From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by mx.groups.io with SMTP id smtpd.web10.4239.1685675556961116683 for ; Thu, 01 Jun 2023 20:12:37 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=k9NeQw1m; spf=pass (domain: intel.com, ip: 134.134.136.100, mailfrom: ray.ni@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1685675556; x=1717211556; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=N/z2n/5fTjgiqE0d/M5CqpBU7Igl68chy7EJ7d508K4=; b=k9NeQw1m9ecXUnilcpdzHBl5Fsl0+3zPnvNJCqaM5UgFR6tW4ThD2Vxe nLdRetuydXgv577niGWpSilUiIVWTT6N2Kd4HPdNEFS1x+NoxJLsFC1WX hMaaoJRhvI2jxYLGjX2FoH/XLcGlQfx1aoA04pu6nChWZoFXSqJDJvj8t 6HWx0ZTEAepK/HPMwij2c4YIaa5bHC4gO1bw9LqjYelFd76nCR0Eq9J9y 3scnSLX1If8aSFX9sHLkywBDitwHGm9vk9RCJT9R0MSRm8X6/jEYdMC9p uGCMx0oee/kApYvDzNQnri51anza5r6Bd0K4oS8uwa1HjQwhdOYz7azd/ w==; X-IronPort-AV: E=McAfee;i="6600,9927,10728"; a="421570926" X-IronPort-AV: E=Sophos;i="6.00,211,1681196400"; d="scan'208";a="421570926" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jun 2023 20:12:36 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10728"; a="831803347" X-IronPort-AV: E=Sophos;i="6.00,211,1681196400"; d="scan'208";a="831803347" Received: from orsmsx603.amr.corp.intel.com ([10.22.229.16]) by orsmga004.jf.intel.com with ESMTP; 01 Jun 2023 20:12:36 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Thu, 1 Jun 2023 20:12:36 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Thu, 1 Jun 2023 20:12:35 -0700 Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23 via Frontend Transport; Thu, 1 Jun 2023 20:12:35 -0700 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (104.47.56.175) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.23; Thu, 1 Jun 2023 20:12:35 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EUc2x+pEVAzN9INaWHXNnTlCQcZT6ngsTfniI+iCm8U/9tQBGMvlJuaEYVVS0+vQY7gU/frgWK6d4Z4YgTOkBYiStL4g2L7qhWEOOAfz1nyHiVQYvIsK9ckmJm0mUIuQAcEGdhGwlfm0dbHeCXVU35ORkot1KJkvkK0lSMSaycWieHfi981ACedfldfMBlxXP6KZNn3QFUwPIGZk+tGV4hjiyyFXoZ5v+WOi+OI97m4rBQfwCdhWMqZ5O5Z952KCe+02dbBujPIlvxjq3kIRDCyefCHd7rrMUkh5zN5X3F15iv1bojzMy9VJjuAsRfeBcYlyu8BSUjsDdjw6tDPt9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=l++X7PgtY40MT52HbK7WerNySm2+onX4DLWvsHvdVDA=; b=BLle95imy+14habEiFmBB0xZgSnl1ghGjl69OaQoZB19oCtdr/2rmgpzn8hG5qQwqpumoZITHffql465FIXz24jXcEZdksYoAmxD9RZfJ4+9USVVEwtVBtu4pcsy353Z2QMJOExs0IsHEZ/ScwaN9ap5SrN9Iw7xaqgkrgpn0xD1xnyKb0X0sQq0JQHVdfrBsZNRFu+bt+2jkLqVBxLb0HdCGXsfD38xtlYlCbx9jkRQi8I2jf8sdnO4xxH85c+SRMC30HOTac5k56sEqw6iWRMSXjbqrrEVVW3gPxFYg/2IxNbmYMQsbbTk1+8gxK+K6GqGU4svigdKkAW5TqQq8A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MN6PR11MB8244.namprd11.prod.outlook.com (2603:10b6:208:470::14) by PH7PR11MB8123.namprd11.prod.outlook.com (2603:10b6:510:236::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.22; Fri, 2 Jun 2023 03:12:33 +0000 Received: from MN6PR11MB8244.namprd11.prod.outlook.com ([fe80::892b:b8e6:bab7:635d]) by MN6PR11MB8244.namprd11.prod.outlook.com ([fe80::892b:b8e6:bab7:635d%3]) with mapi id 15.20.6455.020; Fri, 2 Jun 2023 03:12:33 +0000 From: "Ni, Ray" To: "devel@edk2.groups.io" , "Tan, Dun" CC: "Dong, Eric" , "Kumar, Rahul R" , Gerd Hoffmann Subject: Re: [edk2-devel] [Patch V4 08/15] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR0.WP before modify page table Thread-Topic: [edk2-devel] [Patch V4 08/15] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR0.WP before modify page table Thread-Index: AQHZh91c5ybWFPKOJECqhbco458RxK928GPg Date: Fri, 2 Jun 2023 03:12:33 +0000 Message-ID: References: <20230516095932.1525-1-dun.tan@intel.com> <20230516095932.1525-9-dun.tan@intel.com> In-Reply-To: <20230516095932.1525-9-dun.tan@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MN6PR11MB8244:EE_|PH7PR11MB8123:EE_ x-ms-office365-filtering-correlation-id: 5ad138e4-5d09-478d-e118-08db6317358c x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: qyu8DJpJokwHZUtRVjickWli/8sX77jObv1Pqbpj/0VCMniB2XIZ523Gc6ztHL7DluGohwyXJ9IzFfvfyr2Jop2DRIVMpCoWg6CeocvoVUGf7uqZ8Tu8R4vhDiOMnzebdYWOnY0eR23hHAgOhhVndVe+0/LYVfSIsyVPa9uDSzHMZ+un5xzMCF9+E62AyLMc6EZ0zcf0vutl8D+hJpc3hfQ64STCHnSy4d8EgtkRMuMvqHKBusSp+h3XNiReN0QtuERQ10AIdNN57kuSZue3aOICInsWPJ7jbZxXf20ueU/K9nuQ7xN5EH188xORKnqqbixzkzP60pLeyE0DunxUyKTqHoXv88AppB9DDse/fd1iHC4rgfeA1lng3ddn+6VGUpXB3l7kibx9+LadXvuzVsBUOG5g689pd/Srni/pm5PK4LCjww1CSnBA595Bjb7BB6QrdQa3C6YChDIKgwIth2ZtdPVVUxQW3bVqMWp7YRlsSQT1gW+AyTnIONc8Bqc1lZyQdggDJFKW6I/VbB3i2zKzAw0O2yUa8FmCACjZW1BeuOgFgiTfbZRAm2TBjvU8Os8q8VYugs1/BYWvF8CcS6kgAbX2hbOUi/NMQSYA7VR/NAXSYAh1MH8XH7IBzDALZpgidO4UzpQc1sfDwKbz7Q== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MN6PR11MB8244.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(6029001)(376002)(39860400002)(366004)(346002)(396003)(136003)(451199021)(110136005)(54906003)(38070700005)(19627235002)(76116006)(66446008)(4326008)(6506007)(26005)(966005)(83380400001)(122000001)(316002)(86362001)(82960400001)(66946007)(478600001)(66476007)(66556008)(64756008)(2906002)(6636002)(52536014)(33656002)(5660300002)(41300700001)(71200400001)(66899021)(186003)(7696005)(55016003)(8676002)(38100700002)(8936002)(9686003)(53546011);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?nX6SSV0464qsvSOy58H7r4RODGUYf6KX8AqFdW8jk67pod8YQMl1nxRA8DTv?= =?us-ascii?Q?VWx6nc60Szlw9+TXz9dFDScR+jAMgNRCHgZ+ONOp8dda0Ltp/hoA/izrwFYf?= =?us-ascii?Q?2ea82WGfxycNjkM/yLuj5mp9EsIO0Qjnwiy7EtskBazlsqOhCYAHPg/TUgPc?= =?us-ascii?Q?PqCAsveBZA6CeQ3Ek/c3uSI54I03yLGbhHJfpgA0ybjG/rSTu3UUGPyWUZFE?= =?us-ascii?Q?Xaji/6bLQopGGR/kckXhMyeNt1Br5wtB+4r6DJz+zjU3F1bkoYcTejJNzrv5?= =?us-ascii?Q?hbCc8OctJJrSrZzikP6Lid84QvIPVYKH3D8MB3K9Vs6RAHC5grL8ckcgK6j3?= =?us-ascii?Q?GLDEu5Zq2XjXwPE4w8ukPvTknfjtc7Wnf+b6eFyN+My4Rirfh6jOJmQNB3wc?= =?us-ascii?Q?D+7SR4WFU9WmdjR5j99YpM5IG4GFZdLGyrpQcOz4GmtD96R7HPlUgS5m0cK0?= =?us-ascii?Q?Jrknr0OqOeYuDkSR49ES6MbsF0T4mwIrH9Jjbkz6mve5CX93QWVHSvGlQvwM?= =?us-ascii?Q?2Mek5y4WWMeNSeVRx/VsF0aOIQ22OGaUbssomzL4E8wwDDHZzxpz9TQnlNm0?= =?us-ascii?Q?W4mn40fwsVe5YIZ1vfGJF91v66wQIGXrJpHdvpwNVwAzi4OTiSpq7FmD+VLm?= =?us-ascii?Q?hl+qFnDCTBJfzz6Fg6wqVVwOZKvh5dHIkYiQM6ZSpXJMdlvGBo6WHe6aX5kx?= =?us-ascii?Q?Amzm8qXRQG23zKAVzfzRU7+9fp5A07mrllEXuAmCqncpXA9pwwQPqGoCLKlG?= =?us-ascii?Q?Et5nxT0StBS0MWtCHjh6Thc1zGtUOU01NRCU2mNJ/aIVhAY9+u1wbrTP+WY0?= =?us-ascii?Q?uvp6BXWlOTorUiNMAHbnpnjsMHy6OaTWKAw3+QTiayjcq4WCz3n7q0oaK6ey?= =?us-ascii?Q?FZDjVnviai+Rb7VSALBHhJeewoWgDWw8DbQUQUIua+gLWgutLOwxKgKGj4bi?= =?us-ascii?Q?pqPN5DFcNO8C6GgN3nuD6TJN5hRn7RJzDmYfPM9hA1qSn7hHZ9Obr0/Vnrw8?= =?us-ascii?Q?y9yHuPAWkQOuj5n4ntqwsr3TR4TKLJsHUGeJxp/oD3AUtrGsuPQL//c/0FOJ?= =?us-ascii?Q?JgfhbG5XMXc74AX0PGN4Gfx95sk3GRtXtnLWCk5eGgFFrJmUuMLBuiZ25xMf?= =?us-ascii?Q?Aq3R2OEi/FvtnGPHNV9/gn+YFPmvzNSu32vLO+PrWGV3aEV8aQc9A4b6tHTm?= =?us-ascii?Q?94FYnXvHVB+njJ/UGQ60NRls9S+NX4l1UlUaYa999A30a0kj8EJCRixAYfpq?= =?us-ascii?Q?dPYj4Be0BR4eJoR0jXmuNx+cNLSmka03Xoaj9ciYD4rlHfNif8sQHWQx0oGW?= =?us-ascii?Q?nC7rOm8mGEcyCE0s2gmuLG7liU3N7ch6mVZTokoZxi10tDtj98e5V/Lz3s0f?= =?us-ascii?Q?u2BaxnP8saMgm/R4TQ0Ef70K9hA8NqqaRI2lcvzHCqmKE0GhpfNi2AcRHqnE?= =?us-ascii?Q?Zbux+CDJFHPHG08Vw0IG+uQ0tndRFfIZV3LNfrOPqK+bYvWo2/vxh7uIPZv9?= =?us-ascii?Q?4C2GmDPsHNQ9SBOfH8alBR6KnSarejDkb6fxpKOVVj6HZc3r2AboB/yG2Szy?= =?us-ascii?Q?Lgn56YQAgd2Baq4GCus=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MN6PR11MB8244.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5ad138e4-5d09-478d-e118-08db6317358c X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jun 2023 03:12:33.6851 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Wz+8Pj1chBmn8/BdC5735G0zYVZzb6mxVe4AG2fPeUiQsWI3ieM0unxwSjsx3K8kPbMM0oTnvHoiIB0baTJMAA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR11MB8123 Return-Path: ray.ni@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Ray Ni > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of duntan > Sent: Tuesday, May 16, 2023 5:59 PM > To: devel@edk2.groups.io > Cc: Dong, Eric ; Ni, Ray ; Kumar, = Rahul > R ; Gerd Hoffmann > Subject: [edk2-devel] [Patch V4 08/15] UefiCpuPkg/PiSmmCpuDxeSmm: Clear > CR0.WP before modify page table >=20 > Clear CR0.WP before modify smm page table. Currently, there is > an assumption that smm pagetable is always RW before ReadyToLock. > However, when AMD SEV is enabled, FvbServicesSmm driver calls > MemEncryptSevClearMmioPageEncMask to clear AddressEncMask bit > in smm page table for this range: > [PcdOvmfFdBaseAddress,PcdOvmfFdBaseAddress+PcdOvmfFirmwareFdSize] > If page slpit happens in this process, new memory for smm page > table is allocated. Then the newly allocated page table memory > is marked as RO in smm page table in this FvbServicesSmm driver, > which may lead to PF if smm code doesn't clear CR0.WP before > modify smm page table when ReadyToLock. >=20 > Signed-off-by: Dun Tan > Cc: Eric Dong > Cc: Ray Ni > Cc: Rahul Kumar > Cc: Gerd Hoffmann > --- > UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 11 > +++++++++++ > UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 5 +++++ > 2 files changed, 16 insertions(+) >=20 > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c > b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c > index 4b512edf68..ef0ba9a355 100644 > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c > @@ -1036,6 +1036,8 @@ SetMemMapAttributes ( > IA32_MAP_ENTRY *Map; > UINTN Count; > UINT64 MemoryAttribute; > + BOOLEAN WpEnabled; > + BOOLEAN CetEnabled; >=20 > SmmGetSystemConfigurationTable (&gEdkiiPiSmmMemoryAttributesTableGuid, > (VOID **)&MemoryAttributesTable); > if (MemoryAttributesTable =3D=3D NULL) { > @@ -1078,6 +1080,8 @@ SetMemMapAttributes ( >=20 > ASSERT_RETURN_ERROR (Status); >=20 > + DisableReadOnlyPageWriteProtect (&WpEnabled, &CetEnabled); > + > MemoryMap =3D MemoryMapStart; > for (Index =3D 0; Index < MemoryMapEntryCount; Index++) { > DEBUG ((DEBUG_VERBOSE, "SetAttribute: Memory Entry - 0x%lx, 0x%x\n", > MemoryMap->PhysicalStart, MemoryMap->NumberOfPages)); > @@ -1105,6 +1109,7 @@ SetMemMapAttributes ( > MemoryMap =3D NEXT_MEMORY_DESCRIPTOR (MemoryMap, DescriptorSize); > } >=20 > + EnableReadOnlyPageWriteProtect (WpEnabled, CetEnabled); > FreePool (Map); >=20 > PatchSmmSaveStateMap (); > @@ -1411,9 +1416,13 @@ SetUefiMemMapAttributes ( > UINTN MemoryMapEntryCount; > UINTN Index; > EFI_MEMORY_DESCRIPTOR *Entry; > + BOOLEAN WpEnabled; > + BOOLEAN CetEnabled; >=20 > DEBUG ((DEBUG_INFO, "SetUefiMemMapAttributes\n")); >=20 > + DisableReadOnlyPageWriteProtect (&WpEnabled, &CetEnabled); > + > if (mUefiMemoryMap !=3D NULL) { > MemoryMapEntryCount =3D mUefiMemoryMapSize/mUefiDescriptorSize; > MemoryMap =3D mUefiMemoryMap; > @@ -1492,6 +1501,8 @@ SetUefiMemMapAttributes ( > } > } >=20 > + EnableReadOnlyPageWriteProtect (WpEnabled, CetEnabled); > + > // > // Do not free mUefiMemoryAttributesTable, it will be checked in > IsSmmCommBufferForbiddenAddress(). > // > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c > b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c > index 1b0b6673e1..5625ba0cac 100644 > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c > @@ -574,6 +574,8 @@ InitPaging ( > BOOLEAN Nx; > IA32_CR4 Cr4; > BOOLEAN Enable5LevelPaging; > + BOOLEAN WpEnabled; > + BOOLEAN CetEnabled; >=20 > Cr4.UintN =3D AsmReadCr4 (); > Enable5LevelPaging =3D (BOOLEAN)(Cr4.Bits.LA57 =3D=3D 1); > @@ -620,6 +622,7 @@ InitPaging ( > NumberOfPdptEntries =3D 4; > } >=20 > + DisableReadOnlyPageWriteProtect (&WpEnabled, &CetEnabled); > // > // Go through page table and change 2MB-page into 4KB-page. > // > @@ -800,6 +803,8 @@ InitPaging ( > } // end for PML4 > } // end for PML5 >=20 > + EnableReadOnlyPageWriteProtect (WpEnabled, CetEnabled); > + > // > // Flush TLB > // > -- > 2.31.1.windows.1 >=20 >=20 >=20 >=20 >=20