From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by mx.groups.io with SMTP id smtpd.web11.55635.1672716707392591555 for ; Mon, 02 Jan 2023 19:31:47 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=ekbSbAnY; spf=pass (domain: intel.com, ip: 134.134.136.31, mailfrom: dun.tan@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1672716706; x=1704252706; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=UtaRdRoFwGHVqAMwmPzpVxVA+t1yHWy9vbiK7TQGmCg=; b=ekbSbAnYtW795cGAeF6ujvPgZAIPYwgrQgNYTM4HQbw/+HDkjvf1fDnc FcAOokCz+z45Ss1OLwuVTVrUnU208QLFQAMDJzHhKKrq3Nae7wixvIZxS s1pwpvaBxpsiBu1VPAWvD6/VYhiQBcbkR/HRTLnz4TcSqdV9j8rWGlv87 C039+ywL94MHGM6qbcit7pVKRS/PppcT1ulhz9DIqHL3gOo/rMH/k1CVg btcZ5iEY8i4Wp/GYP22gBsUPq/QQkX7JHBEAfLKJ2OswwvIk8LSVS3Rae zZGb8pRyuunDAdr/9HBshdbVJJaKvg6DU7qcZuakSjBlOtoQldkvzMskp w==; X-IronPort-AV: E=McAfee;i="6500,9779,10578"; a="383873195" X-IronPort-AV: E=Sophos;i="5.96,295,1665471600"; d="scan'208";a="383873195" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Jan 2023 19:31:41 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10578"; a="648071102" X-IronPort-AV: E=Sophos;i="5.96,295,1665471600"; d="scan'208";a="648071102" Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82]) by orsmga007.jf.intel.com with ESMTP; 02 Jan 2023 19:31:41 -0800 Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16; Mon, 2 Jan 2023 19:31:41 -0800 Received: from fmsmsx601.amr.corp.intel.com (10.18.126.81) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16; Mon, 2 Jan 2023 19:31:40 -0800 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16 via Frontend Transport; Mon, 2 Jan 2023 19:31:40 -0800 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (104.47.59.172) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.16; Mon, 2 Jan 2023 19:31:40 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UbynFF4RXX0w1kj0DKx5r9nznbXY4+oFiQ3Rd/b/q56aZuskXszCDLNZJlP/aRoZpn3X7tGqDgwtLMQn3QHGAl0cblnUKb4l86SiU6WbB9E+CaFAj8uuhkcI3BH3PHSkpMGz07UuDfKwikOXz71a91dPF5kEl8yg7YyCDcNEdYPj2g2XE6iGnjuKMmmtg9dHvE0ecTlbL18O4VVIwMCxcslS/GIpU6sRzqq28o7NnKEDjdFcUAg9Qe/mtOY6gGA6wYfL5b5ZS/6uvy1cOKcN9KOv8mZsZXrugPMrZS9DB7vp3XtwauQFbGWs+Lu0S/XgzPIK4tk6+nsd7uvOBnVgUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wwGKXX6PtRN+xKN/jOB33A7gXTd/VRwIBvSQEj3cJJk=; b=Uym19+ljJP3CVd8RDDazRBMHsqpsCFum1iotbYef0saEy1Hl+BeU9RlOA8LjoDE1caKvRQHO8Pl/yjsHm19zKGMf67H1y7IjVtjnynSS6Y8D9ay0HGxTEvai7Aw3uekEqJHWVc41wMKA1Hs4kElhr8UJJOz+OFuI/dTM6PL2XAxC3LtylvvvDgZzh0N6QlePfaLP96XOJFnTMw63oSqrTDVzSzBhpxgGLUfpZiCaTsYn9rxlzt16yHyN2IErfC70K8az5OPFNgygeznZ97hjcBewCA+q3PUMoOh7QdtubClsSxFmg0bISImlkIAuDn71XNV/TcsNvKwQswaGrt4qag== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from BN9PR11MB5483.namprd11.prod.outlook.com (2603:10b6:408:104::10) by DM8PR11MB5672.namprd11.prod.outlook.com (2603:10b6:8:26::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5944.19; Tue, 3 Jan 2023 03:31:38 +0000 Received: from BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::ca77:cd37:7de9:ec7a]) by BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::ca77:cd37:7de9:ec7a%4]) with mapi id 15.20.5944.019; Tue, 3 Jan 2023 03:31:38 +0000 From: "duntan" To: "Ni, Ray" , "devel@edk2.groups.io" CC: "Dong, Eric" , "Kumar, Rahul R" Subject: Re: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm:Fix PF issue caused by smm page table code Thread-Topic: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm:Fix PF issue caused by smm page table code Thread-Index: AQHZHyKf20sgKEjgk020URpUDALHPq6MCO0A Date: Tue, 3 Jan 2023 03:31:38 +0000 Message-ID: References: <20230103025655.1867-1-dun.tan@intel.com> In-Reply-To: Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: BN9PR11MB5483:EE_|DM8PR11MB5672:EE_ x-ms-office365-filtering-correlation-id: 30a611ec-6690-4b8f-1e71-08daed3b05f9 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: to7cDHpRiauEetGQma60vCHAEM8Rmhdddt+EkaPVcbGDtWJDlJ41XiTt7HxNlV8L2eJ9DBWHNI6ywxWMAL9eYt0vAdtYD5ee5ISs60TmB4NVF1CBm1yV+JF23tCkp2MoL+ljCyyyIiJZlyqffg+qoxs1PbstKP3T/pyeptN7PuvUZHb5tFUWNU6wE6406mpM76y1Kz1LAXc1/86bWM8nZ2wI/uBAN7M0no0HU0FBnZIPWklvOz+zOfb9kiehHYzKaTM5GPATyjp2/L7RbmmUJ8eZyviFil+N8F87W0QjqSVTCwdUYPRs+lBGqrb0+tqgHcEHCCklZg3qJDwqfa2BoxVTvlfDWl7kO9vrA97F/1sLMhBmrgBKBgEa4EtR0OEiTSXcj+5V1XU3C9FtHbyyanupPIYJ+fQleXC78J6kdWx2Sc8WntHVqToNtd5U52AGcQka7tS5MJF1pXtZ128Hs5Ebh7lYnwNeFoVExq9HSuUTI+CvlvB8exp6UEivlROHq+rQ9rKs/MXPQHnq373sfaQLacnT0/Ih71oKeisjorKFq43m1gbMdGuZ5kmfpbe18Y+iub03LR5luuCmVTVMkb0Lr6RRLZkNlIMLmm4irJ9+DiuvnS2BKPrie98KpiTST6v5wPBBweZDk6UUyptdYy2VCZaU9i/jaTF9hl201grkVbIijVOnLEu95dJ6w9OjzF9ES+KTryATc+NS/MVu0zB43xdAcwfCtNJrdMQIneA= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN9PR11MB5483.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(6029001)(396003)(136003)(39860400002)(346002)(366004)(376002)(451199015)(186003)(9686003)(26005)(53546011)(7696005)(107886003)(33656002)(83380400001)(55016003)(86362001)(38070700005)(82960400001)(38100700002)(122000001)(6506007)(8676002)(52536014)(41300700001)(4326008)(2906002)(5660300002)(8936002)(478600001)(71200400001)(66946007)(76116006)(66476007)(66556008)(316002)(54906003)(64756008)(66446008)(110136005)(22166006);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?vdr7FnLPheKxZNNbbzRBYkQD/G0xB0nWNg6KpOEnWo+38n9A9McMaF5538wK?= =?us-ascii?Q?5p/0yBimrQYq7kYSgDvyBfhcLhA1gjspaEybtG9cTc7G1ajjO7jqqdgh3Jzr?