From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.groups.io with SMTP id smtpd.web08.9783.1624370754843037102 for ; Tue, 22 Jun 2021 07:05:55 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=BIw75Sx0; spf=pass (domain: redhat.com, ip: 216.205.24.124, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1624370754; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=t6Q+yXAKtVSKnaHHdMR5ofWfC00y1EezjRkffO6gdc8=; b=BIw75Sx0FMAzJGNOxnWT8561U3vln7JmYI6E11KCD+P+aS84BI6KQQZDa3QpvDeoFE6tJy cdi7i9dHgDNdjNSl1FL5nAJWj75DWTHeZCR3X98FZ0xT35Xy2yGyAk/yV7g4WQscjzwd3w VnjY9K7mYlrx/niDfMY7uR5piCYGZtU= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-603-3_Rot5DrN4eAykd190WRDg-1; Tue, 22 Jun 2021 10:05:50 -0400 X-MC-Unique: 3_Rot5DrN4eAykd190WRDg-1 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 30395800D55; Tue, 22 Jun 2021 14:05:49 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-115-52.ams2.redhat.com [10.36.115.52]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BE49719C46; Tue, 22 Jun 2021 14:05:47 +0000 (UTC) Subject: Re: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Initialize the fixed previous shadow stack token. To: Sheng Wei , devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Jiewen Yao References: <20210613043638.4208-1-w.sheng@intel.com> From: "Laszlo Ersek" Message-ID: <2905f738-c08a-a9fd-4770-6fcd80907a72@redhat.com> Date: Tue, 22 Jun 2021 16:05:46 +0200 MIME-Version: 1.0 In-Reply-To: <20210613043638.4208-1-w.sheng@intel.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 06/13/21 06:36, Sheng Wei wrote: > The fixed previous shadow stack token should be initialized as UINT64. > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3192 > > Signed-off-by: Sheng Wei > Cc: Eric Dong > Cc: Ray Ni > Cc: Laszlo Ersek > Cc: Rahul Kumar > Cc: Jiewen Yao > --- > UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c > index 661c1ba294..ca3f5ff91a 100644 > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c > @@ -202,7 +202,7 @@ InitShadowStack ( > // Please refer to UefiCpuPkg/Library/CpuExceptionHandlerLib/X64 for the full stack frame at runtime. > // > InterruptSsp = (UINT32)((UINTN)ShadowStack + EFI_PAGES_TO_SIZE(1) - sizeof(UINT64)); > - *(UINT32 *)(UINTN)InterruptSsp = (InterruptSsp - sizeof(UINT64) * 4) | 0x2; > + *(UINT64 *)(UINTN)InterruptSsp = (InterruptSsp - sizeof(UINT64) * 4) | 0x2; > mCetInterruptSsp = InterruptSsp - sizeof(UINT64); > > mCetInterruptSspTable = (UINT32)(UINTN)(mSmmInterruptSspTables + sizeof(UINT64) * 8 * CpuIndex); > (1) Please add the following line to the commit message: Fixes: 0930e7ff64281017762c8c055bab38925944c724 (2) The subject line is quite confusing; how about: UefiCpuPkg/PiSmmCpuDxeSmm: initialize shadow stack token as UINT64 (3) Commit 0930e7ff6428 ("UefiCpuPkg/CpuExceptionHandlerLib: Clear CET shadow stack token busy bit", 2021-03-02) was reviewed by Jiewen and Ray; I'd like to ask them to review this fix as well. Thanks Laszlo