpuDxeSmm, Ia32 build with RAM above 4GB (of which 2GB are placed in 64-bit address). It is because UEFI builds identity mapping page tables, >4G address is not supported at Ia32 build. This patch is to get the PhysicalAddressBits that is used to build in PageTbl.c(Ia32/X64), and use it to check whether the address is supported or not in ConvertMemoryPageAttributes(). With this patch, the debug messages will be like below. UefiMemory protection: 0x0 - 0x9F000 Success UefiMemory protection: 0x100000 - 0x807000 Success UefiMemory protection: 0x808000 - 0x810000 Success UefiMemory protection: 0x818000 - 0x820000 Success UefiMemory protection: 0x1510000 - 0x7B798000 Success UefiMemory protection: 0x7B79B000 - 0x7E538000 Success UefiMemory protection: 0x7E539000 - 0x7E545000 Success UefiMemory protection: 0x7E55A000 - 0x7E61F000 Success UefiMemory protection: 0x7E62B000 - 0x7F6AB000 Success UefiMemory protection: 0x7F703000 - 0x7F70B000 Success UefiMemory protection: 0x7F70F000 - 0x7F778000 Success UefiMemory protection: 0x100000000 - 0x180000000 Unsupported Cc: Jiewen Yao > Cc: Laszlo Ersek > Cc: Eric Dong > Originally-suggested-by: Jiewen Yao > Reported-by: Laszlo Ersek > Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng > --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 4 +++ UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 1 + UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 31 +++++++++++++++++-= ---- 3 files changed, 30 insertions(+), 6 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c b/UefiCpuPkg/PiSmmCpu= DxeSmm/Ia32/PageTbl.c index 32ce5958c59c..e88b42d73343 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c @@ -16,6 +16,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER= EXPRESS OR IMPLIED. #include "PiSmmCpuDxeSmm.h" +UINT8 mPhysicalAddressBits; + /** Create PageTable for SMM use. @@ -36,6 +38,8 @@ SmmInitPageTable ( // InitializeSpinLock (mPFLock); + mPhysicalAddressBits =3D 32; + if (FeaturePcdGet (PcdCpuSmmProfileEnable)) { // // Set own Page Fault entry instead of the default one, because SMM Pr= ofile diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index dbce9ec520fe..1cf85c1481a7 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -419,6 +419,7 @@ extern SPIN_LOCK *mConfigSmmC= odeAccessCheckLock; extern SPIN_LOCK *mMemoryMappedLock; extern EFI_SMRAM_DESCRIPTOR *mSmmCpuSmramRanges; extern UINTN mSmmCpuSmramRangeCount; +extern UINT8 mPhysicalAddressBits; // // Copy of the PcdPteMemoryEncryptionAddressOrMask diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c b/UefiCpuPk= g/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c index a535389c26ce..3ad5256f1e03 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c @@ -1,6 +1,6 @@ /** @file -Copyright (c) 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD = License which accompanies this distribution. The full text of the license may be = found at @@ -380,6 +380,7 @@ ConvertMemoryPageAttributes ( PAGE_ATTRIBUTE SplitAttribute; RETURN_STATUS Status; BOOLEAN IsEntryModified; + EFI_PHYSICAL_ADDRESS MaximumSupportMemAddress; ASSERT (Attributes !=3D 0); ASSERT ((Attributes & ~(EFI_MEMORY_RP | EFI_MEMORY_RO | EFI_MEMORY_XP)) = =3D=3D 0); @@ -391,6 +392,17 @@ ConvertMemoryPageAttributes ( return RETURN_INVALID_PARAMETER; } + MaximumSupportMemAddress =3D (EFI_PHYSICAL_ADDRESS)(UINTN)(LShiftU64 (1,= mPhysicalAddressBits) - 1); + if (BaseAddress > MaximumSupportMemAddress) { + return RETURN_UNSUPPORTED; + } + if (Length > MaximumSupportMemAddress) { + return RETURN_UNSUPPORTED; + } + if ((Length !=3D 0) && (BaseAddress > MaximumSupportMemAddress - (Length= - 1))) { + return RETURN_UNSUPPORTED; + } + // DEBUG ((DEBUG_ERROR, "ConvertMemoryPageAttributes(%x) - %016lx, %016lx= , %02lx\n", IsSet, BaseAddress, Length, Attributes)); if (IsSplitted !=3D NULL) { @@ -1037,6 +1049,7 @@ SetUefiMemMapAttributes ( VOID ) { + EFI_STATUS Status; EFI_MEMORY_DESCRIPTOR *MemoryMap; UINTN MemoryMapEntryCount; UINTN Index; @@ -1052,12 +1065,18 @@ SetUefiMemMapAttributes ( MemoryMap =3D mUefiMemoryMap; for (Index =3D 0; Index < MemoryMapEntryCount; Index++) { if (IsUefiPageNotPresent(MemoryMap)) { - DEBUG ((DEBUG_INFO, "UefiMemory protection: 0x%lx - 0x%lx\n", Memory= Map->PhysicalStart, MemoryMap->PhysicalStart + (UINT64)EFI_PAGES_TO_SIZE((U= INTN)MemoryMap->NumberOfPages))); - SmmSetMemoryAttributes ( + Status =3D SmmSetMemoryAttributes ( + MemoryMap->PhysicalStart, + EFI_PAGES_TO_SIZE((UINTN)MemoryMap->NumberOfPages), + EFI_MEMORY_RP + ); + DEBUG (( + DEBUG_INFO, + "UefiMemory protection: 0x%lx - 0x%lx %r\n", MemoryMap->PhysicalStart, - EFI_PAGES_TO_SIZE((UINTN)MemoryMap->NumberOfPages), - EFI_MEMORY_RP - ); + MemoryMap->PhysicalStart + (UINT64)EFI_PAGES_TO_SIZE((UINTN)Memory= Map->NumberOfPages), + Status + )); } MemoryMap =3D NEXT_MEMORY_DESCRIPTOR(MemoryMap, mUefiDescriptorSize); } -- 2.7.0.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel