From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.120; helo=mga04.intel.com; envelope-from=eric.dong@intel.com; receiver=edk2-devel@lists.01.org Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id B137D21D2BEE0 for ; Tue, 16 Jan 2018 05:57:53 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 16 Jan 2018 06:02:54 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.46,368,1511856000"; d="scan'208";a="166501874" Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206]) by orsmga004.jf.intel.com with ESMTP; 16 Jan 2018 06:02:53 -0800 Received: from fmsmsx115.amr.corp.intel.com (10.18.116.19) by FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 16 Jan 2018 06:02:53 -0800 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by fmsmsx115.amr.corp.intel.com (10.18.116.19) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 16 Jan 2018 06:02:52 -0800 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.189]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.93]) with mapi id 14.03.0319.002; Tue, 16 Jan 2018 22:02:51 +0800 From: "Dong, Eric" To: "Wang, Jian J" , "edk2-devel@lists.01.org" CC: "Yao, Jiewen" , "Ni, Ruiyu" , Laszlo Ersek Thread-Topic: [PATCH 4/6] UefiCpuPkg/PiSmmCpuDxeSmm: Enable NXE if it's supported Thread-Index: AQHTjd6KPgOg1pVY90aGf97ic7Q+5aN2iZ+A Date: Tue, 16 Jan 2018 14:02:50 +0000 Message-ID: References: <20180115085433.25008-1-jian.j.wang@intel.com> <20180115085433.25008-5-jian.j.wang@intel.com> In-Reply-To: <20180115085433.25008-5-jian.j.wang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiM2Y3MThkY2UtMzQ0Yi00Mzg3LWExMzktZDg0M2QxM2JmNTczIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjIuNS4xOCIsIlRydXN0ZWRMYWJlbEhhc2giOiJzcnQ2RXFrMG9ORDB1VEhXbnRacGp1XC9PUnZ0WXNiTnRVYzVHMklvc1htdjZlZ0Z1bXNSZ0l2WDJwSkVcL09YSjQifQ== x-ctpclassification: CTP_NT dlp-product: dlpe-windows dlp-version: 11.0.0.116 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH 4/6] UefiCpuPkg/PiSmmCpuDxeSmm: Enable NXE if it's supported X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jan 2018 13:57:54 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Eric Dong > -----Original Message----- > From: Wang, Jian J > Sent: Monday, January 15, 2018 4:55 PM > To: edk2-devel@lists.01.org > Cc: Yao, Jiewen ; Ni, Ruiyu ; > Dong, Eric ; Laszlo Ersek > Subject: [PATCH 4/6] UefiCpuPkg/PiSmmCpuDxeSmm: Enable NXE if it's > supported >=20 > If PcdDxeNxMemoryProtectionPolicy is set to enable protection for memory > of EfiBootServicesCode, EfiConventionalMemory, the BIOS will hang at a > page fault exception triggered by PiSmmCpuDxeSmm. >=20 > The root cause is that PiSmmCpuDxeSmm will access default SMM RAM > starting at 0x30000 which is marked as non-executable, but NX feature was > not enabled during SMM initialization. Accessing memory which has invalid > attributes set will cause page fault exception. This patch fixes it by ch= ecking > NX capability in cpuid and enable NXE in EFER MSR if it's available. >=20 > Cc: Jiewen Yao > Cc: Ruiyu Ni > Cc: Eric Dong > Cc: Laszlo Ersek > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Jian J Wang > --- > UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm | 14 ++++++++++++++ > UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm | 12 +++++++++++- > 2 files changed, 25 insertions(+), 1 deletion(-) >=20 > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm > b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm > index d9df3626c7..db172f108a 100644 > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.nasm > @@ -42,6 +42,11 @@ ASM_PFX(gcSmiInitGdtr): >=20 > global ASM_PFX(SmmStartup) > ASM_PFX(SmmStartup): > + DB 0x66 > + mov eax, 0x80000001 ; read capability > + cpuid > + DB 0x66 > + mov ebx, edx ; rdmsr will change edx. keep it= in ebx. > DB 0x66, 0xb8 > ASM_PFX(gSmmCr3): DD 0 > mov cr3, eax > @@ -50,6 +55,15 @@ ASM_PFX(gSmmCr3): DD 0 > DB 0x66, 0xb8 > ASM_PFX(gSmmCr4): DD 0 > mov cr4, eax > + DB 0x66 > + mov ecx, 0xc0000080 ; IA32_EFER MSR > + rdmsr > + DB 0x66 > + test ebx, BIT20 ; check NXE capability > + jz .1 > + or ah, BIT3 ; set NXE bit > + wrmsr > +.1: > DB 0x66, 0xb8 > ASM_PFX(gSmmCr0): DD 0 > DB 0xbf, PROTECT_MODE_DS, 0 ; mov di, PROTECT_MODE_DS > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm > b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm > index 9d05e2cb05..2a3a1141c3 100644 > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.nasm > @@ -42,6 +42,11 @@ ASM_PFX(gcSmiInitGdtr): >=20 > global ASM_PFX(SmmStartup) > ASM_PFX(SmmStartup): > + DB 0x66 > + mov eax, 0x80000001 ; read capability > + cpuid > + DB 0x66 > + mov ebx, edx ; rdmsr will change edx. keep it= in ebx. > DB 0x66, 0xb8 ; mov eax, imm32 > ASM_PFX(gSmmCr3): DD 0 > mov cr3, rax > @@ -54,7 +59,12 @@ ASM_PFX(gSmmCr4): DD 0 > DB 0x66 > mov ecx, 0xc0000080 ; IA32_EFER MSR > rdmsr > - or ah, 1 ; set LME bit > + or ah, BIT0 ; set LME bit > + DB 0x66 > + test ebx, BIT20 ; check NXE capability > + jz .1 > + or ah, BIT3 ; set NXE bit > +.1: > wrmsr > DB 0x66, 0xb8 ; mov eax, imm32 > ASM_PFX(gSmmCr0): DD 0 > -- > 2.15.1.windows.2