From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id CD4F022364885 for ; Tue, 30 Jan 2018 07:28:26 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8BC5F28227; Tue, 30 Jan 2018 15:34:01 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-185.rdu2.redhat.com [10.10.120.185]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1F0DC6090A; Tue, 30 Jan 2018 15:33:59 +0000 (UTC) From: Laszlo Ersek To: edk2-devel-01 Cc: Eric Dong , Jian J Wang , Jiewen Yao , Paolo Bonzini , Ruiyu Ni Date: Tue, 30 Jan 2018 16:33:48 +0100 Message-Id: <20180130153348.31992-4-lersek@redhat.com> In-Reply-To: <20180130153348.31992-1-lersek@redhat.com> References: <20180130153348.31992-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Tue, 30 Jan 2018 15:34:01 +0000 (UTC) Subject: [PATCH 3/3] UefiCpuPkg/PiSmmCpuDxeSmm: eliminate conditional jump in IA32 SmmStartup() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jan 2018 15:28:27 -0000 SMM emulation under KVM crashes the guest when the "jz" branch, added in commit d4d87596c11d ("UefiCpuPkg/PiSmmCpuDxeSmm: Enable NXE if it's supported", 2018-01-18), is taken. Rework the propagation of CPUID.80000001H:EDX.NX [bit 20] to IA32_EFER.NXE [bit 11] so that no code is executed conditionally. Cc: Eric Dong Cc: Jian J Wang Cc: Jiewen Yao Cc: Paolo Bonzini Cc: Ruiyu Ni Ref: http://mid.mail-archive.com/d6fff558-6c4f-9ca6-74a7-e7cd9d007276@redhat.com Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm index 9231aa5b3ded..102e0bdbabc8 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm @@ -44,26 +44,25 @@ global ASM_PFX(SmmStartup) BITS 16 ASM_PFX(SmmStartup): mov eax, 0x80000001 ; read capability cpuid mov ebx, edx ; rdmsr will change edx. keep it in ebx. + and ebx, BIT20 ; extract XD capability bit + shr ebx, 9 ; shift bit to IA32_EFER NXE position DB 0x66, 0xb8 ; mov eax, imm32 ASM_PFX(gSmmCr3): DD 0 mov cr3, eax o32 lgdt [cs:ebp + (ASM_PFX(gcSmiInitGdtr) - ASM_PFX(SmmStartup))] DB 0x66, 0xb8 ; mov eax, imm32 ASM_PFX(gSmmCr4): DD 0 mov cr4, eax mov ecx, 0xc0000080 ; IA32_EFER MSR rdmsr - test ebx, BIT20 ; check NXE capability - jz .1 - or ah, BIT3 ; set NXE bit + or eax, ebx ; set NXE bit if XD is available wrmsr -.1: DB 0x66, 0xb8 ; mov eax, imm32 ASM_PFX(gSmmCr0): DD 0 mov di, PROTECT_MODE_DS mov cr0, eax DB 0x66, 0xea ; jmp far [ptr48] ASM_PFX(gSmmJmpAddr): -- 2.14.1.3.gb7cf6e02401b