= =?us-ascii?Q?mOv9ih2GTI3r2fj2NhUkRATayDqY+PZDenuW5mUz5uZP+IUTtTtiIppDb4h6?= =?us-ascii?Q?jfNEWIJHsUUfU8CXzJQVFGHta/75LgV3R89+MjUJf5Uc9/3bYkkyEtP6nyXx?= =?us-ascii?Q?ngBMWsRRgnkN3orZLjhoZQU38/7iGCUTikX5z3mQkY4husTKXLPDt4zdY+Bc?= =?us-ascii?Q?3jX90sdz8wZrZpUS2t62BPaMygjuMjiMY1cQs+mZbxTC848QYI6g05IeiSiz?= =?us-ascii?Q?ZM+MUAR67aj0KGMy/S8jqH2xo+unVik3L8LUBbRBtT63xJV6bbaGoSrbP+82?= =?us-ascii?Q?N+d/CsL6xogwv5tWub1D3FN3yYhT68wF+xsFyjOyG5GohblHdRkuy41u/YqQ?= =?us-ascii?Q?vKMWz56K1Xnd8FUSeUlNhdOFhGbSliX2VTBcitjrIuOtFIOhIIJI/IiNHMvR?= =?us-ascii?Q?Sv3hVQvoGltUpRmI+ioxTKNNHqHBWTBSry10qA41yX9DgPmwya3n3i1T8dIE?= =?us-ascii?Q?328+Uf6Xrm0ES4wPpSp7x79nOnvxypj3NmORCsHQJogRO/uipBCiYB2aT1SH?= =?us-ascii?Q?6u4IDm7Ja9migja3ukttgJVPQppvnx1y9VzkgS0BgwyGurVUkOBdGmQY+P4J?= =?us-ascii?Q?4bGSEU+tFwMunX7Bdwgs+mOYGrxt0260yh0HXVKmdv8hNJYv1v6bU6l2VzYP?= =?us-ascii?Q?bPpTmZEebZfadX1Ny3RHkGzQxKAqClLMrMSs6PS6jGFwL3DbVF4HDXV2WoFw?= =?us-ascii?Q?U70QS2hUBrlf5oGf7QNuNKfjCQl4LzWtZ3JYgHZqcznIwguNtddjoEscmlCx?= =?us-ascii?Q?Y0uQa/0lsdM4U/Ry45zGWOo5dgpV/95GiTl3La73CCtWm+766S+r3COEBkjt?= =?us-ascii?Q?5sRvqmZA/liTXtZJWXpCMEwIAYMpJdFVizaUib8QqwkfhEcLRm7Ku4EStGxQ?= =?us-ascii?Q?v+cQNVe/deM+MCQqrHu5Wo9PjbkhKIqGYuCt99i07x5nsjW7fN+uGm89Nnys?= =?us-ascii?Q?dPTSIYtST7ngsBnSbNFc34HDYa4lorOrfWMnR7qLFDR/hUBWq9iljLu3AlKD?= =?us-ascii?Q?R/peepy91DhQ6v1G1/OTgXdYvdXaxn6A2HyYMvI4g2+oaOjvPcSy3tnjoEsc?= =?us-ascii?Q?NrxZ01CwNy0TU9qi/k9I/iHs2sOhhSW2Etjk9qFe2kOSAZdBmWODTQG1yebA?= =?us-ascii?Q?htV1GDM6M+G6l/tUe0trT9JM6FqcDEuDb6GelqgXjB+YDxck4jVsouvOki99?= =?us-ascii?Q?3+GSgCZBRUaf3bIXSYqfNd6JAZA8glfzYRyHoFrDaRhZChss2k1ozEsIbnHf?= =?us-ascii?Q?qiwj9zNOeGI0696YqLEXbr0IJ7Zxb9L6183MoN7tDoT40KbLOxMKRwHUTi3P?= =?us-ascii?Q?yvP04bA+daFmSH2qz3dD6hOZR8PPP3Ne49geFcCNd+a3y9akFntqD9SMUkga?= =?us-ascii?Q?uq1WMmdKYXQay14RqhpmxCn3n442s3VdFbQRcGt0S2xCoYIqavlnvFc3IgJ0?= =?us-ascii?Q?7VOGFd6nxTunemDUxV4=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BN9PR11MB5483.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 30a611ec-6690-4b8f-1e71-08daed3b05f9 X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Jan 2023 03:31:38.5256 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 2Gsbqq7zvdCrmKr8X7+EOpO34lhXtwVAMZvXYANo7IjRFJlzJ4CpGdKp7vLH8uxBrlA+lJU64CRpiDTHnQeLmg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM8PR11MB5672 Return-Path: dun.tan@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Ray, Thanks for the comments. Will send V2 patch soon. Thanks, Dun -----Original Message----- From: Ni, Ray =20 Sent: Tuesday, January 3, 2023 11:23 AM To: Tan, Dun ; devel@edk2.groups.io Cc: Dong, Eric ; Kumar, Rahul R Subject: RE: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm:Fix PF issue caused by smm p= age table code Dun, CET should be disabled before clearing CR0.WP. > -----Original Message----- > From: Tan, Dun > Sent: Tuesday, January 3, 2023 10:57 AM > To: devel@edk2.groups.io > Cc: Dong, Eric ; Ni, Ray ;=20 > Kumar, Rahul R > Subject: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm:Fix PF issue caused by smm=20 > page table code >=20 > When setting new page table pool to RO, only disable/enable WP when=20 > Cr0.WP has been set to 1 to fix potential PF caused by b822be1a20 > (UefiCpuPkg/PiSmmCpuDxeSmm: Introduce page table pool mechanism). > With previous code, if someone want to modify the page table and=20 > Cr0.WP has been cleared before modify page table, Cr0.WP may be set to=20 > 1 again since new pool may be generated during this process Then PF=20 > fault may happens. >=20 > Signed-off-by: Dun Tan > Cc: Eric Dong > Cc: Ray Ni > Cc: Rahul Kumar > --- > UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 40=20 > ++++++++++++++++++++++++++++------------ > 1 file changed, 28 insertions(+), 12 deletions(-) >=20 > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c > b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c > index 4bb23f6920..c385f12d9c 100644 > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c > @@ -67,8 +67,10 @@ InitializePageTablePool ( > IN UINTN PoolPages > ) > { > - VOID *Buffer; > - BOOLEAN CetEnabled; > + VOID *Buffer; > + BOOLEAN CetEnabled; > + BOOLEAN WpEnabled; > + IA32_CR0 Cr0; >=20 > // > // Always reserve at least PAGE_TABLE_POOL_UNIT_PAGES, including=20 > one page for @@ -106,21 +108,35 @@ InitializePageTablePool ( > // > if (mIsReadOnlyPageTable) { > CetEnabled =3D ((AsmReadCr4 () & CR4_CET_ENABLE) !=3D 0) ? TRUE : FA= LSE; > - if (CetEnabled) { > + Cr0.UintN =3D AsmReadCr0 (); > + WpEnabled =3D (Cr0.Bits.WP !=3D 0) ? TRUE : FALSE; > + if (WpEnabled) { > // > - // CET must be disabled if WP is disabled. > + // Only disable/enable WP when Cr0.Bits.WP has been set to 1. > // > - DisableCet (); > + Cr0.Bits.WP =3D 0; > + AsmWriteCr0 (Cr0.UintN); > + > + if (CetEnabled) { > + // > + // CET must be disabled if WP is disabled. > + // > + DisableCet (); > + } > } >=20 > - AsmWriteCr0 (AsmReadCr0 () & ~CR0_WP); > SmmSetMemoryAttributes ((EFI_PHYSICAL_ADDRESS)(UINTN)Buffer,=20 > EFI_PAGES_TO_SIZE (PoolPages), EFI_MEMORY_RO); > - AsmWriteCr0 (AsmReadCr0 () | CR0_WP); > - if (CetEnabled) { > - // > - // re-enable CET. > - // > - EnableCet (); > + if (WpEnabled) { > + Cr0.UintN =3D AsmReadCr0 (); > + Cr0.Bits.WP =3D 1; > + AsmWriteCr0 (Cr0.UintN); > + > + if (CetEnabled) { > + // > + // re-enable CET. > + // > + EnableCet (); > + } > } > } >=20 > -- > 2.31.1.windows.1