* [edk2-devel] [PATCH v4 0/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files.
@ 2023-11-13 6:22 Sheng Wei
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 1/5] " Sheng Wei
` (5 more replies)
0 siblings, 6 replies; 9+ messages in thread
From: Sheng Wei @ 2023-11-13 6:22 UTC (permalink / raw)
To: devel
Patch V4:
Separate the changes to 5 patches.
1) Add macro definitions for CET feature for NASM files.
2) Use macro CR4_CET_BIT to replace hard code value in Cet.nasm.
3) Use CET macro definitions in Cet.inc for SmiEntry.nasm files.
4) Only change CR4.CET bit for enable/disable CET.
5) Backup and Restore MSR IA32_U_CET in SMI handler.
Remove some unused code.
It is no need to clear MSR IA32_S_CET,
because clear CR4.CET bit will disable all CET functions.
Since CET is disabled between clear CR4.CET and run 'rsm',
it is no need to delay MSR IA32_S_CET restoration.
Patch V3:
Remove the 3rd patch. mSmmInterruptSspTables is a global variable.
It is unnecessary to initializ it to zero manually.
Patch V2:
No function change with Patch V1.
Split the patch to into 3 separate patches.
Sheng Wei (5):
UefiCpuPkg: Add macro definitions for CET feature for NASM files.
UefiCpuPkg: Use macro CR4_CET_BIT to replace hard code value in
Cet.nasm.
UefiCpuPkg: Use CET macro definitions in Cet.inc for SmiEntry.nasm
files.
UefiCpuPkg: Only change CR4.CET bit for enable and disable CET.
UefiCpuPkg: Backup and Restore MSR IA32_U_CET in SMI handler.
UefiCpuPkg/Include/Cet.inc | 26 +++++++++++++
UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/Cet.nasm | 5 ++-
UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 39 +++++++++++--------
UefiCpuPkg/PiSmmCpuDxeSmm/X64/Cet.nasm | 5 ++-
UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 40 +++++++++++---------
5 files changed, 78 insertions(+), 37 deletions(-)
create mode 100644 UefiCpuPkg/Include/Cet.inc
--
2.26.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111122): https://edk2.groups.io/g/devel/message/111122
Mute This Topic: https://groups.io/mt/102556832/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] 9+ messages in thread
* [edk2-devel] [PATCH v4 1/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files.
2023-11-13 6:22 [edk2-devel] [PATCH v4 0/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files Sheng Wei
@ 2023-11-13 6:22 ` Sheng Wei
2023-11-15 2:02 ` Ni, Ray
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 2/5] UefiCpuPkg: Use macro CR4_CET_BIT to replace hard code value in Cet.nasm Sheng Wei
` (4 subsequent siblings)
5 siblings, 1 reply; 9+ messages in thread
From: Sheng Wei @ 2023-11-13 6:22 UTC (permalink / raw)
To: devel; +Cc: Eric Dong, Ray Ni, Laszlo Ersek, Wu Jiaxin, Tan Dun
Signed-off-by: Sheng Wei <w.sheng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Tan Dun <dun.tan@intel.com>
---
UefiCpuPkg/Include/Cet.inc | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
create mode 100644 UefiCpuPkg/Include/Cet.inc
diff --git a/UefiCpuPkg/Include/Cet.inc b/UefiCpuPkg/Include/Cet.inc
new file mode 100644
index 0000000000..a4038a0682
--- /dev/null
+++ b/UefiCpuPkg/Include/Cet.inc
@@ -0,0 +1,26 @@
+;------------------------------------------------------------------------------
+;
+; Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+; Abstract:
+;
+; This file provides macro definitions for CET feature for NASM files.
+;
+;------------------------------------------------------------------------------
+
+%define MSR_IA32_U_CET 0x6A0
+%define MSR_IA32_S_CET 0x6A2
+%define MSR_IA32_CET_SH_STK_EN 0x1
+%define MSR_IA32_CET_WR_SHSTK_EN 0x2
+%define MSR_IA32_CET_ENDBR_EN 0x4
+%define MSR_IA32_CET_LEG_IW_EN 0x8
+%define MSR_IA32_CET_NO_TRACK_EN 0x10
+%define MSR_IA32_CET_SUPPRESS_DIS 0x20
+%define MSR_IA32_CET_SUPPRESS 0x400
+%define MSR_IA32_CET_TRACKER 0x800
+%define MSR_IA32_PL0_SSP 0x6A4
+%define MSR_IA32_INTERRUPT_SSP_TABLE_ADDR 0x6A8
+
+%define CR4_CET_BIT 23
+%define CR4_CET 0x800000
--
2.26.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111123): https://edk2.groups.io/g/devel/message/111123
Mute This Topic: https://groups.io/mt/102556833/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [edk2-devel] [PATCH v4 2/5] UefiCpuPkg: Use macro CR4_CET_BIT to replace hard code value in Cet.nasm.
2023-11-13 6:22 [edk2-devel] [PATCH v4 0/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files Sheng Wei
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 1/5] " Sheng Wei
@ 2023-11-13 6:22 ` Sheng Wei
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 3/5] UefiCpuPkg: Use CET macro definitions in Cet.inc for SmiEntry.nasm files Sheng Wei
` (3 subsequent siblings)
5 siblings, 0 replies; 9+ messages in thread
From: Sheng Wei @ 2023-11-13 6:22 UTC (permalink / raw)
To: devel; +Cc: Eric Dong, Ray Ni, Laszlo Ersek, Wu Jiaxin, Tan Dun
Signed-off-by: Sheng Wei <w.sheng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Tan Dun <dun.tan@intel.com>
---
UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/Cet.nasm | 5 +++--
UefiCpuPkg/PiSmmCpuDxeSmm/X64/Cet.nasm | 5 +++--
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/Cet.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/Cet.nasm
index 9d66b9c5da..3d07da1cd4 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/Cet.nasm
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/Cet.nasm
@@ -5,6 +5,7 @@
;-------------------------------------------------------------------------------
%include "Nasm.inc"
+%include "Cet.inc"
SECTION .text
@@ -16,7 +17,7 @@ ASM_PFX(DisableCet):
incsspd eax
mov eax, cr4
- btr eax, 23 ; clear CET
+ btr eax, CR4_CET_BIT ; clear CET
mov cr4, eax
ret
@@ -24,7 +25,7 @@ global ASM_PFX(EnableCet)
ASM_PFX(EnableCet):
mov eax, cr4
- bts eax, 23 ; set CET
+ bts eax, CR4_CET_BIT ; set CET
mov cr4, eax
; use jmp to skip the check for ret
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/Cet.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/Cet.nasm
index 8bbdbb31cc..700aef4703 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/Cet.nasm
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/Cet.nasm
@@ -5,6 +5,7 @@
;-------------------------------------------------------------------------------
%include "Nasm.inc"
+%include "Cet.inc"
DEFAULT REL
SECTION .text
@@ -17,7 +18,7 @@ ASM_PFX(DisableCet):
incsspq rax
mov rax, cr4
- btr eax, 23 ; clear CET
+ btr eax, CR4_CET_BIT ; clear CET
mov cr4, rax
ret
@@ -25,7 +26,7 @@ global ASM_PFX(EnableCet)
ASM_PFX(EnableCet):
mov rax, cr4
- bts eax, 23 ; set CET
+ bts eax, CR4_CET_BIT ; set CET
mov cr4, rax
; use jmp to skip the check for ret
--
2.26.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111124): https://edk2.groups.io/g/devel/message/111124
Mute This Topic: https://groups.io/mt/102556834/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [edk2-devel] [PATCH v4 3/5] UefiCpuPkg: Use CET macro definitions in Cet.inc for SmiEntry.nasm files.
2023-11-13 6:22 [edk2-devel] [PATCH v4 0/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files Sheng Wei
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 1/5] " Sheng Wei
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 2/5] UefiCpuPkg: Use macro CR4_CET_BIT to replace hard code value in Cet.nasm Sheng Wei
@ 2023-11-13 6:22 ` Sheng Wei
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 4/5] UefiCpuPkg: Only change CR4.CET bit for enable and disable CET Sheng Wei
` (2 subsequent siblings)
5 siblings, 0 replies; 9+ messages in thread
From: Sheng Wei @ 2023-11-13 6:22 UTC (permalink / raw)
To: devel; +Cc: Eric Dong, Ray Ni, Laszlo Ersek, Wu Jiaxin, Tan Dun
Signed-off-by: Sheng Wei <w.sheng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Tan Dun <dun.tan@intel.com>
---
UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 14 +-------------
UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 15 +--------------
2 files changed, 2 insertions(+), 27 deletions(-)
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
index 19de5f614e..6368982433 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
@@ -15,19 +15,7 @@
%include "StuffRsbNasm.inc"
%include "Nasm.inc"
-
-%define MSR_IA32_S_CET 0x6A2
-%define MSR_IA32_CET_SH_STK_EN 0x1
-%define MSR_IA32_CET_WR_SHSTK_EN 0x2
-%define MSR_IA32_CET_ENDBR_EN 0x4
-%define MSR_IA32_CET_LEG_IW_EN 0x8
-%define MSR_IA32_CET_NO_TRACK_EN 0x10
-%define MSR_IA32_CET_SUPPRESS_DIS 0x20
-%define MSR_IA32_CET_SUPPRESS 0x400
-%define MSR_IA32_CET_TRACKER 0x800
-%define MSR_IA32_PL0_SSP 0x6A4
-
-%define CR4_CET 0x800000
+%include "Cet.inc"
%define MSR_IA32_MISC_ENABLE 0x1A0
%define MSR_EFER 0xc0000080
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
index d302ca8d01..9a225bc3be 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
@@ -15,25 +15,12 @@
%include "StuffRsbNasm.inc"
%include "Nasm.inc"
+%include "Cet.inc"
;
; Variables referenced by C code
;
-%define MSR_IA32_S_CET 0x6A2
-%define MSR_IA32_CET_SH_STK_EN 0x1
-%define MSR_IA32_CET_WR_SHSTK_EN 0x2
-%define MSR_IA32_CET_ENDBR_EN 0x4
-%define MSR_IA32_CET_LEG_IW_EN 0x8
-%define MSR_IA32_CET_NO_TRACK_EN 0x10
-%define MSR_IA32_CET_SUPPRESS_DIS 0x20
-%define MSR_IA32_CET_SUPPRESS 0x400
-%define MSR_IA32_CET_TRACKER 0x800
-%define MSR_IA32_PL0_SSP 0x6A4
-%define MSR_IA32_INTERRUPT_SSP_TABLE_ADDR 0x6A8
-
-%define CR4_CET 0x800000
-
%define MSR_IA32_MISC_ENABLE 0x1A0
%define MSR_EFER 0xc0000080
%define MSR_EFER_XD 0x800
--
2.26.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111125): https://edk2.groups.io/g/devel/message/111125
Mute This Topic: https://groups.io/mt/102556836/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [edk2-devel] [PATCH v4 4/5] UefiCpuPkg: Only change CR4.CET bit for enable and disable CET.
2023-11-13 6:22 [edk2-devel] [PATCH v4 0/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files Sheng Wei
` (2 preceding siblings ...)
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 3/5] UefiCpuPkg: Use CET macro definitions in Cet.inc for SmiEntry.nasm files Sheng Wei
@ 2023-11-13 6:22 ` Sheng Wei
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 5/5] UefiCpuPkg: Backup and Restore MSR IA32_U_CET in SMI handler Sheng Wei
2023-11-13 18:14 ` [edk2-devel] [PATCH v4 0/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files Laszlo Ersek
5 siblings, 0 replies; 9+ messages in thread
From: Sheng Wei @ 2023-11-13 6:22 UTC (permalink / raw)
To: devel; +Cc: Eric Dong, Ray Ni, Laszlo Ersek, Wu Jiaxin, Tan Dun
Signed-off-by: Sheng Wei <w.sheng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Tan Dun <dun.tan@intel.com>
---
UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 10 +++++++---
UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 10 +++++++---
2 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
index 6368982433..1da9afab97 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
@@ -237,7 +237,9 @@ CetInterruptDone:
bts ecx, 16 ; set WP
mov cr0, ecx
- mov eax, 0x668 | CR4_CET
+ ; set CR4.CET bit for enable CET
+ mov eax, cr4
+ bts eax, CR4_CET_BIT
mov cr4, eax
setssbsy
@@ -264,8 +266,10 @@ CetDone:
cmp al, 0
jz CetDone2
- mov eax, 0x668
- mov cr4, eax ; disable CET
+ ; clear CR4.CET bit for disable CET
+ mov eax, cr4
+ btr eax, CR4_CET_BIT
+ mov cr4, eax
mov ecx, MSR_IA32_PL0_SSP
pop eax
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
index 9a225bc3be..abf9f1a90a 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
@@ -263,7 +263,9 @@ CetInterruptDone:
bts ecx, 16 ; set WP
mov cr0, rcx
- mov eax, 0x668 | CR4_CET
+ ; set CR4.CET bit for enable CET
+ mov rax, cr4
+ bts rax, CR4_CET_BIT
mov cr4, rax
setssbsy
@@ -308,8 +310,10 @@ mCetSupportedAbsAddr:
cmp al, 0
jz CetDone2
- mov eax, 0x668
- mov cr4, rax ; disable CET
+ ; clear CR4.CET bit for disable CET
+ mov rax, cr4
+ btr rax, CR4_CET_BIT
+ mov cr4, rax
mov ecx, MSR_IA32_INTERRUPT_SSP_TABLE_ADDR
pop rax
--
2.26.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111126): https://edk2.groups.io/g/devel/message/111126
Mute This Topic: https://groups.io/mt/102556837/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [edk2-devel] [PATCH v4 5/5] UefiCpuPkg: Backup and Restore MSR IA32_U_CET in SMI handler.
2023-11-13 6:22 [edk2-devel] [PATCH v4 0/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files Sheng Wei
` (3 preceding siblings ...)
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 4/5] UefiCpuPkg: Only change CR4.CET bit for enable and disable CET Sheng Wei
@ 2023-11-13 6:22 ` Sheng Wei
2023-11-13 18:14 ` [edk2-devel] [PATCH v4 0/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files Laszlo Ersek
5 siblings, 0 replies; 9+ messages in thread
From: Sheng Wei @ 2023-11-13 6:22 UTC (permalink / raw)
To: devel; +Cc: Eric Dong, Ray Ni, Laszlo Ersek, Wu Jiaxin, Tan Dun
OS may enable CET-IBT feature by set MSR IA32_U_CET.bit2.
If IA32_U_CET.bit2 is set, CPU is in WAIT_FOR_ENDBRANCH state and
the next assemble code is not ENDBR, it will trigger #CP exception
when set CR4.CET bit.
SMI handler needs to backup MSR IA32_U_CET and clear MSR IA32_U_CET
before set CR4.CET bit,
And SMI handler needs to restore MSR IA32_U_CET when exit SMI handler.
Signed-off-by: Sheng Wei <w.sheng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Tan Dun <dun.tan@intel.com>
---
UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 15 +++++++++++++++
UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 15 +++++++++++++++
2 files changed, 30 insertions(+)
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
index 1da9afab97..9e1155dee6 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
@@ -202,11 +202,21 @@ ASM_PFX(mPatchCetSupported):
push edx
push eax
+ mov ecx, MSR_IA32_U_CET
+ rdmsr
+ push edx
+ push eax
+
mov ecx, MSR_IA32_PL0_SSP
rdmsr
push edx
push eax
+ mov ecx, MSR_IA32_U_CET
+ xor eax, eax
+ xor edx, edx
+ wrmsr
+
mov ecx, MSR_IA32_S_CET
mov eax, MSR_IA32_CET_SH_STK_EN
xor edx, edx
@@ -276,6 +286,11 @@ CetDone:
pop edx
wrmsr
+ mov ecx, MSR_IA32_U_CET
+ pop eax
+ pop edx
+ wrmsr
+
mov ecx, MSR_IA32_S_CET
pop eax
pop edx
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
index abf9f1a90a..881d3177f7 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
@@ -217,6 +217,11 @@ ASM_PFX(mPatchCetSupported):
push rdx
push rax
+ mov ecx, MSR_IA32_U_CET
+ rdmsr
+ push rdx
+ push rax
+
mov ecx, MSR_IA32_PL0_SSP
rdmsr
push rdx
@@ -227,6 +232,11 @@ ASM_PFX(mPatchCetSupported):
push rdx
push rax
+ mov ecx, MSR_IA32_U_CET
+ xor eax, eax
+ xor edx, edx
+ wrmsr
+
mov ecx, MSR_IA32_S_CET
mov eax, MSR_IA32_CET_SH_STK_EN
xor edx, edx
@@ -325,6 +335,11 @@ mCetSupportedAbsAddr:
pop rdx
wrmsr
+ mov ecx, MSR_IA32_U_CET
+ pop rax
+ pop rdx
+ wrmsr
+
mov ecx, MSR_IA32_S_CET
pop rax
pop rdx
--
2.26.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111127): https://edk2.groups.io/g/devel/message/111127
Mute This Topic: https://groups.io/mt/102556838/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [edk2-devel] [PATCH v4 0/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files.
2023-11-13 6:22 [edk2-devel] [PATCH v4 0/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files Sheng Wei
` (4 preceding siblings ...)
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 5/5] UefiCpuPkg: Backup and Restore MSR IA32_U_CET in SMI handler Sheng Wei
@ 2023-11-13 18:14 ` Laszlo Ersek
5 siblings, 0 replies; 9+ messages in thread
From: Laszlo Ersek @ 2023-11-13 18:14 UTC (permalink / raw)
To: devel, w.sheng
On 11/13/23 07:22, Sheng Wei wrote:
> Patch V4:
> Separate the changes to 5 patches.
> 1) Add macro definitions for CET feature for NASM files.
> 2) Use macro CR4_CET_BIT to replace hard code value in Cet.nasm.
> 3) Use CET macro definitions in Cet.inc for SmiEntry.nasm files.
> 4) Only change CR4.CET bit for enable/disable CET.
> 5) Backup and Restore MSR IA32_U_CET in SMI handler.
> Remove some unused code.
> It is no need to clear MSR IA32_S_CET,
> because clear CR4.CET bit will disable all CET functions.
> Since CET is disabled between clear CR4.CET and run 'rsm',
> it is no need to delay MSR IA32_S_CET restoration.
>
> Patch V3:
> Remove the 3rd patch. mSmmInterruptSspTables is a global variable.
> It is unnecessary to initializ it to zero manually.
>
> Patch V2:
> No function change with Patch V1.
> Split the patch to into 3 separate patches.
>
> Sheng Wei (5):
> UefiCpuPkg: Add macro definitions for CET feature for NASM files.
> UefiCpuPkg: Use macro CR4_CET_BIT to replace hard code value in
> Cet.nasm.
> UefiCpuPkg: Use CET macro definitions in Cet.inc for SmiEntry.nasm
> files.
> UefiCpuPkg: Only change CR4.CET bit for enable and disable CET.
> UefiCpuPkg: Backup and Restore MSR IA32_U_CET in SMI handler.
>
> UefiCpuPkg/Include/Cet.inc | 26 +++++++++++++
> UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/Cet.nasm | 5 ++-
> UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 39 +++++++++++--------
> UefiCpuPkg/PiSmmCpuDxeSmm/X64/Cet.nasm | 5 ++-
> UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 40 +++++++++++---------
> 5 files changed, 78 insertions(+), 37 deletions(-)
> create mode 100644 UefiCpuPkg/Include/Cet.inc
>
series
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111173): https://edk2.groups.io/g/devel/message/111173
Mute This Topic: https://groups.io/mt/102556832/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/xyzzy [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [edk2-devel] [PATCH v4 1/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files.
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 1/5] " Sheng Wei
@ 2023-11-15 2:02 ` Ni, Ray
2023-11-15 10:33 ` Laszlo Ersek
0 siblings, 1 reply; 9+ messages in thread
From: Ni, Ray @ 2023-11-15 2:02 UTC (permalink / raw)
To: Sheng, W, devel@edk2.groups.io
Cc: Dong, Eric, Laszlo Ersek, Wu, Jiaxin, Tan, Dun
[-- Attachment #1: Type: text/plain, Size: 2674 bytes --]
If only CpuSmm driver consumes these macros, can we move the macro definitions into CpuSmm driver folder?
Thanks,
Ray
________________________________
From: Sheng, W <w.sheng@intel.com>
Sent: Monday, November 13, 2023 2:22 PM
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Dong, Eric <eric.dong@intel.com>; Ni, Ray <ray.ni@intel.com>; Laszlo Ersek <lersek@redhat.com>; Wu, Jiaxin <jiaxin.wu@intel.com>; Tan, Dun <dun.tan@intel.com>
Subject: [PATCH v4 1/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files.
Signed-off-by: Sheng Wei <w.sheng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Tan Dun <dun.tan@intel.com>
---
UefiCpuPkg/Include/Cet.inc | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
create mode 100644 UefiCpuPkg/Include/Cet.inc
diff --git a/UefiCpuPkg/Include/Cet.inc b/UefiCpuPkg/Include/Cet.inc
new file mode 100644
index 0000000000..a4038a0682
--- /dev/null
+++ b/UefiCpuPkg/Include/Cet.inc
@@ -0,0 +1,26 @@
+;------------------------------------------------------------------------------
+;
+; Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+; Abstract:
+;
+; This file provides macro definitions for CET feature for NASM files.
+;
+;------------------------------------------------------------------------------
+
+%define MSR_IA32_U_CET 0x6A0
+%define MSR_IA32_S_CET 0x6A2
+%define MSR_IA32_CET_SH_STK_EN 0x1
+%define MSR_IA32_CET_WR_SHSTK_EN 0x2
+%define MSR_IA32_CET_ENDBR_EN 0x4
+%define MSR_IA32_CET_LEG_IW_EN 0x8
+%define MSR_IA32_CET_NO_TRACK_EN 0x10
+%define MSR_IA32_CET_SUPPRESS_DIS 0x20
+%define MSR_IA32_CET_SUPPRESS 0x400
+%define MSR_IA32_CET_TRACKER 0x800
+%define MSR_IA32_PL0_SSP 0x6A4
+%define MSR_IA32_INTERRUPT_SSP_TABLE_ADDR 0x6A8
+
+%define CR4_CET_BIT 23
+%define CR4_CET 0x800000
--
2.26.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111227): https://edk2.groups.io/g/devel/message/111227
Mute This Topic: https://groups.io/mt/102556833/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/xyzzy [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
[-- Attachment #2: Type: text/html, Size: 5808 bytes --]
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [edk2-devel] [PATCH v4 1/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files.
2023-11-15 2:02 ` Ni, Ray
@ 2023-11-15 10:33 ` Laszlo Ersek
0 siblings, 0 replies; 9+ messages in thread
From: Laszlo Ersek @ 2023-11-15 10:33 UTC (permalink / raw)
To: Ni, Ray, Sheng, W, devel@edk2.groups.io; +Cc: Dong, Eric, Wu, Jiaxin, Tan, Dun
On 11/15/23 03:02, Ni, Ray wrote:
> If only CpuSmm driver consumes these macros, can we move the macro
> definitions into CpuSmm driver folder?
Sounds like a good idea.
I'm unsure how we can put "UefiCpuPkg/PiSmmCpuDxeSmm/" on the include
path though, for assembly files located in
UefiCpuPkg/PiSmmCpuDxeSmm/Ia32 and UefiCpuPkg/PiSmmCpuDxeSmm/X64:
(1) "UefiCpuPkg.dec" says
[Includes]
Include
(2) "BaseTools/Conf/build_rule.template" seems to use NASM_INC as a
placeholder / macro for NASM-specific include directory
(3) From commit 073a76e66293 ("BaseTools: Add $(INC)-like support when
compiling .nasm files", 2018-12-19),
"BaseTools/Source/Python/AutoGen/GenMake.py" seems to replace NASM_INC
with a list of -I dir/ -I dir/ -I dir/ ... options for NASM, where "dir"
iterates through the elements of point (1).
... If we place the "Cet.inc" file under "UefiCpuPkg/PiSmmCpuDxeSmm/",
can we include it with
%include "../Cet.inc"
(note the "../" prefix), in the files
UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/Cet.nasm
UefiCpuPkg/PiSmmCpuDxeSmm/X64/Cet.nasm?
Will that work on Windows too?
Laszlo
> ------------------------------------------------------------------------
> *From:* Sheng, W <w.sheng@intel.com>
> *Sent:* Monday, November 13, 2023 2:22 PM
> *To:* devel@edk2.groups.io <devel@edk2.groups.io>
> *Cc:* Dong, Eric <eric.dong@intel.com>; Ni, Ray <ray.ni@intel.com>;
> Laszlo Ersek <lersek@redhat.com>; Wu, Jiaxin <jiaxin.wu@intel.com>; Tan,
> Dun <dun.tan@intel.com>
> *Subject:* [PATCH v4 1/5] UefiCpuPkg: Add macro definitions for CET
> feature for NASM files.
>
> Signed-off-by: Sheng Wei <w.sheng@intel.com>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Wu Jiaxin <jiaxin.wu@intel.com>
> Cc: Tan Dun <dun.tan@intel.com>
> ---
> UefiCpuPkg/Include/Cet.inc | 26 ++++++++++++++++++++++++++
> 1 file changed, 26 insertions(+)
> create mode 100644 UefiCpuPkg/Include/Cet.inc
>
> diff --git a/UefiCpuPkg/Include/Cet.inc b/UefiCpuPkg/Include/Cet.inc
> new file mode 100644
> index 0000000000..a4038a0682
> --- /dev/null
> +++ b/UefiCpuPkg/Include/Cet.inc
> @@ -0,0 +1,26 @@
> +;------------------------------------------------------------------------------
>
> +;
>
> +; Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
>
> +; SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +;
>
> +; Abstract:
>
> +;
>
> +; This file provides macro definitions for CET feature for NASM files.
>
> +;
>
> +;------------------------------------------------------------------------------
>
> +
>
> +%define MSR_IA32_U_CET 0x6A0
>
> +%define MSR_IA32_S_CET 0x6A2
>
> +%define MSR_IA32_CET_SH_STK_EN 0x1
>
> +%define MSR_IA32_CET_WR_SHSTK_EN 0x2
>
> +%define MSR_IA32_CET_ENDBR_EN 0x4
>
> +%define MSR_IA32_CET_LEG_IW_EN 0x8
>
> +%define MSR_IA32_CET_NO_TRACK_EN 0x10
>
> +%define MSR_IA32_CET_SUPPRESS_DIS 0x20
>
> +%define MSR_IA32_CET_SUPPRESS 0x400
>
> +%define MSR_IA32_CET_TRACKER 0x800
>
> +%define MSR_IA32_PL0_SSP 0x6A4
>
> +%define MSR_IA32_INTERRUPT_SSP_TABLE_ADDR 0x6A8
>
> +
>
> +%define CR4_CET_BIT 23
>
> +%define CR4_CET 0x800000
>
> --
> 2.26.2.windows.1
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111250): https://edk2.groups.io/g/devel/message/111250
Mute This Topic: https://groups.io/mt/102556833/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/xyzzy [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2023-11-15 10:33 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-11-13 6:22 [edk2-devel] [PATCH v4 0/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files Sheng Wei
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 1/5] " Sheng Wei
2023-11-15 2:02 ` Ni, Ray
2023-11-15 10:33 ` Laszlo Ersek
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 2/5] UefiCpuPkg: Use macro CR4_CET_BIT to replace hard code value in Cet.nasm Sheng Wei
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 3/5] UefiCpuPkg: Use CET macro definitions in Cet.inc for SmiEntry.nasm files Sheng Wei
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 4/5] UefiCpuPkg: Only change CR4.CET bit for enable and disable CET Sheng Wei
2023-11-13 6:22 ` [edk2-devel] [PATCH v4 5/5] UefiCpuPkg: Backup and Restore MSR IA32_U_CET in SMI handler Sheng Wei
2023-11-13 18:14 ` [edk2-devel] [PATCH v4 0/5] UefiCpuPkg: Add macro definitions for CET feature for NASM files Laszlo Ersek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox