From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id BF319D8004C for ; Tue, 21 Nov 2023 02:34:53 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=XEH3IqKY72xltywbyn9J9ESyxMvtVns3yYOKU/CjFW4=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1700534092; v=1; b=gU69UDFBk0nU516xG5xxX7rra6FXY6sbewvwPZypbjDSy9cMmfxLO/fVu4YxDAzT6wnNM3eZ DOvoCEuFr7SYu3sRcOvoO+zQ+srkeD6Z3T8kH/rIlPpXZHrbeAnhQIhSX6v6mZX4YH5PSPqC+wW jxzVn7O7kXDz4JcdiU2szg7A= X-Received: by 127.0.0.2 with SMTP id Bf74YY7687511x6XGge5DyK1; Mon, 20 Nov 2023 18:34:52 -0800 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.9]) by mx.groups.io with SMTP id smtpd.web10.26472.1700534087473501873 for ; Mon, 20 Nov 2023 18:34:51 -0800 X-IronPort-AV: E=McAfee;i="6600,9927,10900"; a="10417269" X-IronPort-AV: E=Sophos;i="6.04,215,1695711600"; d="scan'208";a="10417269" X-Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orvoesa101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Nov 2023 18:34:49 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10900"; a="716395840" X-IronPort-AV: E=Sophos;i="6.04,215,1695711600"; d="scan'208";a="716395840" X-Received: from shwdeopenlab813.ccr.corp.intel.com ([10.239.55.230]) by orsmga003.jf.intel.com with ESMTP; 20 Nov 2023 18:34:47 -0800 From: "Yuanhao Xie" To: devel@edk2.groups.io Cc: Yuanhao Xie , Laszlo Ersek , Ray Ni , Eric Dong , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V7 1/2] UefiCpuPkg/MpInitLib: Enable execute disable bit. Date: Tue, 21 Nov 2023 10:34:38 +0800 Message-Id: <20231121023439.2383-2-yuanhao.xie@intel.com> In-Reply-To: <20231121023439.2383-1-yuanhao.xie@intel.com> References: <20231121023439.2383-1-yuanhao.xie@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,yuanhao.xie@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: YV7u0ZFkvpmcTRjWP5H1kO3Nx7686176AA= Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=gU69UDFB; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none) From: Yuanhao Xie This patch synchronizes the No-Execute bit in the IA32_EFER register for the APs before the RestoreVolatileRegisters operation. The commit 964a4f0, titled "Eliminate the second INIT-SIPI-SIPI sequence," replaces the second INIT-SIPI-SIPI sequence with the BSP calling the SwitchApContext function to initiate a specialized start-up signal, waking up APs in the DXE instead of using INIT-SIPI-SIPI. Due to this change, the logic for "Enable execute disable bit" in MpFuncs.nasm is no longer executed. However, to ensure the proper setup of the page table, it is necessary to synchronize the IA32_EFER.NXE for APs before executing RestoreVolatileRegisters . Based on SDM: If IA32_EFER.NXE is set to 1, it signifies execute-disable, meaning instruction fetches are not allowed from the 4-KByte page controlled by this entry. Conversely, if it is set to 0, it is reserved. Signed-off-by: Yuanhao Xie Reviewed-by: Laszlo Ersek Reviewed-by: Ray Ni Cc: Laszlo Ersek lersek@redhat.com Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann --- UefiCpuPkg/Library/MpInitLib/MpLib.c | 14 +++++++++++--- UefiCpuPkg/Library/MpInitLib/MpLib.h | 1 + 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpIn= itLib/MpLib.c index 9a6ec5db5c..f29e66a14f 100644 --- a/UefiCpuPkg/Library/MpInitLib/MpLib.c +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c @@ -910,9 +910,16 @@ DxeApEntryPoint ( CPU_MP_DATA *CpuMpData=0D )=0D {=0D - UINTN ProcessorNumber;=0D + UINTN ProcessorNumber;=0D + MSR_IA32_EFER_REGISTER EferMsr;=0D =0D GetProcessorNumber (CpuMpData, &ProcessorNumber);=0D + if (CpuMpData->EnableExecuteDisableForSwitchContext) {=0D + EferMsr.Uint64 =3D AsmReadMsr64 (MSR_IA32_EFER);=0D + EferMsr.Bits.NXE =3D 1;=0D + AsmWriteMsr64 (MSR_IA32_EFER, EferMsr.Uint64);=0D + }=0D +=0D RestoreVolatileRegisters (&CpuMpData->CpuData[0].VolatileRegisters, FALS= E);=0D InterlockedIncrement ((UINT32 *)&CpuMpData->FinishedCount);=0D PlaceAPInMwaitLoopOrRunLoop (=0D @@ -2188,8 +2195,9 @@ MpInitLibInitialize ( if (MpHandOff->WaitLoopExecutionMode =3D=3D sizeof (VOID *)) {=0D ASSERT (CpuMpData->ApLoopMode !=3D ApInHltLoop);=0D =0D - CpuMpData->FinishedCount =3D 0;=0D - CpuMpData->InitFlag =3D ApInitDone;=0D + CpuMpData->FinishedCount =3D 0;=0D + CpuMpData->InitFlag =3D ApInitDone;=0D + CpuMpData->EnableExecuteDisableForSwitchContext =3D IsBspExecuteDisa= bleEnabled ();=0D SaveCpuMpData (CpuMpData);=0D //=0D // In scenarios where both the PEI and DXE phases run in the same=0D diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpIn= itLib/MpLib.h index 763db4963d..af296f6ac0 100644 --- a/UefiCpuPkg/Library/MpInitLib/MpLib.h +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h @@ -270,6 +270,7 @@ struct _CPU_MP_DATA { UINT64 TotalTime;=0D EFI_EVENT WaitEvent;=0D UINTN **FailedCpuList;=0D + BOOLEAN EnableExecuteDisableForSwitchContext;=0D =0D AP_INIT_STATE InitFlag;=0D BOOLEAN SwitchBspFlag;=0D --=20 2.39.1.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#111505): https://edk2.groups.io/g/devel/message/111505 Mute This Topic: https://groups.io/mt/102721661/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-