From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jiewen.yao@intel.com>
Received: from mga09.intel.com (mga09.intel.com [134.134.136.24])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 0CF4B21DFA7AB
 for <edk2-devel@lists.01.org>; Fri, 24 Mar 2017 16:49:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=intel;
 t=1490399341; x=1521935341;
 h=from:to:cc:subject:date:message-id:references:
 in-reply-to:mime-version;
 bh=6p3Tr/XtZ9w0Ko0bX0XqIGOy+9eQOhWa/1cj1XzLbWM=;
 b=nG1X4ZWyZL9y6u43YaBlhj7PxwrVgGa914d9j75KfnVwXyln34/EmkUK
 CCk/sE1xwyM1aeXBV2jRK69vmcXpXA==;
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
 by orsmga102.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 24 Mar 2017 16:49:00 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.36,216,1486454400"; d="scan'208,217";a="80805658"
Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202])
 by fmsmga006.fm.intel.com with ESMTP; 24 Mar 2017 16:49:00 -0700
Received: from FMSMSX109.amr.corp.intel.com (10.18.116.9) by
 fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Fri, 24 Mar 2017 16:49:00 -0700
Received: from shsmsx151.ccr.corp.intel.com (10.239.6.50) by
 fmsmsx109.amr.corp.intel.com (10.18.116.9) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Fri, 24 Mar 2017 16:48:59 -0700
Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.212]) by
 SHSMSX151.ccr.corp.intel.com ([169.254.3.82]) with mapi id 14.03.0248.002;
 Sat, 25 Mar 2017 07:48:57 +0800
From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: Laszlo Ersek <lersek@redhat.com>, William Tambe <tambewilliam@gmail.com>
CC: "edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Thread-Topic: [edk2] Page Table initialization and update in SMM mode
Thread-Index: AQHSoxawkk97yyYRHkWUNU/PKciMz6GjoqAAgAEHHvA=
Date: Fri, 24 Mar 2017 23:48:56 +0000
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503A913D02@shsmsx102.ccr.corp.intel.com>
References: <CAF8i9mM2odnc5+YAKToJdhg-9se+RFqXnxYkosyqj5Lj0ZdQ1Q@mail.gmail.com>
 <4d40b816-c024-020d-0471-c6023c6b5d0b@redhat.com>
In-Reply-To: <4d40b816-c024-020d-0471-c6023c6b5d0b@redhat.com>
Accept-Language: zh-CN, en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
X-Content-Filtered-By: Mailman/MimeDel 2.1.22
Subject: Re: Page Table initialization and update in SMM mode
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Mar 2017 23:49:01 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi Laszlo
Thanks for the reminder.

Hi William
I try to your answer below. Feel free to let me know if you have more quest=
ion.

For more detail information on how we protect SMRAM, please refer to https:=
//www.gitbook.com/book/edk2-docs/a-tour-beyond-bios-memory-protection-in-ue=
fi-bios/details


Thank you
Yao Jiewen


From: Laszlo Ersek [mailto:lersek@redhat.com]
Sent: Friday, March 24, 2017 11:58 PM
To: William Tambe <tambewilliam@gmail.com>; Yao, Jiewen <jiewen.yao@intel.c=
om>
Cc: edk2-devel@lists.01.org
Subject: Re: [edk2] Page Table initialization and update in SMM mode

Jiewen,

On 03/22/17 15:14, William Tambe wrote:
> Dear all,
>
> When building OVMF with SMM_REQUIRE:
>
> - Would you know where in the code base the Page Table set in the Cr3
> register is initialized during boot ?
[Jiewen] UefiCpuPkg\PiSmmCpuDxeSmm\MpService.c: InitializeMpServiceData()

  //
  // Create page tables
  //
  Cr3 =3D SmmInitPageTable ();


>
> - Where does it get updated when a new page needs to be allocated or free=
d ?
[Jiewen] We do not update page table on allocation/free.

Instead PiSmmCpu driver updates page table once, after ready to lock.
UefiCpuPkg\PiSmmCpuDxeSmm\PiSmmCpuDxeSmm.c: PerformRemainingTasks()


    //
    // Create a mix of 2MB and 4KB page table. Update some memory ranges ab=
sent and execute-disable.
    //
    InitPaging ();

    //
    // Mark critical region to be read-only in page table
    //
    SetMemMapAttributes ();

    //
    // For outside SMRAM, we only map SMM communication buffer or MMIO.
    //
    SetUefiMemMapAttributes ();

    //
    // Set page table itself to be read-only
    //
    SetPageTableAttributes ();


>
> - Or is there a hook I can register myself to in order to get a chance to
> review an entry to be added or removed from the Page Tables ?
[Jiewen] You can register a ready to boot event in your SMM driver and dump=
 page table, which is the final page table in SMM.
(That is what our internal test case does. :))



can you please help answer these questions? I seem to remember that we
discussed code around this when we were looking into the SMM stack
overflow experienced with OVMF:

509f8425b75d UefiCpuPkg: change PcdCpuSmmStackGuard default to TRUE
0d0c245dfb14 OvmfPkg: set SMM stack size to 16KB

William: I suggest to check out the following files:

UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c
UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c

and/or to grep the code for "PcdCpuSmmStackGuard", to get a feel for
what to investigate.

Thanks
Laszlo