From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.93; helo=mga11.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id EDD562267F10D for ; Wed, 11 Apr 2018 22:44:51 -0700 (PDT) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Apr 2018 22:44:51 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.48,440,1517904000"; d="scan'208";a="32068286" Received: from fmsmsx105.amr.corp.intel.com ([10.18.124.203]) by fmsmga008.fm.intel.com with ESMTP; 11 Apr 2018 22:44:51 -0700 Received: from fmsmsx121.amr.corp.intel.com (10.18.125.36) by FMSMSX105.amr.corp.intel.com (10.18.124.203) with Microsoft SMTP Server (TLS) id 14.3.319.2; Wed, 11 Apr 2018 22:44:51 -0700 Received: from shsmsx151.ccr.corp.intel.com (10.239.6.50) by fmsmsx121.amr.corp.intel.com (10.18.125.36) with Microsoft SMTP Server (TLS) id 14.3.319.2; Wed, 11 Apr 2018 22:44:51 -0700 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.151]) by SHSMSX151.ccr.corp.intel.com ([169.254.3.149]) with mapi id 14.03.0319.002; Thu, 12 Apr 2018 13:44:48 +0800 From: "Wang, Jian J" To: "Zeng, Star" , "edk2-devel@lists.01.org" CC: "Dong, Eric" , "Yao, Jiewen" , "Ni, Ruiyu" , "Kinney, Michael D" Thread-Topic: [PATCH v2] MdeModulePkg/PiSmmIpl: fix non-executable SMM RAM Thread-Index: AQHT0iBhszrBHWleckG/cNl5sPi4taP8nfjw Date: Thu, 12 Apr 2018 05:44:48 +0000 Message-ID: References: <20180412045807.5060-1-jian.j.wang@intel.com> <0C09AFA07DD0434D9E2A0C6AEB0483103BAAC2E8@shsmsx102.ccr.corp.intel.com> In-Reply-To: <0C09AFA07DD0434D9E2A0C6AEB0483103BAAC2E8@shsmsx102.ccr.corp.intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiMmFkOGUzMTMtMmJhNi00YWM0LWIyZGItYmM2MzY4NmIwNzA2IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjIuNS4xOCIsIlRydXN0ZWRMYWJlbEhhc2giOiJmUTNScCtER3JubkZvZzZmbEQxMDZ0SWVYVUZvM3ZOdXduNWlzOUFZeGZycjhJeEQ5bEIrbmMyNUdCT1BESXBFIn0= x-ctpclassification: CTP_NT dlp-product: dlpe-windows dlp-version: 11.0.0.116 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH v2] MdeModulePkg/PiSmmIpl: fix non-executable SMM RAM X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Apr 2018 05:44:52 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Right, I checked the GCD code. Capabilities has only effect with "set" attr= ibutes. Regards, Jian > -----Original Message----- > From: Zeng, Star > Sent: Thursday, April 12, 2018 1:38 PM > To: Wang, Jian J ; edk2-devel@lists.01.org > Cc: Dong, Eric ; Yao, Jiewen ;= Ni, > Ruiyu ; Kinney, Michael D ; > Zeng, Star > Subject: RE: [PATCH v2] MdeModulePkg/PiSmmIpl: fix non-executable SMM > RAM >=20 > Has no need to set paging capability as the code is going to clear paging > attribute. >=20 > With that refined, Reviewed-by: Star Zeng . >=20 >=20 > Thanks, > Star >=20 > -----Original Message----- > From: Wang, Jian J > Sent: Thursday, April 12, 2018 12:58 PM > To: edk2-devel@lists.01.org > Cc: Zeng, Star ; Dong, Eric ; Y= ao, > Jiewen ; Ni, Ruiyu ; Kinney, > Michael D > Subject: [PATCH v2] MdeModulePkg/PiSmmIpl: fix non-executable SMM RAM >=20 > > v2 changes: > > a. Remove redundant code and fill-up potential logic hole > > b. Code clean-up > > c. Fix error in commit log >=20 > This patch fixes an issue introduced by commit >=20 > 5b91bf82c67b586b9588cbe4bbffa1588f6b5926 >=20 > and >=20 > 0c9f2cb10b7ddec56a3440e77219fd3ab1725e5c >=20 > This issue will only happen if PcdDxeNxMemoryProtectionPolicy is enabled = for > reserved memory, which will mark SMM RAM as NX (non- > executable) during DXE core initialization. SMM IPL driver will unset the= NX > attribute for SMM RAM to allow loading and running SMM core/drivers. >=20 > But above commit will fail the unset operation of the NX attribute due to= a fact > that SMM RAM has zero cache attribute (MRC code always sets 0 attribute t= o > reserved memory), which will cause GCD internal method > ConverToCpuArchAttributes() to return 0 attribute, which is taken as inva= lid CPU > paging attribute and skip the calling of > gCpu->SetMemoryAttributes(). >=20 > The solution is to make use of existing functionality in PiSmmIpl to make= sure > one cache attribute is set for SMM RAM. For performance consideration, > PiSmmIpl will always try to set SMM RAM to write-back. > But there's a hole in the code which will fail the setting write-back att= ribute > because of no corresponding cache capabilities. This patch will add neces= sary > cache capabilities before setting corresponding attributes. >=20 > Cc: Star Zeng > Cc: Eric Dong > Cc: Jiewen Yao > Cc: Ruiyu Ni > Cc: Michael D Kinney > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Jian J Wang > --- > MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c | 51 > ++++++++++++++++++++++++---------- > 1 file changed, 37 insertions(+), 14 deletions(-) >=20 > diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c > b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c > index 94d671bd74..dee6e62bf4 100644 > --- a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c > +++ b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c > @@ -42,6 +42,15 @@ >=20 > #include "PiSmmCorePrivateData.h" >=20 > +#define SMRAM_CAPABILITIES \ > + (EFI_MEMORY_WB | EFI_MEMORY_UC | EFI_MEMORY_XP | > EFI_MEMORY_RP | > +EFI_MEMORY_RO) > + > +#define MEMORY_CACHE_ATTRIBUTES (EFI_MEMORY_UC | > EFI_MEMORY_WC | \ > + EFI_MEMORY_WT | EFI_MEMORY_WB | \ > + EFI_MEMORY_WP | EFI_MEMORY_UCE) > + > +#define MEMORY_PAGE_ATTRIBUTES (EFI_MEMORY_XP | EFI_MEMORY_RP | > +EFI_MEMORY_RO) > + > // > // Function prototypes from produced protocols // @@ -1617,34 +1626,48 > @@ SmmIplEntry ( >=20 > GetSmramCacheRange (mCurrentSmramRange, &mSmramCacheBase, > &mSmramCacheSize); > // > + // Make sure we can change the desired memory attributes. > + // > + Status =3D gDS->GetMemorySpaceDescriptor ( > + mSmramCacheBase, > + &MemDesc > + ); > + ASSERT_EFI_ERROR (Status); > + if ((MemDesc.Capabilities & SMRAM_CAPABILITIES) !=3D > SMRAM_CAPABILITIES) { > + gDS->SetMemorySpaceCapabilities ( > + mSmramCacheBase, > + mSmramCacheSize, > + MemDesc.Capabilities | SMRAM_CAPABILITIES > + ); > + } > + // > // If CPU AP is present, attempt to set SMRAM cacheability to WB and= clear > - // XP if it's set. > + // all paging attributes. > // Note that it is expected that cacheability of SMRAM has been set = to WB if > CPU AP > // is not available here. > // > CpuArch =3D NULL; > Status =3D gBS->LocateProtocol (&gEfiCpuArchProtocolGuid, NULL, (VOI= D > **)&CpuArch); > if (!EFI_ERROR (Status)) { > - Status =3D gDS->SetMemorySpaceAttributes( > - mSmramCacheBase, > + MemDesc.Attributes &=3D ~(MEMORY_CACHE_ATTRIBUTES | > MEMORY_PAGE_ATTRIBUTES); > + MemDesc.Attributes |=3D EFI_MEMORY_WB; > + Status =3D gDS->SetMemorySpaceAttributes ( > + mSmramCacheBase, > mSmramCacheSize, > - EFI_MEMORY_WB > + MemDesc.Attributes > ); > if (EFI_ERROR (Status)) { > DEBUG ((DEBUG_WARN, "SMM IPL failed to set SMRAM window to > EFI_MEMORY_WB\n")); > } >=20 > - Status =3D gDS->GetMemorySpaceDescriptor( > - mCurrentSmramRange->PhysicalStart, > - &MemDesc > - ); > - if (!EFI_ERROR (Status) && (MemDesc.Attributes & EFI_MEMORY_XP) != =3D 0) { > - gDS->SetMemorySpaceAttributes ( > - mCurrentSmramRange->PhysicalStart, > - mCurrentSmramRange->PhysicalSize, > - MemDesc.Attributes & (~EFI_MEMORY_XP) > + DEBUG_CODE ( > + gDS->GetMemorySpaceDescriptor ( > + mSmramCacheBase, > + &MemDesc > ); > - } > + DEBUG ((DEBUG_INFO, "SMRAM attributes: %016lx\n", > MemDesc.Attributes)); > + ASSERT ((MemDesc.Attributes & MEMORY_PAGE_ATTRIBUTES) =3D=3D 0); > + ); > } > // > // if Loading module at Fixed Address feature is enabled, save the S= MRAM > base to Load > -- > 2.16.2.windows.1