* [PATCH v3 01/11] MdeModulePkg/metafile: Add PCD PcdCpuStackGuard
2017-12-01 2:37 [PATCH v3 00/11] Implement stack guard feature Jian J Wang
@ 2017-12-01 2:37 ` Jian J Wang
2017-12-01 2:37 ` [PATCH v3 02/11] UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch Jian J Wang
` (10 subsequent siblings)
11 siblings, 0 replies; 16+ messages in thread
From: Jian J Wang @ 2017-12-01 2:37 UTC (permalink / raw)
To: edk2-devel; +Cc: Star Zeng, Eric Dong
PcdCpuStackGuard is introduced to enable/disable Stack Guard feature.
Its value is FALSE by default. This feature is suggested to be enabled
only if the cpu driver and CpuExceptionHandlerLib have supported stack
switch for the processor used in platform. Otherwise the exception dump
message won't be printed out when there's a stack overflow happened.
Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
MdeModulePkg/MdeModulePkg.dec | 7 +++++++
MdeModulePkg/MdeModulePkg.uni | 7 +++++++
2 files changed, 14 insertions(+)
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index 856d67aceb..b3831a21ad 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -949,6 +949,13 @@
# @Prompt The Heap Guard feature mask
gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask|0x0|UINT8|0x30001054
+ ## Indicates if UEFI Stack Guard will be enabled.
+ # If enabled, stack overflow in UEFI can be caught, preventing chaotic consequences.<BR><BR>
+ # TRUE - UEFI Stack Guard will be enabled.<BR>
+ # FALSE - UEFI Stack Guard will be disabled.<BR>
+ # @Prompt Enable UEFI Stack Guard.
+ gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|FALSE|BOOLEAN|0x30001055
+
[PcdsFixedAtBuild, PcdsPatchableInModule]
## Dynamic type PCD can be registered callback function for Pcd setting action.
# PcdMaxPeiPcdCallBackNumberPerPcdEntry indicates the maximum number of callback function
diff --git a/MdeModulePkg/MdeModulePkg.uni b/MdeModulePkg/MdeModulePkg.uni
index 588905a9a1..43dd5103be 100644
--- a/MdeModulePkg/MdeModulePkg.uni
+++ b/MdeModulePkg/MdeModulePkg.uni
@@ -1204,3 +1204,10 @@
" 0 - The returned pool is adjacent to the bottom guard page.<BR>\n"
" 1 - The returned pool is adjacent to the top guard page.<BR>"
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdCpuStackGuard_PROMPT #language en-US "Enable UEFI Stack Guard"
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdCpuStackGuard_HELP #language en-US "Indicates if UEFI Stack Guard will be enabled.\n"
+ " If enabled, stack overflow in UEFI can be caught, preventing chaotic consequences.<BR><BR>\n"
+ " TRUE - UEFI Stack Guard will be enabled.<BR>\n"
+ " FALSE - UEFI Stack Guard will be disabled.<BR>"
+
--
2.14.1.windows.1
^ permalink raw reply related [flat|nested] 16+ messages in thread* [PATCH v3 02/11] UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch
2017-12-01 2:37 [PATCH v3 00/11] Implement stack guard feature Jian J Wang
2017-12-01 2:37 ` [PATCH v3 01/11] MdeModulePkg/metafile: Add PCD PcdCpuStackGuard Jian J Wang
@ 2017-12-01 2:37 ` Jian J Wang
2017-12-01 2:37 ` [PATCH v3 03/11] MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API InitializeCpuExceptionHandlersEx Jian J Wang
` (9 subsequent siblings)
11 siblings, 0 replies; 16+ messages in thread
From: Jian J Wang @ 2017-12-01 2:37 UTC (permalink / raw)
To: edk2-devel; +Cc: Eric Dong, Laszlo Ersek, Jiewen Yao
> v3:
> No change
> v2:
> Add two new PCDs to configure exception stack switch.
Stack switch is required by Stack Guard feature. Following two PCDs are
introduced to simplify the resource allocation for initializing stack switch.
gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList
gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize
PcdCpuStackSwitchExceptionList is used to specify which exception will
have separate stack for its handler. For Stack Guard feature, #PF must
be specified at least.
PcdCpuKnownGoodStackSize is used to specify the size of knwon good stack for an
exception handler. Cpu driver or other drivers should use this PCD to reserve
new stack memory for exceptions specified by above PCD.
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
UefiCpuPkg/UefiCpuPkg.dec | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index d2965ba14c..83eb6eed40 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -137,6 +137,18 @@
# @Prompt Lock SMM Feature Control MSR.
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmFeatureControlMsrLock|TRUE|BOOLEAN|0x3213210B
+[PcdsFixedAtBuild]
+ ## List of exception vectors which need switching stack.
+ # This PCD will only take into effect if PcdCpuStackGuard is enabled.
+ # By default exception #DD(8), #PF(14) are supported.
+ # @Prompt Specify exception vectors which need switching stack.
+ gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList|{0x08, 0x0E}|VOID*|0x30002000
+
+ ## Size of good stack for an exception.
+ # This PCD will only take into effect if PcdCpuStackGuard is enabled.
+ # @Prompt Specify size of good stack of exception which need switching stack.
+ gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize|2048|UINT32|0x30002001
+
[PcdsFixedAtBuild, PcdsPatchableInModule]
## This value is the CPU Local APIC base address, which aligns the address on a 4-KByte boundary.
# @Prompt Configure base address of CPU Local APIC
--
2.14.1.windows.1
^ permalink raw reply related [flat|nested] 16+ messages in thread* [PATCH v3 03/11] MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API InitializeCpuExceptionHandlersEx
2017-12-01 2:37 [PATCH v3 00/11] Implement stack guard feature Jian J Wang
2017-12-01 2:37 ` [PATCH v3 01/11] MdeModulePkg/metafile: Add PCD PcdCpuStackGuard Jian J Wang
2017-12-01 2:37 ` [PATCH v3 02/11] UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch Jian J Wang
@ 2017-12-01 2:37 ` Jian J Wang
2017-12-01 2:37 ` [PATCH v3 04/11] MdePkg/BaseLib: Add stack switch related definitions for IA32 Jian J Wang
` (8 subsequent siblings)
11 siblings, 0 replies; 16+ messages in thread
From: Jian J Wang @ 2017-12-01 2:37 UTC (permalink / raw)
To: edk2-devel; +Cc: Star Zeng, Eric Dong, Jiewen Yao
> v3:
> a. Change InitializeCpuExceptionStackSwitchHandlers() to
> InitializeCpuExceptionHandlersEx() to be more general.
> b. Add structure definition CPU_EXCEPTION_INIT_DATA_EX for new API
> v2:
> Add prototype definition of InitializeCpuExceptionStackSwitchHandlers()
A new API InitializeCpuExceptionHandlersEx() is introduced to support
initializing exception handlers with extra functionalities which need
extra init data, such as stack switch for Stack Guard feature.
EFI_STATUS
EFIAPI
InitializeCpuExceptionHandlersEx (
IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
);
By default, this method should include all functionalities implemented by
InitializeCpuExceptionHandlers(), plus extra initialization works, if any.
This is could be done by calling InitializeCpuExceptionHandlers() directly
in this method besides the extra works.
InitDataEx is optional and its use and content are processor arch dependent.
The typical usage of it is to convey resources which have to be reserved
elsewhere and are necessary for the extra initialization of exception.
Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
.../Include/Library/CpuExceptionHandlerLib.h | 78 ++++++++++++++++++++++
1 file changed, 78 insertions(+)
diff --git a/MdeModulePkg/Include/Library/CpuExceptionHandlerLib.h b/MdeModulePkg/Include/Library/CpuExceptionHandlerLib.h
index 6cd8230127..a513ec697c 100644
--- a/MdeModulePkg/Include/Library/CpuExceptionHandlerLib.h
+++ b/MdeModulePkg/Include/Library/CpuExceptionHandlerLib.h
@@ -19,6 +19,54 @@
#include <Ppi/VectorHandoffInfo.h>
#include <Protocol/Cpu.h>
+typedef union {
+ struct {
+ //
+ // The address of top of known good stack reserved for *ALL* exceptions
+ // needing switching stack.
+ //
+ UINTN KnownGoodStackTop;
+ //
+ // The size of known good stack for *ONE* exception only.
+ //
+ UINTN KnownGoodStackSize;
+ //
+ // Buffer of exception vector list for stack switch.
+ //
+ UINT8 *StackSwitchExceptions;
+ //
+ // Number of exception vectors in StackSwitchExceptions.
+ //
+ UINTN StackSwitchExceptionNumber;
+ //
+ // Buffer of IDT table. It must be type of IA32_IDT_GATE_DESCRIPTOR.
+ // Normally there's no need to change IDT table size.
+ //
+ VOID *IdtTable;
+ //
+ // Buffer of GDT table. It must be type of IA32_SEGMENT_DESCRIPTOR.
+ //
+ VOID *GdtTable;
+ //
+ // Size of buffer GdtTable.
+ //
+ UINTN GdtSize;
+ //
+ // Pointer to start address of task gate descriptor in the GDT table.
+ // It must be type of IA32_TSS_DESCRIPTOR.
+ //
+ VOID *TssDesc;
+ //
+ // Buffer of task-state segment. It must be type of IA32_TASK_STATE_SEGMENT.
+ //
+ VOID *Tss;
+ //
+ // Flag to indicate if default handlers should be initialized or not.
+ //
+ BOOLEAN InitDefaultHandlers;
+ } Ia32;
+} CPU_EXCEPTION_INIT_DATA_EX;
+
/**
Initializes all CPU exceptions entries and provides the default exception handlers.
@@ -41,6 +89,36 @@ InitializeCpuExceptionHandlers (
IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL
);
+/**
+ Initializes all CPU exceptions entries with optional extra initializations.
+
+ By default, this method should include all functionalities implemented by
+ InitializeCpuExceptionHandlers(), plus extra initialization works, if any.
+ This is could be done by calling InitializeCpuExceptionHandlers() directly
+ in this method besides the extra works.
+
+ InitDataEx is optional and its use and content are processor arch dependent.
+ The typical usage of it is to convey resources which have to be reserved
+ elsewhere and are necessary for the extra initializations of exception.
+
+ @param[in] VectorInfo Pointer to reserved vector list.
+ @param[in] InitDataEx Pointer to data optional for extra initializations
+ of exception.
+
+ @retval EFI_SUCCESS The exceptions have been successfully
+ initialized.
+ @retval EFI_INVALID_PARAMETER VectorInfo or InitDataEx contains invalid
+ content.
+ @retval EFI_UNSUPPORTED This function is not supported.
+
+**/
+EFI_STATUS
+EFIAPI
+InitializeCpuExceptionHandlersEx (
+ IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
+ IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
+ );
+
/**
Initializes all CPU interrupt/exceptions entries and provides the default interrupt/exception handlers.
--
2.14.1.windows.1
^ permalink raw reply related [flat|nested] 16+ messages in thread* [PATCH v3 04/11] MdePkg/BaseLib: Add stack switch related definitions for IA32
2017-12-01 2:37 [PATCH v3 00/11] Implement stack guard feature Jian J Wang
` (2 preceding siblings ...)
2017-12-01 2:37 ` [PATCH v3 03/11] MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API InitializeCpuExceptionHandlersEx Jian J Wang
@ 2017-12-01 2:37 ` Jian J Wang
2017-12-01 2:37 ` [PATCH v3 05/11] UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support Jian J Wang
` (7 subsequent siblings)
11 siblings, 0 replies; 16+ messages in thread
From: Jian J Wang @ 2017-12-01 2:37 UTC (permalink / raw)
To: edk2-devel; +Cc: Michael D Kinney, Liming Gao, Jiewen Yao
> v3:
> Move two general macros here from CpuExceptionHandlerLib
> v2:
> Add new definitions required by stack switch in IA32
The new definitions include two structures
IA32_TASK_STATE_SEGMENT
IA32_TSS_DESCRIPTOR
two macros
IA32_GDT_TYPE_TSS
IA32_GDT_ALIGNMENT
and one API
VOID
EFIAPI
AsmWriteTr (
IN UINT16 Selector
);
They're needed to setup task gate and interrupt stack table for stack switch.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
MdePkg/Include/Library/BaseLib.h | 117 +++++++++++++++++++++++++++++++
MdePkg/Library/BaseLib/BaseLib.inf | 3 +
MdePkg/Library/BaseLib/Ia32/WriteTr.nasm | 36 ++++++++++
MdePkg/Library/BaseLib/X64/WriteTr.nasm | 37 ++++++++++
4 files changed, 193 insertions(+)
create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteTr.nasm
create mode 100644 MdePkg/Library/BaseLib/X64/WriteTr.nasm
diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/BaseLib.h
index d33c3b6b38..2b98af4cd1 100644
--- a/MdePkg/Include/Library/BaseLib.h
+++ b/MdePkg/Include/Library/BaseLib.h
@@ -6647,6 +6647,8 @@ typedef struct {
#define IA32_IDT_GATE_TYPE_INTERRUPT_32 0x8E
#define IA32_IDT_GATE_TYPE_TRAP_32 0x8F
+#define IA32_GDT_TYPE_TSS 0x9
+#define IA32_GDT_ALIGNMENT 8
#if defined (MDE_CPU_IA32)
///
@@ -6663,6 +6665,70 @@ typedef union {
UINT64 Uint64;
} IA32_IDT_GATE_DESCRIPTOR;
+#pragma pack (1)
+//
+// IA32 Task-State Segment Definition
+//
+typedef struct {
+ UINT16 PreviousTaskLink;
+ UINT16 Reserved_2;
+ UINT32 ESP0;
+ UINT16 SS0;
+ UINT16 Reserved_10;
+ UINT32 ESP1;
+ UINT16 SS1;
+ UINT16 Reserved_18;
+ UINT32 ESP2;
+ UINT16 SS2;
+ UINT16 Reserved_26;
+ UINT32 CR3;
+ UINT32 EIP;
+ UINT32 EFLAGS;
+ UINT32 EAX;
+ UINT32 ECX;
+ UINT32 EDX;
+ UINT32 EBX;
+ UINT32 ESP;
+ UINT32 EBP;
+ UINT32 ESI;
+ UINT32 EDI;
+ UINT16 ES;
+ UINT16 Reserved_74;
+ UINT16 CS;
+ UINT16 Reserved_78;
+ UINT16 SS;
+ UINT16 Reserved_82;
+ UINT16 DS;
+ UINT16 Reserved_86;
+ UINT16 FS;
+ UINT16 Reserved_90;
+ UINT16 GS;
+ UINT16 Reserved_94;
+ UINT16 LDTSegmentSelector;
+ UINT16 Reserved_98;
+ UINT16 T;
+ UINT16 IOMapBaseAddress;
+} IA32_TASK_STATE_SEGMENT;
+
+typedef union {
+ struct {
+ UINT32 LimitLow:16; ///< Segment Limit 15..00
+ UINT32 BaseLow:16; ///< Base Address 15..00
+ UINT32 BaseMid:8; ///< Base Address 23..16
+ UINT32 Type:4; ///< Type (1 0 B 1)
+ UINT32 Reserved_43:1; ///< 0
+ UINT32 DPL:2; ///< Descriptor Privilege Level
+ UINT32 P:1; ///< Segment Present
+ UINT32 LimitHigh:4; ///< Segment Limit 19..16
+ UINT32 AVL:1; ///< Available for use by system software
+ UINT32 Reserved_52:2; ///< 0 0
+ UINT32 G:1; ///< Granularity
+ UINT32 BaseHigh:8; ///< Base Address 31..24
+ } Bits;
+ UINT64 Uint64;
+} IA32_TSS_DESCRIPTOR;
+#pragma pack ()
+
#endif
#if defined (MDE_CPU_X64)
@@ -6685,6 +6751,46 @@ typedef union {
} Uint128;
} IA32_IDT_GATE_DESCRIPTOR;
+#pragma pack (1)
+//
+// IA32 Task-State Segment Definition
+//
+typedef struct {
+ UINT32 Reserved_0;
+ UINT64 RSP0;
+ UINT64 RSP1;
+ UINT64 RSP2;
+ UINT64 Reserved_28;
+ UINT64 IST[7];
+ UINT64 Reserved_92;
+ UINT16 Reserved_100;
+ UINT16 IOMapBaseAddress;
+} IA32_TASK_STATE_SEGMENT;
+
+typedef union {
+ struct {
+ UINT32 LimitLow:16; ///< Segment Limit 15..00
+ UINT32 BaseLow:16; ///< Base Address 15..00
+ UINT32 BaseMidl:8; ///< Base Address 23..16
+ UINT32 Type:4; ///< Type (1 0 B 1)
+ UINT32 Reserved_43:1; ///< 0
+ UINT32 DPL:2; ///< Descriptor Privilege Level
+ UINT32 P:1; ///< Segment Present
+ UINT32 LimitHigh:4; ///< Segment Limit 19..16
+ UINT32 AVL:1; ///< Available for use by system software
+ UINT32 Reserved_52:2; ///< 0 0
+ UINT32 G:1; ///< Granularity
+ UINT32 BaseMidh:8; ///< Base Address 31..24
+ UINT32 BaseHigh:32; ///< Base Address 63..32
+ UINT32 Reserved_96:32; ///< Reserved
+ } Bits;
+ struct {
+ UINT64 Uint64;
+ UINT64 Uint64_1;
+ } Uint128;
+} IA32_TSS_DESCRIPTOR;
+#pragma pack ()
+
#endif
///
@@ -8950,6 +9056,17 @@ AsmRdRand64 (
OUT UINT64 *Rand
);
+/**
+ Load given selector into TR register
+
+ @param[in] Selector Task segment selector
+**/
+VOID
+EFIAPI
+AsmWriteTr (
+ IN UINT16 Selector
+ );
+
#endif
#endif
diff --git a/MdePkg/Library/BaseLib/BaseLib.inf b/MdePkg/Library/BaseLib/BaseLib.inf
index 320ac457ea..fbfb0063b7 100644
--- a/MdePkg/Library/BaseLib/BaseLib.inf
+++ b/MdePkg/Library/BaseLib/BaseLib.inf
@@ -67,6 +67,8 @@
BaseLibInternals.h
[Sources.Ia32]
+ Ia32/WriteTr.nasm
+
Ia32/Wbinvd.c | MSFT
Ia32/WriteMm7.c | MSFT
Ia32/WriteMm6.c | MSFT
@@ -447,6 +449,7 @@
X64/EnableCache.asm
X64/DisableCache.nasm
X64/DisableCache.asm
+ X64/WriteTr.nasm
X64/CpuBreakpoint.c | MSFT
X64/WriteMsr64.c | MSFT
diff --git a/MdePkg/Library/BaseLib/Ia32/WriteTr.nasm b/MdePkg/Library/BaseLib/Ia32/WriteTr.nasm
new file mode 100644
index 0000000000..cde5a3a423
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Ia32/WriteTr.nasm
@@ -0,0 +1,36 @@
+;------------------------------------------------------------------------------ ;
+; Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
+; This program and the accompanying materials
+; are licensed and made available under the terms and conditions of the BSD License
+; which accompanies this distribution. The full text of the license may be found at
+; http://opensource.org/licenses/bsd-license.php.
+;
+; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+;
+; Module Name:
+;
+; WriteTr.nasm
+;
+; Abstract:
+;
+; Write TR register
+;
+; Notes:
+;
+;------------------------------------------------------------------------------
+
+ SECTION .text
+
+;------------------------------------------------------------------------------
+; VOID
+; AsmWriteTr (
+; UINT16 Selector
+; );
+;------------------------------------------------------------------------------
+global ASM_PFX(AsmWriteTr)
+ASM_PFX(AsmWriteTr):
+ mov eax, [esp+4]
+ ltr ax
+ ret
+
diff --git a/MdePkg/Library/BaseLib/X64/WriteTr.nasm b/MdePkg/Library/BaseLib/X64/WriteTr.nasm
new file mode 100644
index 0000000000..3bf1500c36
--- /dev/null
+++ b/MdePkg/Library/BaseLib/X64/WriteTr.nasm
@@ -0,0 +1,37 @@
+;------------------------------------------------------------------------------ ;
+; Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
+; This program and the accompanying materials
+; are licensed and made available under the terms and conditions of the BSD License
+; which accompanies this distribution. The full text of the license may be found at
+; http://opensource.org/licenses/bsd-license.php.
+;
+; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+;
+; Module Name:
+;
+; WriteTr.nasm
+;
+; Abstract:
+;
+; Write TR register
+;
+; Notes:
+;
+;------------------------------------------------------------------------------
+
+ DEFAULT REL
+ SECTION .text
+
+;------------------------------------------------------------------------------
+; VOID
+; AsmWriteTr (
+; UINT16 Selector
+; );
+;------------------------------------------------------------------------------
+global ASM_PFX(AsmWriteTr)
+ASM_PFX(AsmWriteTr):
+ mov eax, ecx
+ ltr ax
+ ret
+
--
2.14.1.windows.1
^ permalink raw reply related [flat|nested] 16+ messages in thread* [PATCH v3 05/11] UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support
2017-12-01 2:37 [PATCH v3 00/11] Implement stack guard feature Jian J Wang
` (3 preceding siblings ...)
2017-12-01 2:37 ` [PATCH v3 04/11] MdePkg/BaseLib: Add stack switch related definitions for IA32 Jian J Wang
@ 2017-12-01 2:37 ` Jian J Wang
2017-12-01 2:37 ` [PATCH v3 06/11] MdeModulePkg/CpuExceptionHandlerLibNull: Add new API implementation Jian J Wang
` (6 subsequent siblings)
11 siblings, 0 replies; 16+ messages in thread
From: Jian J Wang @ 2017-12-01 2:37 UTC (permalink / raw)
To: edk2-devel; +Cc: Jiewen Yao, Eric Dong, Laszlo Ersek, Michael Kinney
> v3:
> a. Move more general definitions to BaseLib.h
> b. Update code to use new data structure CPU_EXCEPTION_INIT_DATA_EX
> c. Implement new API InitializeCpuExceptionHandlersEx for DxeException
> d. Add dummy InitializeCpuExceptionHandlersEx for SEC, PEI and SMM
> v2:
> a. Move common TSS structure and API definitions to BaseLib.h
> b. Add EXCEPTION_STACK_SWITCH_DATA to convery data used to setup stack
> switch. This can avoid allocating memory for it in this library.
> c. Add globals to reserve memory for stack switch initialized in early
> phase of DXE core.
> d. Remove the filter code used to exclude boot modes which doesn't support
> memory allocation because those memory can passed in by parameter now.
> e. Remove the nasm macro to define exception handler one by one and add a
> function to return the start address of each handler.
If Stack Guard is enabled and there's really a stack overflow happened during
boot, a Page Fault exception will be triggered. Because the stack is out of
usage, the exception handler, which shares the stack with normal UEFI driver,
cannot be executed and cannot dump the processor information.
Without those information, it's very difficult for the BIOS developers locate
the root cause of stack overflow. And without a workable stack, the developer
cannot event use single step to debug the UEFI driver with JTAG debugger.
In order to make sure the exception handler to execute normally after stack
overflow. We need separate stacks for exception handlers in case of unusable
stack.
IA processor allows to switch to a new stack during handling interrupt and
exception. But X64 and IA32 provides different ways to make it. X64 provides
interrupt stack table (IST) to allow maximum 7 different exceptions to have
new stack for its handler. IA32 doesn't have IST mechanism and can only use
task gate to do it since task switch allows to load a new stack through its
task-state segment (TSS).
The new API, InitializeCpuExceptionHandlersEx, is implemented to complete
extra initialization for stack switch of exception handler. Since setting
up stack switch needs allocating new memory for new stack, new GDT table
and task-state segment but the initialization method will be called in
different phases which have no consistent way to reserve those memory, this
new API is allowed to pass the reserved resources to complete the extra
works. This is cannot be done by original InitializeCpuExceptionHandlers.
Considering exception handler initialization for MP situation, this new API
is also necessary, because AP is not supposed to allocate memory. So the
memory needed for stack switch have to be reserved in BSP before waking up
AP and then pass them to InitializeCpuExceptionHandlersEx afterwards.
Since Stack Guard feature is available only for DXE phase at this time, the
new API is fully implemented for DXE only. Other phases implement a dummy
one which just calls InitializeCpuExceptionHandlers().
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
.../CpuExceptionHandlerLib/CpuExceptionCommon.h | 39 ++
.../DxeCpuExceptionHandlerLib.inf | 6 +
.../Library/CpuExceptionHandlerLib/DxeException.c | 79 ++++
.../Ia32/ArchExceptionHandler.c | 167 +++++++++
.../Ia32/ArchInterruptDefs.h | 8 +
.../Ia32/ExceptionTssEntryAsm.nasm | 398 +++++++++++++++++++++
.../CpuExceptionHandlerLib/PeiCpuException.c | 34 +-
.../PeiCpuExceptionHandlerLib.inf | 1 +
.../CpuExceptionHandlerLib/SecPeiCpuException.c | 34 +-
.../SecPeiCpuExceptionHandlerLib.inf | 1 +
.../SmmCpuExceptionHandlerLib.inf | 1 +
.../Library/CpuExceptionHandlerLib/SmmException.c | 34 +-
.../X64/ArchExceptionHandler.c | 134 +++++++
.../CpuExceptionHandlerLib/X64/ArchInterruptDefs.h | 3 +
14 files changed, 936 insertions(+), 3 deletions(-)
create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.h b/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.h
index 740a58828b..9ad6c5f54f 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.h
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.h
@@ -48,6 +48,17 @@
0xb21d9148, 0x9211, 0x4d8f, { 0xad, 0xd3, 0x66, 0xb1, 0x89, 0xc9, 0x2c, 0x83 } \
}
+#define CPU_STACK_SWITCH_EXCEPTION_NUMBER \
+ FixedPcdGetSize (PcdCpuStackSwitchExceptionList)
+
+#define CPU_STACK_SWITCH_EXCEPTION_LIST \
+ FixedPcdGetPtr (PcdCpuStackSwitchExceptionList)
+
+#define CPU_KNOWN_GOOD_STACK_SIZE \
+ FixedPcdGet32 (PcdCpuKnownGoodStackSize)
+
+#define CPU_TSS_GDT_SIZE (SIZE_2KB + CPU_TSS_DESC_SIZE + CPU_TSS_SIZE)
+
//
// Record exception handler information
//
@@ -288,5 +299,33 @@ CommonExceptionHandlerWorker (
IN EXCEPTION_HANDLER_DATA *ExceptionHandlerData
);
+/**
+ Setup separate stack for specific exceptions.
+
+ @param[in] StackSwitchData Pointer to data required for setuping up
+ stack switch.
+
+ @retval EFI_SUCCESS The exceptions have been successfully
+ initialized with new stack.
+ @retval EFI_INVALID_PARAMETER StackSwitchData contains invalid content.
+**/
+EFI_STATUS
+ArchSetupExcpetionStack (
+ IN CPU_EXCEPTION_INIT_DATA_EX *StackSwitchData
+ );
+
+/**
+ Return address map of exception handler template so that C code can generate
+ exception tables. The template is only for exceptions using task gate instead
+ of interrupt gate.
+
+ @param AddressMap Pointer to a buffer where the address map is returned.
+**/
+VOID
+EFIAPI
+AsmGetTssTemplateMap (
+ OUT EXCEPTION_HANDLER_TEMPLATE_MAP *AddressMap
+ );
+
#endif
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf
index f4a8d01c80..58e55a8a2e 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf
@@ -30,6 +30,7 @@
[Sources.Ia32]
Ia32/ExceptionHandlerAsm.asm
Ia32/ExceptionHandlerAsm.nasm
+ Ia32/ExceptionTssEntryAsm.nasm
Ia32/ExceptionHandlerAsm.S
Ia32/ArchExceptionHandler.c
Ia32/ArchInterruptDefs.h
@@ -47,6 +48,11 @@
PeiDxeSmmCpuException.c
DxeException.c
+[Pcd]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard
+ gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList
+ gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize
+
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeException.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeException.c
index 31febec976..dcd8d9bb98 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeException.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeException.c
@@ -25,6 +25,10 @@ UINTN mEnabledInterruptNum = 0;
EXCEPTION_HANDLER_DATA mExceptionHandlerData;
+UINT8 mNewStack[CPU_STACK_SWITCH_EXCEPTION_NUMBER *
+ CPU_KNOWN_GOOD_STACK_SIZE];
+UINT8 mNewGdt[CPU_TSS_GDT_SIZE];
+
/**
Common exception handler.
@@ -197,3 +201,78 @@ RegisterCpuInterruptHandler (
{
return RegisterCpuInterruptHandlerWorker (InterruptType, InterruptHandler, &mExceptionHandlerData);
}
+
+/**
+ Initializes CPU exceptions entries and setup stack switch for given exceptions.
+
+ This method will call InitializeCpuExceptionHandlers() to setup default
+ exception handlers unless indicated not to do it explicitly.
+
+ If InitDataEx is passed with NULL, this method will use the resource reserved
+ by global variables to initialize it; Otherwise it will use data in InitDataEx
+ to setup stack switch. This is for the different use cases in DxeCore and
+ Cpu MP exception initialization.
+
+ @param[in] VectorInfo Pointer to reserved vector list.
+ @param[in] InitDataEx Pointer to data required to setup stack switch for
+ given exceptions.
+
+ @retval EFI_SUCCESS The exceptions have been successfully
+ initialized.
+ @retval EFI_INVALID_PARAMETER VectorInfo or InitDataEx contains invalid
+ content.
+
+**/
+EFI_STATUS
+EFIAPI
+InitializeCpuExceptionHandlersEx (
+ IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
+ IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
+ )
+{
+ EFI_STATUS Status;
+ CPU_EXCEPTION_INIT_DATA_EX EssData;
+ IA32_DESCRIPTOR Idtr;
+ IA32_DESCRIPTOR Gdtr;
+
+ //
+ // To avoid repeat initialization of default handlers, the caller should pass
+ // an extended init data with InitDefaultHandlers set to FALSE. There's no
+ // need to call this method to just initialize default handlers. Call non-ex
+ // version instead; or this method must be implemented as a simple wrapper of
+ // non-ex version of it, if this version has to be called.
+ //
+ if (InitDataEx == NULL || InitDataEx->Ia32.InitDefaultHandlers) {
+ Status = InitializeCpuExceptionHandlers (VectorInfo);
+ } else {
+ Status = EFI_SUCCESS;
+ }
+
+ if (!EFI_ERROR (Status)) {
+ //
+ // Initializing stack switch is only necessary for Stack Guard functionality.
+ //
+ if (PcdGetBool (PcdCpuStackGuard)) {
+ if (InitDataEx == NULL) {
+ SetMem (mNewGdt, sizeof (mNewGdt), 0);
+
+ AsmReadIdtr (&Idtr);
+ AsmReadGdtr (&Gdtr);
+
+ EssData.Ia32.KnownGoodStackTop = (UINTN)mNewStack;
+ EssData.Ia32.KnownGoodStackSize = CPU_KNOWN_GOOD_STACK_SIZE;
+ EssData.Ia32.StackSwitchExceptions = CPU_STACK_SWITCH_EXCEPTION_LIST;
+ EssData.Ia32.StackSwitchExceptionNumber = CPU_STACK_SWITCH_EXCEPTION_NUMBER;
+ EssData.Ia32.IdtTable = (VOID *)Idtr.Base;
+ EssData.Ia32.GdtTable = mNewGdt;
+ EssData.Ia32.GdtSize = sizeof (mNewGdt);
+ EssData.Ia32.TssDesc = mNewGdt + Gdtr.Limit + 1;
+ EssData.Ia32.Tss = mNewGdt + Gdtr.Limit + 1 + CPU_TSS_DESC_SIZE;
+ InitDataEx = &EssData;
+ }
+ Status = ArchSetupExcpetionStack (InitDataEx);
+ }
+ }
+
+ return Status;
+}
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ArchExceptionHandler.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ArchExceptionHandler.c
index f2c39eb193..e656eed842 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ArchExceptionHandler.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ArchExceptionHandler.c
@@ -107,6 +107,173 @@ ArchRestoreExceptionContext (
SystemContext.SystemContextIa32->ExceptionData = ReservedVectors[ExceptionType].ExceptionData;
}
+/**
+ Setup separate stack for given exceptions.
+
+ @param[in] StackSwitchData Pointer to data required for setuping up
+ stack switch.
+
+ @retval EFI_SUCCESS The exceptions have been successfully
+ initialized with new stack.
+ @retval EFI_INVALID_PARAMETER StackSwitchData contains invalid content.
+
+**/
+EFI_STATUS
+ArchSetupExcpetionStack (
+ IN CPU_EXCEPTION_INIT_DATA_EX *StackSwitchData
+ )
+{
+ IA32_DESCRIPTOR Gdtr;
+ IA32_DESCRIPTOR Idtr;
+ IA32_IDT_GATE_DESCRIPTOR *IdtTable;
+ IA32_TSS_DESCRIPTOR *TssDesc;
+ IA32_TASK_STATE_SEGMENT *Tss;
+ UINTN StackTop;
+ UINTN Index;
+ UINTN Vector;
+ UINTN TssBase;
+ UINTN GdtSize;
+ EXCEPTION_HANDLER_TEMPLATE_MAP TemplateMap;
+
+ if (StackSwitchData == NULL ||
+ StackSwitchData->Ia32.KnownGoodStackTop == 0 ||
+ StackSwitchData->Ia32.KnownGoodStackSize == 0 ||
+ StackSwitchData->Ia32.StackSwitchExceptions == NULL ||
+ StackSwitchData->Ia32.StackSwitchExceptionNumber == 0 ||
+ StackSwitchData->Ia32.GdtTable == NULL ||
+ StackSwitchData->Ia32.IdtTable == NULL ||
+ StackSwitchData->Ia32.TssDesc == NULL ||
+ StackSwitchData->Ia32.Tss == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // The caller is responsible for that the GDT table, no matter the existing
+ // one or newly allocated, has enough space to hold descriptors for exception
+ // task-state segments.
+ //
+ if (((UINTN)StackSwitchData->Ia32.GdtTable & (IA32_GDT_ALIGNMENT - 1)) != 0) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if ((UINTN)StackSwitchData->Ia32.TssDesc < (UINTN)(StackSwitchData->Ia32.GdtTable)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if ((UINTN)StackSwitchData->Ia32.TssDesc >=
+ ((UINTN)(StackSwitchData->Ia32.GdtTable) + StackSwitchData->Ia32.GdtSize)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ GdtSize = (UINTN)StackSwitchData->Ia32.TssDesc -
+ (UINTN)(StackSwitchData->Ia32.GdtTable) +
+ sizeof (IA32_TSS_DESCRIPTOR) *
+ (StackSwitchData->Ia32.StackSwitchExceptionNumber + 1);
+ if (GdtSize > StackSwitchData->Ia32.GdtSize) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // Initialize new GDT table and/or IDT table, if any
+ //
+ AsmReadIdtr (&Idtr);
+ AsmReadGdtr (&Gdtr);
+ if ((UINTN)StackSwitchData->Ia32.GdtTable != Gdtr.Base) {
+ CopyMem (StackSwitchData->Ia32.GdtTable, (VOID *)Gdtr.Base, Gdtr.Limit + 1);
+ Gdtr.Base = (UINTN)StackSwitchData->Ia32.GdtTable;
+ Gdtr.Limit = (UINT16)GdtSize - 1;
+ }
+
+ if ((UINTN)StackSwitchData->Ia32.IdtTable != Idtr.Base) {
+ Idtr.Base = (UINTN)StackSwitchData->Ia32.IdtTable;
+ }
+
+ //
+ // Fixup current task descriptor. Task-state segment for current task will
+ // be filled by processor during task switching.
+ //
+ TssDesc = StackSwitchData->Ia32.TssDesc;
+ Tss = StackSwitchData->Ia32.Tss;
+
+ TssBase = (UINTN)Tss;
+ TssDesc->Bits.LimitLow = sizeof(IA32_TASK_STATE_SEGMENT) - 1;
+ TssDesc->Bits.BaseLow = (UINT16)TssBase;
+ TssDesc->Bits.BaseMid = (UINT8)(TssBase >> 16);
+ TssDesc->Bits.Type = IA32_GDT_TYPE_TSS;
+ TssDesc->Bits.P = 1;
+ TssDesc->Bits.LimitHigh = 0;
+ TssDesc->Bits.BaseHigh = (UINT8)(TssBase >> 24);
+
+ //
+ // Fixup exception task descriptor and task-state segment
+ //
+ AsmGetTssTemplateMap (&TemplateMap);
+ StackTop = StackSwitchData->Ia32.KnownGoodStackTop - CPU_STACK_ALIGNMENT;
+ StackTop = (UINTN)ALIGN_POINTER (StackTop, CPU_STACK_ALIGNMENT);
+ IdtTable = StackSwitchData->Ia32.IdtTable;
+ for (Index = 0; Index < StackSwitchData->Ia32.StackSwitchExceptionNumber; ++Index) {
+ TssDesc += 1;
+ Tss += 1;
+
+ //
+ // Fixup TSS descriptor
+ //
+ TssBase = (UINTN)Tss;
+
+ TssDesc->Bits.LimitLow = sizeof(IA32_TASK_STATE_SEGMENT) - 1;
+ TssDesc->Bits.BaseLow = (UINT16)TssBase;
+ TssDesc->Bits.BaseMid = (UINT8)(TssBase >> 16);
+ TssDesc->Bits.Type = IA32_GDT_TYPE_TSS;
+ TssDesc->Bits.P = 1;
+ TssDesc->Bits.LimitHigh = 0;
+ TssDesc->Bits.BaseHigh = (UINT8)(TssBase >> 24);
+
+ //
+ // Fixup TSS
+ //
+ Vector = StackSwitchData->Ia32.StackSwitchExceptions[Index];
+ Tss->EIP = (UINT32)(TemplateMap.ExceptionStart
+ + Vector * TemplateMap.ExceptionStubHeaderSize);
+ Tss->EFLAGS = 0x2;
+ Tss->ESP = StackTop;
+ Tss->CR3 = AsmReadCr3 ();
+ Tss->ES = AsmReadEs ();
+ Tss->CS = AsmReadCs ();
+ Tss->SS = AsmReadSs ();
+ Tss->DS = AsmReadDs ();
+ Tss->FS = AsmReadFs ();
+ Tss->GS = AsmReadGs ();
+
+ StackTop -= StackSwitchData->Ia32.KnownGoodStackSize;
+
+ //
+ // Update IDT to use Task Gate for given exception
+ //
+ IdtTable[Vector].Bits.OffsetLow = 0;
+ IdtTable[Vector].Bits.Selector = (UINT16)((UINTN)TssDesc - Gdtr.Base);
+ IdtTable[Vector].Bits.Reserved_0 = 0;
+ IdtTable[Vector].Bits.GateType = IA32_IDT_GATE_TYPE_TASK;
+ IdtTable[Vector].Bits.OffsetHigh = 0;
+ }
+
+ //
+ // Publish GDT
+ //
+ AsmWriteGdtr (&Gdtr);
+
+ //
+ // Load current task
+ //
+ AsmWriteTr ((UINT16)((UINTN)StackSwitchData->Ia32.TssDesc - Gdtr.Base));
+
+ //
+ // Publish IDT
+ //
+ AsmWriteIdtr (&Idtr);
+
+ return EFI_SUCCESS;
+}
+
/**
Display processor context.
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ArchInterruptDefs.h b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ArchInterruptDefs.h
index a8d3556a80..d9ded5977f 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ArchInterruptDefs.h
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ArchInterruptDefs.h
@@ -41,4 +41,12 @@ typedef struct {
UINT8 HookAfterStubHeaderCode[HOOKAFTER_STUB_SIZE];
} RESERVED_VECTORS_DATA;
+#define CPU_TSS_DESC_SIZE \
+ (sizeof (IA32_TSS_DESCRIPTOR) * \
+ (PcdGetSize (PcdCpuStackSwitchExceptionList) + 1))
+
+#define CPU_TSS_SIZE \
+ (sizeof (IA32_TASK_STATE_SEGMENT) * \
+ (PcdGetSize (PcdCpuStackSwitchExceptionList) + 1))
+
#endif
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm
new file mode 100644
index 0000000000..62bcedea1a
--- /dev/null
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm
@@ -0,0 +1,398 @@
+;------------------------------------------------------------------------------ ;
+; Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
+; This program and the accompanying materials
+; are licensed and made available under the terms and conditions of the BSD License
+; which accompanies this distribution. The full text of the license may be found at
+; http://opensource.org/licenses/bsd-license.php.
+;
+; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+;
+; Module Name:
+;
+; ExceptionTssEntryAsm.Asm
+;
+; Abstract:
+;
+; IA32 CPU Exception Handler with Separate Stack
+;
+; Notes:
+;
+;------------------------------------------------------------------------------
+
+;
+; IA32 TSS Memory Layout Description
+;
+struc IA32_TSS
+ resw 1
+ resw 1
+ .ESP0: resd 1
+ .SS0: resw 1
+ resw 1
+ .ESP1: resd 1
+ .SS1: resw 1
+ resw 1
+ .ESP2: resd 1
+ .SS2: resw 1
+ resw 1
+ ._CR3: resd 1
+ .EIP: resd 1
+ .EFLAGS: resd 1
+ ._EAX: resd 1
+ ._ECX: resd 1
+ ._EDX: resd 1
+ ._EBX: resd 1
+ ._ESP: resd 1
+ ._EBP: resd 1
+ ._ESI: resd 1
+ ._EDI: resd 1
+ ._ES: resw 1
+ resw 1
+ ._CS: resw 1
+ resw 1
+ ._SS: resw 1
+ resw 1
+ ._DS: resw 1
+ resw 1
+ ._FS: resw 1
+ resw 1
+ ._GS: resw 1
+ resw 1
+ .LDT: resw 1
+ resw 1
+ resw 1
+ resw 1
+endstruc
+
+;
+; CommonExceptionHandler()
+;
+extern ASM_PFX(CommonExceptionHandler)
+
+SECTION .data
+
+SECTION .text
+
+ALIGN 8
+
+;
+; Exception handler stub table
+;
+AsmExceptionEntryBegin:
+%assign Vector 0
+%rep 32
+
+DoIret%[Vector]:
+ iretd
+ASM_PFX(ExceptionTaskSwtichEntry%[Vector]):
+ db 0x6a ; push #VectorNum
+ db %[Vector]
+ mov eax, ASM_PFX(CommonTaskSwtichEntryPoint)
+ call eax
+ mov esp, eax ; Restore stack top
+ jmp DoIret%[Vector]
+
+%assign Vector Vector+1
+%endrep
+AsmExceptionEntryEnd:
+
+;
+; Common part of exception handler
+;
+global ASM_PFX(CommonTaskSwtichEntryPoint)
+ASM_PFX(CommonTaskSwtichEntryPoint):
+ ;
+ ; Stack:
+ ; +---------------------+ <-- EBP - 8
+ ; + TSS Base +
+ ; +---------------------+ <-- EBP - 4
+ ; + CPUID.EDX +
+ ; +---------------------+ <-- EBP
+ ; + EIP +
+ ; +---------------------+ <-- EBP + 4
+ ; + Vector Number +
+ ; +---------------------+ <-- EBP + 8
+ ; + Error Code +
+ ; +---------------------+
+ ;
+
+ mov ebp, esp ; Stack frame
+
+; Use CPUID to determine if FXSAVE/FXRESTOR and DE are supported
+ mov eax, 1
+ cpuid
+ push edx
+
+; Get TSS base of interrupted task through PreviousTaskLink field in
+; current TSS base
+ sub esp, 8
+ sgdt [esp + 2]
+ mov eax, [esp + 4] ; GDT base
+ add esp, 8
+
+ xor ebx, ebx
+ str bx ; Current TR
+
+ mov ecx, [eax + ebx + 2]
+ shl ecx, 8
+ mov cl, [eax + ebx + 7]
+ ror ecx, 8 ; ecx = Current TSS base
+ push ecx ; keep it in stack for later use
+
+ movzx ebx, word [ecx] ; Previous Task Link
+ mov ecx, [eax + ebx + 2]
+ shl ecx, 8
+ mov cl, [eax + ebx + 7]
+ ror ecx, 8 ; ecx = Previous TSS base
+
+;
+; Align stack to make sure that EFI_FX_SAVE_STATE_IA32 of EFI_SYSTEM_CONTEXT_IA32
+; is 16-byte aligned
+;
+ and esp, 0xfffffff0
+ sub esp, 12
+
+;; UINT32 Edi, Esi, Ebp, Esp, Ebx, Edx, Ecx, Eax;
+ push dword [ecx + IA32_TSS._EAX]
+ push dword [ecx + IA32_TSS._ECX]
+ push dword [ecx + IA32_TSS._EDX]
+ push dword [ecx + IA32_TSS._EBX]
+ push dword [ecx + IA32_TSS._ESP]
+ push dword [ecx + IA32_TSS._EBP]
+ push dword [ecx + IA32_TSS._ESI]
+ push dword [ecx + IA32_TSS._EDI]
+
+;; UINT32 Gs, Fs, Es, Ds, Cs, Ss;
+ movzx eax, word [ecx + IA32_TSS._SS]
+ push eax
+ movzx eax, word [ecx + IA32_TSS._CS]
+ push eax
+ movzx eax, word [ecx + IA32_TSS._DS]
+ push eax
+ movzx eax, word [ecx + IA32_TSS._ES]
+ push eax
+ movzx eax, word [ecx + IA32_TSS._FS]
+ push eax
+ movzx eax, word [ecx + IA32_TSS._GS]
+ push eax
+
+;; UINT32 Eip;
+ push dword [ecx + IA32_TSS.EIP]
+
+;; UINT32 Gdtr[2], Idtr[2];
+ sub esp, 8
+ sidt [esp]
+ mov eax, [esp + 2]
+ xchg eax, [esp]
+ and eax, 0xFFFF
+ mov [esp+4], eax
+
+ sub esp, 8
+ sgdt [esp]
+ mov eax, [esp + 2]
+ xchg eax, [esp]
+ and eax, 0xFFFF
+ mov [esp+4], eax
+
+;; UINT32 Ldtr, Tr;
+ mov eax, ebx ; ebx still keeps selector of interrupted task
+ push eax
+ movzx eax, word [ecx + IA32_TSS.LDT]
+ push eax
+
+;; UINT32 EFlags;
+ push dword [ecx + IA32_TSS.EFLAGS]
+
+;; UINT32 Cr0, Cr1, Cr2, Cr3, Cr4;
+ mov eax, cr4
+ push eax ; push cr4 firstly
+
+ mov edx, [ebp - 4] ; cpuid.edx
+ test edx, BIT24 ; Test for FXSAVE/FXRESTOR support
+ jz .1
+ or eax, BIT9 ; Set CR4.OSFXSR
+.1:
+ test edx, BIT2 ; Test for Debugging Extensions support
+ jz .2
+ or eax, BIT3 ; Set CR4.DE
+.2:
+ mov cr4, eax
+
+ mov eax, cr3
+ push eax
+ mov eax, cr2
+ push eax
+ xor eax, eax
+ push eax
+ mov eax, cr0
+ push eax
+
+;; UINT32 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7;
+ mov eax, dr7
+ push eax
+ mov eax, dr6
+ push eax
+ mov eax, dr3
+ push eax
+ mov eax, dr2
+ push eax
+ mov eax, dr1
+ push eax
+ mov eax, dr0
+ push eax
+
+;; FX_SAVE_STATE_IA32 FxSaveState;
+;; Clear TS bit in CR0 to avoid Device Not Available Exception (#NM)
+;; when executing fxsave/fxrstor instruction
+ test edx, BIT24 ; Test for FXSAVE/FXRESTOR support.
+ ; edx still contains result from CPUID above
+ jz .3
+ clts
+ sub esp, 512
+ mov edi, esp
+ db 0xf, 0xae, 0x7 ;fxsave [edi]
+.3:
+
+;; UINT32 ExceptionData;
+ push dword [ebp + 8]
+
+;; UEFI calling convention for IA32 requires that Direction flag in EFLAGs is clear
+ cld
+
+;; call into exception handler
+ mov esi, ecx ; Keep TSS base to avoid overwrite
+ mov eax, ASM_PFX(CommonExceptionHandler)
+
+;; Prepare parameter and call
+ mov edx, esp
+ push edx ; EFI_SYSTEM_CONTEXT
+ push dword [ebp + 4] ; EFI_EXCEPTION_TYPE (vector number)
+
+ ;
+ ; Call External Exception Handler
+ ;
+ call eax
+ add esp, 8 ; Restore stack before calling
+ mov ecx, esi ; Restore TSS base
+
+;; UINT32 ExceptionData;
+ add esp, 4
+
+;; FX_SAVE_STATE_IA32 FxSaveState;
+ mov edx, [ebp - 4] ; cpuid.edx
+ test edx, BIT24 ; Test for FXSAVE/FXRESTOR support
+ jz .4
+ mov esi, esp
+ db 0xf, 0xae, 0xe ; fxrstor [esi]
+.4:
+ add esp, 512
+
+;; UINT32 Dr0, Dr1, Dr2, Dr3, Dr6, Dr7;
+;; Skip restoration of DRx registers to support debuggers
+;; that set breakpoints in interrupt/exception context
+ add esp, 4 * 6
+
+;; UINT32 Cr0, Cr1, Cr2, Cr3, Cr4;
+ pop eax
+ mov cr0, eax
+ add esp, 4 ; not for Cr1
+ pop eax
+ mov cr2, eax
+ pop eax
+ mov dword [ecx + IA32_TSS._CR3], eax
+ pop eax
+ mov cr4, eax
+
+;; UINT32 EFlags;
+ pop dword [ecx + IA32_TSS.EFLAGS]
+ mov ebx, dword [ecx + IA32_TSS.EFLAGS]
+ btr ebx, 9 ; Do 'cli'
+ mov dword [ecx + IA32_TSS.EFLAGS], ebx
+
+;; UINT32 Ldtr, Tr;
+;; UINT32 Gdtr[2], Idtr[2];
+;; Best not let anyone mess with these particular registers...
+ add esp, 24
+
+;; UINT32 Eip;
+ pop dword [ecx + IA32_TSS.EIP]
+
+;; UINT32 Gs, Fs, Es, Ds, Cs, Ss;
+;; NOTE - modified segment registers could hang the debugger... We
+;; could attempt to insulate ourselves against this possibility,
+;; but that poses risks as well.
+;;
+ pop eax
+o16 mov [ecx + IA32_TSS._GS], ax
+ pop eax
+o16 mov [ecx + IA32_TSS._FS], ax
+ pop eax
+o16 mov [ecx + IA32_TSS._ES], ax
+ pop eax
+o16 mov [ecx + IA32_TSS._DS], ax
+ pop eax
+o16 mov [ecx + IA32_TSS._CS], ax
+ pop eax
+o16 mov [ecx + IA32_TSS._SS], ax
+
+;; UINT32 Edi, Esi, Ebp, Esp, Ebx, Edx, Ecx, Eax;
+ pop dword [ecx + IA32_TSS._EDI]
+ pop dword [ecx + IA32_TSS._ESI]
+ add esp, 4 ; not for ebp
+ add esp, 4 ; not for esp
+ pop dword [ecx + IA32_TSS._EBX]
+ pop dword [ecx + IA32_TSS._EDX]
+ pop dword [ecx + IA32_TSS._ECX]
+ pop dword [ecx + IA32_TSS._EAX]
+
+; Set single step DB# to allow debugger to able to go back to the EIP
+; where the exception is triggered.
+
+;; Create return context for iretd in stub function
+ mov eax, dword [ecx + IA32_TSS._ESP] ; Get old stack pointer
+ mov ebx, dword [ecx + IA32_TSS.EIP]
+ mov [eax - 0xc], ebx ; create EIP in old stack
+ movzx ebx, word [ecx + IA32_TSS._CS]
+ mov [eax - 0x8], ebx ; create CS in old stack
+ mov ebx, dword [ecx + IA32_TSS.EFLAGS]
+ bts ebx, 8
+ mov [eax - 0x4], ebx ; create eflags in old stack
+ mov dword [ecx + IA32_TSS.EFLAGS], ebx ; update eflags in old TSS
+ mov eax, dword [ecx + IA32_TSS._ESP] ; Get old stack pointer
+ sub eax, 0xc ; minus 12 byte
+ mov dword [ecx + IA32_TSS._ESP], eax ; Set new stack pointer
+
+;; Replace the EIP of interrupted task with stub function
+ mov eax, ASM_PFX(SingleStepStubFunction)
+ mov dword [ecx + IA32_TSS.EIP], eax
+
+ mov ecx, [ebp - 8] ; Get current TSS base
+ mov eax, dword [ecx + IA32_TSS._ESP] ; Return current stack top
+ mov esp, ebp
+
+ ret
+
+global ASM_PFX(SingleStepStubFunction)
+ASM_PFX(SingleStepStubFunction):
+;
+; we need clean TS bit in CR0 to execute
+; x87 FPU/MMX/SSE/SSE2/SSE3/SSSE3/SSE4 instructions.
+;
+ clts
+ iretd
+
+global ASM_PFX(AsmGetTssTemplateMap)
+ASM_PFX(AsmGetTssTemplateMap):
+ push ebp ; C prolog
+ mov ebp, esp
+ pushad
+
+ mov ebx, dword [ebp + 0x8]
+ mov dword [ebx], ASM_PFX(ExceptionTaskSwtichEntry0)
+ mov dword [ebx + 0x4], (AsmExceptionEntryEnd - AsmExceptionEntryBegin) / 32
+ mov dword [ebx + 0x8], 0
+
+ popad
+ pop ebp
+ ret
+
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuException.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuException.c
index 8d8d16ecbd..6dc0decbc5 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuException.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuException.c
@@ -177,4 +177,36 @@ RegisterCpuInterruptHandler (
)
{
return EFI_UNSUPPORTED;
-}
\ No newline at end of file
+}
+
+/**
+ Initializes all CPU exceptions entries with optional extra initializations.
+
+ By default, this method should include all functionalities implemented by
+ InitializeCpuExceptionHandlers(), plus extra initialization works, if any.
+ This is could be done by calling InitializeCpuExceptionHandlers() directly
+ in this method besides the extra works.
+
+ InitDataEx is optional and its use and content are processor arch dependent.
+ The typical usage of it is to convey resources which have to be reserved
+ elsewhere and are necessary for the extra initializations of exception.
+
+ @param[in] VectorInfo Pointer to reserved vector list.
+ @param[in] InitDataEx Pointer to data optional for extra initializations
+ of exception.
+
+ @retval EFI_SUCCESS The exceptions have been successfully
+ initialized.
+ @retval EFI_INVALID_PARAMETER VectorInfo or InitDataEx contains invalid
+ content.
+
+**/
+EFI_STATUS
+EFIAPI
+InitializeCpuExceptionHandlersEx (
+ IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
+ IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
+ )
+{
+ return InitializeCpuExceptionHandlers (VectorInfo);
+}
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf
index 75443288a9..4c0d435136 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf
@@ -30,6 +30,7 @@
[Sources.Ia32]
Ia32/ExceptionHandlerAsm.asm
Ia32/ExceptionHandlerAsm.nasm
+ Ia32/ExceptionTssEntryAsm.nasm
Ia32/ExceptionHandlerAsm.S
Ia32/ArchExceptionHandler.c
Ia32/ArchInterruptDefs.h
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c
index af608bffb6..56b87efdc7 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c
@@ -176,4 +176,36 @@ RegisterCpuInterruptHandler (
)
{
return EFI_UNSUPPORTED;
-}
\ No newline at end of file
+}
+
+/**
+ Initializes all CPU exceptions entries with optional extra initializations.
+
+ By default, this method should include all functionalities implemented by
+ InitializeCpuExceptionHandlers(), plus extra initialization works, if any.
+ This is could be done by calling InitializeCpuExceptionHandlers() directly
+ in this method besides the extra works.
+
+ InitDataEx is optional and its use and content are processor arch dependent.
+ The typical usage of it is to convey resources which have to be reserved
+ elsewhere and are necessary for the extra initializations of exception.
+
+ @param[in] VectorInfo Pointer to reserved vector list.
+ @param[in] InitDataEx Pointer to data optional for extra initializations
+ of exception.
+
+ @retval EFI_SUCCESS The exceptions have been successfully
+ initialized.
+ @retval EFI_INVALID_PARAMETER VectorInfo or InitDataEx contains invalid
+ content.
+
+**/
+EFI_STATUS
+EFIAPI
+InitializeCpuExceptionHandlersEx (
+ IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
+ IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
+ )
+{
+ return InitializeCpuExceptionHandlers (VectorInfo);
+}
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf
index d70a99c100..e5c03c16c9 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf
@@ -30,6 +30,7 @@
[Sources.Ia32]
Ia32/ExceptionHandlerAsm.asm
Ia32/ExceptionHandlerAsm.nasm
+ Ia32/ExceptionTssEntryAsm.nasm
Ia32/ExceptionHandlerAsm.S
Ia32/ArchExceptionHandler.c
Ia32/ArchInterruptDefs.h
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf
index 634ffcb21d..56b875b7c8 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf
@@ -30,6 +30,7 @@
[Sources.Ia32]
Ia32/ExceptionHandlerAsm.asm
Ia32/ExceptionHandlerAsm.nasm
+ Ia32/ExceptionTssEntryAsm.nasm
Ia32/ExceptionHandlerAsm.S
Ia32/ArchExceptionHandler.c
Ia32/ArchInterruptDefs.h
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmException.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmException.c
index 7414d3f773..0bdda6bcd0 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmException.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmException.c
@@ -125,4 +125,36 @@ RegisterCpuInterruptHandler (
)
{
return RegisterCpuInterruptHandlerWorker (InterruptType, InterruptHandler, &mExceptionHandlerData);
-}
\ No newline at end of file
+}
+
+/**
+ Initializes all CPU exceptions entries with optional extra initializations.
+
+ By default, this method should include all functionalities implemented by
+ InitializeCpuExceptionHandlers(), plus extra initialization works, if any.
+ This is could be done by calling InitializeCpuExceptionHandlers() directly
+ in this method besides the extra works.
+
+ InitDataEx is optional and its use and content are processor arch dependent.
+ The typical usage of it is to convey resources which have to be reserved
+ elsewhere and are necessary for the extra initializations of exception.
+
+ @param[in] VectorInfo Pointer to reserved vector list.
+ @param[in] InitDataEx Pointer to data optional for extra initializations
+ of exception.
+
+ @retval EFI_SUCCESS The exceptions have been successfully
+ initialized.
+ @retval EFI_INVALID_PARAMETER VectorInfo or InitDataEx contains invalid
+ content.
+
+**/
+EFI_STATUS
+EFIAPI
+InitializeCpuExceptionHandlersEx (
+ IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
+ IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
+ )
+{
+ return InitializeCpuExceptionHandlers (VectorInfo);
+}
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ArchExceptionHandler.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ArchExceptionHandler.c
index 65f0cff680..5bc04656c7 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ArchExceptionHandler.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ArchExceptionHandler.c
@@ -112,6 +112,140 @@ ArchRestoreExceptionContext (
SystemContext.SystemContextX64->ExceptionData = ReservedVectors[ExceptionType].ExceptionData;
}
+/**
+ Setup separate stack for given exceptions.
+
+ @param[in] StackSwitchData Pointer to data required for setuping up
+ stack switch.
+
+ @retval EFI_SUCCESS The exceptions have been successfully
+ initialized with new stack.
+ @retval EFI_INVALID_PARAMETER StackSwitchData contains invalid content.
+
+**/
+EFI_STATUS
+ArchSetupExcpetionStack (
+ IN CPU_EXCEPTION_INIT_DATA_EX *StackSwitchData
+ )
+{
+ IA32_DESCRIPTOR Gdtr;
+ IA32_DESCRIPTOR Idtr;
+ IA32_IDT_GATE_DESCRIPTOR *IdtTable;
+ IA32_TSS_DESCRIPTOR *TssDesc;
+ IA32_TASK_STATE_SEGMENT *Tss;
+ UINTN StackTop;
+ UINTN Index;
+ UINTN Vector;
+ UINTN TssBase;
+ UINTN GdtSize;
+
+ if (StackSwitchData == NULL ||
+ StackSwitchData->Ia32.KnownGoodStackTop == 0 ||
+ StackSwitchData->Ia32.KnownGoodStackSize == 0 ||
+ StackSwitchData->Ia32.StackSwitchExceptions == NULL ||
+ StackSwitchData->Ia32.StackSwitchExceptionNumber == 0 ||
+ StackSwitchData->Ia32.GdtTable == NULL ||
+ StackSwitchData->Ia32.IdtTable == NULL ||
+ StackSwitchData->Ia32.TssDesc == NULL ||
+ StackSwitchData->Ia32.Tss == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // The caller is responsible for that the GDT table, no matter the existing
+ // one or newly allocated, has enough space to hold descriptors for exception
+ // task-state segments.
+ //
+ if (((UINTN)StackSwitchData->Ia32.GdtTable & (IA32_GDT_ALIGNMENT - 1)) != 0) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if ((UINTN)StackSwitchData->Ia32.TssDesc < (UINTN)(StackSwitchData->Ia32.GdtTable)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if ((UINTN)StackSwitchData->Ia32.TssDesc >=
+ ((UINTN)(StackSwitchData->Ia32.GdtTable) + StackSwitchData->Ia32.GdtSize)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ GdtSize = (UINTN)StackSwitchData->Ia32.TssDesc -
+ (UINTN)(StackSwitchData->Ia32.GdtTable) +
+ sizeof (IA32_TSS_DESCRIPTOR);
+ if (GdtSize > StackSwitchData->Ia32.GdtSize) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // Initialize new GDT table and/or IDT table, if any
+ //
+ AsmReadIdtr (&Idtr);
+ AsmReadGdtr (&Gdtr);
+ if ((UINTN)StackSwitchData->Ia32.GdtTable != Gdtr.Base) {
+ CopyMem (StackSwitchData->Ia32.GdtTable, (VOID *)Gdtr.Base, Gdtr.Limit + 1);
+ Gdtr.Base = (UINTN)StackSwitchData->Ia32.GdtTable;
+ Gdtr.Limit = (UINT16)GdtSize - 1;
+ }
+
+ if ((UINTN)StackSwitchData->Ia32.IdtTable != Idtr.Base) {
+ Idtr.Base = (UINTN)StackSwitchData->Ia32.IdtTable;
+ }
+
+ //
+ // Fixup current task descriptor. Task-state segment for current task will
+ // be filled by processor during task switching.
+ //
+ TssDesc = StackSwitchData->Ia32.TssDesc;
+ Tss = StackSwitchData->Ia32.Tss;
+
+ TssBase = (UINTN)Tss;
+ TssDesc->Bits.LimitLow = sizeof(IA32_TASK_STATE_SEGMENT) - 1;
+ TssDesc->Bits.BaseLow = (UINT16)TssBase;
+ TssDesc->Bits.BaseMidl = (UINT8)(TssBase >> 16);
+ TssDesc->Bits.Type = IA32_GDT_TYPE_TSS;
+ TssDesc->Bits.P = 1;
+ TssDesc->Bits.LimitHigh = 0;
+ TssDesc->Bits.BaseMidh = (UINT8)(TssBase >> 24);
+ TssDesc->Bits.BaseHigh = (UINT32)(TssBase >> 32);
+
+ //
+ // Fixup exception task descriptor and task-state segment
+ //
+ StackTop = StackSwitchData->Ia32.KnownGoodStackTop - CPU_STACK_ALIGNMENT;
+ StackTop = (UINTN)ALIGN_POINTER (StackTop, CPU_STACK_ALIGNMENT);
+ IdtTable = StackSwitchData->Ia32.IdtTable;
+ for (Index = 0; Index < StackSwitchData->Ia32.StackSwitchExceptionNumber; ++Index) {
+ //
+ // Fixup IST
+ //
+ Tss->IST[Index] = StackTop;
+ StackTop -= StackSwitchData->Ia32.KnownGoodStackSize;
+
+ //
+ // Set the IST field to enable corresponding IST
+ //
+ Vector = StackSwitchData->Ia32.StackSwitchExceptions[Index];
+ IdtTable[Vector].Bits.Reserved_0 = (UINT8)(Index + 1);
+ }
+
+ //
+ // Publish GDT
+ //
+ AsmWriteGdtr (&Gdtr);
+
+ //
+ // Load current task
+ //
+ AsmWriteTr ((UINT16)((UINTN)StackSwitchData->Ia32.TssDesc - Gdtr.Base));
+
+ //
+ // Publish IDT
+ //
+ AsmWriteIdtr (&Idtr);
+
+ return EFI_SUCCESS;
+}
+
/**
Display CPU information.
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ArchInterruptDefs.h b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ArchInterruptDefs.h
index 906480134a..c88be46286 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ArchInterruptDefs.h
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ArchInterruptDefs.h
@@ -43,4 +43,7 @@ typedef struct {
UINT8 HookAfterStubHeaderCode[HOOKAFTER_STUB_SIZE];
} RESERVED_VECTORS_DATA;
+#define CPU_TSS_DESC_SIZE sizeof (IA32_TSS_DESCRIPTOR)
+#define CPU_TSS_SIZE sizeof (IA32_TASK_STATE_SEGMENT)
+
#endif
--
2.14.1.windows.1
^ permalink raw reply related [flat|nested] 16+ messages in thread* [PATCH v3 06/11] MdeModulePkg/CpuExceptionHandlerLibNull: Add new API implementation
2017-12-01 2:37 [PATCH v3 00/11] Implement stack guard feature Jian J Wang
` (4 preceding siblings ...)
2017-12-01 2:37 ` [PATCH v3 05/11] UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support Jian J Wang
@ 2017-12-01 2:37 ` Jian J Wang
2017-12-01 2:37 ` [PATCH v3 07/11] ArmPkg/ArmExceptionLib: Add implementation of new API Jian J Wang
` (5 subsequent siblings)
11 siblings, 0 replies; 16+ messages in thread
From: Jian J Wang @ 2017-12-01 2:37 UTC (permalink / raw)
To: edk2-devel; +Cc: Star Zeng, Eric Dong, Jiewen Yao
> v3:
> Newly added
This patch add implementation of new API InitializeCpuExceptionHandlersEx
introduced into CpuExceptionHandlerLib on behalf of Stack Guard feature.
Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
.../CpuExceptionHandlerLibNull.c | 34 ++++++++++++++++++++++
1 file changed, 34 insertions(+)
diff --git a/MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.c b/MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.c
index cbe4768633..6ea71972aa 100644
--- a/MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.c
+++ b/MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.c
@@ -111,3 +111,37 @@ DumpCpuContext (
)
{
}
+
+/**
+ Initializes all CPU exceptions entries with optional extra initializations.
+
+ By default, this method should include all functionalities implemented by
+ InitializeCpuExceptionHandlers(), plus extra initialization works, if any.
+ This is could be done by calling InitializeCpuExceptionHandlers() directly
+ in this method besides the extra works.
+
+ InitDataEx is optional and its use and content are processor arch dependent.
+ The typical usage of it is to convey resources which have to be reserved
+ elsewhere and are necessary for the extra initializations of exception.
+
+ @param[in] VectorInfo Pointer to reserved vector list.
+ @param[in] InitDataEx Pointer to data optional for extra initializations
+ of exception.
+
+ @retval EFI_SUCCESS The exceptions have been successfully
+ initialized.
+ @retval EFI_INVALID_PARAMETER VectorInfo or InitDataEx contains invalid
+ content.
+ @retval EFI_UNSUPPORTED This function is not supported.
+
+**/
+EFI_STATUS
+EFIAPI
+InitializeCpuExceptionHandlersEx (
+ IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
+ IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
+ )
+{
+ return InitializeCpuExceptionHandlers (VectorInfo);
+}
+
--
2.14.1.windows.1
^ permalink raw reply related [flat|nested] 16+ messages in thread* [PATCH v3 07/11] ArmPkg/ArmExceptionLib: Add implementation of new API
2017-12-01 2:37 [PATCH v3 00/11] Implement stack guard feature Jian J Wang
` (5 preceding siblings ...)
2017-12-01 2:37 ` [PATCH v3 06/11] MdeModulePkg/CpuExceptionHandlerLibNull: Add new API implementation Jian J Wang
@ 2017-12-01 2:37 ` Jian J Wang
2017-12-04 13:58 ` Ard Biesheuvel
2017-12-01 2:37 ` [PATCH v3 08/11] UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data Jian J Wang
` (4 subsequent siblings)
11 siblings, 1 reply; 16+ messages in thread
From: Jian J Wang @ 2017-12-01 2:37 UTC (permalink / raw)
To: edk2-devel; +Cc: Leif Lindholm, Ard Biesheuvel, Jiewen Yao
> v3:
> Newly added
This patch add implementation of following new API introduced into
CpuExceptionHandlerLib. Since this lib hasn't support Stack Guard
and stack switch, the new method just calls original
InitializeCpuExceptionHandlers.
EFI_STATUS
EFIAPI
InitializeCpuExceptionHandlersEx (
IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
);
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c | 33 ++++++++++++++++++++++++
1 file changed, 33 insertions(+)
diff --git a/ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c b/ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c
index e8ea1f159d..9fb4a05845 100644
--- a/ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c
+++ b/ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c
@@ -320,3 +320,36 @@ CommonCExceptionHandler(
DefaultExceptionHandler(ExceptionType, SystemContext);
}
+
+/**
+ Initializes all CPU exceptions entries with optional extra initializations.
+
+ By default, this method should include all functionalities implemented by
+ InitializeCpuExceptionHandlers(), plus extra initialization works, if any.
+ This is could be done by calling InitializeCpuExceptionHandlers() directly
+ in this method besides the extra works.
+
+ InitDataEx is optional and its use and content are processor arch dependent.
+ The typical usage of it is to convey resources which have to be reserved
+ elsewhere and are necessary for the extra initializations of exception.
+
+ @param[in] VectorInfo Pointer to reserved vector list.
+ @param[in] InitDataEx Pointer to data optional for extra initializations
+ of exception.
+
+ @retval EFI_SUCCESS The exceptions have been successfully
+ initialized.
+ @retval EFI_INVALID_PARAMETER VectorInfo or InitDataEx contains invalid
+ content.
+
+**/
+EFI_STATUS
+EFIAPI
+InitializeCpuExceptionHandlersEx (
+ IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
+ IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
+ )
+{
+ return InitializeCpuExceptionHandlers (VectorInfo);
+}
+
--
2.14.1.windows.1
^ permalink raw reply related [flat|nested] 16+ messages in thread* Re: [PATCH v3 07/11] ArmPkg/ArmExceptionLib: Add implementation of new API
2017-12-01 2:37 ` [PATCH v3 07/11] ArmPkg/ArmExceptionLib: Add implementation of new API Jian J Wang
@ 2017-12-04 13:58 ` Ard Biesheuvel
2017-12-05 0:02 ` Wang, Jian J
0 siblings, 1 reply; 16+ messages in thread
From: Ard Biesheuvel @ 2017-12-04 13:58 UTC (permalink / raw)
To: Jian J Wang; +Cc: edk2-devel@lists.01.org, Leif Lindholm, Jiewen Yao
On 1 December 2017 at 02:37, Jian J Wang <jian.j.wang@intel.com> wrote:
>> v3:
>> Newly added
>
> This patch add implementation of following new API introduced into
> CpuExceptionHandlerLib. Since this lib hasn't support Stack Guard
> and stack switch, the new method just calls original
> InitializeCpuExceptionHandlers.
>
> EFI_STATUS
> EFIAPI
> InitializeCpuExceptionHandlersEx (
> IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
> IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
> );
>
> Cc: Leif Lindholm <leif.lindholm@linaro.org>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
> ---
> ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c | 33 ++++++++++++++++++++++++
> 1 file changed, 33 insertions(+)
>
> diff --git a/ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c b/ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c
> index e8ea1f159d..9fb4a05845 100644
> --- a/ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c
> +++ b/ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c
> @@ -320,3 +320,36 @@ CommonCExceptionHandler(
>
> DefaultExceptionHandler(ExceptionType, SystemContext);
> }
> +
> +/**
> + Initializes all CPU exceptions entries with optional extra initializations.
> +
> + By default, this method should include all functionalities implemented by
> + InitializeCpuExceptionHandlers(), plus extra initialization works, if any.
> + This is could be done by calling InitializeCpuExceptionHandlers() directly
> + in this method besides the extra works.
> +
> + InitDataEx is optional and its use and content are processor arch dependent.
> + The typical usage of it is to convey resources which have to be reserved
> + elsewhere and are necessary for the extra initializations of exception.
> +
> + @param[in] VectorInfo Pointer to reserved vector list.
> + @param[in] InitDataEx Pointer to data optional for extra initializations
> + of exception.
> +
> + @retval EFI_SUCCESS The exceptions have been successfully
> + initialized.
> + @retval EFI_INVALID_PARAMETER VectorInfo or InitDataEx contains invalid
> + content.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +InitializeCpuExceptionHandlersEx (
> + IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
> + IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
> + )
> +{
> + return InitializeCpuExceptionHandlers (VectorInfo);
> +}
> +
I would appreciate it if you could clean up the grammar in the comment block.
Other than that,
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
^ permalink raw reply [flat|nested] 16+ messages in thread* Re: [PATCH v3 07/11] ArmPkg/ArmExceptionLib: Add implementation of new API
2017-12-04 13:58 ` Ard Biesheuvel
@ 2017-12-05 0:02 ` Wang, Jian J
0 siblings, 0 replies; 16+ messages in thread
From: Wang, Jian J @ 2017-12-05 0:02 UTC (permalink / raw)
To: Ard Biesheuvel; +Cc: edk2-devel@lists.01.org, Leif Lindholm, Yao, Jiewen
Sure. Thanks for the feedback.
> -----Original Message-----
> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> Sent: Monday, December 04, 2017 9:59 PM
> To: Wang, Jian J <jian.j.wang@intel.com>
> Cc: edk2-devel@lists.01.org; Leif Lindholm <leif.lindholm@linaro.org>; Yao,
> Jiewen <jiewen.yao@intel.com>
> Subject: Re: [PATCH v3 07/11] ArmPkg/ArmExceptionLib: Add implementation of
> new API
>
> On 1 December 2017 at 02:37, Jian J Wang <jian.j.wang@intel.com> wrote:
> >> v3:
> >> Newly added
> >
> > This patch add implementation of following new API introduced into
> > CpuExceptionHandlerLib. Since this lib hasn't support Stack Guard
> > and stack switch, the new method just calls original
> > InitializeCpuExceptionHandlers.
> >
> > EFI_STATUS
> > EFIAPI
> > InitializeCpuExceptionHandlersEx (
> > IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
> > IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
> > );
> >
> > Cc: Leif Lindholm <leif.lindholm@linaro.org>
> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
> > Contributed-under: TianoCore Contribution Agreement 1.1
> > Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
> > ---
> > ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c | 33
> ++++++++++++++++++++++++
> > 1 file changed, 33 insertions(+)
> >
> > diff --git a/ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c
> b/ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c
> > index e8ea1f159d..9fb4a05845 100644
> > --- a/ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c
> > +++ b/ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c
> > @@ -320,3 +320,36 @@ CommonCExceptionHandler(
> >
> > DefaultExceptionHandler(ExceptionType, SystemContext);
> > }
> > +
> > +/**
> > + Initializes all CPU exceptions entries with optional extra initializations.
> > +
> > + By default, this method should include all functionalities implemented by
> > + InitializeCpuExceptionHandlers(), plus extra initialization works, if any.
> > + This is could be done by calling InitializeCpuExceptionHandlers() directly
> > + in this method besides the extra works.
> > +
> > + InitDataEx is optional and its use and content are processor arch dependent.
> > + The typical usage of it is to convey resources which have to be reserved
> > + elsewhere and are necessary for the extra initializations of exception.
> > +
> > + @param[in] VectorInfo Pointer to reserved vector list.
> > + @param[in] InitDataEx Pointer to data optional for extra initializations
> > + of exception.
> > +
> > + @retval EFI_SUCCESS The exceptions have been successfully
> > + initialized.
> > + @retval EFI_INVALID_PARAMETER VectorInfo or InitDataEx contains
> invalid
> > + content.
> > +
> > +**/
> > +EFI_STATUS
> > +EFIAPI
> > +InitializeCpuExceptionHandlersEx (
> > + IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
> > + IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
> > + )
> > +{
> > + return InitializeCpuExceptionHandlers (VectorInfo);
> > +}
> > +
>
> I would appreciate it if you could clean up the grammar in the comment block.
>
> Other than that,
>
> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
^ permalink raw reply [flat|nested] 16+ messages in thread
* [PATCH v3 08/11] UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data
2017-12-01 2:37 [PATCH v3 00/11] Implement stack guard feature Jian J Wang
` (6 preceding siblings ...)
2017-12-01 2:37 ` [PATCH v3 07/11] ArmPkg/ArmExceptionLib: Add implementation of new API Jian J Wang
@ 2017-12-01 2:37 ` Jian J Wang
2017-12-01 2:37 ` [PATCH v3 09/11] UefiCpuPkg/CpuDxe: Initialize stack switch for MP Jian J Wang
` (3 subsequent siblings)
11 siblings, 0 replies; 16+ messages in thread
From: Jian J Wang @ 2017-12-01 2:37 UTC (permalink / raw)
To: edk2-devel; +Cc: Eric Dong, Laszlo Ersek, Jiewen Yao
> v3:
> No change
> v2:
> Add code to save/restore GDTR, IDTR and TR for AP.
In current implementation of CPU MP service, AP is initialized with data
copied from BSP. Stack switch required by Stack Guard feature needs different
GDT, IDT table and task gates for each logic processor. This patch adds GDTR,
IDTR and TR into structure CPU_VOLATILE_REGISTERS and related code in save
and restore methods. This can make sure that any changes to GDT, IDT and task
gate for an AP will be kept from overwritten by BSP settings.
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
UefiCpuPkg/Library/MpInitLib/MpLib.c | 17 +++++++++++++++++
UefiCpuPkg/Library/MpInitLib/MpLib.h | 3 +++
2 files changed, 20 insertions(+)
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpInitLib/MpLib.c
index 61b14c9843..0c2058a7b0 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c
@@ -195,6 +195,10 @@ SaveVolatileRegisters (
VolatileRegisters->Dr6 = AsmReadDr6 ();
VolatileRegisters->Dr7 = AsmReadDr7 ();
}
+
+ AsmReadGdtr (&VolatileRegisters->Gdtr);
+ AsmReadIdtr (&VolatileRegisters->Idtr);
+ VolatileRegisters->Tr = AsmReadTr ();
}
/**
@@ -211,6 +215,7 @@ RestoreVolatileRegisters (
)
{
CPUID_VERSION_INFO_EDX VersionInfoEdx;
+ IA32_TSS_DESCRIPTOR *Tss;
AsmWriteCr0 (VolatileRegisters->Cr0);
AsmWriteCr3 (VolatileRegisters->Cr3);
@@ -231,6 +236,18 @@ RestoreVolatileRegisters (
AsmWriteDr7 (VolatileRegisters->Dr7);
}
}
+
+ AsmWriteGdtr (&VolatileRegisters->Gdtr);
+ AsmWriteIdtr (&VolatileRegisters->Idtr);
+ if (VolatileRegisters->Tr != 0 &&
+ VolatileRegisters->Tr < VolatileRegisters->Gdtr.Limit) {
+ Tss = (IA32_TSS_DESCRIPTOR *)(VolatileRegisters->Gdtr.Base +
+ VolatileRegisters->Tr);
+ if (Tss->Bits.P == 1) {
+ Tss->Bits.Type &= 0xD; // 1101 - Clear busy bit just in case
+ AsmWriteTr (VolatileRegisters->Tr);
+ }
+ }
}
/**
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpInitLib/MpLib.h
index d13d5c06f5..685e96cbac 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
@@ -102,6 +102,9 @@ typedef struct {
UINTN Dr3;
UINTN Dr6;
UINTN Dr7;
+ IA32_DESCRIPTOR Gdtr;
+ IA32_DESCRIPTOR Idtr;
+ UINT16 Tr;
} CPU_VOLATILE_REGISTERS;
//
--
2.14.1.windows.1
^ permalink raw reply related [flat|nested] 16+ messages in thread* [PATCH v3 09/11] UefiCpuPkg/CpuDxe: Initialize stack switch for MP
2017-12-01 2:37 [PATCH v3 00/11] Implement stack guard feature Jian J Wang
` (7 preceding siblings ...)
2017-12-01 2:37 ` [PATCH v3 08/11] UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data Jian J Wang
@ 2017-12-01 2:37 ` Jian J Wang
2017-12-01 2:37 ` [PATCH v3 10/11] MdeModulePkg/Core/Dxe: Call new API InitializeCpuExceptionHandlersEx instead Jian J Wang
` (2 subsequent siblings)
11 siblings, 0 replies; 16+ messages in thread
From: Jian J Wang @ 2017-12-01 2:37 UTC (permalink / raw)
To: edk2-devel; +Cc: Eric Dong, Laszlo Ersek, Jiewen Yao, Michael Kinney
> v3:
> a. Remove definition of EXCEPTION_STACK_SWITCH_DATA.
> Use CPU_EXCEPTION_INIT_DATA_EX defined in CpuExceptionHandlerLib.h
> intead.
> b. Call new API InitializeCpuExceptionHandlersEx instead to initialize
> stack switch for BSP and AP
> v2:
> Add code to reserve resources and initialize AP exception with stack
> switch besides BSP, if PcdCpuStackGuard is enabled.
In current MP implementation, BSP and AP shares the same exception
configuration. Stack switch required by Stack Guard feature needs that BSP
and AP have their own configuration. This patch adds code to ask BSP and AP
to do exception handler initialization separately.
Since AP is not supposed to do memory allocation, all memory needed to
setup stack switch will be reserved in BSP and pass to AP via new API
EFI_STATUS
EFIAPI
InitializeCpuExceptionHandlersEx (
IN EFI_VECTOR_HANDOFF_INFO *VectorInfo OPTIONAL,
IN CPU_EXCEPTION_INIT_DATA_EX *InitDataEx OPTIONAL
);
Following two new PCDs are introduced to configure how to setup new stack
for specified exception handlers.
gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList
gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
UefiCpuPkg/CpuDxe/CpuDxe.inf | 3 +
UefiCpuPkg/CpuDxe/CpuMp.c | 177 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 180 insertions(+)
diff --git a/UefiCpuPkg/CpuDxe/CpuDxe.inf b/UefiCpuPkg/CpuDxe/CpuDxe.inf
index 3e8d196739..02f86b774c 100644
--- a/UefiCpuPkg/CpuDxe/CpuDxe.inf
+++ b/UefiCpuPkg/CpuDxe/CpuDxe.inf
@@ -81,6 +81,9 @@
[Pcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES
+ gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList ## CONSUMES
+ gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize ## CONSUMES
[Depex]
TRUE
diff --git a/UefiCpuPkg/CpuDxe/CpuMp.c b/UefiCpuPkg/CpuDxe/CpuMp.c
index b3c0178d07..2e388879fa 100644
--- a/UefiCpuPkg/CpuDxe/CpuMp.c
+++ b/UefiCpuPkg/CpuDxe/CpuMp.c
@@ -601,6 +601,178 @@ CollectBistDataFromHob (
}
}
+/**
+ Get GDT register value.
+
+ This function is mainly for AP purpose because AP may have different GDT
+ table than BSP.
+
+ @param[in,out] Buffer The pointer to private data buffer.
+
+**/
+VOID
+EFIAPI
+GetGdtr (
+ IN OUT VOID *Buffer
+ )
+{
+ AsmReadGdtr ((IA32_DESCRIPTOR *)Buffer);
+}
+
+/**
+ Initializes CPU exceptions handlers for the sake of stack switch requirement.
+
+ This function is a wrapper of InitializeCpuExceptionHandlersEx. It's mainly
+ for the sake of AP's init because of EFI_AP_PROCEDURE API requirement.
+
+ @param[in,out] Buffer The pointer to private data buffer.
+
+**/
+VOID
+EFIAPI
+InitializeExceptionStackSwitchHandlers (
+ IN OUT VOID *Buffer
+ )
+{
+ CPU_EXCEPTION_INIT_DATA_EX *EssData;
+ IA32_DESCRIPTOR Idtr;
+ EFI_STATUS Status;
+
+ EssData = Buffer;
+ //
+ // We don't plan to replace IDT table with a new one, and we should not assume
+ // the AP's IDT is the same as BSP's IDT either.
+ //
+ AsmReadIdtr (&Idtr);
+ EssData->Ia32.IdtTable = (VOID *)Idtr.Base;
+ Status = InitializeCpuExceptionHandlersEx (NULL, EssData);
+ ASSERT_EFI_ERROR (Status);
+}
+
+/**
+ Initializes MP exceptions handlers for the sake of stack switch requirement.
+
+ This function will allocate required resources required to setup stack switch
+ and pass them through CPU_EXCEPTION_INIT_DATA_EX to each logic processor.
+
+**/
+VOID
+InitializeMpExceptionStackSwitchHandlers (
+ VOID
+ )
+{
+ UINTN Index;
+ UINTN Bsp;
+ UINTN ExceptionNumber;
+ UINTN NewGdtSize;
+ UINTN NewStackSize;
+ IA32_DESCRIPTOR Gdtr;
+ CPU_EXCEPTION_INIT_DATA_EX EssData;
+ UINT8 *GdtBuffer;
+ UINT8 *StackTop;
+
+ if (!PcdGetBool (PcdCpuStackGuard)) {
+ return;
+ }
+
+ ExceptionNumber = FixedPcdGetSize (PcdCpuStackSwitchExceptionList);
+ NewStackSize = FixedPcdGet32 (PcdCpuKnownGoodStackSize) * ExceptionNumber;
+
+ StackTop = AllocateRuntimeZeroPool (NewStackSize * mNumberOfProcessors);
+ ASSERT (StackTop != NULL);
+ StackTop += NewStackSize * mNumberOfProcessors;
+
+ //
+ // The default exception handlers must have been initialized. Let's just skip
+ // it in this method.
+ //
+ EssData.Ia32.InitDefaultHandlers = FALSE;
+
+ EssData.Ia32.StackSwitchExceptions = FixedPcdGetPtr(PcdCpuStackSwitchExceptionList);
+ EssData.Ia32.StackSwitchExceptionNumber = ExceptionNumber;
+ EssData.Ia32.KnownGoodStackSize = FixedPcdGet32(PcdCpuKnownGoodStackSize);
+
+ MpInitLibWhoAmI (&Bsp);
+ for (Index = 0; Index < mNumberOfProcessors; ++Index) {
+ //
+ // To support stack switch, we need to re-construct GDT but not IDT.
+ //
+ if (Index == Bsp) {
+ GetGdtr (&Gdtr);
+ } else {
+ //
+ // AP might have different size of GDT from BSP.
+ //
+ MpInitLibStartupThisAP (GetGdtr, Index, NULL, 0, (VOID *)&Gdtr, NULL);
+ }
+
+ //
+ // X64 needs only one TSS of current task working for all exceptions
+ // because of its IST feature. IA32 needs one TSS for each exception
+ // in addition to current task. Since AP is not supposed to allocate
+ // memory, we have to do it in BSP. To simplify the code, we allocate
+ // memory for IA32 case to cover both IA32 and X64 exception stack
+ // switch.
+ //
+ // Layout of memory to allocate for each processor:
+ // --------------------------------
+ // | Alignment | (just in case)
+ // --------------------------------
+ // | |
+ // | Original GDT |
+ // | |
+ // --------------------------------
+ // | Current task descriptor |
+ // --------------------------------
+ // | |
+ // | Exception task descriptors | X ExceptionNumber
+ // | |
+ // --------------------------------
+ // | Current task-state segment |
+ // --------------------------------
+ // | |
+ // | Exception task-state segment | X ExceptionNumber
+ // | |
+ // --------------------------------
+ //
+ NewGdtSize = sizeof (IA32_TSS_DESCRIPTOR) +
+ (Gdtr.Limit + 1) +
+ sizeof (IA32_TSS_DESCRIPTOR) * (ExceptionNumber + 1) +
+ sizeof (IA32_TASK_STATE_SEGMENT) * (ExceptionNumber + 1);
+ GdtBuffer = AllocateRuntimeZeroPool (NewGdtSize);
+ ASSERT (GdtBuffer != NULL);
+
+ EssData.Ia32.GdtTable = ALIGN_POINTER(GdtBuffer, sizeof (IA32_TSS_DESCRIPTOR));
+ NewGdtSize -= ((UINT8 *)EssData.Ia32.GdtTable - GdtBuffer);
+ EssData.Ia32.GdtSize = NewGdtSize;
+
+ EssData.Ia32.TssDesc = ((UINT8 *)EssData.Ia32.GdtTable + Gdtr.Limit + 1);
+ EssData.Ia32.Tss = ((UINT8 *)EssData.Ia32.GdtTable + Gdtr.Limit + 1 +
+ sizeof (IA32_TSS_DESCRIPTOR) * (ExceptionNumber + 1));
+
+ EssData.Ia32.KnownGoodStackTop = (UINTN)StackTop;
+ DEBUG ((DEBUG_INFO,
+ "Exception stack top[cpu%lu]: 0x%lX\n",
+ (UINT64)(UINTN)Index,
+ (UINT64)(UINTN)StackTop));
+
+ if (Index == Bsp) {
+ InitializeExceptionStackSwitchHandlers (&EssData);
+ } else {
+ MpInitLibStartupThisAP (
+ InitializeExceptionStackSwitchHandlers,
+ Index,
+ NULL,
+ 0,
+ (VOID *)&EssData,
+ NULL
+ );
+ }
+
+ StackTop -= NewStackSize;
+ }
+}
+
/**
Initialize Multi-processor support.
@@ -624,6 +796,11 @@ InitializeMpSupport (
mNumberOfProcessors = NumberOfProcessors;
DEBUG ((DEBUG_INFO, "Detect CPU count: %d\n", mNumberOfProcessors));
+ //
+ // Initialize exception stack switch handlers for each logic processor.
+ //
+ InitializeMpExceptionStackSwitchHandlers ();
+
//
// Update CPU healthy information from Guided HOB
//
--
2.14.1.windows.1
^ permalink raw reply related [flat|nested] 16+ messages in thread* [PATCH v3 10/11] MdeModulePkg/Core/Dxe: Call new API InitializeCpuExceptionHandlersEx instead
2017-12-01 2:37 [PATCH v3 00/11] Implement stack guard feature Jian J Wang
` (8 preceding siblings ...)
2017-12-01 2:37 ` [PATCH v3 09/11] UefiCpuPkg/CpuDxe: Initialize stack switch for MP Jian J Wang
@ 2017-12-01 2:37 ` Jian J Wang
2017-12-01 2:37 ` [PATCH v3 11/11] MdeModulePkg/DxeIpl: Enable paging for Stack Guard Jian J Wang
2017-12-05 2:03 ` [PATCH v3 00/11] Implement stack guard feature Yao, Jiewen
11 siblings, 0 replies; 16+ messages in thread
From: Jian J Wang @ 2017-12-01 2:37 UTC (permalink / raw)
To: edk2-devel; +Cc: Star Zeng, Eric Dong, Jiewen Yao
> v3:
> Newly added
Original API InitializeCpuExceptionHandlers is used in DxeMain to initialize
exception handlers but it does not support setting up stack switch required
by Stack Guard feature. Using the new API instead to make sure Stack Guard
feature is applicable to most part of code.
Since this API is called before memory service initialization, there's no
way to call AllocateXxx API to reserve memory. Global variables are used
for this special case. GDT table is reserved at least 2KB which should be
big enough for all current use cases.
Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
index 433cca3a80..62a597edaf 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
+++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
@@ -258,7 +258,7 @@ DxeMain (
if (GuidHob != NULL) {
VectorInfoList = (EFI_VECTOR_HANDOFF_INFO *) (GET_GUID_HOB_DATA(GuidHob));
}
- Status = InitializeCpuExceptionHandlers (VectorInfoList);
+ Status = InitializeCpuExceptionHandlersEx (VectorInfoList, NULL);
ASSERT_EFI_ERROR (Status);
//
--
2.14.1.windows.1
^ permalink raw reply related [flat|nested] 16+ messages in thread* [PATCH v3 11/11] MdeModulePkg/DxeIpl: Enable paging for Stack Guard
2017-12-01 2:37 [PATCH v3 00/11] Implement stack guard feature Jian J Wang
` (9 preceding siblings ...)
2017-12-01 2:37 ` [PATCH v3 10/11] MdeModulePkg/Core/Dxe: Call new API InitializeCpuExceptionHandlersEx instead Jian J Wang
@ 2017-12-01 2:37 ` Jian J Wang
2017-12-05 2:03 ` [PATCH v3 00/11] Implement stack guard feature Yao, Jiewen
11 siblings, 0 replies; 16+ messages in thread
From: Jian J Wang @ 2017-12-01 2:37 UTC (permalink / raw)
To: edk2-devel; +Cc: Star Zeng, Eric Dong, Jiewen Yao
Stack guard feature makes use of paging mechanism to monitor if there's a
stack overflow occurred during boot.
This patch will check setting of PCD PcdCpuStackGuard. If it's TRUE, DxeIpl
will setup page table and set the page at which the stack base locates to be
NOT PRESENT. If stack is used up and memory access cross into the last page
of it, #PF exception will be triggered.
Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 ++-
MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 4 ++
MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 1 +
MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 51 ++++++++++++++++++------
4 files changed, 46 insertions(+), 15 deletions(-)
diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
index a1b8748432..ba1d9c6b05 100644
--- a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
+++ b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
@@ -49,7 +49,7 @@
[Sources.X64]
X64/VirtualMemory.h
X64/VirtualMemory.c
- X64/DxeLoadFunc.c
+ X64/DxeLoadFunc.c
[Sources.IPF]
Ipf/DxeLoadFunc.c
@@ -117,6 +117,7 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES
[Pcd.IA32,Pcd.X64,Pcd.ARM,Pcd.AARCH64]
gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## SOMETIMES_CONSUMES
@@ -132,7 +133,7 @@
#
# [Hob]
# MEMORY_ALLOCATION ## SOMETIMES_PRODUCES # MEMORY_ALLOCATION_MODULE for DxeCore
-# MEMORY_ALLOCATION ## SOMETIMES_PRODUCES # New Stack HoB
+# MEMORY_ALLOCATION ## SOMETIMES_PRODUCES # New Stack HoB
# MEMORY_ALLOCATION ## SOMETIMES_PRODUCES # Old Stack HOB
#
# [Hob.IPF]
diff --git a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c b/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
index 5649265367..441096ad0f 100644
--- a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
+++ b/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
@@ -235,6 +235,10 @@ ToBuildPageTable (
return TRUE;
}
+ if (PcdGetBool (PcdCpuStackGuard)) {
+ return TRUE;
+ }
+
if (PcdGetBool (PcdSetNxForStack) && IsExecuteDisableBitAvailable ()) {
return TRUE;
}
diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c b/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c
index f613221b81..b75a4489bf 100644
--- a/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c
+++ b/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c
@@ -95,6 +95,7 @@ HandOffToDxeCore (
// for the DxeIpl and the DxeCore are both X64.
//
ASSERT (PcdGetBool (PcdSetNxForStack) == FALSE);
+ ASSERT (PcdGetBool (PcdCpuStackGuard) == FALSE);
}
//
diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
index 29b6205e88..a2466b7766 100644
--- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
+++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
@@ -117,6 +117,39 @@ EnableExecuteDisableBit (
AsmWriteMsr64 (0xC0000080, MsrRegisters);
}
+/**
+ The function will check if page table entry should be splitted to smaller
+ granularity.
+
+ @retval TRUE Page table should be created.
+ @retval FALSE Page table should not be created.
+**/
+BOOLEAN
+ToSplitPageTable (
+ IN EFI_PHYSICAL_ADDRESS Address,
+ IN UINTN Size,
+ IN EFI_PHYSICAL_ADDRESS StackBase,
+ IN UINTN StackSize
+ )
+{
+ if (IsNullDetectionEnabled () && Address == 0) {
+ return TRUE;
+ }
+
+ if (PcdGetBool (PcdCpuStackGuard)) {
+ if (StackBase >= Address && StackBase < (Address + Size)) {
+ return TRUE;
+ }
+ }
+
+ if (PcdGetBool (PcdSetNxForStack)) {
+ if ((Address < StackBase + StackSize) && ((Address + Size) > StackBase)) {
+ return TRUE;
+ }
+ }
+
+ return FALSE;
+}
/**
Split 2M page to 4K.
@@ -160,7 +193,8 @@ Split2MPageTo4K (
PageTableEntry->Uint64 = (UINT64) PhysicalAddress4K | AddressEncMask;
PageTableEntry->Bits.ReadWrite = 1;
- if (IsNullDetectionEnabled () && PhysicalAddress4K == 0) {
+ if ((IsNullDetectionEnabled () && PhysicalAddress4K == 0) ||
+ (PcdGetBool (PcdCpuStackGuard) && PhysicalAddress4K == StackBase)) {
PageTableEntry->Bits.Present = 0;
} else {
PageTableEntry->Bits.Present = 1;
@@ -214,10 +248,7 @@ Split1GPageTo2M (
PhysicalAddress2M = PhysicalAddress;
for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PhysicalAddress2M += SIZE_2MB) {
- if ((IsNullDetectionEnabled () && PhysicalAddress2M == 0)
- || (PcdGetBool (PcdSetNxForStack)
- && (PhysicalAddress2M < StackBase + StackSize)
- && ((PhysicalAddress2M + SIZE_2MB) > StackBase))) {
+ if (ToSplitPageTable (PhysicalAddress2M, SIZE_2MB, StackBase, StackSize)) {
//
// Need to split this 2M page that covers NULL or stack range.
//
@@ -359,10 +390,7 @@ CreateIdentityMappingPageTables (
PageDirectory1GEntry = (VOID *) PageDirectoryPointerEntry;
for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectory1GEntry++, PageAddress += SIZE_1GB) {
- if ((IsNullDetectionEnabled () && PageAddress == 0)
- || (PcdGetBool (PcdSetNxForStack)
- && (PageAddress < StackBase + StackSize)
- && ((PageAddress + SIZE_1GB) > StackBase))) {
+ if (ToSplitPageTable (PageAddress, SIZE_1GB, StackBase, StackSize)) {
Split1GPageTo2M (PageAddress, (UINT64 *) PageDirectory1GEntry, StackBase, StackSize);
} else {
//
@@ -391,10 +419,7 @@ CreateIdentityMappingPageTables (
PageDirectoryPointerEntry->Bits.Present = 1;
for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PageAddress += SIZE_2MB) {
- if ((IsNullDetectionEnabled () && PageAddress == 0)
- || (PcdGetBool (PcdSetNxForStack)
- && (PageAddress < StackBase + StackSize)
- && ((PageAddress + SIZE_2MB) > StackBase))) {
+ if (ToSplitPageTable (PageAddress, SIZE_2MB, StackBase, StackSize)) {
//
// Need to split this 2M page that covers NULL or stack range.
//
--
2.14.1.windows.1
^ permalink raw reply related [flat|nested] 16+ messages in thread* Re: [PATCH v3 00/11] Implement stack guard feature
2017-12-01 2:37 [PATCH v3 00/11] Implement stack guard feature Jian J Wang
` (10 preceding siblings ...)
2017-12-01 2:37 ` [PATCH v3 11/11] MdeModulePkg/DxeIpl: Enable paging for Stack Guard Jian J Wang
@ 2017-12-05 2:03 ` Yao, Jiewen
2017-12-05 6:55 ` Wang, Jian J
11 siblings, 1 reply; 16+ messages in thread
From: Yao, Jiewen @ 2017-12-05 2:03 UTC (permalink / raw)
To: Wang, Jian J, edk2-devel@lists.01.org
Good enhancement. I think it resolved my compatibility concern for the old API.
Some comment:
1) Can we just use CPU_EXCEPTION_INIT_DATA instead of CPU_EXCEPTION_INIT_DATA_EX? I am not sure why we add _EX here.
2) Is CPU_EXCEPTION_INIT_DATA_EX for IA32 only or both IA32/X64? I found "Ia32" may bring confusing here. See EFI_DEBUG_SUPPORT_PROTOCOL, we have Ia32 for IA32 arch, X64 for X64 arch.
//
// Flag to indicate if default handlers should be initialized or not.
//
BOOLEAN InitDefaultHandlers;
} Ia32;
} CPU_EXCEPTION_INIT_DATA_EX;
3) Can we add IdtTableSize in CPU_EXCEPTION_INIT_DATA_EX?
4) Can we add Version field in CPU_EXCEPTION_INIT_DATA_EX? I am not sure if we need add more entry later.
5) You mentioned "KnownGoodStackTop is for *ALL* exceptions".
Does ALL here mean StackSwitchExceptionNumber, or arch specific number such as 0x20 for X86 system?
I think StackSwitchExceptionNumber is enough.
6) There might be more than one TSS entry in GDT.
Does TssDesc/Tss in CPU_EXCEPTION_INIT_DATA_EX mean the exception Tss? (normal TSS does not need be reported here)
If so, I suggest we use ExceptionTss as the keyword.
7) Below code may cause buffer overrun on IST.
for (Index = 0; Index < StackSwitchData->Ia32.StackSwitchExceptionNumber; ++Index) {
//
// Fixup IST
//
Tss->IST[Index] = StackTop;
I suggest we add some basic check for StackSwitchExceptionNumber.
8) Do you think we need mention the TssDesc/Tss size requirement for that?
TssDesc = StackSwitchData->Ia32.TssDesc;
Tss = StackSwitchData->Ia32.Tss;
for (Index = 0; Index < StackSwitchData->Ia32.StackSwitchExceptionNumber; ++Index) {
TssDesc += 1;
Tss += 1;
I suggest we add TssDescSize and TssSize in CPU_EXCEPTION_INIT_DATA_EX and check the size in the code.
9) Last but not least important, have you evaluated if current CPU_EXCEPTION_INIT_DATA_EX is enough for SMM version stack guard exception?
Thank you
Yao Jiewen
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jian J
> Wang
> Sent: Friday, December 1, 2017 10:37 AM
> To: edk2-devel@lists.01.org
> Subject: [edk2] [PATCH v3 00/11] Implement stack guard feature
>
> > v3:
> > a. Change new API InitializeCpuExceptionStackSwitchHandlers() to
> > InitializeCpuExceptionHandlersEx(). Related code are updated
> accordingly.
