From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: eric.dong@intel.com) Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by groups.io with SMTP; Fri, 19 Jul 2019 00:52:04 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Jul 2019 00:52:02 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,281,1559545200"; d="scan'208";a="252085514" Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202]) by orsmga001.jf.intel.com with ESMTP; 19 Jul 2019 00:52:02 -0700 Received: from shsmsx154.ccr.corp.intel.com (10.239.6.54) by fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS) id 14.3.439.0; Fri, 19 Jul 2019 00:52:00 -0700 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.3]) by SHSMSX154.ccr.corp.intel.com ([169.254.7.240]) with mapi id 14.03.0439.000; Fri, 19 Jul 2019 15:51:58 +0800 From: "Dong, Eric" To: "devel@edk2.groups.io" , "Ni, Ray" CC: "Yao, Jiewen" , "Wang, Jian J" Subject: Re: [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpu: Allow SMM access-out when static paging is OFF Thread-Topic: [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpu: Allow SMM access-out when static paging is OFF Thread-Index: AQHVPTY/WpXbbFfyG0Gvo0SG6rQN26bRky6g Date: Fri, 19 Jul 2019 07:51:58 +0000 Message-ID: References: <20190718065807.434928-1-ray.ni@intel.com> In-Reply-To: <20190718065807.434928-1-ray.ni@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Return-Path: eric.dong@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Eric Dong > -----Original Message----- > From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of Ni= , > Ray > Sent: Thursday, July 18, 2019 2:58 PM > To: devel@edk2.groups.io > Cc: Dong, Eric ; Yao, Jiewen = ; > Wang, Jian J > Subject: [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpu: Allow SMM access- > out when static paging is OFF >=20 > Commit c60d36b4d1ee1f69b7cca897d3621dfa951895c2 > * UefiCpuPkg/SmmCpu: Block access-out only when static paging is used >=20 > updated page fault handler to treat SMM access-out as allowed address > when static paging is not used. >=20 > But that commit is not complete because the page table is still updated = in > SetUefiMemMapAttributes() for non-SMRAM memory. When SMM code > accesses non-SMRAM memory, page fault is still generated. >=20 > This patch skips to update page table for non-SMRAM memory and page > table itself. >=20 > Signed-off-by: Ray Ni > Cc: Eric Dong > Cc: Jiewen Yao > Cc: Jian J Wang > --- > UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 21 > +++++++++++++++------ > 1 file changed, 15 insertions(+), 6 deletions(-) >=20 > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c > b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c > index 2f7d777ee7..f75e75f55c 100644 > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c > @@ -1103,6 +1103,9 @@ FindSmramInfo ( > *SmrrBase =3D (UINT32)CurrentSmramRange->CpuStart; > *SmrrSize =3D (UINT32)CurrentSmramRange->PhysicalSize; >=20 > + // > + // Extend *SmrrBase/*SmrrSize to include adjacent SMRAM ranges // > do { > Found =3D FALSE; > for (Index =3D 0; Index < mSmmCpuSmramRangeCount; Index++) { @@ - > 1414,14 +1417,20 @@ PerformRemainingTasks ( > SetMemMapAttributes (); >=20 > // > - // For outside SMRAM, we only map SMM communication buffer or > MMIO. > + // Do not protect memory outside SMRAM when SMM static page table i= s > not enabled. > // > - SetUefiMemMapAttributes (); > + if (mCpuSmmStaticPageTable) { >=20 > - // > - // Set page table itself to be read-only > - // > - SetPageTableAttributes (); > + // > + // For outside SMRAM, we only map SMM communication buffer or > MMIO. > + // > + SetUefiMemMapAttributes (); > + > + // > + // Set page table itself to be read-only > + // > + SetPageTableAttributes (); > + } >=20 > // > // Configure SMM Code Access Check feature if available. > -- > 2.21.0.windows.1 >=20 >=20 >=20