From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mx.groups.io with SMTP id smtpd.web11.2026.1660104229443989423 for ; Tue, 09 Aug 2022 21:03:49 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=c/cqLs1b; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: dun.tan@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1660104229; x=1691640229; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=jLZc0BRLvvcriim82aUhYYMlbZGCynuDb/bHfR/Rlvk=; b=c/cqLs1bGX5fpnXVLJfUbsWnbFxK4SG3M++FivR5M87NFZbWmAycCJdY GIHxWlQI6my2CLMilh0RB6RbFbLbU0pc4FAmoorK1XJY94aQ1IuJc8qGe GybtW5zyqcfAcuzDRTlJhpONf687WAf3j/S+hu8QINNhRl2WMWCARUfTB sdeW/hlCid7gsoi+dqv/fQzrqCpfAxq2wvUyqOozC/FnHj4pidgsMpOkI dxLGq0ty0uyY71ZCzhWo6BR/xUrkAajW8uGR3oCaYo+6/rIuZd/csj3w8 M8MENCgJua5xo0YnyUnnQQ9b7FKvEvAL3Xb1y8gjRXCNx0NE+krzhMFkF g==; X-IronPort-AV: E=McAfee;i="6400,9594,10434"; a="274042039" X-IronPort-AV: E=Sophos;i="5.93,226,1654585200"; d="scan'208,217";a="274042039" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Aug 2022 21:03:49 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,226,1654585200"; d="scan'208,217";a="633601897" Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82]) by orsmga008.jf.intel.com with ESMTP; 09 Aug 2022 21:03:48 -0700 Received: from fmsmsx608.amr.corp.intel.com (10.18.126.88) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.28; Tue, 9 Aug 2022 21:03:48 -0700 Received: from fmsmsx603.amr.corp.intel.com (10.18.126.83) by fmsmsx608.amr.corp.intel.com (10.18.126.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.28; Tue, 9 Aug 2022 21:03:48 -0700 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.28 via Frontend Transport; Tue, 9 Aug 2022 21:03:47 -0700 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (104.47.55.108) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.28; Tue, 9 Aug 2022 21:03:47 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kdXcqCUB9rQlGD+K4f07JcwxBWroZnHRY0f85G23k9KjeCOlxpc2CAeey/UNx+JagT5zQBJFVIPu02s5DePWNRt4w43UFYt4UyVWxSm3pX9mKePsv6tSr8VP/Qdnvyhb1stO8J3M3592C3Rlk2XyR5+6Oxfa2frqPvCwTGmSO9lN/l26qNm70/yDERtjY0INwV21kKFLNK3at5gcU8yrXehyHQY6CfDNJuXgtwvQMew7ESzlOU1v6gwKeUL0arqDyz6wLtOmPqcffElIazfT01hqEBT97cr6azd7QCIgcSKHf2c43QQc5+YqhfHCaWiH/iSbO0N+4yqIhC4YUZqCYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=F9fll3RlHvqFpD6hOa/z359BpBQU9aPolMBaBkmKWNo=; b=D2dpxNdEeuGcU9kwafj1W/m4Gj4ncuoY4jRKLT6JMjF8ELPbRM4Ba+1/uqR2C73vRimTp2XK22UUb952k83YJB7G0m89vhArBEn9jnJk3UpWeTeB42Rl3RVGmPNoxQqPMXG7hcC8E3Kk7pvEihwBLu1v5za2yWhuM89SfXaUbrd4fSB4Dk9gETeHsz3Xk+wRjhx6LifWhZEb52W3CUn7EOqGkGZe5i/8f12UsMrkyEQHFBd2RqU+GRK2zVPUPR/vCOU7YLo3rH0Uhx5ohPWOD4OioFJQDyK8fPX20rflkGVAyG0Lg6xovMuFC1ZTcF6Z3uhFhbodDJVYE5p5x/x6EQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from BN9PR11MB5483.namprd11.prod.outlook.com (2603:10b6:408:104::10) by SN6PR11MB2799.namprd11.prod.outlook.com (2603:10b6:805:64::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5504.16; Wed, 10 Aug 2022 04:03:46 +0000 Received: from BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::d482:3ee0:a92b:bc39]) by BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::d482:3ee0:a92b:bc39%4]) with mapi id 15.20.5504.021; Wed, 10 Aug 2022 04:03:43 +0000 From: "duntan" To: Sean Brogan , "devel@edk2.groups.io" Subject: Re: [edk2-devel] [PATCH 0/2] Remove mInternalCr3 in PiSmmCpuDxeSmm Thread-Topic: [edk2-devel] [PATCH 0/2] Remove mInternalCr3 in PiSmmCpuDxeSmm Thread-Index: AQHYrFrwMU4pubCRLEivqJSoVhpNfq2nd1/hgAABAlA= Date: Wed, 10 Aug 2022 04:03:43 +0000 Message-ID: References: <20220810014532.117-1-dun.tan@intel.com> In-Reply-To: Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.6.500.17 dlp-reaction: no-action authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: bcac58c0-4e3e-4142-1599-08da7a8550fd x-ms-traffictypediagnostic: SN6PR11MB2799:EE_ x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: zLBR6KybdSmTzuEAWCznDE3lF1G4JrEkiDS94V0CH8fnWa2Q2YRHz/TbmDCeuIl3JKmA3pHWIy2vommihgHR6jdrwYiQ4NM1j5MUrMbejXvzjeoklGzd5t5V9A+CZ53mZfwo2Yad4WM8bBtT1ewSk+/cApMGBCI3AzCxvcsbwCutURQbMG/8Wd5KqiqKk0kUsXhX4CfmX2uaLsHzOOQ1abHFxiqKgrDCD+63G1SZfLeArKXoq+JIDfigbfNMl6DmzwTgGOP8CnbvDQdLVIMU18K9IT9uqedSUKgG2CNwmwSFdnWBU9wmrbCTqWsgMnX13artX1aZTVc+nIZKMW/bv3YZHCpay2odft6Gp7O+M7Ls3NOvyjfWfXfNBvXgf5OiBonm5cIVwo8WUDAqgidQMiW0R8VxNkMStMBP7Nkwme5A12ZRAvZRWDoUbZ11iTxoVFZaEf/Pin+DLH8agaGUiGYDh/GSZBqlalPJincNSKpUsJf7TjSNUVlHzDro8W7b0zbD5KVQBYx9C/ryoCYYISrUR6w+whF/JEg1SUkg7NMIeggab6fuiQcMyN1kOTo616go05tOxal0Y6RcqDkKG0/lkxU8ffwGx7zpsLRoPXwXCV58YqSRnF/Zxi9XOzR3+Q3MGj0Lu0W4D8HX1aqi4PCXoOgrTYJkxl1b5dm/N0SMQa0tjF+2v5ynm8GvNrwG1tdNoQV7XehTAFAA5g/2TmpvsRagMmufBN4Jwvazw/h0GMjw4GZytqS5Nc9VGYzV6H1zaShCNCy524Fxd7KFFl1aOml8Po+GKDO+d3yy0+MEhUM/0p6G0wkJ/fy6sT+Bv1hzVRH+POhiI6aR4Pp+Ccd12fX6HJB3v/NzmoOOBpKg4W/BEJ4GcqeBgebmUIvk x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN9PR11MB5483.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230016)(6029001)(136003)(376002)(396003)(366004)(346002)(39860400002)(166002)(2906002)(122000001)(55016003)(82960400001)(38070700005)(38100700002)(83380400001)(966005)(45080400002)(26005)(8676002)(66476007)(41300700001)(110136005)(5660300002)(9686003)(8936002)(71200400001)(9326002)(52536014)(6506007)(66946007)(66556008)(316002)(53546011)(186003)(66446008)(64756008)(478600001)(76116006)(33656002)(7696005)(86362001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?GxkbW7BXoIPlz9qh0utEKtTP45EVX71hNXgycNEGbPD5B3/4/lCy+ESvGgKf?= =?us-ascii?Q?LtBcahbwyEb4oV5GPGKn3aywB5PU/IA8KwyTRwUr+a/OP362LL0UWVD/Jefy?= =?us-ascii?Q?ZHbjOtxL7PNqRfWARMc7YT3vYIxgCwBj4oC8XRe+u8TVxTNFM/SDIOOMydbE?= =?us-ascii?Q?gf/JSjuP635NJ5o1WztTJ+mYGguBWqyOIQYLXkIICEiVDL72PhLaRxqCe5i1?= =?us-ascii?Q?tuSwtHS23YQo0NxFwze4XdLhVbIyI1NeFNfF5aba9CikTAR2Cs3MrdOjGV9z?= =?us-ascii?Q?Gs+QUDe3oUBhuJDD04rBK5/atMXYs0N+ld9v05Cf5HxRwvLDc5CR9Ewt3bGx?= =?us-ascii?Q?gVok9djDqPPngBC1jctMdVE4trHgfXl/MJdqQv+nS7cnQVvFI0pqksZf+tuP?= =?us-ascii?Q?/d/sLBwtpY12R3TRTpD9gl9V5kGJ7oUCEXkFmF2OjXm75tDyYJnQw8hEIz4G?= =?us-ascii?Q?Gzwce7u2iYNMoSyALEchRQCy7X+ab/X2grilnXa7MktweL1LwFtclFpV+Hab?= =?us-ascii?Q?b9xRmDDm5kK8M4FxZkp92Hp+w8bck8sYgBx2MD220JgRLP4/af6HpXNmDU5/?= =?us-ascii?Q?M9AVrxpDVN4pu4+4RgVGUFWOfrSEK5MeJ0E3Me5BD30oDa2h9uuy9p259lIU?= =?us-ascii?Q?WQknOfMssXZXpJKwjEun3kkqlwkx6SNgzcDpSqw1GV0uUZXxGyVs87jhA4aY?= =?us-ascii?Q?bO3PBwYw1862PnPMra2iZiJ6thuHA38HO5XKCULsz9m6iare19EPKvJ17LyC?= =?us-ascii?Q?XDSUDMuxaBqkzWpmKP/wYOPEsvLk2WQeDSigWmW9QI8Wxh2GzjoNRn2bYKAq?= =?us-ascii?Q?iQcaN2JjYaFgbfAId76Hj68mYEU4jBKUvaR2NC7ogBgHZbQ5T+ljv+4xL5Xh?= =?us-ascii?Q?iOkPsBSJ5tgLmM98H6EzvEAkmvkdAWIPAf+eVEU8KHESupD4xWRoJapBcv1Q?= =?us-ascii?Q?PMbVgp3qsnTaHe4yp4Al6hi4sbcryhnbZbkQfnnCbUqDA8jie3TmxJf2RJ+e?= =?us-ascii?Q?cdoZaJvxDNjWsplBO0+XTXwRo8wZegg86UIgZFaoUQgtcIulzfhLfsf4gt2/?= =?us-ascii?Q?ECQ0F+3MS1FQqc0PcDSYJ3LU1nbAurRf1HKPccFB4R3mwCjQyak5QdoDtKlY?= =?us-ascii?Q?0Gx5dHa1QqAQHN6xpNBnrbHrmz1/sZQfEUsWdyuhOw4RlCjWchPa+am3IFyx?= =?us-ascii?Q?1rjK7R25MX2JdwbIXgsqmWtVMKfHfhZuILsXneHOnaO6qnHquDikVZQqdzDB?= =?us-ascii?Q?jryEqqFkqrlXZAQz+9Z8qNEs+O5EsiDBhXycq4oekEHPsQsfCu3v+SomnsMv?= =?us-ascii?Q?o/dFYGCajKex9N7ghLgigN+4OIZ3wyIwCN06jDZxO8KsOsfCguL0QqfLaf8x?= =?us-ascii?Q?3+4FPGDkRwexF+1gaLQrnUSqTo3dzLxtpcw+wiQpnYWRxbf8jGX0AmInOD9C?= =?us-ascii?Q?iHGgtzEW/LHwSNuSyYAe3WVn/5b4510MKpj+a3UPo67tGO6kaGU5wuxAnJBS?= =?us-ascii?Q?KgyJMTFoREGK0Zm90h+5I6IJgFteybsyFc4e/3ec8Tnl9ICa2lzV3CeDIVZX?= =?us-ascii?Q?rIakWcQDDn1cf1GEkTQ=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BN9PR11MB5483.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: bcac58c0-4e3e-4142-1599-08da7a8550fd X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Aug 2022 04:03:43.3880 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 6ToVUteXHPB+6H6QbUaTETlo6YhqLFEBeF+Q46cr8s9cMgHzPrHeUCii58ib8XnOpn/tXLquMhT6YBXt2lixLw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR11MB2799 Return-Path: dun.tan@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_BN9PR11MB5483AE82F853784C1972D30AE5659BN9PR11MB5483namp_" --_000_BN9PR11MB5483AE82F853784C1972D30AE5659BN9PR11MB5483namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Sean, The patch set is a code refactoring and doesn't change any functionality. = The reason for this code refactoring is because: 1. In PiSmmCpuDxe driver entrypoint, this driver initializes smm page table= which is different from Cr3 register. Currently, mInternalCr3 is used to p= ass address of page table which is different from Cr3 register. Now remove it and pass the page table base address from the root funct= ion to simplify the code logic. 2. Besides, current code logic will regard a RO range as shadow stack and s= et the dirty bit in corresponding page table entry if mInternalCr3 is not 0= . This assumption may be confusing. A new mIsShadowStack flag will be created to identify if it is a shadow= stack or not. Thanks, Dun From: Sean Brogan Sent: Wednesday, August 10, 2022 11:21 AM To: devel@edk2.groups.io; Tan, Dun Subject: Re: [edk2-devel] [PATCH 0/2] Remove mInternalCr3 in PiSmmCpuDxeSmm Is there any documentation to why this change is important and what exactly= was broken? Thanks Sean ________________________________ From: devel@edk2.groups.io > on behalf of duntan > Sent: Tuesday, August 9, 2022 6:45:30 PM To: devel@edk2.groups.io > Subject: [edk2-devel] [PATCH 0/2] Remove mInternalCr3 in PiSmmCpuDxeSmm Add a new IsShadowStack flag in PiSmmCpuDxeSmm. Remove mInternalCr3 in PiSmmCpuDxeSmm. Dun Tan (2): UefiCpuPkg/PiSmmCpuDxeSmm: Add a new IsShadowStack flag UefiCpuPkg/PiSmmCpuDxeSmm: Remove mInternalCr3 in PiSmmCpuDxeSmm UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 30 +++++------------= ------------- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 26 +++++++++--------= --------- UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 113 +++++++++++++++++= ++++++++++++++++++++++++++++++++++++++++++++-------------------------------= --------------------- UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 73 +++++++++++++++++= ++++++-------------------------------------------------- 4 files changed, 98 insertions(+), 144 deletions(-) -- 2.31.1.windows.1 --_000_BN9PR11MB5483AE82F853784C1972D30AE5659BN9PR11MB5483namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Sean,

 

The patch set is a code refactoring and doesn't chan= ge any functionality.  The reason for this code refactoring is because= :

1. In PiSmmCpuDxe driver entrypoint, this driver ini= tializes smm page table which is different from Cr3 register. Currently, mI= nternalCr3 is used to pass address of page table which is different from Cr= 3 register.

     Now remove it and pass the = page table base address from the root function to simplify the code logic.<= o:p>

2. Besides, current code logic will regard a RO rang= e as shadow stack and set the dirty bit in corresponding page table entry i= f mInternalCr3 is not 0. This assumption may be confusing.

    A new mIsShadowStack flag will be= created to identify if it is a shadow stack  or not.

 

Thanks,

Dun

From: Sean Brogan <spbrogan@outlook.com>= ;
Sent: Wednesday, August 10, 2022 11:21 AM
To: devel@edk2.groups.io; Tan, Dun <dun.tan@intel.com>
Subject: Re: [edk2-devel] [PATCH 0/2] Remove mInternalCr3 in PiSmmCp= uDxeSmm

 

Is there any documentation to why this change is imp= ortant and what exactly was broken?

 

Thanks

Sean


From: devel@edk2.groups.io <devel@edk2.groups.io> on behalf of= duntan <dun.tan@intel.com><= br> Sent: Tuesday, August 9, 2022 6:45:30 PM
To: devel@edk2.groups.io= <devel@edk2.groups.io> Subject: [edk2-devel] [PATCH 0/2] Remove mInternalCr3 in PiSmmCpuDxe= Smm

 

Add a new IsShadowSta= ck flag in PiSmmCpuDxeSmm.
Remove mInternalCr3 in PiSmmCpuDxeSmm.

Dun Tan (2):
  UefiCpuPkg/PiSmmCpuDxeSmm: Add a new IsShadowStack flag
  UefiCpuPkg/PiSmmCpuDxeSmm: Remove mInternalCr3 in PiSmmCpuDxeSmm

 UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c     = ;      |  30 +++++-------------------------  UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h    &nb= sp;    |  26 +++++++++-----------------
 UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 113 ++++++++++++= +++++++++++++++++++++++++++++++++++++++++++++++++--------------------------= --------------------------
 UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c     =        |  73 +++++++++++++++++++++++----= ----------------------------------------------
 4 files changed, 98 insertions(+), 144 deletions(-)

--
2.31.1.windows.1





--_000_BN9PR11MB5483AE82F853784C1972D30AE5659BN9PR11MB5483namp_--