> > b. Move EXCEPTION_STACK_SWITCH_DATA to CpuExceptionHandlerLib.h
> > and change the name to CPU_EXCEPTION_INIT_DATA_EX for the sake
> > of the API name change.
> > c. Add more general macros in BaseLib.h.
> > d. Add dummy implementation of InitializeCpuExceptionHandlersEx for
> > SEC, PEI and SMM but implement a full version for DXE.
> > e. Add dummy InitializeCpuExceptionHandlersEx for ARM's
> CpuExceptionHandlerLib
> > and NULL version of CpuExceptionHandlerLib
> > f. Call InitializeCpuExceptionHandlersEx() in DxeMain instead of
> > InitializeCpuExceptionHandlers().
>
>
> > v2:
> > a. Introduce and implement new API
> InitializeCpuExceptionStackSwitchHandlers().
> > b. Add stack switch related general definitions of IA32 in BaseLib.h.
> > c. Add two new PCDs to configure exception vector list and stack size.
> > d. Add code to save/restore GDTR, IDTR and TR for AP.
> > e. Refactor exception handler code for stack switch.
> > f. Add code to setup stack switch for AP besides BSP.
>
> Stack guard feature makes use of paging mechanism to monitor if there's a
> stack overflow occurred during boot. A new PCD PcdCpuStackGuard is added to
> enable/disable this feature. PCD PcdCpuStackSwitchExceptionList and
> PcdCpuKnownGoodStackSize are introduced to configure the required
> exceptions
> and stack size.
>
> If this feature is enabled, DxeIpl will setup page tables and set page where
> the stack bottom is at to be NON-PRESENT. If stack overflow occurs, Page
> Fault exception will be triggered.
>
> In order to make sure exception handler works normally even when the stack
> is corrupted, stack switching is implemented in exception library.
>
> Due to the mechanism behind Stack Guard, this feature is only avaiable for
> UEFI drivers (memory avaiable). That also means it doesn't support NT32
> emulated platform (paging not supported).
>
> Jian J Wang (11):
> MdeModulePkg/metafile: Add PCD PcdCpuStackGuard
> UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch
> MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API
> InitializeCpuExceptionHandlersEx
> MdePkg/BaseLib: Add stack switch related definitions for IA32
> UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support
> MdeModulePkg/CpuExceptionHandlerLibNull: Add new API implementation
> ArmPkg/ArmExceptionLib: Add implementation of new API
> UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data
> UefiCpuPkg/CpuDxe: Initialize stack switch for MP
> MdeModulePkg/Core/Dxe: Call new API InitializeCpuExceptionHandlersEx
> instead
> MdeModulePkg/DxeIpl: Enable paging for Stack Guard
>
> ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c | 33 ++
> MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 2 +-
> MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 +-
> MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 4 +
> MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 1 +
> MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 51 ++-
> .../Include/Library/CpuExceptionHandlerLib.h | 78 ++++
> .../CpuExceptionHandlerLibNull.c | 34 ++
> MdeModulePkg/MdeModulePkg.dec | 7 +
> MdeModulePkg/MdeModulePkg.uni | 7 +
> MdePkg/Include/Library/BaseLib.h | 117 ++++++
> MdePkg/Library/BaseLib/BaseLib.inf | 3 +
> MdePkg/Library/BaseLib/Ia32/WriteTr.nasm | 36 ++
> MdePkg/Library/BaseLib/X64/WriteTr.nasm | 37 ++
> UefiCpuPkg/CpuDxe/CpuDxe.inf | 3 +
> UefiCpuPkg/CpuDxe/CpuMp.c | 177 +++++++++
> .../CpuExceptionHandlerLib/CpuExceptionCommon.h | 39 ++
> .../DxeCpuExceptionHandlerLib.inf | 6 +
> .../Library/CpuExceptionHandlerLib/DxeException.c | 79 ++++
> .../Ia32/ArchExceptionHandler.c | 167 +++++++++
> .../Ia32/ArchInterruptDefs.h | 8 +
> .../Ia32/ExceptionTssEntryAsm.nasm | 398
> +++++++++++++++++++++
> .../CpuExceptionHandlerLib/PeiCpuException.c | 34 +-
> .../PeiCpuExceptionHandlerLib.inf | 1 +
> .../CpuExceptionHandlerLib/SecPeiCpuException.c | 34 +-
> .../SecPeiCpuExceptionHandlerLib.inf | 1 +
> .../SmmCpuExceptionHandlerLib.inf | 1 +
> .../Library/CpuExceptionHandlerLib/SmmException.c | 34 +-
> .../X64/ArchExceptionHandler.c | 134 +++++++
> .../CpuExceptionHandlerLib/X64/ArchInterruptDefs.h | 3 +
> UefiCpuPkg/Library/MpInitLib/MpLib.c | 17 +
> UefiCpuPkg/Library/MpInitLib/MpLib.h | 3 +
> UefiCpuPkg/UefiCpuPkg.dec | 12 +
> 33 files changed, 1547 insertions(+), 19 deletions(-)
> create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteTr.nasm
> create mode 100644 MdePkg/Library/BaseLib/X64/WriteTr.nasm
> create mode 100644
> UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm
>
> --
> 2.14.1.windows.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 16+ messages in thread* Re: [PATCH v3 00/11] Implement stack guard feature
2017-12-05 2:03 ` [PATCH v3 00/11] Implement stack guard feature Yao, Jiewen
@ 2017-12-05 6:55 ` Wang, Jian J
0 siblings, 0 replies; 16+ messages in thread
From: Wang, Jian J @ 2017-12-05 6:55 UTC (permalink / raw)
To: Yao, Jiewen, edk2-devel@lists.01.org
Jiewen,
Thanks for the comments.
1) It's only used for Ex version of the API so I added Ex. But I don't have strong opinion on the name.
2) Do you mean we need to use separate the definition for IA32 and X64 even they share the same data?
3) Sure.
4) I'm not sure if it's necessary. But a version field won't do any harm.
5) You're right it's just for exceptions needing stack switch. I'll change the wording.
6) Yes. ExceptionTss is better.
7) You're right. I'll add sanity checks.
8) Yes. I think current data meets SMM requirement. Let me know if you find anything missing.
Jian
> -----Original Message-----
> From: Yao, Jiewen
> Sent: Tuesday, December 05, 2017 10:03 AM
> To: Wang, Jian J <jian.j.wang@intel.com>; edk2-devel@lists.01.org
> Subject: RE: [edk2] [PATCH v3 00/11] Implement stack guard feature
>
> Good enhancement. I think it resolved my compatibility concern for the old API.
>
> Some comment:
>
> 1) Can we just use CPU_EXCEPTION_INIT_DATA instead of
> CPU_EXCEPTION_INIT_DATA_EX? I am not sure why we add _EX here.
>
> 2) Is CPU_EXCEPTION_INIT_DATA_EX for IA32 only or both IA32/X64? I found
> "Ia32" may bring confusing here. See EFI_DEBUG_SUPPORT_PROTOCOL, we
> have Ia32 for IA32 arch, X64 for X64 arch.
>
> //
> // Flag to indicate if default handlers should be initialized or not.
> //
> BOOLEAN InitDefaultHandlers;
> } Ia32;
> } CPU_EXCEPTION_INIT_DATA_EX;
>
> 3) Can we add IdtTableSize in CPU_EXCEPTION_INIT_DATA_EX?
>
> 4) Can we add Version field in CPU_EXCEPTION_INIT_DATA_EX? I am not sure if
> we need add more entry later.
>
> 5) You mentioned "KnownGoodStackTop is for *ALL* exceptions".
> Does ALL here mean StackSwitchExceptionNumber, or arch specific number such
> as 0x20 for X86 system?
> I think StackSwitchExceptionNumber is enough.
>
> 6) There might be more than one TSS entry in GDT.
> Does TssDesc/Tss in CPU_EXCEPTION_INIT_DATA_EX mean the exception Tss?
> (normal TSS does not need be reported here)
> If so, I suggest we use ExceptionTss as the keyword.
>
> 7) Below code may cause buffer overrun on IST.
>
> for (Index = 0; Index < StackSwitchData->Ia32.StackSwitchExceptionNumber;
> ++Index) {
> //
> // Fixup IST
> //
> Tss->IST[Index] = StackTop;
>
> I suggest we add some basic check for StackSwitchExceptionNumber.
>
> 8) Do you think we need mention the TssDesc/Tss size requirement for that?
>
> TssDesc = StackSwitchData->Ia32.TssDesc;
> Tss = StackSwitchData->Ia32.Tss;
> for (Index = 0; Index < StackSwitchData->Ia32.StackSwitchExceptionNumber;
> ++Index) {
> TssDesc += 1;
> Tss += 1;
>
> I suggest we add TssDescSize and TssSize in CPU_EXCEPTION_INIT_DATA_EX
> and check the size in the code.
>
> 9) Last but not least important, have you evaluated if current
> CPU_EXCEPTION_INIT_DATA_EX is enough for SMM version stack guard
> exception?
>
>
> Thank you
> Yao Jiewen
>
>
>
> > -----Original Message-----
> > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jian
> J
> > Wang
> > Sent: Friday, December 1, 2017 10:37 AM
> > To: edk2-devel@lists.01.org
> > Subject: [edk2] [PATCH v3 00/11] Implement stack guard feature
> >
> > > v3:
> > > a. Change new API InitializeCpuExceptionStackSwitchHandlers() to
> > > InitializeCpuExceptionHandlersEx(). Related code are updated
> > accordingly.
> > > b. Move EXCEPTION_STACK_SWITCH_DATA to CpuExceptionHandlerLib.h
> > > and change the name to CPU_EXCEPTION_INIT_DATA_EX for the sake
> > > of the API name change.
> > > c. Add more general macros in BaseLib.h.
> > > d. Add dummy implementation of InitializeCpuExceptionHandlersEx for
> > > SEC, PEI and SMM but implement a full version for DXE.
> > > e. Add dummy InitializeCpuExceptionHandlersEx for ARM's
> > CpuExceptionHandlerLib
> > > and NULL version of CpuExceptionHandlerLib
> > > f. Call InitializeCpuExceptionHandlersEx() in DxeMain instead of
> > > InitializeCpuExceptionHandlers().
> >
> >
> > > v2:
> > > a. Introduce and implement new API
> > InitializeCpuExceptionStackSwitchHandlers().
> > > b. Add stack switch related general definitions of IA32 in BaseLib.h.
> > > c. Add two new PCDs to configure exception vector list and stack size.
> > > d. Add code to save/restore GDTR, IDTR and TR for AP.
> > > e. Refactor exception handler code for stack switch.
> > > f. Add code to setup stack switch for AP besides BSP.
> >
> > Stack guard feature makes use of paging mechanism to monitor if there's a
> > stack overflow occurred during boot. A new PCD PcdCpuStackGuard is added
> to
> > enable/disable this feature. PCD PcdCpuStackSwitchExceptionList and
> > PcdCpuKnownGoodStackSize are introduced to configure the required
> > exceptions
> > and stack size.
> >
> > If this feature is enabled, DxeIpl will setup page tables and set page where
> > the stack bottom is at to be NON-PRESENT. If stack overflow occurs, Page
> > Fault exception will be triggered.
> >
> > In order to make sure exception handler works normally even when the stack
> > is corrupted, stack switching is implemented in exception library.
> >
> > Due to the mechanism behind Stack Guard, this feature is only avaiable for
> > UEFI drivers (memory avaiable). That also means it doesn't support NT32
> > emulated platform (paging not supported).
> >
> > Jian J Wang (11):
> > MdeModulePkg/metafile: Add PCD PcdCpuStackGuard
> > UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch
> > MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API
> > InitializeCpuExceptionHandlersEx
> > MdePkg/BaseLib: Add stack switch related definitions for IA32
> > UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support
> > MdeModulePkg/CpuExceptionHandlerLibNull: Add new API implementation
> > ArmPkg/ArmExceptionLib: Add implementation of new API
> > UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data
> > UefiCpuPkg/CpuDxe: Initialize stack switch for MP
> > MdeModulePkg/Core/Dxe: Call new API InitializeCpuExceptionHandlersEx
> > instead
> > MdeModulePkg/DxeIpl: Enable paging for Stack Guard
> >
> > ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.c | 33 ++
> > MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 2 +-
> > MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 +-
> > MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 4 +
> > MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 1 +
> > MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 51 ++-
> > .../Include/Library/CpuExceptionHandlerLib.h | 78 ++++
> > .../CpuExceptionHandlerLibNull.c | 34 ++
> > MdeModulePkg/MdeModulePkg.dec | 7 +
> > MdeModulePkg/MdeModulePkg.uni | 7 +
> > MdePkg/Include/Library/BaseLib.h | 117 ++++++
> > MdePkg/Library/BaseLib/BaseLib.inf | 3 +
> > MdePkg/Library/BaseLib/Ia32/WriteTr.nasm | 36 ++
> > MdePkg/Library/BaseLib/X64/WriteTr.nasm | 37 ++
> > UefiCpuPkg/CpuDxe/CpuDxe.inf | 3 +
> > UefiCpuPkg/CpuDxe/CpuMp.c | 177 +++++++++
> > .../CpuExceptionHandlerLib/CpuExceptionCommon.h | 39 ++
> > .../DxeCpuExceptionHandlerLib.inf | 6 +
> > .../Library/CpuExceptionHandlerLib/DxeException.c | 79 ++++
> > .../Ia32/ArchExceptionHandler.c | 167 +++++++++
> > .../Ia32/ArchInterruptDefs.h | 8 +
> > .../Ia32/ExceptionTssEntryAsm.nasm | 398
> > +++++++++++++++++++++
> > .../CpuExceptionHandlerLib/PeiCpuException.c | 34 +-
> > .../PeiCpuExceptionHandlerLib.inf | 1 +
> > .../CpuExceptionHandlerLib/SecPeiCpuException.c | 34 +-
> > .../SecPeiCpuExceptionHandlerLib.inf | 1 +
> > .../SmmCpuExceptionHandlerLib.inf | 1 +
> > .../Library/CpuExceptionHandlerLib/SmmException.c | 34 +-
> > .../X64/ArchExceptionHandler.c | 134 +++++++
> > .../CpuExceptionHandlerLib/X64/ArchInterruptDefs.h | 3 +
> > UefiCpuPkg/Library/MpInitLib/MpLib.c | 17 +
> > UefiCpuPkg/Library/MpInitLib/MpLib.h | 3 +
> > UefiCpuPkg/UefiCpuPkg.dec | 12 +
> > 33 files changed, 1547 insertions(+), 19 deletions(-)
> > create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteTr.nasm
> > create mode 100644 MdePkg/Library/BaseLib/X64/WriteTr.nasm
> > create mode 100644
> >
> UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm
> >
> > --
> > 2.14.1.windows.1
> >
> > _______________________________________________
> > edk2-devel mailing list
> > edk2-devel@lists.01.org
> > https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 16+ messages in thread