From: "Ni, Ray" <ray.ni@intel.com>
To: "Sheng, W" <w.sheng@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Dong, Eric" <eric.dong@intel.com>,
Laszlo Ersek <lersek@redhat.com>,
"Wu, Jiaxin" <jiaxin.wu@intel.com>,
"Tan, Dun" <dun.tan@intel.com>
Subject: Re: [edk2-devel] [PATCH v6 5/6] UefiCpuPkg: Backup and Restore MSR IA32_U_CET in SMI handler.
Date: Tue, 21 Nov 2023 07:53:59 +0000 [thread overview]
Message-ID: <MN6PR11MB8244D38A96E351C74BFF1C828CBBA@MN6PR11MB8244.namprd11.prod.outlook.com> (raw)
In-Reply-To: <20231121070246.505-6-w.sheng@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Thanks,
Ray
> -----Original Message-----
> From: Sheng, W <w.sheng@intel.com>
> Sent: Tuesday, November 21, 2023 3:03 PM
> To: devel@edk2.groups.io
> Cc: Dong, Eric <eric.dong@intel.com>; Ni, Ray <ray.ni@intel.com>; Laszlo
> Ersek <lersek@redhat.com>; Wu, Jiaxin <jiaxin.wu@intel.com>; Tan, Dun
> <dun.tan@intel.com>
> Subject: [PATCH v6 5/6] UefiCpuPkg: Backup and Restore MSR IA32_U_CET in
> SMI handler.
>
> OS may enable CET-IBT feature by set MSR IA32_U_CET.bit2.
> If IA32_U_CET.bit2 is set, CPU is in WAIT_FOR_ENDBRANCH state and
> the next assemble code is not ENDBR, it will trigger #CP exception
> when set CR4.CET bit.
> SMI handler needs to backup MSR IA32_U_CET and clear MSR IA32_U_CET
> before set CR4.CET bit,
> And SMI handler needs to restore MSR IA32_U_CET when exit SMI handler.
>
> Signed-off-by: Sheng Wei <w.sheng@intel.com>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Wu Jiaxin <jiaxin.wu@intel.com>
> Cc: Tan Dun <dun.tan@intel.com>
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> ---
> UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 15
> +++++++++++++++
> UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 15
> +++++++++++++++
> 2 files changed, 30 insertions(+)
>
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
> b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
> index 1da9afab97..9e1155dee6 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
> @@ -202,11 +202,21 @@ ASM_PFX(mPatchCetSupported):
> push edx
>
> push eax
>
>
>
> + mov ecx, MSR_IA32_U_CET
>
> + rdmsr
>
> + push edx
>
> + push eax
>
> +
>
> mov ecx, MSR_IA32_PL0_SSP
>
> rdmsr
>
> push edx
>
> push eax
>
>
>
> + mov ecx, MSR_IA32_U_CET
>
> + xor eax, eax
>
> + xor edx, edx
>
> + wrmsr
>
> +
>
> mov ecx, MSR_IA32_S_CET
>
> mov eax, MSR_IA32_CET_SH_STK_EN
>
> xor edx, edx
>
> @@ -276,6 +286,11 @@ CetDone:
> pop edx
>
> wrmsr
>
>
>
> + mov ecx, MSR_IA32_U_CET
>
> + pop eax
>
> + pop edx
>
> + wrmsr
>
> +
>
> mov ecx, MSR_IA32_S_CET
>
> pop eax
>
> pop edx
>
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
> b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
> index abf9f1a90a..881d3177f7 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
> @@ -217,6 +217,11 @@ ASM_PFX(mPatchCetSupported):
> push rdx
>
> push rax
>
>
>
> + mov ecx, MSR_IA32_U_CET
>
> + rdmsr
>
> + push rdx
>
> + push rax
>
> +
>
> mov ecx, MSR_IA32_PL0_SSP
>
> rdmsr
>
> push rdx
>
> @@ -227,6 +232,11 @@ ASM_PFX(mPatchCetSupported):
> push rdx
>
> push rax
>
>
>
> + mov ecx, MSR_IA32_U_CET
>
> + xor eax, eax
>
> + xor edx, edx
>
> + wrmsr
>
> +
>
> mov ecx, MSR_IA32_S_CET
>
> mov eax, MSR_IA32_CET_SH_STK_EN
>
> xor edx, edx
>
> @@ -325,6 +335,11 @@ mCetSupportedAbsAddr:
> pop rdx
>
> wrmsr
>
>
>
> + mov ecx, MSR_IA32_U_CET
>
> + pop rax
>
> + pop rdx
>
> + wrmsr
>
> +
>
> mov ecx, MSR_IA32_S_CET
>
> pop rax
>
> pop rdx
>
> --
> 2.26.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111529): https://edk2.groups.io/g/devel/message/111529
Mute This Topic: https://groups.io/mt/102724276/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/xyzzy [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2023-11-21 7:54 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-21 7:02 [edk2-devel] [PATCH v6 0/6] MdePkg: Add macro definitions for CET feature for NASM files Sheng Wei
2023-11-21 7:02 ` [edk2-devel] [PATCH v6 1/6] " Sheng Wei
2023-11-21 7:53 ` Ni, Ray
2023-11-22 16:51 ` Laszlo Ersek
2023-11-24 7:54 ` Ni, Ray
2023-11-21 7:02 ` [edk2-devel] [PATCH v6 2/6] UefiCpuPkg: Use macro CR4_CET_BIT to replace hard code value in Cet.nasm Sheng Wei
2023-11-21 7:53 ` Ni, Ray
2023-11-21 7:02 ` [edk2-devel] [PATCH v6 3/6] UefiCpuPkg: Use CET macro definitions in Cet.inc for SmiEntry.nasm files Sheng Wei
2023-11-21 7:53 ` Ni, Ray
2023-11-21 7:02 ` [edk2-devel] [PATCH v6 4/6] UefiCpuPkg: Only change CR4.CET bit for enable and disable CET Sheng Wei
2023-11-21 7:53 ` Ni, Ray
2023-11-21 7:02 ` [edk2-devel] [PATCH v6 5/6] UefiCpuPkg: Backup and Restore MSR IA32_U_CET in SMI handler Sheng Wei
2023-11-21 7:53 ` Ni, Ray [this message]
2023-11-21 7:02 ` [edk2-devel] [PATCH v6 6/6] MdePkg: Use macro CR4_CET_BIT to replace hard code value Sheng Wei
2023-11-21 7:54 ` Ni, Ray
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=MN6PR11MB8244D38A96E351C74BFF1C828CBBA@MN6PR11MB8244.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox