From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by mx.groups.io with SMTP id smtpd.web11.57442.1672725570246670704 for ; Mon, 02 Jan 2023 21:59:30 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=VT9BH74d; spf=pass (domain: intel.com, ip: 192.55.52.151, mailfrom: dun.tan@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1672725570; x=1704261570; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=iopGTz+ZHAc1jtLrbaBfoZdS9e5ma0X8jMkwwzYGyVQ=; b=VT9BH74dHe7YLTy38mRQ/UiHWBIvpfMW7rUYm8LHBi0WobfdYXd1pNK2 2cKqavwCzhvGThAmCfrAIxDmxHOzM56Ci0jbbJtY5+QKq8W/s6TKfud+R a/jgKPTBFkB5BjOW7kZQPaHsjmvtWxcgQVSchtkuxd5kjNDBGjAnrNWAl AARpvnS6zd5OcYHqcdp1oRt5BhUoP9QemO4EPSKyxdakY4TGEs8F1uQ3Q VMpwS062ybW5mMyA3O0QzKrg9CrR1rI4POR1M03tVZXXxAHHz8UEsIr8y QcZtnL6A6IOt5TfBGCjdYjm8pFl/mJUQ6xQuem12vqsihaUWQnP6e2t6I Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10578"; a="301964285" X-IronPort-AV: E=Sophos;i="5.96,296,1665471600"; d="scan'208";a="301964285" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Jan 2023 21:59:29 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10578"; a="762196647" X-IronPort-AV: E=Sophos;i="5.96,296,1665471600"; d="scan'208";a="762196647" Received: from orsmsx603.amr.corp.intel.com ([10.22.229.16]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2023 21:59:23 -0800 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16; Mon, 2 Jan 2023 21:59:22 -0800 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16; Mon, 2 Jan 2023 21:59:22 -0800 Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16 via Frontend Transport; Mon, 2 Jan 2023 21:59:22 -0800 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.107) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.16; Mon, 2 Jan 2023 21:59:22 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=i3SauwjKW2hnPUgC7KNSyhaXttx+/BgfAh8T1sLZe7eSTtcMdV+R1ExlUEcItWns4E5iuGOxiZ2S/+nHSmncuWeyVs6grnZqZy/i9ZaZcELdl64lvkX+pVddlbyB6YWfU1jhxJxJvj+L7wUxeS3yVfTZMc+At1v4wX4zf4DNeoOVPj48VtvkbEAN43nkzWW8njYSviUNjzsrUZTaSJCd8hKpBtAknpW8JTyURp3MVyQVb9cIGZs0jFThJOMPUktuY90ZNuUlZOuR8EfvIb13Z2DGd+4k1xJ/lB3YaLWi7aKJRXdGTtyl1wP4wSJLhAx4XMWE//7gjp7A2BSbqf3Hbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=nGSPK8IuAOiQl2A34K4W7xec2n1PCb+hYWIVJ/Pajm4=; b=JuAK9NvyqUZIbhA6+iHrlG1dlrbPldEge8OycYL8NFGLgqcnw/hxA6V01cabKzhQfRbhEcdlN64ec+jHxxdHFFKhwAPQvVQhqBq+r1eL0hbKFvUmzMPGHpVuWHOUrUYyo05ZRfjaW4KaIoO4L/0RsxtZ/2X48Juueys4M4XgO9McbFv7wXsCnMaRli+H0Lgck93Z6VKSX2s8uQ9wHk14Vzn2bnSWRKvsEO0q9REAZxGULX0/afP3tr8wbb9JD8JXCHHhQYFmWsCjpIuVZyZe93doSAsf6mPb4m75kjY16EYnbxvHALHrOuDaNsZxU6jgj74RB82+BRa7TK1eYK8MbQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from BN9PR11MB5483.namprd11.prod.outlook.com (2603:10b6:408:104::10) by PH8PR11MB6683.namprd11.prod.outlook.com (2603:10b6:510:1c6::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5944.19; Tue, 3 Jan 2023 05:59:20 +0000 Received: from BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::ca77:cd37:7de9:ec7a]) by BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::ca77:cd37:7de9:ec7a%4]) with mapi id 15.20.5944.019; Tue, 3 Jan 2023 05:59:20 +0000 From: "duntan" To: "devel@edk2.groups.io" , "Tan, Dun" CC: "Dong, Eric" , "Ni, Ray" , "Kumar, Rahul R" Subject: Re: [edk2-devel] [Patch V4] UefiCpuPkg/PiSmmCpuDxeSmm:Fix PF issue caused by smm page table code Thread-Topic: [edk2-devel] [Patch V4] UefiCpuPkg/PiSmmCpuDxeSmm:Fix PF issue caused by smm page table code Thread-Index: AQHZHzgytMzD1yqohEiKLL1VTQqaJ66MMi3Q Date: Tue, 3 Jan 2023 05:59:19 +0000 Message-ID: References: <1736B6E647279FFD.4716@groups.io> In-Reply-To: <1736B6E647279FFD.4716@groups.io> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: BN9PR11MB5483:EE_|PH8PR11MB6683:EE_ x-ms-office365-filtering-correlation-id: 159c09c6-7ee5-46d9-4f26-08daed4fa7d8 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: /dzq9ITL3FxA7WdMSs+SLlFAPdtsJyNk1AiHAvQS1+4wMFynBfMrnym1vmJMDcxnLWr3wo6gmmurtZ8/2b4RcimFujLr276eEiyrmniwLC8a6ANz4SSfyU3X7VVXFXJdeDpM2IftarMpnzVfvCVuYa9Nt4x2Jnw3nUusBh4SYwwMqaMOSXeWSMAN5TPz9TeQMAaWTdAj3Jg6d7F/JkWqVf7e0i+J5b8MB8X1X//6o0lR94pbnbYLUmv5fqfmbJzBrNGFIB446UX8AyZpxi/yL+X1F44fdamnrJAjdME6fLkQywWG81SIvqWdD7h3vUe1Oi5uLgx0GpqJUw5x3bkDovP1rkIcYwIJ/zH9DppVriEO85oJWlQALPmMyt9e2pg71tWLNzcLSlJnhYx6vaSPoiHriXOgYY0VqNGjibS0daTQXaQsVl9BCKFJmfl/p+wCC4hd3H5bJEqgZ49i0lo4R7KRAiAR35t2J63L0VDc0GHEoAuwKMHeFfZL37JqLVOT0BTaAam/2j1plfRKiFGuMVxNsynncrjUtxEnTSPWntNcL0WP9Pv/JQEfwqa/duHYnMBsqnMsnZolR3qybmHPHhhrPkuCpQkGFP0l96TtlAOS107Ys6i6f1il8+8an4VTCUf5YwlehNv5dYJhe8FZdKeCClHNlrZg4F6fDpwwELv/ODt+lNxEG6/rpquTkYKCRORdDu3QHVdY7spPSw1M9HPAedFt7k3YqUz+EBaZYFg2+7GS9BxL/S5CPVAKo0n5JRTbSjqJPsELT2SSbdunU28gIGePdQWEfJNRKG30hhI= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN9PR11MB5483.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(6029001)(396003)(366004)(39860400002)(376002)(346002)(136003)(451199015)(83380400001)(55016003)(86362001)(33656002)(38070700005)(122000001)(38100700002)(82960400001)(316002)(5660300002)(110136005)(2906002)(66899015)(52536014)(8936002)(54906003)(4326008)(41300700001)(66556008)(66946007)(76116006)(66446008)(64756008)(66476007)(8676002)(186003)(53546011)(26005)(9686003)(966005)(478600001)(107886003)(7696005)(71200400001)(6506007)(22166006);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?ryGZQAKV19VNR7WVRGYPuyAB1wBONqInm9jwfxturvXbusSirNpz5KEhT6yz?= =?us-ascii?Q?bHZHxgDxPZ+4PxbPrEn9cnwYx2aaoPwUZT5lzO0mnp29pZDATTLG29F0DFgk?= =?us-ascii?Q?te1ulTWHb8PX1yK6vG7UrZ/VaTHQBR2pFAfIATMywRfMMm9z6XETKSSGKHA4?= =?us-ascii?Q?ffSsJNbcrxNS5wSfwonQr6J3Q4SfnlTZr5BHc5vWe102ZCryBfdcPM3kWjQe?= =?us-ascii?Q?mm+Lb43Xxv1UGu9k2iaMe9+S6sC5Fu6Dg3+mTg1Udd9Odk8TpDD/1tcS8+9Z?= =?us-ascii?Q?wCFwCRUYVOVUU7htAdPPdKsj1Fs6H4bX7+xnQp+/xgksjXiF+6gLXuHOJiUP?= =?us-ascii?Q?OnnwGng/PpMe0QBJ4QHH+vodQYj6xot9ERSUo4iY5tdWsvbtkhEldhz7pZbz?= =?us-ascii?Q?vw8O9rimyNLxTDTX8NQyq6+dj5S6JS/errBgAZhgG5hYq3//Kys96341g6WD?= =?us-ascii?Q?Tqct7aESFI4CdYYDZ3b2J3t5d3uAEf0aXb9eK/NdNmgCUO4y0vIWDeKq6tZ+?= =?us-ascii?Q?GWuzFX6QHEUp53rPOgfX9nV0zqzhNfzkiAYJSX2NJ+JSO2Y8ep8FsD70GeHy?= =?us-ascii?Q?bSoRO1FNN1Ni53/Y3EUYjLgxMyFg8/y+xCu96AfTT3TgdMOm/GMUQesAsdBu?= =?us-ascii?Q?NBoQ54DvgomPXDGhQfrMr+Oip+QZozi7F7NY1HPc2nfKFIQ+OFCzFTM8jLiw?= =?us-ascii?Q?nqKQsaaOCnpZw6R2mKpinvR2MdivNhRHxmEAq7o6tw+uka64oOaBrn66l0vM?= =?us-ascii?Q?HHErEdU7abEuqogdZ+a5W0ejT7BmnHZ0dJCyaT12nQvYOLkbUCHhO2/3fsWh?= =?us-ascii?Q?1mDG576iMg066+EPsELHnLahOAYi2D3aXTR21Pl6nXAmkojLsuSh0O2wCQjb?= =?us-ascii?Q?yzoyA/IFbxQIhLZQDUq2lT9aNuwEv3ojXKEfsRUsscAG1Ubmjh2q3QFZG1QQ?= =?us-ascii?Q?CXK71VJpvbMRIVxj3spQjmiMR2TqIucOgMAyLXQxsKul9cqh++1jGvNylAwV?= =?us-ascii?Q?HQnpOuHkxhMwAPZipUp6YdMnE66MwFQ/Ru2iQP8Zuvq/nslFQWEmKlpbk+r1?= =?us-ascii?Q?xiIBO9M8BcF2u4WrX1x7VJaan43uvGZZTA0A7bVsiZmZLAjRDjUZtn20lj1f?= =?us-ascii?Q?yfqfllwdFNRb0xSVn2LayIVwJSTxnqGuZjdyJRcr9M7U4S3sxWvrQW+D8Gee?= =?us-ascii?Q?Skrsc7KPJv3D+mnQsYELlvvjuqiPunKTCaYjWaYSO/WSPQFNtsdEXl/tCdXk?= =?us-ascii?Q?+bxoH6aol29mKE7bmFmlx4qBU8LZuf9eU2xRnvB/RwX2tFJsHjArROMKoWzq?= =?us-ascii?Q?gWv0zTKvxs9wqbsE9NFk6P7hZG8GUvM8mizPuUQ09i0RhvNbkgj31EOIniw0?= =?us-ascii?Q?Q6X9uu68s6c0uoFdesGSCQqE+F4AFDAvF+NNMG0i8B0dCqNonOYTZII5wNlb?= =?us-ascii?Q?035Lc5xN3xcycwOBlHfELRa9M121iC70RNHoD5NzKou7dc4tWd+hLewK6GMJ?= =?us-ascii?Q?jzmlnIiL+w0FuIGWql2ju8PT2JhKIdnw95eUcmOdQLvsnMKtJTtPSdvQuXF8?= =?us-ascii?Q?w7Chg1FWHiDGX0v34Aw=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BN9PR11MB5483.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 159c09c6-7ee5-46d9-4f26-08daed4fa7d8 X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Jan 2023 05:59:20.0048 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: +iOUn7l5BydbZbgrKBtUTXL6PBdykDKztrRzu/83BNojVhLP3cUzoPMgNd/n4zC1ZKnxn7iK9U2j0pOCfZ0DuQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR11MB6683 Return-Path: dun.tan@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Comparing to V2 and V3 patch, this v4 patch only adds some new comments and= removes some trailing white spaces. Thanks,=20 Dun -----Original Message----- From: devel@edk2.groups.io On Behalf Of duntan Sent: Tuesday, January 3, 2023 1:56 PM To: devel@edk2.groups.io Cc: Dong, Eric ; Ni, Ray ; Kumar, Ra= hul R Subject: [edk2-devel] [Patch V4] UefiCpuPkg/PiSmmCpuDxeSmm:Fix PF issue cau= sed by smm page table code When setting new page table pool to RO, only disable/enable WP when Cr0.WP = has been set to 1 to fix potential PF caused by b822be1a20 (UefiCpuPkg/PiSmmCpuDxeSmm: Introduce page table pool mechanism). With previous code, if someone want to modify the page table and Cr0.WP has= been cleared before modify page table, Cr0.WP may be set to 1 again since = new pool may be generated during this process Then PF fault may happens. Signed-off-by: Dun Tan Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar --- UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 40 ++++++++++++++++++= ++++++++++------------ 1 file changed, 28 insertions(+), 12 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c b/UefiCpuPk= g/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c index 4bb23f6920..bab7f1887b 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c @@ -67,8 +67,10 @@ InitializePageTablePool ( IN UINTN PoolPages ) { - VOID *Buffer; - BOOLEAN CetEnabled; + VOID *Buffer; + BOOLEAN CetEnabled; + BOOLEAN WpEnabled; + IA32_CR0 Cr0; =20 // // Always reserve at least PAGE_TABLE_POOL_UNIT_PAGES, including one pag= e for @@ -106,21 +108,35 @@ InitializePageTablePool ( // if (mIsReadOnlyPageTable) { CetEnabled =3D ((AsmReadCr4 () & CR4_CET_ENABLE) !=3D 0) ? TRUE : FALS= E; - if (CetEnabled) { + Cr0.UintN =3D AsmReadCr0 (); + WpEnabled =3D (Cr0.Bits.WP !=3D 0) ? TRUE : FALSE; + if (WpEnabled) { + if (CetEnabled) { + // + // CET must be disabled if WP is disabled. Disable CET before clea= ring CR0.WP. + // + DisableCet (); + } + // - // CET must be disabled if WP is disabled. + // Only disable/enable WP when Cr0.Bits.WP has been set to 1. // - DisableCet (); + Cr0.Bits.WP =3D 0; + AsmWriteCr0 (Cr0.UintN); } =20 - AsmWriteCr0 (AsmReadCr0 () & ~CR0_WP); SmmSetMemoryAttributes ((EFI_PHYSICAL_ADDRESS)(UINTN)Buffer, EFI_PAGES= _TO_SIZE (PoolPages), EFI_MEMORY_RO); - AsmWriteCr0 (AsmReadCr0 () | CR0_WP); - if (CetEnabled) { - // - // re-enable CET. - // - EnableCet (); + if (WpEnabled) { + Cr0.UintN =3D AsmReadCr0 (); + Cr0.Bits.WP =3D 1; + AsmWriteCr0 (Cr0.UintN); + + if (CetEnabled) { + // + // re-enable CET. + // + EnableCet (); + } } } =20 -- 2.31.1.windows.1