Hi Jiewen, all, The 2 patches are for fix #DF exception when enable CET shadow stack feature. The file 0002-UefiCpuPkg-CpuExceptionHandlerLib-Clear-CET-shadow-s.patch is used to fix the #DF exception issue. The file 0001-MdePkg-Include-Add-CET-instructions-to-Nasm.inc.patch is used to add the CET instruction which is used in patch 0002. Some description about the issue and the fix: If CET shadows stack feature enabled in SMM and stack switch is enabled. When code execute from SMM handler to SMM exception, CPU will check SMM exception shadow stack token busy bit if it is cleared or not. If it is set, it will trigger #DF exception. If it is not set, CPU will set the busy bit when enter SMM exception. The busy bit should be cleared when return back form SMM exception to SMM handler. Otherwise, keeping busy bit in set state will cause to trigger #DF exception when enter SMM exception next time. So, we use instruction SAVEPREVSSP, CLRSSBSY and RSTORSSP to clear the shadow stack token busy bit before RETF instruction in SMM exception. Could you help to review and merge the patch? Thank you BR Sheng Wei > -----Original Message----- > From: Yao, Jiewen > Sent: 2021Äê1ÔÂ29ÈÕ 14:36 > To: Sheng, W ; devel@edk2.groups.io > Cc: Kinney, Michael D ; Liming Gao > ; Liu, Zhiguang > Subject: RE: [PATCH] MdePkg/Include: Add CET instructions to Nasm.inc > > Hi Wei > Would you please send out the second patch to consume these instruction? > > As such people can have a full picture on what the issue is and what the > solution is. > > Thank you > Yao Jiewen > > > -----Original Message----- > > From: Sheng, W > > Sent: Friday, January 29, 2021 10:35 AM > > To: devel@edk2.groups.io > > Cc: Kinney, Michael D ; Liming Gao > > ; Liu, Zhiguang ; > > Yao, Jiewen > > Subject: [PATCH] MdePkg/Include: Add CET instructions to Nasm.inc > > > > This is to add instruction SAVEPREVSSP, CLRSSBSY and RSTORSSP_RAX in > > Nasm, because these instructions are not supported yet. > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3192 > > > > Signed-off-by: Sheng Wei > > Cc: Michael D Kinney > > Cc: Liming Gao > > Cc: Zhiguang Liu > > Cc: Jiewen Yao > > --- > > MdePkg/Include/Ia32/Nasm.inc | 14 +++++++++++++- > > MdePkg/Include/X64/Nasm.inc | 14 +++++++++++++- > > 2 files changed, 26 insertions(+), 2 deletions(-) > > > > diff --git a/MdePkg/Include/Ia32/Nasm.inc > > b/MdePkg/Include/Ia32/Nasm.inc index 31ce861f1e..9c1b7796ea 100644 > > --- a/MdePkg/Include/Ia32/Nasm.inc > > +++ b/MdePkg/Include/Ia32/Nasm.inc > > @@ -1,6 +1,6 @@ > > > > ;--------------------------------------------------------------------- > > --------- > > ; > > -; Copyright (c) 2019, Intel Corporation. All rights reserved.
> > +; Copyright (c) 2019 - 2021, Intel Corporation. All rights > > +reserved.
> > ; SPDX-License-Identifier: BSD-2-Clause-Patent ; ; Abstract: > > @@ -20,3 +20,15 @@ > > %macro INCSSP_EAX 0 > > DB 0xF3, 0x0F, 0xAE, 0xE8 > > %endmacro > > + > > +%macro SAVEPREVSSP 0 > > + DB 0xF3, 0x0F, 0x01, 0xEA > > +%endmacro > > + > > +%macro CLRSSBSY_EAX 0 > > + DB 0x67, 0xF3, 0x0F, 0xAE, 0x30 > > +%endmacro > > + > > +%macro RSTORSSP_EAX 0 > > + DB 0x67, 0xF3, 0x0F, 0x01, 0x28 > > +%endmacro > > diff --git a/MdePkg/Include/X64/Nasm.inc > b/MdePkg/Include/X64/Nasm.inc > > index 42412735ea..c5189982bb 100644 > > --- a/MdePkg/Include/X64/Nasm.inc > > +++ b/MdePkg/Include/X64/Nasm.inc > > @@ -1,6 +1,6 @@ > > > > ;--------------------------------------------------------------------- > > --------- > > ; > > -; Copyright (c) 2019, Intel Corporation. All rights reserved.
> > +; Copyright (c) 2019 - 2021, Intel Corporation. All rights > > +reserved.
> > ; SPDX-License-Identifier: BSD-2-Clause-Patent ; ; Abstract: > > @@ -20,3 +20,15 @@ > > %macro INCSSP_RAX 0 > > DB 0xF3, 0x48, 0x0F, 0xAE, 0xE8 > > %endmacro > > + > > +%macro SAVEPREVSSP 0 > > + DB 0xF3, 0x0F, 0x01, 0xEA > > +%endmacro > > + > > +%macro CLRSSBSY_RAX 0 > > + DB 0xF3, 0x0F, 0xAE, 0x30 > > +%endmacro > > + > > +%macro RSTORSSP_RAX 0 > > + DB 0xF3, 0x0F, 0x01, 0x28 > > +%endmacro > > -- > > 2.16.2.windows.1