Re: [edk2-devel] [PATCH v2 2/3] UefiCpuPkg/PiSmmCpuDxeSmm: Change CR4.CET bit only

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Laszlo Ersek" <lersek@redhat.com>
To: devel@edk2.groups.io, w.sheng@intel.com
Cc: Eric Dong <eric.dong@intel.com>, Ray Ni <ray.ni@intel.com>,
	Wu Jiaxin <jiaxin.wu@intel.com>, Tan Dun <dun.tan@intel.com>
Subject: Re: [edk2-devel] [PATCH v2 2/3] UefiCpuPkg/PiSmmCpuDxeSmm: Change CR4.CET bit only
Date: Wed, 8 Nov 2023 22:22:48 +0100	[thread overview]
Message-ID: <479a2b63-22f4-7438-1f23-9fefa0532853@redhat.com> (raw)
In-Reply-To: <20231106090754.820-3-w.sheng@intel.com>

On 11/6/23 10:07, Sheng Wei wrote:
> Do not use fixed CR4 value 0x668, change CR4.CET bit only.
> 
> Signed-off-by: Sheng Wei <w.sheng@intel.com>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Wu Jiaxin <jiaxin.wu@intel.com>
> Cc: Tan Dun <dun.tan@intel.com>
> ---
>  UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 9 ++++++---
>  UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm  | 3 ++-
>  2 files changed, 8 insertions(+), 4 deletions(-)
> 
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
> index 68332e2c3f..a087576a54 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
> @@ -260,7 +260,8 @@ CetInterruptDone:
>      bts     ecx, 16                     ; set WP
>      mov     cr0, ecx
>  
> -    mov     eax, 0x668 | CR4_CET
> +    mov     eax, cr4
> +    bts     eax, CR4_CET_BIT
>      mov     cr4, eax
>  
>      setssbsy
> @@ -292,8 +293,10 @@ CetDone:
>      xor     edx, edx
>      wrmsr
>  
> -    mov     eax, 0x668
> -    mov     cr4, eax       ; disable CET
> +    ; clear CR4.CET bit
> +    mov     eax, cr4
> +    btr     eax, CR4_CET_BIT
> +    mov     cr4, eax
>  
>      mov     ecx, MSR_IA32_PL0_SSP
>      pop     eax
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
> index 007fbff640..7aed7c8dda 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
> @@ -287,7 +287,8 @@ CetInterruptDone:
>      bts     ecx, 16                     ; set WP
>      mov     cr0, rcx
>  
> -    mov     eax, 0x668 | CR4_CET
> +    mov     rax, cr4
> +    bts     rax, CR4_CET_BIT
>      mov     cr4, rax
>  
>      setssbsy

I didn't understand why the X64 code here didn't contain the "btr"
counterpart of "bts". Well the reason is that the "missing" btr is
actually introduced in the previous patch.

I find that confusing. I think that, once you have "Cet.inc", you should
separately replace CR4_CET with CR4_CET_BIT, both in "Cet.inc" and in
the three existent locations (two in the IA32 entry code and one in the
X64 entry code).

*Then* you could proceed to clearing CR4.CET in the subsequent patch,
using CR4_CET_BIT.

Laszlo



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110927): https://edk2.groups.io/g/devel/message/110927
Mute This Topic: https://groups.io/mt/102416574/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/xyzzy [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

next prev parent reply	other threads:[~2023-11-08 21:22 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-11-06  9:07 [edk2-devel] [PATCH v2 0/3] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR4.CET before Sheng Wei
2023-11-06  9:07 ` [edk2-devel] [PATCH v2 1/3] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR4.CET before restoring MSR IA32_S_CET Sheng Wei
2023-11-08 21:16   ` Laszlo Ersek
2023-11-09  7:50     ` Sheng Wei
2023-11-06  9:07 ` [edk2-devel] [PATCH v2 2/3] UefiCpuPkg/PiSmmCpuDxeSmm: Change CR4.CET bit only Sheng Wei
2023-11-08 21:22   ` Laszlo Ersek [this message]
2023-11-06  9:07 ` [edk2-devel] [PATCH v2 3/3] UefiCpuPkg/PiSmmCpuDxeSmm: Set mSmmInterruptSspTables initial value Sheng Wei
2023-11-08 21:24   ` Laszlo Ersek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=479a2b63-22f4-7438-1f23-9fefa0532853@redhat.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox