From: Laszlo Ersek <lersek@redhat.com>
To: Jeff Fan <jeff.fan@intel.com>, edk2-devel@ml01.01.org
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Michael D Kinney <michael.d.kinney@intel.com>
Subject: Re: [PATCH 1/2] UefiCpuPkg/PiSmmCpuDxeSmm: Put AP into safe hlt-loop code on S3 path
Date: Thu, 10 Nov 2016 09:50:58 +0100 [thread overview]
Message-ID: <714ae963-4f97-bfb5-4265-fcdc8b96ace6@redhat.com> (raw)
In-Reply-To: <20161110060708.13932-2-jeff.fan@intel.com>
Before I test this, I have one question / suggestion:
On 11/10/16 07:07, Jeff Fan wrote:
> On S3 path, we will wake up APs to restore CPU context in PiSmmCpuDxeSmm
> driver. However, we place AP in hlt-loop under 1MB space borrowed after CPU
> restoring CPU contexts.
> In case, one NMI or SMI happens, APs may exit from hlt state and execute the
> instruction after HLT instruction. But the code under 1MB is no longer safe at
> that time.
>
> This fix is to allocate one ACPI NVS range to place the AP hlt-loop code. When
> CPU finished restoration CPU contexts, AP will execute in this ACPI NVS range.
>
> https://bugzilla.tianocore.org/show_bug.cgi?id=216
>
> Reported-by: Laszlo Ersek <lersek@redhat.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jeff Fan <jeff.fan@intel.com>
> ---
> UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c | 31 +++++++++++++++++++++++++++
> UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c | 25 +++++++++++++++++++++
> UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 13 +++++++++++
> UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c | 26 ++++++++++++++++++++++
> 4 files changed, 95 insertions(+)
>
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
> index 6a798ef..6f290b8 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
> @@ -77,6 +77,13 @@ SMM_S3_RESUME_STATE *mSmmS3ResumeState = NULL;
>
> BOOLEAN mAcpiS3Enable = TRUE;
>
> +UINT8 *mApHltLoopCode = NULL;
> +UINT8 mApHltLoopCodeTemplate[] = {
> + 0xFA, // cli
> + 0xF4, // hlt
> + 0xEB, 0xFC // jmp $-2
> + };
> +
> /**
> Get MSR spin lock by MSR index.
>
> @@ -376,6 +383,8 @@ MPRendezvousProcedure (
> CPU_REGISTER_TABLE *RegisterTableList;
> UINT32 InitApicId;
> UINTN Index;
> + UINT32 TopOfStack;
> + UINT8 Stack[128];
>
> ProgramVirtualWireMode ();
> DisableLvtInterrupts ();
> @@ -393,6 +402,13 @@ MPRendezvousProcedure (
> // Count down the number with lock mechanism.
> //
> InterlockedDecrement (&mNumberToFinish);
> +
> + //
> + // Place AP into the safe code
> + //
> + TopOfStack = (UINT32) (UINTN) Stack + sizeof (Stack);
Here I suggest to append the following assignment:
TopOfStack &= ~(UINT32) (CPU_STACK_ALIGNMENT - 1);
This will clear the least significant bits of TopOfStack, wasting at
most (CPU_STACK_ALIGNMENT - 1) bytes from the Stack array. However, the
stack will be aligned correctly.
Not sure if it's necessary, but the patch reminds me of commit
f98f5ec304ec ("S3Resume2Pei: align return stacks explicitly").
What do you think?
Thanks!
Laszlo
> + CopyMem ((VOID *) (UINTN) mApHltLoopCode, mApHltLoopCodeTemplate, sizeof (mApHltLoopCodeTemplate));
> + TransferApToSafeState ((UINT32) (UINTN) mApHltLoopCode, TopOfStack);
> }
>
> /**
> @@ -731,6 +747,8 @@ InitSmmS3ResumeState (
> VOID *GuidHob;
> EFI_SMRAM_DESCRIPTOR *SmramDescriptor;
> SMM_S3_RESUME_STATE *SmmS3ResumeState;
> + EFI_PHYSICAL_ADDRESS Address;
> + EFI_STATUS Status;
>
> if (!mAcpiS3Enable) {
> return;
> @@ -773,6 +791,19 @@ InitSmmS3ResumeState (
> // Patch SmmS3ResumeState->SmmS3Cr3
> //
> InitSmmS3Cr3 ();
> +
> + //
> + // Allocate safe memory in ACPI NVS for AP to execute hlt loop on S3 path
> + //
> + Address = BASE_4GB - 1;
> + Status = gBS->AllocatePages (
> + AllocateMaxAddress,
> + EfiACPIMemoryNVS,
> + EFI_SIZE_TO_PAGES (sizeof (mApHltLoopCodeTemplate)),
> + &Address
> + );
> + ASSERT_EFI_ERROR (Status);
> + mApHltLoopCode = (UINT8 *) (UINTN) Address;
> }
>
> /**
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c
> index 545b534..3e99aab 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c
> @@ -94,3 +94,28 @@ InitGdt (
> *GdtStepSize = GdtTableStepSize;
> return GdtTssTables;
> }
> +
> +/**
> + Transfer AP to safe hlt-loop after it finished restore CPU features on S3 patch.
