* [PATCH v1 1/1] SecurityPkg: use SmmWaitForAllProcessor in TcgSmm and Tcg2Smm driver.
@ 2022-06-13 6:24 Li, Zhihao
0 siblings, 0 replies; 10+ messages in thread
From: Li, Zhihao @ 2022-06-13 6:24 UTC (permalink / raw)
To: devel; +Cc: Jiewen Yao, Jian J Wang, Rahul Kumar, Qi Zhang
From: Zhihao Li <zhihao.li@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3855
In UefiCpuPkg, there are a new Protocol with the new service
SmmWaitForAllProcessor(), which can be used by SMI handler
to optionally wait for other APs to complete SMM rendezvous in
relaxed AP mode.
This patch use the new service to let TcgSmm and Tcg2Smm driver work
normally in relaxed AP mode.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Signed-off-by: Zhihao Li <zhihao.li@intel.com>
---
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c | 21 ++++++++++++++++++--
SecurityPkg/Tcg/TcgSmm/TcgSmm.c | 15 ++++++++++++--
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h | 3 ++-
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf | 3 ++-
SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf | 1 +
SecurityPkg/Tcg/TcgSmm/TcgSmm.h | 3 ++-
SecurityPkg/Tcg/TcgSmm/TcgSmm.inf | 3 ++-
7 files changed, 41 insertions(+), 8 deletions(-)
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
index 498fb626bd9c..4367102fbd49 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
@@ -9,7 +9,7 @@
PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.<BR>
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -42,6 +42,7 @@ EFI_HANDLE mReadyToLockHandle;
should still be called.
@retval EFI_UNSUPPORTED An unknown test function was requested.
@retval EFI_ACCESS_DENIED Part of the communication buffer lies in an invalid region.
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
@@ -78,6 +79,11 @@ TpmNvsCommunciate (
return EFI_ACCESS_DENIED;
}
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, "TpmNvsCommunciate: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
//
// Farm out the job to individual functions based on what was requested.
//
@@ -116,7 +122,7 @@ TpmNvsCommunciate (
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
-
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
EFIAPI
@@ -132,6 +138,11 @@ PhysicalPresenceCallback (
UINT32 OperationRequest;
UINT32 RequestParameter;
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, "TpmPhysicalPresent: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
if (mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS) {
mTcgNvs->PhysicalPresence.ReturnCode = Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (
&MostRecentRequest,
@@ -173,6 +184,7 @@ PhysicalPresenceCallback (
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
@@ -217,6 +229,11 @@ MemoryClearCallback (
return EFI_SUCCESS;
}
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, "TpmMemoryClear: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
DataSize = sizeof (UINT8);
Status = mSmmVariable->SmmSetVariable (
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.c b/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
index 96327a483ba9..e91567ca3169 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
@@ -8,7 +8,7 @@
PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2011 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -33,7 +33,7 @@ TCG_NVS *mTcgNvs;
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
-
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
EFIAPI
@@ -92,6 +92,11 @@ PhysicalPresenceCallback (
return EFI_SUCCESS;
}
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, "TPMPhysicalPresent: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
if (PpData.PPRequest != mTcgNvs->PhysicalPresence.Request) {
PpData.PPRequest = (UINT8)mTcgNvs->PhysicalPresence.Request;
DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
@@ -238,6 +243,7 @@ PhysicalPresenceCallback (
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
@@ -282,6 +288,11 @@ MemoryClearCallback (
return EFI_SUCCESS;
}
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, " TpmMemoryClear: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
DataSize = sizeof (UINT8);
Status = mSmmVariable->SmmSetVariable (
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
index 84b65eb0897c..c0c0e9d91aeb 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
@@ -1,7 +1,7 @@
/** @file
The header file for Tcg2 SMM driver.
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.<BR>
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/IoLib.h>
#include <Library/PcdLib.h>
#include <Library/Tpm2DeviceLib.h>
+#include <Library/SmmCpuRendezvousLib.h>
#include <IndustryStandard/TpmPtp.h>
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
index 096338d0ef47..10b0629d506b 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
@@ -20,7 +20,7 @@
# This driver will have external input - variable and ACPINvs data in SMM mode.
# This external input must be validated carefully to avoid security issue.
#
-# Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -59,6 +59,7 @@ [LibraryClasses]
Tcg2PhysicalPresenceLib
PcdLib
SmmMemLib
+ SmmCpuRendezvousLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf
index 746eda3e9fed..6cf74803a12d 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf
@@ -55,6 +55,7 @@ [LibraryClasses]
Tcg2PhysicalPresenceLib
PcdLib
MemLib
+ SmmCpuRendezvousLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.h b/SecurityPkg/Tcg/TcgSmm/TcgSmm.h
index e348ad105499..dcc85ee3efbc 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.h
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.h
@@ -1,7 +1,7 @@
/** @file
The header file for TCG SMM driver.
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2012 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/TpmMeasurementLib.h>
#include <Library/PcdLib.h>
#include <Library/TcgPpVendorLib.h>
+#include <Library/SmmCpuRendezvousLib.h>
#pragma pack(1)
typedef struct {
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf b/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
index 9fac896dde8b..1d0f1c9170d4 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
@@ -9,7 +9,7 @@
# This driver will have external input - variable and ACPINvs data in SMM mode.
# This external input must be validated carefully to avoid security issue.
#
-# Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2011 - 2022, Intel Corporation. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -46,6 +46,7 @@ [LibraryClasses]
TpmMeasurementLib
PcdLib
TcgPpVendorLib
+ SmmCpuRendezvousLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"
--
2.26.2.windows.1
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [PATCH v1 0/1] *** SUBJECT HERE ***
@ 2022-06-20 9:36 Li, Zhihao
2022-06-20 9:36 ` [PATCH 1/1] UefiCpuPkg: Extend SMM CPU Service with rendezvous support Li, Zhihao
` (5 more replies)
0 siblings, 6 replies; 10+ messages in thread
From: Li, Zhihao @ 2022-06-20 9:36 UTC (permalink / raw)
To: devel
*** BLURB HERE ***
Zhihao Li (1):
SecurityPkg: use SmmWaitForAllProcessor in TcgSmm and Tcg2Smm driver.
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c | 21 ++++++++++++++++++--
SecurityPkg/Tcg/TcgSmm/TcgSmm.c | 15 ++++++++++++--
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h | 3 ++-
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf | 3 ++-
SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf | 1 +
SecurityPkg/Tcg/TcgSmm/TcgSmm.h | 3 ++-
SecurityPkg/Tcg/TcgSmm/TcgSmm.inf | 3 ++-
7 files changed, 41 insertions(+), 8 deletions(-)
--
2.26.2.windows.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH 1/1] UefiCpuPkg: Extend SMM CPU Service with rendezvous support.
2022-06-20 9:36 [PATCH v1 0/1] *** SUBJECT HERE *** Li, Zhihao
@ 2022-06-20 9:36 ` Li, Zhihao
2022-06-20 9:36 ` [PATCH 1/1] OvmfPkg: Add dependency of VariableSmm driver to make it work normally Li, Zhihao
` (4 subsequent siblings)
5 siblings, 0 replies; 10+ messages in thread
From: Li, Zhihao @ 2022-06-20 9:36 UTC (permalink / raw)
To: devel; +Cc: Eric Dong, Ray Ni, Rahul Kumar, Siyuan Fu, Zhihao Li
From: "Li, Zhihao" <zhihao.li@intel.com>
REF? https://bugzilla.tianocore.org/show_bug.cgi?id=3815
This patch define a new Protocol with the new services
SmmWaitForAllProcessor(), which can be used by SMI handler
to optionally wait for other APs to complete SMM rendezvous in
relaxed AP mode.
A new library SmmCpuRendezvousLib is provided to abstract the service
into library API to simple SMI handler code.
Cc: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Zhihao Li <zhihao.li@intel.com>
Signed-off-by: Zhihao Li <zhihao.li@intel.com>
---
.../SmmCpuRendezvousLib/SmmCpuRendezvousLib.c | 103 ++++++++++++++++++
UefiCpuPkg/PiSmmCpuDxeSmm/CpuService.c | 69 +++++++++++-
UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 20 +++-
.../Include/Library/SmmCpuRendezvousLib.h | 27 +++++
UefiCpuPkg/Include/Protocol/SmmCpuService.h | 36 +++++-
.../SmmCpuRendezvousLib.inf | 35 ++++++
UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 29 ++++-
UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf | 5 +-
UefiCpuPkg/UefiCpuPkg.dec | 8 +-
UefiCpuPkg/UefiCpuPkg.dsc | 2 +
10 files changed, 322 insertions(+), 12 deletions(-)
create mode 100644 UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.c
create mode 100644 UefiCpuPkg/Include/Library/SmmCpuRendezvousLib.h
create mode 100644 UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
diff --git a/UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.c b/UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.c
new file mode 100644
index 000000000000..e573c2ecfb51
--- /dev/null
+++ b/UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.c
@@ -0,0 +1,103 @@
+/** @file
+ SMM CPU Rendezvous sevice implement.
+
+ Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Base.h>
+#include <Uefi.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/MmServicesTableLib.h>
+#include <Protocol/SmmCpuService.h>
+#include <Library/SmmCpuRendezvousLib.h>
+
+STATIC EDKII_SMM_CPU_RENDEZVOUS_PROTOCOL *mSmmCpuRendezvous = NULL;
+STATIC VOID *mRegistration = NULL;
+
+/**
+ Callback function to wait Smm cpu rendezvous service located.
+
+ SmmCpuRendezvousLib need to support MM_STANDALONE and DXE_SMM_DRIVER driver.
+ So do not use library constructor to locate the protocol.
+
+ @param[in] Protocol Points to the protocol's unique identifier.
+ @param[in] Interface Points to the interface instance.
+ @param[in] Handle The handle on which the interface was installed.
+
+ @retval EFI_SUCCESS Notification runs successfully.
+
+**/
+EFI_STATUS
+EFIAPI
+SmmCpuRendezvousProtocolNotify (
+ IN CONST EFI_GUID *Protocol,
+ IN VOID *Interface,
+ IN EFI_HANDLE Handle
+ )
+{
+ EFI_STATUS Status;
+
+ Status = gMmst->MmLocateProtocol (
+ &gEdkiiSmmCpuRendezvousProtocolGuid,
+ NULL,
+ (VOID **)&mSmmCpuRendezvous
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ This routine wait for all AP processors to arrive in SMM.
+
+ @param[in] BlockingMode Blocking mode or non-blocking mode.
+
+ @retval EFI_SUCCESS All avaiable APs arrived.
+ @retval EFI_TIMEOUT Wait for all APs until timeout.
+ @retval OTHER Fail to register SMM CPU Rendezvous service Protocol.
+**/
+EFI_STATUS
+EFIAPI
+SmmWaitForAllProcessor (
+ IN BOOLEAN BlockingMode
+ )
+{
+ EFI_STATUS Status;
+
+ if ((mRegistration == NULL) && (mSmmCpuRendezvous == NULL)) {
+ //
+ // Locate SMM cpu rendezvous protocol for the first time execute the function.
+ //
+ Status = gMmst->MmLocateProtocol (
+ &gEdkiiSmmCpuRendezvousProtocolGuid,
+ NULL,
+ (VOID **)&mSmmCpuRendezvous
+ );
+ if (EFI_ERROR (Status)) {
+ Status = gMmst->MmRegisterProtocolNotify (
+ &gEdkiiSmmCpuRendezvousProtocolGuid,
+ SmmCpuRendezvousProtocolNotify,
+ &mRegistration
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ }
+ }
+
+ //
+ // The platform have not set up. It doesn't need smm cpu rendezvous.
+ //
+ if (mSmmCpuRendezvous == NULL) {
+ return EFI_SUCCESS;
+ }
+
+ Status = mSmmCpuRendezvous->WaitForAllProcessor (
+ mSmmCpuRendezvous,
+ BlockingMode
+ );
+ return Status;
+}
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuService.c b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuService.c
index 5d624f8e9ed6..2ebf4543c3ed 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuService.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuService.c
@@ -1,7 +1,7 @@
/** @file
Implementation of SMM CPU Services Protocol.
-Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2011 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -20,6 +20,13 @@ EFI_SMM_CPU_SERVICE_PROTOCOL mSmmCpuService = {
SmmRegisterExceptionHandler
};
+//
+// EDKII SMM CPU Rendezvous Service Protocol instance
+//
+EDKII_SMM_CPU_RENDEZVOUS_PROTOCOL mSmmCpuRendezvousService = {
+ SmmCpuRendezvous
+};
+
/**
Gets processor information on the requested processor at the instant this call is made.
@@ -350,6 +357,7 @@ SmmRegisterExceptionHandler (
@param ImageHandle The firmware allocated handle for the EFI image.
@retval EFI_SUCCESS EFI SMM CPU Services Protocol was installed successfully.
+ @retval OTHER Fail to install Protocol.
**/
EFI_STATUS
InitializeSmmCpuServices (
@@ -365,5 +373,64 @@ InitializeSmmCpuServices (
&mSmmCpuService
);
ASSERT_EFI_ERROR (Status);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ Status = gSmst->SmmInstallProtocolInterface (
+ &Handle,
+ &gEdkiiSmmCpuRendezvousProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &mSmmCpuRendezvousService
+ );
+ ASSERT_EFI_ERROR (Status);
+ return Status;
+}
+
+/**
+ Wait for all processors enterring SMM until all CPUs are already synchronized or not.
+
+ If BlockingMode is False, timeout value is zero.
+
+ @param This A pointer to the EDKII_SMM_CPU_RENDEZVOUS_PROTOCOL instance.
+ @param BlockingMode Blocking mode or non-blocking mode.
+
+ @retval EFI_SUCCESS All avaiable APs arrived.
+ @retval EFI_TIMEOUT Wait for all APs until timeout.
+
+**/
+EFI_STATUS
+EFIAPI
+SmmCpuRendezvous (
+ IN EDKII_SMM_CPU_RENDEZVOUS_PROTOCOL *This,
+ IN BOOLEAN BlockingMode
+ )
+{
+ EFI_STATUS Status;
+
+ //
+ // Return success immediately if all CPUs are already synchronized.
+ //
+ if (mSmmMpSyncData->AllApArrivedWithException) {
+ Status = EFI_SUCCESS;
+ goto ON_EXIT;
+ }
+
+ if (!BlockingMode) {
+ Status = EFI_TIMEOUT;
+ goto ON_EXIT;
+ }
+
+ //
+ // There are some APs outside SMM, Wait for all avaiable APs to arrive.
+ //
+ SmmWaitForApArrival ();
+ Status = mSmmMpSyncData->AllApArrivedWithException ? EFI_SUCCESS : EFI_TIMEOUT;
+
+ON_EXIT:
+ if (!mSmmMpSyncData->AllApArrivedWithException) {
+ DEBUG ((DEBUG_INFO, "EdkiiSmmWaitForAllApArrival: Timeout to wait all APs arrival\n"));
+ }
+
return Status;
}
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
index 882dee4fe246..13c2cb8da4c3 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
@@ -1,7 +1,7 @@
/** @file
SMM MP service implementation
-Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -293,10 +293,14 @@ SmmWaitForApArrival (
// Sync with APs 1st timeout
//
for (Timer = StartSyncTimer ();
- !IsSyncTimerTimeout (Timer) && !(LmceEn && LmceSignal) &&
- !AllCpusInSmmWithExceptions (ARRIVAL_EXCEPTION_BLOCKED | ARRIVAL_EXCEPTION_SMI_DISABLED);
+ !IsSyncTimerTimeout (Timer) && !(LmceEn && LmceSignal);
)
{
+ mSmmMpSyncData->AllApArrivedWithException = AllCpusInSmmWithExceptions (ARRIVAL_EXCEPTION_BLOCKED | ARRIVAL_EXCEPTION_SMI_DISABLED);
+ if (mSmmMpSyncData->AllApArrivedWithException) {
+ break;
+ }
+
CpuPause ();
}
@@ -330,10 +334,14 @@ SmmWaitForApArrival (
// Sync with APs 2nd timeout.
//
for (Timer = StartSyncTimer ();
- !IsSyncTimerTimeout (Timer) &&
- !AllCpusInSmmWithExceptions (ARRIVAL_EXCEPTION_BLOCKED | ARRIVAL_EXCEPTION_SMI_DISABLED);
+ !IsSyncTimerTimeout (Timer);
)
{
+ mSmmMpSyncData->AllApArrivedWithException = AllCpusInSmmWithExceptions (ARRIVAL_EXCEPTION_BLOCKED | ARRIVAL_EXCEPTION_SMI_DISABLED);
+ if (mSmmMpSyncData->AllApArrivedWithException) {
+ break;
+ }
+
CpuPause ();
}
}
@@ -1887,6 +1895,8 @@ InitializeMpSyncData (
*mSmmMpSyncData->InsideSmm = FALSE;
*mSmmMpSyncData->AllCpusInSync = FALSE;
+ mSmmMpSyncData->AllApArrivedWithException = FALSE;
+
for (CpuIndex = 0; CpuIndex < gSmmCpuPrivate->SmmCoreEntryContext.NumberOfCpus; CpuIndex++) {
mSmmMpSyncData->CpuData[CpuIndex].Busy =
(SPIN_LOCK *)((UINTN)mSmmCpuSemaphores.SemaphoreCpu.Busy + mSemaphoreSize * CpuIndex);
diff --git a/UefiCpuPkg/Include/Library/SmmCpuRendezvousLib.h b/UefiCpuPkg/Include/Library/SmmCpuRendezvousLib.h
new file mode 100644
index 000000000000..82e459e9106e
--- /dev/null
+++ b/UefiCpuPkg/Include/Library/SmmCpuRendezvousLib.h
@@ -0,0 +1,27 @@
+/** @file
+ SMM CPU Rendezvous library header file.
+
+ Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef SMM_CPU_RENDEZVOUS_H_
+#define SMM_CPU_RENDEZVOUS_H_
+
+/**
+ This routine wait for all AP processors to arrive in SMM.
+
+ @param[in] BlockingMode Blocking mode or non-blocking mode.
+
+ @retval EFI_SUCCESS All processors checked in to SMM.
+ @retval EFI_TIMEOUT Wait for all APs until timeout.
+
+**/
+EFI_STATUS
+EFIAPI
+SmmWaitForAllProcessor (
+ IN BOOLEAN BlockingMode
+ );
+
+#endif
diff --git a/UefiCpuPkg/Include/Protocol/SmmCpuService.h b/UefiCpuPkg/Include/Protocol/SmmCpuService.h
index 952767afce75..3d93d243409c 100644
--- a/UefiCpuPkg/Include/Protocol/SmmCpuService.h
+++ b/UefiCpuPkg/Include/Protocol/SmmCpuService.h
@@ -1,7 +1,7 @@
/** @file
SMM CPU Service protocol definition.
-Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2013 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -200,4 +200,38 @@ struct _EFI_SMM_CPU_SERVICE_PROTOCOL {
extern EFI_GUID gEfiSmmCpuServiceProtocolGuid;
+//
+// EDKII_SMM_CPU_RENDEZVOUS_PROTOCOL provide SMM CPU
+// rendezvous service support.
+//
+#define EDKII_SMM_CPU_RENDEZVOUS_PROTOCOL_GUID \
+ { \
+ 0xaa00d50b, 0x4911, 0x428f, { 0xb9, 0x1a, 0xa5, 0x9d, 0xdb, 0x13, 0xe2, 0x4c } \
+ }
+
+typedef struct _EDKII_SMM_CPU_RENDEZVOUS_PROTOCOL EDKII_SMM_CPU_RENDEZVOUS_PROTOCOL;
+
+/**
+ Wait for all APs to arrive SMM mode in given timeout constraint.
+
+ @param[in] This A pointer to the EDKII_SMM_CPU_RENDEZVOUS_PROTOCOL instance.
+ @param[in] BlockingMode Block or non-block mode.
+
+ @retval EFI_SUCCESS All APs have arrived SMM mode except SMI disabled APs.
+ @retval EFI_TIMEOUT There are APs not in SMM mode in given timeout constraint.
+
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_WAIT_FOR_ALL_PROCESSOR)(
+ IN EDKII_SMM_CPU_RENDEZVOUS_PROTOCOL *This,
+ IN BOOLEAN BlockingMode
+ );
+
+struct _EDKII_SMM_CPU_RENDEZVOUS_PROTOCOL {
+ EDKII_WAIT_FOR_ALL_PROCESSOR WaitForAllProcessor;
+};
+
+extern EFI_GUID gEdkiiSmmCpuRendezvousProtocolGuid;
+
#endif
diff --git a/UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf b/UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
new file mode 100644
index 000000000000..52374bf6e9b4
--- /dev/null
+++ b/UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
@@ -0,0 +1,35 @@
+## @file
+# SMM CPU Rendezvous service lib.
+#
+# This is SMM CPU rendezvous service lib that wait for all
+# APs to enter SMM mode.
+#
+# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = SmmCpuRendezvousLib
+ FILE_GUID = 1509Bb36-9Ba4-438B-B195-Ac5914Db14E2
+ MODULE_TYPE = DXE_SMM_DRIVER
+ LIBRARY_CLASS = SmmCpuRendezvousLib|MM_STANDALONE DXE_SMM_DRIVER
+
+[Sources]
+ SmmCpuRendezvousLib.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ UefiCpuPkg/UefiCpuPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ DebugLib
+ MmServicesTableLib
+
+[Pcd]
+ gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmApSyncTimeout ## CONSUMES
+
+[Protocols]
+ gEdkiiSmmCpuRendezvousProtocolGuid
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
index 26d07c5b5ea0..aed872836c99 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
@@ -1,7 +1,7 @@
/** @file
Agent Module to load other modules to deploy SMM Entry Vector for X86 CPU.
-Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -428,6 +428,7 @@ typedef struct {
volatile SMM_CPU_SYNC_MODE EffectiveSyncMode;
volatile BOOLEAN SwitchBsp;
volatile BOOLEAN *CandidateBsp;
+ volatile BOOLEAN AllApArrivedWithException;
EFI_AP_PROCEDURE StartupProcedure;
VOID *StartupProcArgs;
} SMM_DISPATCHER_MP_SYNC_DATA;
@@ -1488,4 +1489,30 @@ IsRestrictedMemoryAccess (
VOID
);
+/**
+ Choose blocking or non-blocking mode to Wait for all APs.
+
+ @param[in] This A pointer to the EDKII_SMM_CPU_RENDEZVOUS_PROTOCOL instance.
+ @param[in] BlockingMode Blocking or non-blocking mode.
+
+ @retval EFI_SUCCESS All APs have arrived SMM mode except SMI disabled APs.
+ @retval EFI_TIMEOUT There are APs not in SMM mode in given timeout constraint.
+
+**/
+EFI_STATUS
+EFIAPI
+SmmCpuRendezvous (
+ IN EDKII_SMM_CPU_RENDEZVOUS_PROTOCOL *This,
+ IN BOOLEAN BlockingMode
+ );
+
+/**
+ Insure when this function returns, no AP will execute normal mode code before entering SMM, except SMI disabled APs.
+
+**/
+VOID
+SmmWaitForApArrival (
+ VOID
+ );
+
#endif
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf
index 0e88071c7079..deef00f9c6e9 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf
@@ -4,7 +4,7 @@
# This SMM driver performs SMM initialization, deploy SMM Entry Vector,
# provides CPU specific services in SMM.
#
-# Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
#
# SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -107,7 +107,8 @@ [Protocols]
gEfiSmmReadyToLockProtocolGuid ## NOTIFY
gEfiSmmCpuServiceProtocolGuid ## PRODUCES
gEdkiiSmmMemoryAttributeProtocolGuid ## PRODUCES
- gEfiMmMpProtocolGuid ## PRODUCES
+ gEfiMmMpProtocolGuid ## PRODUCES
+ gEdkiiSmmCpuRendezvousProtocolGuid ## PRODUCES
[Guids]
gEfiAcpiVariableGuid ## SOMETIMES_CONSUMES ## HOB # it is used for S3 boot.
diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index 7de66fde674c..525cde463435 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -1,7 +1,7 @@
## @file UefiCpuPkg.dec
# This Package provides UEFI compatible CPU modules and libraries.
#
-# Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2007 - 2022, Intel Corporation. All rights reserved.<BR>
#
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -62,6 +62,9 @@ [LibraryClasses.IA32, LibraryClasses.X64]
## @libraryclass Provides function for loading microcode.
MicrocodeLib|Include/Library/MicrocodeLib.h
+ ## @libraryclass Provides function for SMM CPU Rendezvous Library.
+ SmmCpuRendezvousLib|Include/Library/SmmCpuRendezvousLib.h
+
[Guids]
gUefiCpuPkgTokenSpaceGuid = { 0xac05bf33, 0x995a, 0x4ed4, { 0xaa, 0xb8, 0xef, 0x7a, 0xe8, 0xf, 0x5c, 0xb0 }}
gMsegSmramGuid = { 0x5802bce4, 0xeeee, 0x4e33, { 0xa1, 0x30, 0xeb, 0xad, 0x27, 0xf0, 0xe4, 0x39 }}
@@ -77,7 +80,8 @@ [Guids]
[Protocols]
## Include/Protocol/SmmCpuService.h
- gEfiSmmCpuServiceProtocolGuid = { 0x1d202cab, 0xc8ab, 0x4d5c, { 0x94, 0xf7, 0x3c, 0xfc, 0xc0, 0xd3, 0xd3, 0x35 }}
+ gEfiSmmCpuServiceProtocolGuid = { 0x1d202cab, 0xc8ab, 0x4d5c, { 0x94, 0xf7, 0x3c, 0xfc, 0xc0, 0xd3, 0xd3, 0x35 }}
+ gEdkiiSmmCpuRendezvousProtocolGuid = { 0xaa00d50b, 0x4911, 0x428f, { 0xb9, 0x1a, 0xa5, 0x9d, 0xdb, 0x13, 0xe2, 0x4c }}
## Include/Protocol/SmMonitorInit.h
gEfiSmMonitorInitProtocolGuid = { 0x228f344d, 0xb3de, 0x43bb, { 0xa4, 0xd7, 0xea, 0x20, 0xb, 0x1b, 0x14, 0x82 }}
diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc
index d1d61dd6a03b..a0bbde9985d3 100644
--- a/UefiCpuPkg/UefiCpuPkg.dsc
+++ b/UefiCpuPkg/UefiCpuPkg.dsc
@@ -61,6 +61,7 @@ [LibraryClasses]
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf
MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf
+ SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
[LibraryClasses.common.SEC]
PlatformSecLib|UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.inf
@@ -173,6 +174,7 @@ [Components.IA32, Components.X64]
}
UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
UefiCpuPkg/ResetVector/Vtf0/Bin/ResetVector.inf
+ UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
[BuildOptions]
*_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES
--
2.26.2.windows.1
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [PATCH 1/1] OvmfPkg: Add dependency of VariableSmm driver to make it work normally.
2022-06-20 9:36 [PATCH v1 0/1] *** SUBJECT HERE *** Li, Zhihao
2022-06-20 9:36 ` [PATCH 1/1] UefiCpuPkg: Extend SMM CPU Service with rendezvous support Li, Zhihao
@ 2022-06-20 9:36 ` Li, Zhihao
2022-06-20 9:36 ` [PATCH 1/1] UefiPayloadPkg: Add dependency of VariableSmm driver Li, Zhihao
` (3 subsequent siblings)
5 siblings, 0 replies; 10+ messages in thread
From: Li, Zhihao @ 2022-06-20 9:36 UTC (permalink / raw)
To: devel
Cc: Ard Biesheuvel, Jiewen Yao, Jordan Justen, Gerd Hoffmann,
Sebastien Boeuf
From: Zhihao Li <zhihao.li@intel.com>
REF? https://bugzilla.tianocore.org/show_bug.cgi?id=3861
UefiCpuPkg define a new Protocol with the new services
SmmWaitForAllProcessor(), which can be used by SMI handler
to optionally wait for other APs to complete SMM rendezvous in
relaxed AP mode.
VariableSmm driver need use SmmCpuRendezvousLib, So add
SmmCpuRendezvousLib in OvmfPkg.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Sebastien Boeuf <sebastien.boeuf@intel.com>
Signed-off-by: Zhihao Li <zhihao.li@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
---
OvmfPkg/CloudHv/CloudHvX64.dsc | 1 +
OvmfPkg/OvmfPkgIa32.dsc | 3 ++-
OvmfPkg/OvmfPkgIa32X64.dsc | 3 ++-
OvmfPkg/OvmfPkgX64.dsc | 3 ++-
4 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index 380438e0dc0e..20f3bc340807 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -432,6 +432,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
!endif
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
+ SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
[LibraryClasses.common.SMM_CORE]
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 2495d7786420..e4218b01f0fc 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -1,7 +1,7 @@
## @file
# EFI/Framework Open Virtual Machine Firmware (OVMF) platform
#
-# Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.<BR>
# (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
# Copyright (c) Microsoft Corporation.
#
@@ -429,6 +429,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
!endif
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
+ SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
[LibraryClasses.common.SMM_CORE]
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 4e3104833871..a80cdaacb8bc 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -1,7 +1,7 @@
## @file
# EFI/Framework Open Virtual Machine Firmware (OVMF) platform
#
-# Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.<BR>
# (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
# Copyright (c) Microsoft Corporation.
#
@@ -435,6 +435,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
!endif
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
+ SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
[LibraryClasses.common.SMM_CORE]
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index f72f8c2e48fe..fb2899f8a1be 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -1,7 +1,7 @@
## @file
# EFI/Framework Open Virtual Machine Firmware (OVMF) platform
#
-# Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.<BR>
# (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
# Copyright (c) Microsoft Corporation.
#
@@ -444,6 +444,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
!endif
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
+ SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
[LibraryClasses.common.SMM_CORE]
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
--
2.26.2.windows.1
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [PATCH 1/1] UefiPayloadPkg: Add dependency of VariableSmm driver.
2022-06-20 9:36 [PATCH v1 0/1] *** SUBJECT HERE *** Li, Zhihao
2022-06-20 9:36 ` [PATCH 1/1] UefiCpuPkg: Extend SMM CPU Service with rendezvous support Li, Zhihao
2022-06-20 9:36 ` [PATCH 1/1] OvmfPkg: Add dependency of VariableSmm driver to make it work normally Li, Zhihao
@ 2022-06-20 9:36 ` Li, Zhihao
2022-06-20 9:36 ` [PATCH 1/1] MdePkg: add SmmCpuRendezvousLib.h and SmmCpuRendezvousLibNull implement Li, Zhihao
` (2 subsequent siblings)
5 siblings, 0 replies; 10+ messages in thread
From: Li, Zhihao @ 2022-06-20 9:36 UTC (permalink / raw)
To: devel; +Cc: Guo Dong, Ray Ni, Benjamin You, Sean Rhodes, Siyuan Fu
From: "Li, Zhihao" <zhihao.li@intel.com>
REF? https://bugzilla.tianocore.org/show_bug.cgi?id=3882
UefiCpuPkg define a new Protocol with the new services
SmmWaitForAllProcessor(), which can be used by SMI handler
to optionally wait for other APs to complete SMM rendezvous in
relaxed AP mode.
VariableSmm driver need use SmmCpuRendezvousLib, So add
SmmCpuRendezvousLib dependency in UefiPayloadPkg which use
VariableSmm driver.
Cc: Guo Dong <guo.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Benjamin You <benjamin.you@intel.com>
Cc: Sean Rhodes <sean@starlabs.systems>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Signed-off-by: Zhihao Li <zhihao.li@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>
---
UefiPayloadPkg/UefiPayloadPkg.dsc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc
index e2ea48348257..17b30589e77c 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
@@ -3,7 +3,7 @@
#
# Provides drivers and definitions to create uefi payload for bootloaders.
#
-# Copyright (c) 2014 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2014 - 2022, Intel Corporation. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation.
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -354,6 +354,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
SmmCpuFeaturesLib|UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf
ReportStatusCodeLib|MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull.inf
+ SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
!if $(PERFORMANCE_MEASUREMENT_ENABLE)
PerformanceLib|MdeModulePkg/Library/SmmPerformanceLib/SmmPerformanceLib.inf
!endif
--
2.26.2.windows.1
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [PATCH 1/1] MdePkg: add SmmCpuRendezvousLib.h and SmmCpuRendezvousLibNull implement.
2022-06-20 9:36 [PATCH v1 0/1] *** SUBJECT HERE *** Li, Zhihao
` (2 preceding siblings ...)
2022-06-20 9:36 ` [PATCH 1/1] UefiPayloadPkg: Add dependency of VariableSmm driver Li, Zhihao
@ 2022-06-20 9:36 ` Li, Zhihao
2022-06-20 9:36 ` [PATCH 1/1] MdePkg: Remove "assert" from SmmCpuRendevousLibNull.c Li, Zhihao
2022-06-20 9:36 ` [PATCH v1 1/1] SecurityPkg: use SmmWaitForAllProcessor in TcgSmm and Tcg2Smm driver Li, Zhihao
5 siblings, 0 replies; 10+ messages in thread
From: Li, Zhihao @ 2022-06-20 9:36 UTC (permalink / raw)
To: devel
Cc: Michael D Kinney, Liming Gao, Eric Dong, Ray Ni, Michael Kubacki,
Siyuan Fu
From: "Li, Zhihao" <zhihao.li@intel.com>
REF? https://bugzilla.tianocore.org/show_bug.cgi?id=3912
UefiCpuPkg define a new Protocol with the new services
SmmWaitForAllProcessor(), which can be used by SMI handler
to optionally wait for other APs to complete SMM rendezvous in
relaxed AP mode.
VariableSmm and VariableStandaloneMM driver in MdeModulePkg need
to use this services but MdeModulePkg can't depend on UefiCpuPkg.
Thus, the solution is moving SmmCpuRendezvouslib.h from UefiCpuPkg
to MdePkg and creating SmmCpuRendezvousLib NullLib version
implementation in MdePkg as dependency for the pkg that can't
depend on UefiCpuPkg.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Signed-off-by: Zhihao Li <zhihao.li@intel.com>
Acked-by: Liming Gao <gaoliming@byosoft.com.cn>
---
.../SmmCpuRendezvousLibNull.c | 29 +++++++++++++++++++
.../Include/Library/SmmCpuRendezvousLib.h | 0
.../SmmCpuRendezvousLibNull.inf | 26 +++++++++++++++++
MdePkg/MdeLibs.dsc.inc | 3 +-
MdePkg/MdePkg.dec | 5 +++-
MdePkg/MdePkg.dsc | 3 +-
UefiCpuPkg/UefiCpuPkg.dec | 3 --
7 files changed, 63 insertions(+), 6 deletions(-)
create mode 100644 MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
rename {UefiCpuPkg => MdePkg}/Include/Library/SmmCpuRendezvousLib.h (100%)
create mode 100644 MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.inf
diff --git a/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c b/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
new file mode 100644
index 000000000000..474195bbb374
--- /dev/null
+++ b/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
@@ -0,0 +1,29 @@
+/** @file
+ SMM CPU Rendezvous sevice implement.
+
+ Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/DebugLib.h>
+#include <Library/SmmCpuRendezvousLib.h>
+
+/**
+ This routine wait for all AP processors to arrive in SMM.
+
+ @param[in] BlockingMode Blocking mode or non-blocking mode.
+
+ @retval EFI_SUCCESS All avaiable APs arrived.
+ @retval EFI_TIMEOUT Wait for all APs until timeout.
+ @retval OTHER Fail to register SMM CPU Rendezvous service Protocol.
+**/
+EFI_STATUS
+EFIAPI
+SmmWaitForAllProcessor (
+ IN BOOLEAN BlockingMode
+ )
+{
+ ASSERT (FALSE);
+ return EFI_SUCCESS;
+}
diff --git a/UefiCpuPkg/Include/Library/SmmCpuRendezvousLib.h b/MdePkg/Include/Library/SmmCpuRendezvousLib.h
similarity index 100%
rename from UefiCpuPkg/Include/Library/SmmCpuRendezvousLib.h
rename to MdePkg/Include/Library/SmmCpuRendezvousLib.h
diff --git a/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.inf b/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.inf
new file mode 100644
index 000000000000..7c9bac9af2ff
--- /dev/null
+++ b/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.inf
@@ -0,0 +1,26 @@
+## @file
+# SMM CPU Rendezvous service lib.
+#
+# This is SMM CPU rendezvous service lib that wait for all
+# APs to enter SMM mode.
+#
+# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = SmmCpuRendezvousLibNull
+ FILE_GUID = 1e5790ea-d013-4d7b-9047-b4342a762027
+ MODULE_TYPE = DXE_SMM_DRIVER
+ LIBRARY_CLASS = SmmCpuRendezvousLib|MM_STANDALONE DXE_SMM_DRIVER
+
+[Sources]
+ SmmCpuRendezvousLibNull.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+
+[LibraryClasses]
+ DebugLib
diff --git a/MdePkg/MdeLibs.dsc.inc b/MdePkg/MdeLibs.dsc.inc
index 015ce46f7d3b..fc6f385b304d 100644
--- a/MdePkg/MdeLibs.dsc.inc
+++ b/MdePkg/MdeLibs.dsc.inc
@@ -5,7 +5,7 @@
# by using "!include MdePkg/MdeLibs.dsc.inc" to specify the library instances
# of some EDKII basic/common library classes.
#
-# Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2021 - 2022, Intel Corporation. All rights reserved.<BR>
#
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -14,3 +14,4 @@
[LibraryClasses]
RegisterFilterLib|MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf
CpuLib|MdePkg/Library/BaseCpuLib/BaseCpuLib.inf
+ SmmCpuRendezvousLib|MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.inf
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index faeb28c80cbd..f1ebf9e251c1 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -4,7 +4,7 @@
# It also provides the definitions(including PPIs/PROTOCOLs/GUIDs) of
# EFI1.10/UEFI2.7/PI1.7 and some Industry Standards.
#
-# Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2007 - 2022, Intel Corporation. All rights reserved.<BR>
# Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
# (C) Copyright 2016 - 2021 Hewlett Packard Enterprise Development LP<BR>
#
@@ -272,6 +272,9 @@ [LibraryClasses]
#
CcProbeLib|Include/Library/CcProbeLib.h
+ ## @libraryclass Provides function for SMM CPU Rendezvous Library.
+ SmmCpuRendezvousLib|Include/Library/SmmCpuRendezvousLib.h
+
[LibraryClasses.IA32, LibraryClasses.X64, LibraryClasses.AARCH64]
## @libraryclass Provides services to generate random number.
#
diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc
index c8d282882ec1..3d8874e64782 100644
--- a/MdePkg/MdePkg.dsc
+++ b/MdePkg/MdePkg.dsc
@@ -1,7 +1,7 @@
## @file
# EFI/PI MdePkg Package
#
-# Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2007 - 2022, Intel Corporation. All rights reserved.<BR>
# Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
# (C) Copyright 2020 Hewlett Packard Enterprise Development LP<BR>
#
@@ -131,6 +131,7 @@ [Components]
MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf
MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
+ MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.inf
[Components.IA32, Components.X64, Components.ARM, Components.AARCH64]
#
diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index 525cde463435..1951eb294c6c 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -62,9 +62,6 @@ [LibraryClasses.IA32, LibraryClasses.X64]
## @libraryclass Provides function for loading microcode.
MicrocodeLib|Include/Library/MicrocodeLib.h
- ## @libraryclass Provides function for SMM CPU Rendezvous Library.
- SmmCpuRendezvousLib|Include/Library/SmmCpuRendezvousLib.h
-
[Guids]
gUefiCpuPkgTokenSpaceGuid = { 0xac05bf33, 0x995a, 0x4ed4, { 0xaa, 0xb8, 0xef, 0x7a, 0xe8, 0xf, 0x5c, 0xb0 }}
gMsegSmramGuid = { 0x5802bce4, 0xeeee, 0x4e33, { 0xa1, 0x30, 0xeb, 0xad, 0x27, 0xf0, 0xe4, 0x39 }}
--
2.26.2.windows.1
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [PATCH 1/1] MdePkg: Remove "assert" from SmmCpuRendevousLibNull.c
2022-06-20 9:36 [PATCH v1 0/1] *** SUBJECT HERE *** Li, Zhihao
` (3 preceding siblings ...)
2022-06-20 9:36 ` [PATCH 1/1] MdePkg: add SmmCpuRendezvousLib.h and SmmCpuRendezvousLibNull implement Li, Zhihao
@ 2022-06-20 9:36 ` Li, Zhihao
2022-06-20 15:31 ` 回复: [edk2-devel] " gaoliming
2022-06-20 9:36 ` [PATCH v1 1/1] SecurityPkg: use SmmWaitForAllProcessor in TcgSmm and Tcg2Smm driver Li, Zhihao
5 siblings, 1 reply; 10+ messages in thread
From: Li, Zhihao @ 2022-06-20 9:36 UTC (permalink / raw)
To: devel; +Cc: Michael D Kinney, Liming Gao
From: Zhihao Li <zhihao.li@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3931
Some drivers will break down when they use
SmmWaitForAllProcessor() which from SmmCpuRendezvousLibNull.c.
Removing the code "ASSERT(False)" will make consumer
work normally if they keep default setting for sync mode.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Zhihao Li <zhihao.li@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
---
MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c b/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
index 474195bbb374..769f4c673802 100644
--- a/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
+++ b/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
@@ -24,6 +24,5 @@ SmmWaitForAllProcessor (
IN BOOLEAN BlockingMode
)
{
- ASSERT (FALSE);
return EFI_SUCCESS;
}
--
2.26.2.windows.1
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [PATCH v1 1/1] SecurityPkg: use SmmWaitForAllProcessor in TcgSmm and Tcg2Smm driver.
2022-06-20 9:36 [PATCH v1 0/1] *** SUBJECT HERE *** Li, Zhihao
` (4 preceding siblings ...)
2022-06-20 9:36 ` [PATCH 1/1] MdePkg: Remove "assert" from SmmCpuRendevousLibNull.c Li, Zhihao
@ 2022-06-20 9:36 ` Li, Zhihao
5 siblings, 0 replies; 10+ messages in thread
From: Li, Zhihao @ 2022-06-20 9:36 UTC (permalink / raw)
To: devel; +Cc: Jiewen Yao, Jian J Wang, Rahul Kumar, Qi Zhang
From: Zhihao Li <zhihao.li@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3855
In UefiCpuPkg, there are a new Protocol with the new service
SmmWaitForAllProcessor(), which can be used by SMI handler
to optionally wait for other APs to complete SMM rendezvous in
relaxed AP mode.
This patch use the new service to let TcgSmm and Tcg2Smm driver work
normally in relaxed AP mode.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Signed-off-by: Zhihao Li <zhihao.li@intel.com>
---
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c | 21 ++++++++++++++++++--
SecurityPkg/Tcg/TcgSmm/TcgSmm.c | 15 ++++++++++++--
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h | 3 ++-
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf | 3 ++-
SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf | 1 +
SecurityPkg/Tcg/TcgSmm/TcgSmm.h | 3 ++-
SecurityPkg/Tcg/TcgSmm/TcgSmm.inf | 3 ++-
7 files changed, 41 insertions(+), 8 deletions(-)
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
index 498fb626bd9c..4367102fbd49 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
@@ -9,7 +9,7 @@
PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.<BR>
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -42,6 +42,7 @@ EFI_HANDLE mReadyToLockHandle;
should still be called.
@retval EFI_UNSUPPORTED An unknown test function was requested.
@retval EFI_ACCESS_DENIED Part of the communication buffer lies in an invalid region.
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
@@ -78,6 +79,11 @@ TpmNvsCommunciate (
return EFI_ACCESS_DENIED;
}
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, "TpmNvsCommunciate: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
//
// Farm out the job to individual functions based on what was requested.
//
@@ -116,7 +122,7 @@ TpmNvsCommunciate (
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
-
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
EFIAPI
@@ -132,6 +138,11 @@ PhysicalPresenceCallback (
UINT32 OperationRequest;
UINT32 RequestParameter;
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, "TpmPhysicalPresent: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
if (mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS) {
mTcgNvs->PhysicalPresence.ReturnCode = Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (
&MostRecentRequest,
@@ -173,6 +184,7 @@ PhysicalPresenceCallback (
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
@@ -217,6 +229,11 @@ MemoryClearCallback (
return EFI_SUCCESS;
}
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, "TpmMemoryClear: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
DataSize = sizeof (UINT8);
Status = mSmmVariable->SmmSetVariable (
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.c b/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
index 96327a483ba9..e91567ca3169 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
@@ -8,7 +8,7 @@
PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2011 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -33,7 +33,7 @@ TCG_NVS *mTcgNvs;
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
-
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
EFIAPI
@@ -92,6 +92,11 @@ PhysicalPresenceCallback (
return EFI_SUCCESS;
}
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, "TPMPhysicalPresent: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
if (PpData.PPRequest != mTcgNvs->PhysicalPresence.Request) {
PpData.PPRequest = (UINT8)mTcgNvs->PhysicalPresence.Request;
DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
@@ -238,6 +243,7 @@ PhysicalPresenceCallback (
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
@@ -282,6 +288,11 @@ MemoryClearCallback (
return EFI_SUCCESS;
}
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, " TpmMemoryClear: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
DataSize = sizeof (UINT8);
Status = mSmmVariable->SmmSetVariable (
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
index 84b65eb0897c..c0c0e9d91aeb 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
@@ -1,7 +1,7 @@
/** @file
The header file for Tcg2 SMM driver.
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.<BR>
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/IoLib.h>
#include <Library/PcdLib.h>
#include <Library/Tpm2DeviceLib.h>
+#include <Library/SmmCpuRendezvousLib.h>
#include <IndustryStandard/TpmPtp.h>
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
index 096338d0ef47..10b0629d506b 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
@@ -20,7 +20,7 @@
# This driver will have external input - variable and ACPINvs data in SMM mode.
# This external input must be validated carefully to avoid security issue.
#
-# Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -59,6 +59,7 @@ [LibraryClasses]
Tcg2PhysicalPresenceLib
PcdLib
SmmMemLib
+ SmmCpuRendezvousLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf
index 746eda3e9fed..6cf74803a12d 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf
@@ -55,6 +55,7 @@ [LibraryClasses]
Tcg2PhysicalPresenceLib
PcdLib
MemLib
+ SmmCpuRendezvousLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.h b/SecurityPkg/Tcg/TcgSmm/TcgSmm.h
index e348ad105499..dcc85ee3efbc 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.h
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.h
@@ -1,7 +1,7 @@
/** @file
The header file for TCG SMM driver.
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2012 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/TpmMeasurementLib.h>
#include <Library/PcdLib.h>
#include <Library/TcgPpVendorLib.h>
+#include <Library/SmmCpuRendezvousLib.h>
#pragma pack(1)
typedef struct {
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf b/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
index 9fac896dde8b..1d0f1c9170d4 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
@@ -9,7 +9,7 @@
# This driver will have external input - variable and ACPINvs data in SMM mode.
# This external input must be validated carefully to avoid security issue.
#
-# Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2011 - 2022, Intel Corporation. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -46,6 +46,7 @@ [LibraryClasses]
TpmMeasurementLib
PcdLib
TcgPpVendorLib
+ SmmCpuRendezvousLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"
--
2.26.2.windows.1
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [PATCH v1 1/1] SecurityPkg: use SmmWaitForAllProcessor in TcgSmm and Tcg2Smm driver.
2022-06-20 9:55 [PATCH 1/1] UefiCpuPkg: Extend SMM CPU Service with rendezvous support Li, Zhihao
@ 2022-06-20 9:55 ` Li, Zhihao
0 siblings, 0 replies; 10+ messages in thread
From: Li, Zhihao @ 2022-06-20 9:55 UTC (permalink / raw)
To: devel; +Cc: Jiewen Yao, Jian J Wang, Rahul Kumar, Qi Zhang
From: Zhihao Li <zhihao.li@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3855
In UefiCpuPkg, there are a new Protocol with the new service
SmmWaitForAllProcessor(), which can be used by SMI handler
to optionally wait for other APs to complete SMM rendezvous in
relaxed AP mode.
This patch use the new service to let TcgSmm and Tcg2Smm driver work
normally in relaxed AP mode.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Signed-off-by: Zhihao Li <zhihao.li@intel.com>
---
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c | 21 ++++++++++++++++++--
SecurityPkg/Tcg/TcgSmm/TcgSmm.c | 15 ++++++++++++--
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h | 3 ++-
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf | 3 ++-
SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf | 1 +
SecurityPkg/Tcg/TcgSmm/TcgSmm.h | 3 ++-
SecurityPkg/Tcg/TcgSmm/TcgSmm.inf | 3 ++-
7 files changed, 41 insertions(+), 8 deletions(-)
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
index 498fb626bd9c..4367102fbd49 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
@@ -9,7 +9,7 @@
PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.<BR>
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -42,6 +42,7 @@ EFI_HANDLE mReadyToLockHandle;
should still be called.
@retval EFI_UNSUPPORTED An unknown test function was requested.
@retval EFI_ACCESS_DENIED Part of the communication buffer lies in an invalid region.
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
@@ -78,6 +79,11 @@ TpmNvsCommunciate (
return EFI_ACCESS_DENIED;
}
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, "TpmNvsCommunciate: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
//
// Farm out the job to individual functions based on what was requested.
//
@@ -116,7 +122,7 @@ TpmNvsCommunciate (
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
-
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
EFIAPI
@@ -132,6 +138,11 @@ PhysicalPresenceCallback (
UINT32 OperationRequest;
UINT32 RequestParameter;
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, "TpmPhysicalPresent: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
if (mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS) {
mTcgNvs->PhysicalPresence.ReturnCode = Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (
&MostRecentRequest,
@@ -173,6 +184,7 @@ PhysicalPresenceCallback (
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
@@ -217,6 +229,11 @@ MemoryClearCallback (
return EFI_SUCCESS;
}
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, "TpmMemoryClear: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
DataSize = sizeof (UINT8);
Status = mSmmVariable->SmmSetVariable (
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.c b/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
index 96327a483ba9..e91567ca3169 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
@@ -8,7 +8,7 @@
PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2011 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -33,7 +33,7 @@ TCG_NVS *mTcgNvs;
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
-
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
EFIAPI
@@ -92,6 +92,11 @@ PhysicalPresenceCallback (
return EFI_SUCCESS;
}
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, "TPMPhysicalPresent: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
if (PpData.PPRequest != mTcgNvs->PhysicalPresence.Request) {
PpData.PPRequest = (UINT8)mTcgNvs->PhysicalPresence.Request;
DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
@@ -238,6 +243,7 @@ PhysicalPresenceCallback (
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
+ @retval EFI_ABORTED Fail to wait for all AP check in SMM.
**/
EFI_STATUS
@@ -282,6 +288,11 @@ MemoryClearCallback (
return EFI_SUCCESS;
}
+ if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {
+ DEBUG ((DEBUG_ERROR, " TpmMemoryClear: fail to wait for all AP check in SMM!\n"));
+ return EFI_ABORTED;
+ }
+
DataSize = sizeof (UINT8);
Status = mSmmVariable->SmmSetVariable (
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
index 84b65eb0897c..c0c0e9d91aeb 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
@@ -1,7 +1,7 @@
/** @file
The header file for Tcg2 SMM driver.
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.<BR>
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/IoLib.h>
#include <Library/PcdLib.h>
#include <Library/Tpm2DeviceLib.h>
+#include <Library/SmmCpuRendezvousLib.h>
#include <IndustryStandard/TpmPtp.h>
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
index 096338d0ef47..10b0629d506b 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
@@ -20,7 +20,7 @@
# This driver will have external input - variable and ACPINvs data in SMM mode.
# This external input must be validated carefully to avoid security issue.
#
-# Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -59,6 +59,7 @@ [LibraryClasses]
Tcg2PhysicalPresenceLib
PcdLib
SmmMemLib
+ SmmCpuRendezvousLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf
index 746eda3e9fed..6cf74803a12d 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf
@@ -55,6 +55,7 @@ [LibraryClasses]
Tcg2PhysicalPresenceLib
PcdLib
MemLib
+ SmmCpuRendezvousLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.h b/SecurityPkg/Tcg/TcgSmm/TcgSmm.h
index e348ad105499..dcc85ee3efbc 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.h
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.h
@@ -1,7 +1,7 @@
/** @file
The header file for TCG SMM driver.
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2012 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/TpmMeasurementLib.h>
#include <Library/PcdLib.h>
#include <Library/TcgPpVendorLib.h>
+#include <Library/SmmCpuRendezvousLib.h>
#pragma pack(1)
typedef struct {
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf b/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
index 9fac896dde8b..1d0f1c9170d4 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
@@ -9,7 +9,7 @@
# This driver will have external input - variable and ACPINvs data in SMM mode.
# This external input must be validated carefully to avoid security issue.
#
-# Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2011 - 2022, Intel Corporation. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -46,6 +46,7 @@ [LibraryClasses]
TpmMeasurementLib
PcdLib
TcgPpVendorLib
+ SmmCpuRendezvousLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"
--
2.26.2.windows.1
^ permalink raw reply related [flat|nested] 10+ messages in thread
* 回复: [edk2-devel] [PATCH 1/1] MdePkg: Remove "assert" from SmmCpuRendevousLibNull.c
2022-06-20 9:36 ` [PATCH 1/1] MdePkg: Remove "assert" from SmmCpuRendevousLibNull.c Li, Zhihao
@ 2022-06-20 15:31 ` gaoliming
0 siblings, 0 replies; 10+ messages in thread
From: gaoliming @ 2022-06-20 15:31 UTC (permalink / raw)
To: devel, zhihao.li; +Cc: 'Michael D Kinney'
Zhihao:
This change has been merged at b09ada6edc7f3f28d3b4f2ef09852ebd39f17920 in
Edk2. Please check it.
Thanks
Liming
> -----邮件原件-----
> 发件人: devel@edk2.groups.io <devel@edk2.groups.io> 代表 Li, Zhihao
> 发送时间: 2022年6月20日 17:36
> 收件人: devel@edk2.groups.io
> 抄送: Michael D Kinney <michael.d.kinney@intel.com>; Liming Gao
> <gaoliming@byosoft.com.cn>
> 主题: [edk2-devel] [PATCH 1/1] MdePkg: Remove "assert" from
> SmmCpuRendevousLibNull.c
>
> From: Zhihao Li <zhihao.li@intel.com>
>
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3931
>
> Some drivers will break down when they use
> SmmWaitForAllProcessor() which from SmmCpuRendezvousLibNull.c.
> Removing the code "ASSERT(False)" will make consumer
> work normally if they keep default setting for sync mode.
>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
>
> Signed-off-by: Zhihao Li <zhihao.li@intel.com>
> Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
> ---
> MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
> | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git
> a/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
> b/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
> index 474195bbb374..769f4c673802 100644
> ---
> a/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
> +++
> b/MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
> @@ -24,6 +24,5 @@ SmmWaitForAllProcessor (
> IN BOOLEAN BlockingMode
>
> )
>
> {
>
> - ASSERT (FALSE);
>
> return EFI_SUCCESS;
>
> }
>
> --
> 2.26.2.windows.1
>
>
>
> -=-=-=-=-=-=
> Groups.io Links: You receive all messages sent to this group.
> View/Reply Online (#90616): https://edk2.groups.io/g/devel/message/90616
> Mute This Topic: https://groups.io/mt/91873301/4905953
> Group Owner: devel+owner@edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub
> [gaoliming@byosoft.com.cn]
> -=-=-=-=-=-=
>
>
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2022-06-20 15:31 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-06-20 9:36 [PATCH v1 0/1] *** SUBJECT HERE *** Li, Zhihao
2022-06-20 9:36 ` [PATCH 1/1] UefiCpuPkg: Extend SMM CPU Service with rendezvous support Li, Zhihao
2022-06-20 9:36 ` [PATCH 1/1] OvmfPkg: Add dependency of VariableSmm driver to make it work normally Li, Zhihao
2022-06-20 9:36 ` [PATCH 1/1] UefiPayloadPkg: Add dependency of VariableSmm driver Li, Zhihao
2022-06-20 9:36 ` [PATCH 1/1] MdePkg: add SmmCpuRendezvousLib.h and SmmCpuRendezvousLibNull implement Li, Zhihao
2022-06-20 9:36 ` [PATCH 1/1] MdePkg: Remove "assert" from SmmCpuRendevousLibNull.c Li, Zhihao
2022-06-20 15:31 ` 回复: [edk2-devel] " gaoliming
2022-06-20 9:36 ` [PATCH v1 1/1] SecurityPkg: use SmmWaitForAllProcessor in TcgSmm and Tcg2Smm driver Li, Zhihao
-- strict thread matches above, loose matches on Subject: below --
2022-06-20 9:55 [PATCH 1/1] UefiCpuPkg: Extend SMM CPU Service with rendezvous support Li, Zhihao
2022-06-20 9:55 ` [PATCH v1 1/1] SecurityPkg: use SmmWaitForAllProcessor in TcgSmm and Tcg2Smm driver Li, Zhihao
2022-06-13 6:24 Li, Zhihao
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox