From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 3C0FCAC1BB6 for ; Mon, 11 Dec 2023 22:39:33 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=rsU0dKdxSCoaXTSUmUQ4bLsPaZj7OqqJ2z41rUYH4wk=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1702334371; v=1; b=G2kDVW6UegP1eczG49Jup/0eJXTQi0sQ6bLZoS9FSXk1ieoeMhiRqlRklOO5l/gNzFuJJiUB NMRuPV5YUBQ6afgcb6XO7iSc02ceZXm+csErPlMfcGM3ooKQt73hWAAf/eRpbqy8xDP5SmUH05H iFSJBixgvhVUUMfWz3j17/FA= X-Received: by 127.0.0.2 with SMTP id bqpZYY7687511x3P5wWIvTzQ; Mon, 11 Dec 2023 14:39:31 -0800 X-Received: from mail-qv1-f51.google.com (mail-qv1-f51.google.com [209.85.219.51]) by mx.groups.io with SMTP id smtpd.web11.5169.1702334371242451192 for ; Mon, 11 Dec 2023 14:39:31 -0800 X-Received: by mail-qv1-f51.google.com with SMTP id 6a1803df08f44-67a894ccb4eso32919256d6.3 for ; Mon, 11 Dec 2023 14:39:31 -0800 (PST) X-Gm-Message-State: zvmGf6PLAHbqLpPFnajXGlnOx7686176AA= X-Google-Smtp-Source: AGHT+IG8rjVgJVDWCwajzKeI0NM6duoGN0v++b+vanm6gEnkk7EmfWp7TgJrQZx3v/UwU5NF9f8NRA== X-Received: by 2002:ad4:4a11:0:b0:67a:b63e:8f93 with SMTP id m17-20020ad44a11000000b0067ab63e8f93mr5117439qvz.28.1702334370179; Mon, 11 Dec 2023 14:39:30 -0800 (PST) X-Received: from aturtleortwo-benjamindomain.. ([2607:f2c0:e9b1:f59a:bf3c:db4:6459:ea26]) by smtp.gmail.com with ESMTPSA id l7-20020a0cc207000000b0067aa8e67fc5sm3619070qvh.84.2023.12.11.14.39.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Dec 2023 14:39:29 -0800 (PST) From: "Benjamin Doron" To: devel@edk2.groups.io Cc: Guo Dong , Ray Ni , Sean Rhodes , James Lu , Gua Guo Subject: [edk2-devel] [PATCH v2 4/4] [WIP] UefiPayloadPkg: Support SMRAMC register Date: Mon, 11 Dec 2023 17:39:12 -0500 Message-ID: <20231211223919.1225565-4-benjamin.doron00@gmail.com> In-Reply-To: <20231211223919.1225565-1-benjamin.doron00@gmail.com> References: <20231211223919.1225565-1-benjamin.doron00@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,benjamin.doron00@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=G2kDVW6U; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io From: Benjamin Doron Former Intel platforms controlled SMRAM protection using a dedicated register. SlimBootloader-supported platforms have converged on the SMRR, but for coreboot to support prior platforms too, lock-down is advised. Requires testing. TODO: It is more correct to install a handler in SMM to set SPI to write-protected again, though it's at least assumed secure at present: as the SMI will not be acknowledged, platform will re-enter SMM. Cc: Guo Dong Cc: Ray Ni Cc: Sean Rhodes Cc: James Lu Cc: Gua Guo Signed-off-by: Benjamin Doron --- UefiPayloadPkg/BlSupportSmm/BlSupportSmm.c | 29 ++++++ UefiPayloadPkg/BlSupportSmm/BlSupportSmm.inf | 1 + UefiPayloadPkg/Include/Guid/SmmRegisterInfoGuid.h | 1 + UefiPayloadPkg/SmmAccessDxe/SmmAccessDxe.c | 103 ++++++++++++++++++= +- UefiPayloadPkg/SmmAccessDxe/SmmAccessDxe.h | 1 + UefiPayloadPkg/SmmAccessDxe/SmmAccessDxe.inf | 2 + 6 files changed, 136 insertions(+), 1 deletion(-) diff --git a/UefiPayloadPkg/BlSupportSmm/BlSupportSmm.c b/UefiPayloadPkg/Bl= SupportSmm/BlSupportSmm.c index 0d16aec8ef70..48e7ff9ad044 100644 --- a/UefiPayloadPkg/BlSupportSmm/BlSupportSmm.c +++ b/UefiPayloadPkg/BlSupportSmm/BlSupportSmm.c @@ -6,6 +6,8 @@ writting 0xB2 port with given value from SMM communication area.=0D The paylaod SMM handler got chance to restore regs in S3 path.=0D =0D + Global TODO: Install SMI handler to handle SPI write-protect.=0D +=0D Copyright (c) 2021, Intel Corporation. All rights reserved.
=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D @@ -13,9 +15,14 @@ =0D #include =0D =0D +#define B_SA_SMRAMC_D_LCK_MASK (0x10)=0D +#define B_SA_SMRAMC_D_CLS_MASK (0x20)=0D +#define B_SA_SMRAMC_D_OPEN_MASK (0x40)=0D +=0D PLD_S3_COMMUNICATION mPldS3Hob;=0D EFI_SMRAM_HOB_DESCRIPTOR_BLOCK *mSmramHob =3D NULL;=0D PLD_SMM_REGISTERS *mSmmRegisterHob =3D NULL;=0D +UINT32 mSmramcAddress =3D 0xFFFFFFFF;=0D UINT64 mSmmFeatureControl =3D 0;=0D =0D /**=0D @@ -185,6 +192,20 @@ SmmFeatureLockOnS3 ( mSmmFeatureControl =3D AsmReadMsr64 (MSR_SMM_FEATURE_CONTROL);=0D }=0D =0D +/**=0D + Set SMRAMC, if supported, on S3 path.=0D +=0D +**/=0D +VOID=0D +SetSmramcOnS3 (=0D + VOID=0D + )=0D +{=0D + if (mSmramcAddress !=3D 0xFFFFFFFF) {=0D + PciOr8 (mSmramcAddress, B_SA_SMRAMC_D_LCK_MASK);=0D + }=0D +}=0D +=0D /**=0D Function to program SMRR base and mask.=0D =0D @@ -299,6 +320,7 @@ BlSwSmiHandler ( )=0D {=0D SetSmrrOnS3 ();=0D + SetSmramcOnS3 ();=0D SmmFeatureLockOnS3 ();=0D LockSmiGlobalEn ();=0D =0D @@ -353,6 +375,7 @@ BlSupportSmm ( EFI_HANDLE SwHandle;=0D EFI_HOB_GUID_TYPE *GuidHob;=0D VOID *SmmHob;=0D + PLD_GENERIC_REGISTER *SmramcReg;=0D VOID *Registration;=0D =0D //=0D @@ -399,6 +422,12 @@ BlSupportSmm ( }=0D =0D CopyMem (mSmmRegisterHob, SmmHob, GET_GUID_HOB_DATA_SIZE (GuidHob));=0D +=0D + SmramcReg =3D GetRegisterById (REGISTER_ID_SMRAMC);=0D + if (SmramcReg !=3D NULL) {=0D + DEBUG ((DEBUG_INFO, "SMRAMC reg found.\n"));=0D + mSmramcAddress =3D SmramcReg->Address.Address;=0D + }=0D } else {=0D return EFI_NOT_FOUND;=0D }=0D diff --git a/UefiPayloadPkg/BlSupportSmm/BlSupportSmm.inf b/UefiPayloadPkg/= BlSupportSmm/BlSupportSmm.inf index 75d4777971fc..a92a971f7c49 100644 --- a/UefiPayloadPkg/BlSupportSmm/BlSupportSmm.inf +++ b/UefiPayloadPkg/BlSupportSmm/BlSupportSmm.inf @@ -33,6 +33,7 @@ MemoryAllocationLib=0D BaseLib=0D IoLib=0D + PciLib=0D HobLib=0D =0D [Guids]=0D diff --git a/UefiPayloadPkg/Include/Guid/SmmRegisterInfoGuid.h b/UefiPayloa= dPkg/Include/Guid/SmmRegisterInfoGuid.h index 665eaa7e7729..feeb984b9f9b 100644 --- a/UefiPayloadPkg/Include/Guid/SmmRegisterInfoGuid.h +++ b/UefiPayloadPkg/Include/Guid/SmmRegisterInfoGuid.h @@ -27,6 +27,7 @@ typedef EFI_ACPI_3_0_GENERIC_ADDRESS_STRUCTURE PLD_GENERI= C_ADDRESS; #define REGISTER_ID_SMI_EOS 3=0D #define REGISTER_ID_SMI_APM_EN 4=0D #define REGISTER_ID_SMI_APM_STS 5=0D +#define REGISTER_ID_SMRAMC 6=0D =0D #pragma pack(1)=0D typedef struct {=0D diff --git a/UefiPayloadPkg/SmmAccessDxe/SmmAccessDxe.c b/UefiPayloadPkg/Sm= mAccessDxe/SmmAccessDxe.c index acb07192f714..919a47bdde7e 100644 --- a/UefiPayloadPkg/SmmAccessDxe/SmmAccessDxe.c +++ b/UefiPayloadPkg/SmmAccessDxe/SmmAccessDxe.c @@ -7,8 +7,14 @@ **/=0D =0D #include "SmmAccessDxe.h"=0D +#include =0D +=0D +#define B_SA_SMRAMC_D_LCK_MASK (0x10)=0D +#define B_SA_SMRAMC_D_CLS_MASK (0x20)=0D +#define B_SA_SMRAMC_D_OPEN_MASK (0x40)=0D =0D SMM_ACCESS_PRIVATE_DATA mSmmAccess;=0D +UINT32 mSmramcAddress =3D 0xFFFFFFFF;=0D =0D /**=0D Update region state from SMRAM description=0D @@ -53,6 +59,8 @@ Open ( IN EFI_SMM_ACCESS2_PROTOCOL *This=0D )=0D {=0D + UINT8 SmramControl;=0D +=0D if ((mSmmAccess.SmmRegionState & EFI_SMRAM_LOCKED) !=3D 0) {=0D //=0D // Cannot open a "locked" region=0D @@ -61,13 +69,33 @@ Open ( return EFI_DEVICE_ERROR;=0D }=0D =0D + //=0D + // Chipset code=0D + //=0D + if (mSmramcAddress !=3D 0xFFFFFFFF) {=0D + SmramControl =3D PciRead8 (mSmramcAddress);=0D +=0D + // Cannot open locked region=0D + if ((SmramControl & B_SA_SMRAMC_D_LCK_MASK) !=3D 0) {=0D + mSmmAccess.SmmRegionState |=3D EFI_SMRAM_LOCKED;=0D + SyncRegionState2SmramDesc (TRUE, EFI_SMRAM_LOCKED);=0D +=0D + DEBUG ((DEBUG_WARN, "Cannot open a locked SMRAM region\n"));=0D + return EFI_DEVICE_ERROR;=0D + }=0D +=0D + SmramControl |=3D B_SA_SMRAMC_D_OPEN_MASK;=0D + SmramControl &=3D ~(B_SA_SMRAMC_D_CLS_MASK);=0D + PciWrite8 (mSmramcAddress, SmramControl);=0D + }=0D +=0D mSmmAccess.SmmRegionState &=3D ~(EFI_SMRAM_CLOSED | EFI_ALLOCATED);=0D SyncRegionState2SmramDesc (FALSE, (UINT64)(UINTN)(~(EFI_SMRAM_CLOSED | E= FI_ALLOCATED)));=0D =0D mSmmAccess.SmmRegionState |=3D EFI_SMRAM_OPEN;=0D SyncRegionState2SmramDesc (TRUE, EFI_SMRAM_OPEN);=0D +=0D mSmmAccess.SmmAccess.OpenState =3D TRUE;=0D -=0D return EFI_SUCCESS;=0D }=0D =0D @@ -91,6 +119,8 @@ Close ( IN EFI_SMM_ACCESS2_PROTOCOL *This=0D )=0D {=0D + UINT8 SmramControl;=0D +=0D if ((mSmmAccess.SmmRegionState & EFI_SMRAM_LOCKED) !=3D 0) {=0D //=0D // Cannot close a "locked" region=0D @@ -103,6 +133,25 @@ Close ( return EFI_DEVICE_ERROR;=0D }=0D =0D + //=0D + // Chipset code=0D + //=0D + if (mSmramcAddress !=3D 0xFFFFFFFF) {=0D + SmramControl =3D PciRead8 (mSmramcAddress);=0D +=0D + // Cannot open locked region=0D + if ((SmramControl & B_SA_SMRAMC_D_LCK_MASK) !=3D 0) {=0D + mSmmAccess.SmmRegionState |=3D EFI_SMRAM_LOCKED;=0D + SyncRegionState2SmramDesc (TRUE, EFI_SMRAM_LOCKED);=0D +=0D + DEBUG ((DEBUG_WARN, "Cannot close a locked SMRAM region\n"));=0D + return EFI_DEVICE_ERROR;=0D + }=0D +=0D + SmramControl &=3D ~(B_SA_SMRAMC_D_OPEN_MASK);=0D + PciWrite8 (mSmramcAddress, SmramControl);=0D + }=0D +=0D mSmmAccess.SmmRegionState &=3D ~EFI_SMRAM_OPEN;=0D SyncRegionState2SmramDesc (FALSE, (UINT64)(UINTN)(~EFI_SMRAM_OPEN));=0D =0D @@ -142,6 +191,14 @@ Lock ( mSmmAccess.SmmRegionState |=3D EFI_SMRAM_LOCKED;=0D SyncRegionState2SmramDesc (TRUE, EFI_SMRAM_LOCKED);=0D mSmmAccess.SmmAccess.LockState =3D TRUE;=0D +=0D + //=0D + // Chipset code=0D + //=0D + if (mSmramcAddress !=3D 0xFFFFFFFF) {=0D + PciOr8 (mSmramcAddress, B_SA_SMRAMC_D_LCK_MASK);=0D + }=0D +=0D return EFI_SUCCESS;=0D }=0D =0D @@ -184,6 +241,33 @@ GetCapabilities ( return Status;=0D }=0D =0D +/**=0D + Get specified SMI register based on given register ID=0D +=0D + @param[in] SmmRegister SMI related register array from bootloader=0D + @param[in] Id The register ID to get.=0D +=0D + @retval NULL The register is not found=0D + @return smi register=0D +=0D +**/=0D +PLD_GENERIC_REGISTER *=0D +GetRegisterById (=0D + PLD_SMM_REGISTERS *SmmRegisters,=0D + UINT64 Id=0D + )=0D +{=0D + UINT32 Index;=0D +=0D + for (Index =3D 0; Index < SmmRegisters->Count; Index++) {=0D + if (SmmRegisters->Registers[Index].Id =3D=3D Id) {=0D + return &SmmRegisters->Registers[Index];=0D + }=0D + }=0D +=0D + return NULL;=0D +}=0D +=0D /**=0D This function installs EFI_SMM_ACCESS_PROTOCOL.=0D =0D @@ -206,6 +290,8 @@ SmmAccessEntryPoint ( UINT32 SmmRegionNum;=0D EFI_SMRAM_HOB_DESCRIPTOR_BLOCK *SmramHob;=0D UINT32 Index;=0D + PLD_SMM_REGISTERS *SmmRegisters;=0D + PLD_GENERIC_REGISTER *SmramcReg;=0D =0D //=0D // Get SMRAM info HOB=0D @@ -239,6 +325,21 @@ SmmAccessEntryPoint ( mSmmAccess.SmramDesc[Index].RegionState |=3D EFI_SMRAM_CLOSED | EFI_CA= CHEABLE;=0D }=0D =0D + //=0D + // Some platforms require to open/close SMRAMC register=0D + // Supports PCH, not ICH (QEMU)=0D + //=0D + GuidHob =3D GetFirstGuidHob (&gSmmRegisterInfoGuid);=0D + if (GuidHob !=3D NULL) {=0D + SmmRegisters =3D GET_GUID_HOB_DATA (GuidHob);=0D +=0D + SmramcReg =3D GetRegisterById (SmmRegisters, REGISTER_ID_SMRAMC);=0D + if (SmramcReg !=3D NULL) {=0D + DEBUG ((DEBUG_INFO, "SMRAMC reg found.\n"));=0D + mSmramcAddress =3D SmramcReg->Address.Address;=0D + }=0D + }=0D +=0D mSmmAccess.Signature =3D SMM_ACCESS_PRIVATE_DATA_SIGNATU= RE;=0D mSmmAccess.NumberRegions =3D SmmRegionNum;=0D mSmmAccess.SmmAccess.Open =3D Open;=0D diff --git a/UefiPayloadPkg/SmmAccessDxe/SmmAccessDxe.h b/UefiPayloadPkg/Sm= mAccessDxe/SmmAccessDxe.h index 51a3cac8c51b..73c50a2f861e 100644 --- a/UefiPayloadPkg/SmmAccessDxe/SmmAccessDxe.h +++ b/UefiPayloadPkg/SmmAccessDxe/SmmAccessDxe.h @@ -18,6 +18,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include =0D #include =0D #include =0D +#include =0D =0D #define SMM_ACCESS_PRIVATE_DATA_SIGNATURE SIGNATURE_32 ('S', 'M', 'M', '= A')=0D =0D diff --git a/UefiPayloadPkg/SmmAccessDxe/SmmAccessDxe.inf b/UefiPayloadPkg/= SmmAccessDxe/SmmAccessDxe.inf index aac5ee8f28dc..bff15bc0989a 100644 --- a/UefiPayloadPkg/SmmAccessDxe/SmmAccessDxe.inf +++ b/UefiPayloadPkg/SmmAccessDxe/SmmAccessDxe.inf @@ -40,9 +40,11 @@ BaseMemoryLib=0D MemoryAllocationLib=0D HobLib=0D + PciLib=0D =0D [Guids]=0D gEfiSmmSmramMemoryGuid=0D + gSmmRegisterInfoGuid=0D =0D [Protocols]=0D gEfiSmmAccess2ProtocolGuid ## PRODUCES=0D --=20 2.43.0 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#112339): https://edk2.groups.io/g/devel/message/112339 Mute This Topic: https://groups.io/mt/103119572/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-