> +
> + @param[in] ApHltLoopCode The 32-bit address of the safe hlt-loop function
> + @param[in] TopOfStack A pointer to the new stack to use for the ApHltLoopCode.
> +
> +**/
> +VOID
> +TransferApToSafeState (
> + IN UINT32 ApHltLoopCode,
> + IN UINT32 TopOfStack
> + )
> +{
> + SwitchStack (
> + (SWITCH_STACK_ENTRY_POINT) (UINTN) ApHltLoopCode,
> + NULL,
> + NULL,
> + (VOID *) (UINTN) TopOfStack
> + );
> + //
> + // It should never reach here
> + //
> + ASSERT (FALSE);
> +}
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> index 9b119c8..82fa5a6 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> @@ -825,4 +825,17 @@ GetAcpiS3EnableFlag (
> VOID
> );
>
> +/**
> + Transfer AP to safe hlt-loop after it finished restore CPU features on S3 patch.
> +
> + @param[in] ApHltLoopCode The 32-bit address of the safe hlt-loop function
> + @param[in] TopOfStack A pointer to the new stack to use for the ApHltLoopCode.
> +
> +**/
> +VOID
> +TransferApToSafeState (
> + IN UINT32 ApHltLoopCode,
> + IN UINT32 TopOfStack
> + );
> +
> #endif
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c
> index b53aa45..c05dec7 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c
> @@ -68,3 +68,29 @@ InitGdt (
> *GdtStepSize = GdtTableStepSize;
> return GdtTssTables;
> }
> +/**
> + Transfer AP to safe hlt-loop after it finished restore CPU features on S3 patch.
> +
> + @param[in] ApHltLoopCode The 32-bit address of the safe hlt-loop function
> + @param[in] TopOfStack A pointer to the new stack to use for the ApHltLoopCode.
> +
> +**/
> +VOID
> +TransferApToSafeState (
> + IN UINT32 ApHltLoopCode,
> + IN UINT32 TopOfStack
> + )
> +{
> + SwitchStack (
> + (SWITCH_STACK_ENTRY_POINT) (UINTN) ApHltLoopCode,
> + NULL,
> + NULL,
> + (VOID *) (UINTN) TopOfStack
> + );
> + //
> + // It should never reach here
> + //
> + ASSERT (FALSE);
> +}
> +
> +
>
next prev parent reply other threads:[~2016-11-10 8:50 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-10 6:07 [PATCH 0/2] Put AP into safe hlt-loop code on S3 path Jeff Fan
2016-11-10 6:07 ` [PATCH 1/2] UefiCpuPkg/PiSmmCpuDxeSmm: " Jeff Fan
2016-11-10 8:50 ` Laszlo Ersek [this message]
2016-11-10 9:00 ` Fan, Jeff
2016-11-10 9:30 ` Laszlo Ersek
2016-11-10 6:07 ` [PATCH 2/2] UefiCpuPkg/PiSmmCpuDxeSmm: Place AP to 32bit protected mode " Jeff Fan
2016-11-10 8:56 ` [PATCH 0/2] Put AP into safe hlt-loop code " Laszlo Ersek
2016-11-10 9:59 ` Paolo Bonzini
2016-11-11 6:32 ` Fan, Jeff
2016-11-10 10:41 ` Laszlo Ersek
2016-11-10 11:17 ` Yao, Jiewen
2016-11-10 12:08 ` Laszlo Ersek
2016-11-10 20:45 ` Laszlo Ersek
2016-11-10 12:26 ` Paolo Bonzini
2016-11-10 13:33 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=714ae963-4f97-bfb5-4265-fcdc8b96ace6@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox