From: "Yuanhao Xie" <yuanhao.xie@intel.com>
To: devel@edk2.groups.io
Cc: Yuanhao Xie <yuanhao.xie@intel.com>,
Laszlo Ersek <lersek@redhat.com>, Ray Ni <ray.ni@intel.com>,
Eric Dong <eric.dong@intel.com>,
Rahul Kumar <rahul1.kumar@intel.com>,
Gerd Hoffmann <kraxel@redhat.com>
Subject: [edk2-devel] [Patch V7 1/2] UefiCpuPkg/MpInitLib: Enable execute disable bit.
Date: Tue, 21 Nov 2023 10:35:45 +0800 [thread overview]
Message-ID: <20231121023546.2405-2-yuanhao.xie@intel.com> (raw)
In-Reply-To: <20231121023546.2405-1-yuanhao.xie@intel.com>
From: Yuanhao Xie <yuanhao.xie@intel.com>
This patch synchronizes the No-Execute bit in the IA32_EFER
register for the APs before the RestoreVolatileRegisters operation.
The commit 964a4f0, titled "Eliminate the second INIT-SIPI-SIPI
sequence," replaces the second INIT-SIPI-SIPI sequence with the BSP
calling the SwitchApContext function to initiate a specialized start-up
signal, waking up APs in the DXE instead of using INIT-SIPI-SIPI.
Due to this change, the logic for "Enable execute disable bit" in
MpFuncs.nasm is no longer executed. However, to ensure the proper setup
of the page table, it is necessary to synchronize the IA32_EFER.NXE for
APs before executing RestoreVolatileRegisters .
Based on SDM:
If IA32_EFER.NXE is set to 1, it signifies execute-disable, meaning
instruction fetches are not allowed from the 4-KByte page controlled by
this entry. Conversely, if it is set to 0, it is reserved.
Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek lersek@redhat.com
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
---
UefiCpuPkg/Library/MpInitLib/MpLib.c | 14 +++++++++++---
UefiCpuPkg/Library/MpInitLib/MpLib.h | 1 +
2 files changed, 12 insertions(+), 3 deletions(-)
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpInitLib/MpLib.c
index 9a6ec5db5c..f29e66a14f 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c
@@ -910,9 +910,16 @@ DxeApEntryPoint (
CPU_MP_DATA *CpuMpData
)
{
- UINTN ProcessorNumber;
+ UINTN ProcessorNumber;
+ MSR_IA32_EFER_REGISTER EferMsr;
GetProcessorNumber (CpuMpData, &ProcessorNumber);
+ if (CpuMpData->EnableExecuteDisableForSwitchContext) {
+ EferMsr.Uint64 = AsmReadMsr64 (MSR_IA32_EFER);
+ EferMsr.Bits.NXE = 1;
+ AsmWriteMsr64 (MSR_IA32_EFER, EferMsr.Uint64);
+ }
+
RestoreVolatileRegisters (&CpuMpData->CpuData[0].VolatileRegisters, FALSE);
InterlockedIncrement ((UINT32 *)&CpuMpData->FinishedCount);
PlaceAPInMwaitLoopOrRunLoop (
@@ -2188,8 +2195,9 @@ MpInitLibInitialize (
if (MpHandOff->WaitLoopExecutionMode == sizeof (VOID *)) {
ASSERT (CpuMpData->ApLoopMode != ApInHltLoop);
- CpuMpData->FinishedCount = 0;
- CpuMpData->InitFlag = ApInitDone;
+ CpuMpData->FinishedCount = 0;
+ CpuMpData->InitFlag = ApInitDone;
+ CpuMpData->EnableExecuteDisableForSwitchContext = IsBspExecuteDisableEnabled ();
SaveCpuMpData (CpuMpData);
//
// In scenarios where both the PEI and DXE phases run in the same
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpInitLib/MpLib.h
index 763db4963d..af296f6ac0 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
@@ -270,6 +270,7 @@ struct _CPU_MP_DATA {
UINT64 TotalTime;
EFI_EVENT WaitEvent;
UINTN **FailedCpuList;
+ BOOLEAN EnableExecuteDisableForSwitchContext;
AP_INIT_STATE InitFlag;
BOOLEAN SwitchBspFlag;
--
2.39.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111508): https://edk2.groups.io/g/devel/message/111508
Mute This Topic: https://groups.io/mt/102721680/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2023-11-21 2:36 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-21 2:35 [edk2-devel] [Patch V7 0/2]UefiCpuPkg/MpInitLib: Enable execute disable bit Yuanhao Xie
2023-11-21 2:35 ` Yuanhao Xie [this message]
2023-11-21 2:35 ` [edk2-devel] [Patch V7 2/2] UefiCpuPkg/MpInitLib: Update the comments of _CPU_MP_DATA Yuanhao Xie
2023-11-22 16:41 ` Laszlo Ersek
-- strict thread matches above, loose matches on Subject: below --
2023-11-21 2:34 [edk2-devel] [Patch V7 0/2]UefiCpuPkg/MpInitLib: Enable execute disable bit Yuanhao Xie
2023-11-21 2:34 ` [edk2-devel] [Patch V7 1/2] UefiCpuPkg/MpInitLib: " Yuanhao Xie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231121023546.2405-2-yuanhao.xie@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox