From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+111529+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 8D8557803D2
	for <rebecca@openfw.io>; Tue, 21 Nov 2023 07:54:06 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=B+2DOQc57C3T9U7dO0JkUTAt2bkK/1ZvAM9BhkP017k=;
 c=relaxed/simple; d=groups.io;
 h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding;
 s=20140610; t=1700553245; v=1;
 b=nOq/H7HjcDxmTELsYHze348IzAfCx29O7mfi3+oplwW9/xZOGc/4ezSMKFmbnK9HT1TrY0ZI
 mY2vBo3X0tZB2pox2qqqxQPLubc4K9PSo4Brdh2ahu6jPlF+WtZjp56ZULGWwPYJd8r6StVMrXy
 iMr5JJSsRyc4cIP434NSVOQQ=
X-Received: by 127.0.0.2 with SMTP id VSzjYY7687511x7WvvY5FVpr; Mon, 20 Nov 2023 23:54:05 -0800
X-Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.20])
 by mx.groups.io with SMTP id smtpd.web10.31102.1700553243367043784
 for <devel@edk2.groups.io>;
 Mon, 20 Nov 2023 23:54:04 -0800
X-IronPort-AV: E=McAfee;i="6600,9927,10900"; a="382182246"
X-IronPort-AV: E=Sophos;i="6.04,215,1695711600"; 
   d="scan'208";a="382182246"
X-Received: from orviesa001.jf.intel.com ([10.64.159.141])
  by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Nov 2023 23:54:03 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.04,215,1695711600"; 
   d="scan'208";a="14425803"
X-Received: from orsmsx603.amr.corp.intel.com ([10.22.229.16])
  by orviesa001.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 20 Nov 2023 23:54:03 -0800
X-Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by
 ORSMSX603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.34; Mon, 20 Nov 2023 23:54:03 -0800
X-Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by
 orsmsx612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.34 via Frontend Transport; Mon, 20 Nov 2023 23:54:03 -0800
X-Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.169)
 by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2507.34; Mon, 20 Nov 2023 23:54:02 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=h8Tdh4zfjOafFfmx7iqsj+VnCGgBIU+71U3E9ndOZijpiIJ9lMYBFE1voPEdArmHGdViO9L6qMRQyduVPmYZq8OBQtjIm0csZvftW6DiFMigwyvm09pCeB5D/OxqM+hAErm64EizIzT2NCZo8CLwjEL+ivsrEmaITDtDOphT5QzalamVX+xexk3PP+dn2XdAiXVAiVCQEi6zLQszOwZxBJ3sI8LdMXVxNcV+j9sJoTWbw2IJuMyfrV7EDodlYgiSu0PUzzosOkBv0903NRFMLcxOIMQhO/yls+UgxeHJLX39Hp2KKvXHTFM15RfW1NFtgxBCLahrwrV9dDHSKn7g7g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=qWJijLwCNTpDXwsIIRARJ3HtWr3qi+AMebbtc2ctIXM=;
 b=jiPaTzFIjBdR6DHlo1snl/GwE6dyqrrUxeXdOzCzuDRdnIc91uP42t0Pq7xUZcVzgB5NPfrnDlRUjr8CqCPBWuIA3hK8YS9vl8Rg1kLFryd7DByDUw5HhN2X4ocWbCG8v99U+/jFB2E8B/0tYqyUgYBkFmv+KS1RAAJnhq9NppBlAS/RYv1dVFof1Qs4QHbsVeQExYw4pHjyJ6oF3oPn9INonqevWIWnXmqNWKVmgETVo70wqiSG8GkNMkuhstJbjuhLZhGnBzkNUcN6VWueMFxjf84VmlD/xYtsBi8jB3GWsviRQvGLICsAVL3ITuqNOtFRO8c/1lwLEK4YY5x0Wg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
X-Received: from MN6PR11MB8244.namprd11.prod.outlook.com (2603:10b6:208:470::14)
 by BN0PR11MB5695.namprd11.prod.outlook.com (2603:10b6:408:163::9) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7025.18; Tue, 21 Nov
 2023 07:53:59 +0000
X-Received: from MN6PR11MB8244.namprd11.prod.outlook.com
 ([fe80::b614:1f5e:8b0c:9858]) by MN6PR11MB8244.namprd11.prod.outlook.com
 ([fe80::b614:1f5e:8b0c:9858%4]) with mapi id 15.20.7002.028; Tue, 21 Nov 2023
 07:53:59 +0000
From: "Ni, Ray" <ray.ni@intel.com>
To: "Sheng, W" <w.sheng@intel.com>, "devel@edk2.groups.io"
	<devel@edk2.groups.io>
CC: "Dong, Eric" <eric.dong@intel.com>, Laszlo Ersek <lersek@redhat.com>, "Wu,
 Jiaxin" <jiaxin.wu@intel.com>, "Tan, Dun" <dun.tan@intel.com>
Subject: Re: [edk2-devel] [PATCH v6 5/6] UefiCpuPkg: Backup and Restore MSR IA32_U_CET in SMI handler.
Thread-Topic: [PATCH v6 5/6] UefiCpuPkg: Backup and Restore MSR IA32_U_CET in
 SMI handler.
Thread-Index: AQHaHEjF5oIep7Nv80+V/Dt4YFjvtbCEZwHQ
Date: Tue, 21 Nov 2023 07:53:59 +0000
Message-ID: <MN6PR11MB8244D38A96E351C74BFF1C828CBBA@MN6PR11MB8244.namprd11.prod.outlook.com>
References: <20231121070246.505-1-w.sheng@intel.com>
 <20231121070246.505-6-w.sheng@intel.com>
In-Reply-To: <20231121070246.505-6-w.sheng@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN6PR11MB8244:EE_|BN0PR11MB5695:EE_
x-ms-office365-filtering-correlation-id: ea57ff84-fe80-4fba-9ac6-08dbea67058b
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam-message-info: BDCJprCtNCUBg1kYw+A9faGb1iSisBgL3bq/9Rpw3tEqRoDHu++5W2ibHf5M/XnQcSjN2vidN5yrTnQQmOgq0tDcBmRSx55IWZPH0eMqwzfdJOJYUK61aY1HnIjlzQN0oy7IW2UDDZhSMM4vHCykBEFoWqUjJASU/jENq42ESAaaTXrTuJhvTxwAXe69Q85oXFb1XIfSCpR8JPBwCKQVe1Sw5RJYQmfTVr0ZNHyc0WPVqyfrvGpOIxCe7rst/5wYuddDeHz4fx6K7GLUOcp5G4Kx5rg63Ag+UA90JMCSAVqjJKpB8ZszNXZrn2p6lcoO1VwSBQ3tN/udzL3PWsqmvRkTSRGinNuRC0J9UL4KGBQhysUyzInFmzLQMQWfaTPOzGJK1ac80GvxztyiRMB6JjanmnH+bjVxFPgBl62lCLN6KdMjTOb5X16rpEqdWmOeRRow0K1teZV2kMrf7RqYyMWTLULLl3CPl7/ZINW7AUrOZsbPMFpRlw8i+UdaVPhPZZUDM1P0Jz7Yv+ZOcZ/w9CmcroL0GlaTC3N01a66z9rVsfCuPLeFZs2Y1ttis6duz7yVHhq/TrVaDwIrzdAY2UEAdlE4zIwTd3EIF7LHWaoQ1cA2IVoJ8jr5co6xxf3n
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?1Nf7rp9OQAfl4x7g5XD7kZ2do6Vtvy/iEWcGfRpxXl1SxQ4gmf4j0vq+58Ku?=
 =?us-ascii?Q?03Y1BpLZGYA1/SUiklqeMYPk61mIS7KQZhB+WXcDSEwBg0oBIgDl4J9/SKTb?=
 =?us-ascii?Q?aHWxh+CnAelI5visMCyZc0jho2i+dG08MJ/vBDLpYIP6SmTOfYuhIBth7VsG?=
 =?us-ascii?Q?xOxLZhhx24zrYN5Ndzihp3u6P9EvMNko8kzOBvxiipz1bqLdM5zY5Gf1t5ft?=
 =?us-ascii?Q?v446yZIceYAie5CBeCaVSD3zJGIGg4aq4yL1W6sp8wig1HoRCgPPOlJh7jVY?=
 =?us-ascii?Q?n7C5S+NXGZiSeZog5/7bejApOUyOC1xYJ1lB9KXqk5Rcmd9r5OWU7S96ovQD?=
 =?us-ascii?Q?8RKCR5YILlx2chsqZLM4oUfp8fY8KNJRHTDeXQcyAQZWjUIxKnb9KvY7qAHk?=
 =?us-ascii?Q?tP1SZkBM6at9sayzxABcSX4ofAPNYM1c89KT1QGABpbuXqCSeyTMc/jeYZ2V?=
 =?us-ascii?Q?AC8pYHlkV5AKUVJ0hP4ZOhYgqS+b6SFGDPPEXSet8kXczUW7LhB4ii+MaSnX?=
 =?us-ascii?Q?jjvd6NsQJ80dn1coRmhVd1OxBuAlZvjEHC53ZihBTWj3Fi45o3UUXMX3Jvob?=
 =?us-ascii?Q?oQhpostG1vlqd8QsntpJd5QbMsIrGAqXbzSHS6viTgjCo17xOfs0/3yAK62z?=
 =?us-ascii?Q?wWLe1zskv58oph1CjUpmtztDS/bsL4VgXrVFUbmWk6TETJkI/AEmQMInrbF/?=
 =?us-ascii?Q?j6g/cJIjZW7iqPar5hrY53V2mKXmv/BvgR7EyrAZP6dqAPLW6DDWsW+9Bpt2?=
 =?us-ascii?Q?gyFD9zWEkpDVq4av00YmQLlyoWKDFzve+VK037TM+33mxaoWZt2uRrlgS8KN?=
 =?us-ascii?Q?1pMVIxFbUbz+ckGb48w5u+lKOIAZVtFdPqCbZagks3LACvUwwEFlM/M2yojq?=
 =?us-ascii?Q?4UJZvLKjps+FegMYuuotnG/RH0rcJkoKSuMbnlskJQpHBskJuDA8TRG5GHRu?=
 =?us-ascii?Q?/lK5EcB3h0r4YlTHfwgM6+1N9czYDPq1oe3WZQp9BNB53tf7I9+jFQYismtX?=
 =?us-ascii?Q?SJ9ZJVYAEOvfKN5hmKuNZ5lOpahY7TjiztcKfJwC56mmGBsotmV8FshlCPn4?=
 =?us-ascii?Q?tuwtpdd3r6z/+k+tLPvNDOTxY87cRzVE0iwt46z5ZnbInx5TY5UqYvww8WsA?=
 =?us-ascii?Q?Ztr4Qf4tl8UDZ31ZqfFAI9ec5XgooED/VshZlYq3RwFmRwPJxT0NDnRIq8sV?=
 =?us-ascii?Q?5BG/4Olj/LXOm8iDCwZZPCLjzGEwhGAP7QVHGC9ulr4ZOj7yV8mlFzdfXNfx?=
 =?us-ascii?Q?OiAuqd3sNFmfpUPwZa7/M2uvKRFHR9RIkS3bG44+nPEk4pqyub855tabDV56?=
 =?us-ascii?Q?xn725k05pMYQLuvx/7HiTSVVaQ2eQLNLNbrr6H389mVoB1+j8kkrhIpzuH2V?=
 =?us-ascii?Q?7lYxm7fbJfaBA4P690+va1WkTaQHrGh70cYsp9k5orv4UICzsDKwe5f7Mvi1?=
 =?us-ascii?Q?n+fe1L6ogcWvEsW6TBzVDlmE/RjWKNuLnyBQtzF+NUy6AjARx/WT62JioDeV?=
 =?us-ascii?Q?uhSx7/kUgHvYNu4ERiBgVsKCuUn2eqlX1/22qROMIRMEEBaXXwC/GXky2zT2?=
 =?us-ascii?Q?rwJn0rhrC/kRzhD3/bQ=3D?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN6PR11MB8244.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ea57ff84-fe80-4fba-9ac6-08dbea67058b
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Nov 2023 07:53:59.8075
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 8hkNQEwSGfij6zBNGYXvWXABST1H8yc2wZQlUzs6NPeWUn0Ip7NSLRmgP7INK4/ivJ381/9XVqwYDHGuQ6WOwQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN0PR11MB5695
X-OriginatorOrg: intel.com
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,ray.ni@intel.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: rSeMOZD0C6OGPrz8vHO7JHzux7686176AA=
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b="nOq/H7Hj";
	arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}");
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

Reviewed-by: Ray Ni <ray.ni@intel.com>

Thanks,
Ray
> -----Original Message-----
> From: Sheng, W <w.sheng@intel.com>
> Sent: Tuesday, November 21, 2023 3:03 PM
> To: devel@edk2.groups.io
> Cc: Dong, Eric <eric.dong@intel.com>; Ni, Ray <ray.ni@intel.com>; Laszlo
> Ersek <lersek@redhat.com>; Wu, Jiaxin <jiaxin.wu@intel.com>; Tan, Dun
> <dun.tan@intel.com>
> Subject: [PATCH v6 5/6] UefiCpuPkg: Backup and Restore MSR IA32_U_CET in
> SMI handler.
>=20
> OS may enable CET-IBT feature by set MSR IA32_U_CET.bit2.
> If IA32_U_CET.bit2 is set, CPU is in WAIT_FOR_ENDBRANCH state and
>  the next assemble code is not ENDBR, it will trigger #CP exception
>  when set CR4.CET bit.
> SMI handler needs to backup MSR IA32_U_CET and clear MSR IA32_U_CET
>  before set CR4.CET bit,
> And SMI handler needs to restore MSR IA32_U_CET when exit SMI handler.
>=20
> Signed-off-by: Sheng Wei <w.sheng@intel.com>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Wu Jiaxin <jiaxin.wu@intel.com>
> Cc: Tan Dun <dun.tan@intel.com>
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> ---
>  UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 15
> +++++++++++++++
>  UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm  | 15
> +++++++++++++++
>  2 files changed, 30 insertions(+)
>=20
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
> b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
> index 1da9afab97..9e1155dee6 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm
> @@ -202,11 +202,21 @@ ASM_PFX(mPatchCetSupported):
>      push    edx
>=20
>      push    eax
>=20
>=20
>=20
> +    mov     ecx, MSR_IA32_U_CET
>=20
> +    rdmsr
>=20
> +    push    edx
>=20
> +    push    eax
>=20
> +
>=20
>      mov     ecx, MSR_IA32_PL0_SSP
>=20
>      rdmsr
>=20
>      push    edx
>=20
>      push    eax
>=20
>=20
>=20
> +    mov     ecx, MSR_IA32_U_CET
>=20
> +    xor     eax, eax
>=20
> +    xor     edx, edx
>=20
> +    wrmsr
>=20
> +
>=20
>      mov     ecx, MSR_IA32_S_CET
>=20
>      mov     eax, MSR_IA32_CET_SH_STK_EN
>=20
>      xor     edx, edx
>=20
> @@ -276,6 +286,11 @@ CetDone:
>      pop     edx
>=20
>      wrmsr
>=20
>=20
>=20
> +    mov     ecx, MSR_IA32_U_CET
>=20
> +    pop     eax
>=20
> +    pop     edx
>=20
> +    wrmsr
>=20
> +
>=20
>      mov     ecx, MSR_IA32_S_CET
>=20
>      pop     eax
>=20
>      pop     edx
>=20
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
> b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
> index abf9f1a90a..881d3177f7 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
> @@ -217,6 +217,11 @@ ASM_PFX(mPatchCetSupported):
>      push    rdx
>=20
>      push    rax
>=20
>=20
>=20
> +    mov     ecx, MSR_IA32_U_CET
>=20
> +    rdmsr
>=20
> +    push    rdx
>=20
> +    push    rax
>=20
> +
>=20
>      mov     ecx, MSR_IA32_PL0_SSP
>=20
>      rdmsr
>=20
>      push    rdx
>=20
> @@ -227,6 +232,11 @@ ASM_PFX(mPatchCetSupported):
>      push    rdx
>=20
>      push    rax
>=20
>=20
>=20
> +    mov     ecx, MSR_IA32_U_CET
>=20
> +    xor     eax, eax
>=20
> +    xor     edx, edx
>=20
> +    wrmsr
>=20
> +
>=20
>      mov     ecx, MSR_IA32_S_CET
>=20
>      mov     eax, MSR_IA32_CET_SH_STK_EN
>=20
>      xor     edx, edx
>=20
> @@ -325,6 +335,11 @@ mCetSupportedAbsAddr:
>      pop     rdx
>=20
>      wrmsr
>=20
>=20
>=20
> +    mov     ecx, MSR_IA32_U_CET
>=20
> +    pop     rax
>=20
> +    pop     rdx
>=20
> +    wrmsr
>=20
> +
>=20
>      mov     ecx, MSR_IA32_S_CET
>=20
>      pop     rax
>=20
>      pop     rdx
>=20
> --
> 2.26.2.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111529): https://edk2.groups.io/g/devel/message/111529
Mute This Topic: https://groups.io/mt/102724276/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/19134562=
12/xyzzy [rebecca@openfw.io]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-