From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=fail (domain: intel.com, ip: , mailfrom: ray.ni@intel.com) Received: from mga14.intel.com (mga14.intel.com []) by groups.io with SMTP; Sun, 25 Aug 2019 15:46:20 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 25 Aug 2019 15:46:18 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,431,1559545200"; d="scan'208";a="331277770" Received: from ray-dev.ccr.corp.intel.com ([10.239.9.9]) by orsmga004.jf.intel.com with ESMTP; 25 Aug 2019 15:46:07 -0700 From: "Ni, Ray" To: devel@edk2.groups.io Cc: Eric Dong , Jiewen Yao , Laszlo Ersek Subject: [PATCH 3/5] UefiCpuPkg/PiSmmCpu: Restrict access per PcdCpuSmmRestrictedMemoryAccess Date: Mon, 26 Aug 2019 06:45:11 +0800 Message-Id: <20190825224513.171572-4-ray.ni@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190825224513.171572-1-ray.ni@intel.com> References: <20190825224513.171572-1-ray.ni@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Today's behavior is to always restrict access to non-SMRAM regardless the value of PcdCpuSmmRestrictedMemoryAccess. Because RAS components require to access all non-SMRAM memory, the patch changes the code logic to honor PcdCpuSmmRestrictedMemoryAccess so that only when the PCD is true, the restriction takes affect and page table memory is also protected. Because IA32 build doesn't reference this PCD, such restriction always takes affect in IA32 build. Signed-off-by: Ray Ni Cc: Eric Dong Cc: Jiewen Yao Cc: Laszlo Ersek --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 14 ++++++++++++++ UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 18 ++++++++++-------- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 11 +++++++++++ UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 14 ++++++++++++++ 4 files changed, 49 insertions(+), 8 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c index 05fb455936..f891a81112 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c @@ -336,3 +336,17 @@ RestoreCr2 ( { return ; } + +/** + Return whether access to non-SMRAM is restricted. + + @retval TRUE Access to non-SMRAM is restricted. + @retval FALSE Access to non-SMRAM is not restricted. +*/ +BOOLEAN +IsRestrictedMemoryAccess ( + VOID + ) +{ + return TRUE; +} diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c index 69a04dfb23..723fd5042f 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c @@ -1431,15 +1431,17 @@ PerformRemainingTasks ( // SetMemMapAttributes (); - // - // For outside SMRAM, we only map SMM communication buffer or MMIO. - // - SetUefiMemMapAttributes (); + if (IsRestrictedMemoryAccess ()) { + // + // For outside SMRAM, we only map SMM communication buffer or MMIO. + // + SetUefiMemMapAttributes (); - // - // Set page table itself to be read-only - // - SetPageTableAttributes (); + // + // Set page table itself to be read-only + // + SetPageTableAttributes (); + } // // Configure SMM Code Access Check feature if available. diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h index 8c29f1a558..daf977f654 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -1450,4 +1450,15 @@ InitializeDataForMmMp ( VOID ); +/** + Return whether access to non-SMRAM is restricted. + + @retval TRUE Access to non-SMRAM is restricted. + @retval FALSE Access to non-SMRAM is not restricted. +*/ +BOOLEAN +IsRestrictedMemoryAccess ( + VOID + ); + #endif diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c index 7516f35055..733d107efd 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c @@ -1252,3 +1252,17 @@ RestoreCr2 ( AsmWriteCr2 (Cr2); } } + +/** + Return whether access to non-SMRAM is restricted. + + @retval TRUE Access to non-SMRAM is restricted. + @retval FALSE Access to non-SMRAM is not restricted. +*/ +BOOLEAN +IsRestrictedMemoryAccess ( + VOID + ) +{ + return mCpuSmmRestrictedMemoryAccess; +} -- 2.21.0.windows.1