From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga17.intel.com (mga17.intel.com [192.55.52.151])
 by mx.groups.io with SMTP id smtpd.web08.3517.1660345074667098967
 for <devel@edk2.groups.io>;
 Fri, 12 Aug 2022 15:57:54 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=F+oo3mZS;
 spf=pass (domain: intel.com, ip: 192.55.52.151, mailfrom: guo.dong@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1660345074; x=1691881074;
  h=from:to:cc:subject:date:message-id:references:
   in-reply-to:content-transfer-encoding:mime-version;
  bh=xQgLXpM5MkS3DJAhf6bypON4p1pxwn+rlb8R6e4JLNY=;
  b=F+oo3mZSE0TcSv3DEntfhg4lr96Hqi+OZyLOhJ3bnmE9tfsRPcTSv2qM
   uMXP+nV4wN0PPmY7jvCKSOOpi4+2+TEq0+pnV46fXABWr4we9mhdfjF5A
   ZVnlk6vG0Er1APzycLfRDI2jTxSnWFWyoCIbMLjMdjUWktWvBw1h/qe/+
   IjvAqESPzUhHZdIkcPxg3088M8LgswsFXmAqPYnD8HCHqGip9UdWRzT2z
   w0llYNof3KW3bZhLSXzqJb3QdfMpCetDVb175Q4oLt2AQjaef6VRZLkcO
   B0OddFUZsSwzaS4FfTKo63xK2rXNrvNzs9u68c4LFpU+4p2tYjsF2gU9J
   A==;
X-IronPort-AV: E=McAfee;i="6400,9594,10437"; a="272095589"
X-IronPort-AV: E=Sophos;i="5.93,233,1654585200"; 
   d="scan'208";a="272095589"
Received: from orsmga003.jf.intel.com ([10.7.209.27])
  by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Aug 2022 15:57:53 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.93,233,1654585200"; 
   d="scan'208";a="556680299"
Received: from orsmsx603.amr.corp.intel.com ([10.22.229.16])
  by orsmga003.jf.intel.com with ESMTP; 12 Aug 2022 15:57:53 -0700
Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by
 ORSMSX603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2375.28; Fri, 12 Aug 2022 15:57:53 -0700
Received: from orsmsx607.amr.corp.intel.com (10.22.229.20) by
 ORSMSX611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2375.28; Fri, 12 Aug 2022 15:57:52 -0700
Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by
 orsmsx607.amr.corp.intel.com (10.22.229.20) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2375.28 via Frontend Transport; Fri, 12 Aug 2022 15:57:52 -0700
Received: from NAM02-DM3-obe.outbound.protection.outlook.com (104.47.56.41) by
 edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2375.28; Fri, 12 Aug 2022 15:57:52 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=nz1E7U32WIZbXR5iNlC19BrNyCVmFVQro3EKfZZYKmBWCVO7Yln/78FyjAhWXCq8tYr1QqdFeqp46P8NiVOG28sWXQpwKQzaTNWpP17qBnLbFzE/ATNUP/W8nYB6yoM51dhySeqDXRQWTz0gpljBEs2ptXb9cshrjgk83A1v72QWSfFPhHMi0kFPMwdrmK1trJG5yhkxsCmdftRLdBVRP/ECNFN/qP0dL9W2KSjlj4teBZ+ID/o759p52vr3ZsfxfLLnUWD3muNAORd/eWG6GmlsRFTQ57xJYfIJh88nwMSIyaEQAYaYRQDwWTH6pbbk1banlK40nxZKu1XaKZgKhQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=LTHKJ5RzWcoVPvMKltiU2tfa8FWRsK2qlGO3j/rrQT4=;
 b=NAczBFPeJgM10VvPwLvbOwDKjlYl6nKHjayNnJmAowxwh0CULQll6tiM69nVdajOK7wiRsRbqkW0MkOpbNbRGsyQNzDQCf7UuIukvNwTRZ7aSJVvSSOlHgZP/pnlk6x59WVUXsXsJSKkhPkL5LFgPlnWgPw7+4SVFojOvyz+qix/kOO7Olr9ZYUAoIZaPnUI/kWL/AEq4A1TEJUAWxWSnseCeGlge6e0cpjQ8Ki7kHhhcuLJvR7mspwzVuO+PWVraJ8lxdSx4HD4xQQQa6DOtwl4eE9FqK4k5kRPXsbVA2Jhv5H02NYXsalE8TIiP2rn5Pu5WNmt2X73Zz/W1tdZIg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
Received: from CY5PR11MB6260.namprd11.prod.outlook.com (2603:10b6:930:23::16)
 by BN6PR11MB1284.namprd11.prod.outlook.com (2603:10b6:404:49::9) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5525.10; Fri, 12 Aug
 2022 22:57:48 +0000
Received: from CY5PR11MB6260.namprd11.prod.outlook.com
 ([fe80::d51:f743:8ca2:8160]) by CY5PR11MB6260.namprd11.prod.outlook.com
 ([fe80::d51:f743:8ca2:8160%7]) with mapi id 15.20.5525.011; Fri, 12 Aug 2022
 22:57:48 +0000
From: "Guo Dong" <guo.dong@intel.com>
To: "Tan, Dun" <dun.tan@intel.com>, "devel@edk2.groups.io"
	<devel@edk2.groups.io>
CC: "Ni, Ray" <ray.ni@intel.com>, Maurice Ma <maurice.ma@intel.com>, "You,
 Benjamin" <benjamin.you@intel.com>, "Rhodes, Sean" <sean@starlabs.systems>
Subject: Re: [Patch V2 2/2] UefiPayloadPkg: Remove clearing CR0.WP when protecting pagetable
Thread-Topic: [Patch V2 2/2] UefiPayloadPkg: Remove clearing CR0.WP when
 protecting pagetable
Thread-Index: AQHYrHroU66F0wdmzkWs6lzSqdlvua2r5Obw
Date: Fri, 12 Aug 2022 22:57:48 +0000
Message-ID: <CY5PR11MB626042C4D6E6132292EED0F09E679@CY5PR11MB6260.namprd11.prod.outlook.com>
References: <20220810053400.317-1-dun.tan@intel.com>
 <20220810053400.317-3-dun.tan@intel.com>
In-Reply-To: <20220810053400.317-3-dun.tan@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
dlp-reaction: no-action
dlp-version: 11.6.500.17
authentication-results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 4f036e55-9c47-4942-5e84-08da7cb613ef
x-ms-traffictypediagnostic: BN6PR11MB1284:EE_
x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: pNhat7z6EA5x5TYDn4Pw2aEPmt3z3dvda7RoNZb2qeZaWjAZxHrA4HjyR0eY5/I8cvnICAKbU6YobamK9TafzbQgeXuB8CcIhVjbZz7ctVZhphFBw4fYTEgOMeygvpufd+kVMfrsSQoXbOewFOBzw6b/FMxlTyVjv/ooK4cMzUGluZnSRu5frGBqRel2BpmYTe3+MPXtL3JRf3F9QS6R50Q4QM69DtIdnw/1ZhsDMZMTzdC3tv4LBjAvmGtjtWfBcnejE8k5rxU7TGmnZTDTHNYqFqjK8it8m4ApJMJ0W1BrKMyfSDGjP8QC7d1TxkMVvAWQMtRITPbE5kVPf8V0bxf/g/SFDbAMXiO8yUCcBbkOLoYpT4ur1ZDvBjuv0VRuq+JujHV0OwlODxatZdWw64lsiD141CoWRldBNT7dUXNbOKkqC8z+gutkqc799C/7bHdbnV+a4JD7wdsuDR9VWpCPhMz+zGtwTzMsaDqc9bqVMt7s5SW/NLTHxgt3mcM6I8xorOsCU6xC4bm2G6tHg2/Pj5VXWkMQjcOVhI2ey1Y75iinq3zSfni5ESgCRRmp6o7VOc18wv1pJbmJKwF9aNj4sfKqxwxOr6AGqKpwn+k/VEQUw3XMUa0CTY8kkCzZgzXAeZjpO891b5H3RatqLS3iTah9WPFHNEAqLW8/1YKj62K9ssU5VGbjb7hY+CkD90cYBsUVGXe/4G11ADMFfhpdOtYA9VOuYNzmoLWT864ETjHrNTbYl+li+Z5qsbXHi+FGYlwn4BSQvlRP/ylOc8VqsNNA/8UHQUXWh8GVAjWMe3KqqXqCy0vzFJ2+TC4+
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY5PR11MB6260.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230016)(396003)(366004)(39860400002)(376002)(136003)(346002)(186003)(82960400001)(83380400001)(55016003)(122000001)(38100700002)(478600001)(71200400001)(316002)(66556008)(41300700001)(76116006)(54906003)(52536014)(5660300002)(38070700005)(110136005)(2906002)(66446008)(8936002)(66946007)(64756008)(9686003)(8676002)(6506007)(53546011)(4326008)(33656002)(7696005)(66476007)(86362001);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?ApUfBSfJljfOMCkAEwPWNaDFAs6iJc4BUyaEjasRCPdah4B0OwrGS6x4QIYT?=
 =?us-ascii?Q?5ug9XzQBEl8WY0KQmMlI36kC7BWg8pzCNSrI12xJDVoa/MeQok9eTKZUDQBR?=
 =?us-ascii?Q?5VLlNTfgKPY9v8OZ+9dj5BX4WHL3RjIlARiWcMyRTDT+z59tzoo/xMbn7xfU?=
 =?us-ascii?Q?FzlKeg9VnbtWZoT6Ej9DVYNncN3wC1yUQIX4hBu8oki4BRmjWedzWxPf0Imk?=
 =?us-ascii?Q?2kMrwcB6HYbxiXFChjml6NUPeiFuLqIR//nYpDtt/emG0Uz5dVWdSNeuHq4/?=
 =?us-ascii?Q?O3k6OSVy8DzeOjIiF+XKc/crrH/F4jJLKawcUOCgZY3qW8wVmygklLrIAkPH?=
 =?us-ascii?Q?rJUvx6M/74K3j81SXO511DS/u6kPgbxcq5bemi4HrqVNNG5dC4KBC/2TTCwA?=
 =?us-ascii?Q?yX4KfkKLbDmUgNO4iG1LngKVkDApuf1XeO5zP5UqtFZ07jCW7KQ5tSqA2vG0?=
 =?us-ascii?Q?336uz0WQ505W4eSq9OPonJhplJRMOYRniYy6SxEhxE5jL23WMZQGCFRTi5aa?=
 =?us-ascii?Q?coy3wqAV/SZNEKu56kpJvMKaKnA/fH4Hw2VMpj8d+t+dJZcH8WQxhUdpXd1h?=
 =?us-ascii?Q?aCl7UJlCfVDHqAP0rPfhcmjZAZgoAVg+6sagxlFq5Oz3TA+L/ENzjl2G0yQU?=
 =?us-ascii?Q?19Yv7weImLiey5qAqO4b8+8aXibktO7wdxN2LpFIvVygBHIK1VVOZsBjQFw5?=
 =?us-ascii?Q?BWj06+innqzOKz+5576GVPnlHPfWhzPjWHh1sq7E/7KiNdSNkqyx0j5dAhWj?=
 =?us-ascii?Q?Cjr4IpeCPecmuTQr6aeXdgooYtsZaoLTvrdL4SwopaGNpNVLZoFhOplPaJUL?=
 =?us-ascii?Q?HTCM6uG31HW+dYSANB2/1MbzsTPnRJxzv4CqLJ/+EPThkZLl332MeXqAB5lS?=
 =?us-ascii?Q?Ktn70OK6XrMJ5hUQX9bHVJ5EPMssxhIaAjfVpVNMmzxDXhOAb06pp6KJHvl1?=
 =?us-ascii?Q?b3v8TybUEE9QZyzOw6PlrB7LcKOoClq6CJ6AhC78DGxo0KrP8ovu0JSMHE/S?=
 =?us-ascii?Q?mL8l46IvUbYuTpQDK4Sh2lsZBEtJ1wtPR5wAW+fMJIUuu3Bvcq67m62WGGf5?=
 =?us-ascii?Q?SxKQqf/nuNR/ASifCdpYSu1n99cnKCIyogfSKLkmmkA+JoahuQX3EWlP68ZX?=
 =?us-ascii?Q?jRqJgmmHX4j1ueYfln5IQNqnWSwN8av39mO8GoGR45Nuz37w23kqgW/HBzfk?=
 =?us-ascii?Q?1ezn/umGmHtqXE2jSJyHT96RPKbr8Ap6IQwOGNzV7lcZU6XpYu38oiy2H7FM?=
 =?us-ascii?Q?7pQN7lXPlp9PXNpl19LkkBo/PVfWhDBChe3Sv2xDcDYrAWiFefxzUlfn67tV?=
 =?us-ascii?Q?Wq6jAhwFl0nADJ3U4cvru+W1lpks8hYbk7v532Ppo6uGnM0aLIXwa6Gx7MZJ?=
 =?us-ascii?Q?qN209Td8rwxrvEPSc6GbsN9/z1pK+WOx6AbZ/kAV9bA1C9xKyhe6GqdVSYJl?=
 =?us-ascii?Q?87MmsUaYqF+KJ10uVl5r513WsfxQycYd6GDt/ttiT/gGoniwGRgXn0vBfz6S?=
 =?us-ascii?Q?ifuQnY6K1lWgSDFs6vs8Gqhn1P84TAD9Tzacrw8f8Lh5wOg9xC1UQK/hDwVm?=
 =?us-ascii?Q?VlZHPve2ZgDYsbXOflSlV8EHogscjPGsvJC4bN4sBnTDXNxKGfo4EMjl9w4k?=
 =?us-ascii?Q?WJNt0lS9ZzrV7P1iD1Z5FBudKXgmWVYxf7VSdKZ1TY4E?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CY5PR11MB6260.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 4f036e55-9c47-4942-5e84-08da7cb613ef
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Aug 2022 22:57:48.6068
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: VA6KsmFUrvbHLDNUwoun9Toe+gLmAQip7mFxXL0C1lU3koi0cGr54TGXckOEL91VGufP7QhG3a4Vqftso++Log==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR11MB1284
Return-Path: guo.dong@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable


Reviewed-by: Guo Dong <guo.dong@intel.com>

-----Original Message-----
From: Tan, Dun <dun.tan@intel.com>=20
Sent: Tuesday, August 9, 2022 10:34 PM
To: devel@edk2.groups.io
Cc: Dong, Guo <guo.dong@intel.com>; Ni, Ray <ray.ni@intel.com>; Maurice Ma =
<maurice.ma@intel.com>; You, Benjamin <benjamin.you@intel.com>; Rhodes, Sea=
n <sean@starlabs.systems>
Subject: [Patch V2 2/2] UefiPayloadPkg: Remove clearing CR0.WP when protect=
ing pagetable

Remove clearing CR0.WP when marking the memory used for page table as read-=
only in the page table itself created by UefiPayloadEntry.
This page table address is written to Cr3 after these protection steps. Til=
l this, the memory used for page table is always RW.

Signed-off-by: Dun Tan <dun.tan@intel.com>
Cc: Guo Dong <guo.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Maurice Ma <maurice.ma@intel.com>
Cc: Benjamin You <benjamin.you@intel.com>
Cc: Sean Rhodes <sean@starlabs.systems>
---
 UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c b/UefiPayl=
oadPkg/UefiPayloadEntry/X64/VirtualMemory.c
index 74b667a62a..a586941352 100644
--- a/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c
+++ b/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c
@@ -622,12 +622,7 @@ EnablePageTableProtection (
   }
=20
   //
-  // Disable write protection, because we need to mark page table to be wr=
ite
-  // protected.
-  //
-  AsmWriteCr0 (AsmReadCr0 () & ~CR0_WP);
-
-  //
+  // No need to clear CR0.WP since PageTableBase has't been written to CR3=
 yet.
   // SetPageTablePoolReadOnly might update mPageTablePool. It's safer to
   // remember original one in advance.
   //
--
2.31.1.windows.1