From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=fail (domain: intel.com, ip: , mailfrom: ray.ni@intel.com) Received: from mga12.intel.com (mga12.intel.com []) by groups.io with SMTP; Wed, 31 Jul 2019 09:39:37 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 31 Jul 2019 09:39:37 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,330,1559545200"; d="scan'208";a="323797214" Received: from ray-dev.ccr.corp.intel.com ([10.239.9.9]) by orsmga004.jf.intel.com with ESMTP; 31 Jul 2019 09:39:35 -0700 From: "Ni, Ray" To: devel@edk2.groups.io Cc: Eric Dong , Jiewen Yao , Jian J Wang , Laszlo Ersek Subject: [PATCH v2 2/2] UefiCpuPkg/PiSmmCpu: PcdCpuSmmAccessOut controls SMM access-out policy Date: Thu, 1 Aug 2019 00:38:52 +0800 Message-Id: <20190731163852.191708-3-ray.ni@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190731163852.191708-1-ray.ni@intel.com> References: <20190731163852.191708-1-ray.ni@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit This patch skips to update page table for non-SMRAM memory when PcdCpuSmmAccessOut is TRUE. So that when SMM accesses out, no page fault is triggered at all. Signed-off-by: Ray Ni Cc: Eric Dong Cc: Jiewen Yao Cc: Jian J Wang Cc: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 21 +++++++++++++++++---- UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 2 +- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c index 69a04dfb23..427c33fb01 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c @@ -130,6 +130,11 @@ UINT8 mPhysicalAddressBits; UINT32 mSmmCr0; UINT32 mSmmCr4; +// +// Cache of PcdCpuSmmAccessOut +// +BOOLEAN mSmmAccessOut; + /** Initialize IDT to setup exception handlers for SMM. @@ -610,6 +615,12 @@ PiCpuSmmEntry ( mSmmCodeAccessCheckEnable = PcdGetBool (PcdCpuSmmCodeAccessCheckEnable); DEBUG ((EFI_D_INFO, "PcdCpuSmmCodeAccessCheckEnable = %d\n", mSmmCodeAccessCheckEnable)); + // + // Save the PcdCpuSmmAccessOut value into a global variable. + // + mSmmAccessOut = PcdGetBool (PcdCpuSmmAccessOut); + DEBUG ((DEBUG_INFO, "PcdCpuSmmAccessOut = %d\n", mSmmAccessOut)); + // // Save the PcdPteMemoryEncryptionAddressOrMask value into a global variable. // Make sure AddressEncMask is contained to smallest supported address field. @@ -1431,10 +1442,12 @@ PerformRemainingTasks ( // SetMemMapAttributes (); - // - // For outside SMRAM, we only map SMM communication buffer or MMIO. - // - SetUefiMemMapAttributes (); + if (!mSmmAccessOut) { + // + // For outside SMRAM, we only map SMM communication buffer or MMIO. + // + SetUefiMemMapAttributes (); + } // // Set page table itself to be read-only diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c index a3b62f7787..6699aac65d 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c @@ -1029,7 +1029,7 @@ SmiPFHandler ( goto Exit; } - if (mCpuSmmStaticPageTable && IsSmmCommBufferForbiddenAddress (PFAddress)) { + if (IsSmmCommBufferForbiddenAddress (PFAddress)) { DumpCpuContext (InterruptType, SystemContext); DEBUG ((DEBUG_ERROR, "Access SMM communication forbidden address (0x%lx)!\n", PFAddress)); DEBUG_CODE ( -- 2.21.0.windows.1