From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mx.groups.io with SMTP id smtpd.web09.46822.1653984234220499233 for ; Tue, 31 May 2022 01:03:54 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=ZmmjA+XT; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: ray.ni@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1653984234; x=1685520234; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=KW4E6vEtp6TmviKtl+evbhOJy1rAlzde/L3BNYYqGX0=; b=ZmmjA+XTiO2XBZO7W3QIVyzZWMWrjGFEnfbHs6qpnC8+IiHOnC8UCtVs w1eLhmtuUTDkNkf4IndIgBAhv/qV4JBnXVwfQwqsdm7pGg/x9n/1sBWJS EZEN7JkDTK/DwQ8D4eFUxnkKKjMTLYbXTo74lN4yXfqriEMD62V84I/rL sUIiplETtAOw1ju6CRsZl2MotU6LgZg6g9kKjf9q5YWjRk6MqHCmrS1by xioyqcHfggZXw3wvpg2E7/TzXyl6nz1UKESwpw1pMsx/yRC4IB+3thl4q CoYzSuZNOTWdbDeG+DNntxbewG0AgTcw2G1nV5o2SiDFkIUXNAo2P0L++ Q==; X-IronPort-AV: E=McAfee;i="6400,9594,10363"; a="257246067" X-IronPort-AV: E=Sophos;i="5.91,264,1647327600"; d="scan'208";a="257246067" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 May 2022 01:03:53 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.91,264,1647327600"; d="scan'208";a="706467579" Received: from orsmsx605.amr.corp.intel.com ([10.22.229.18]) by orsmga004.jf.intel.com with ESMTP; 31 May 2022 01:03:53 -0700 Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Tue, 31 May 2022 01:03:52 -0700 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Tue, 31 May 2022 01:03:52 -0700 Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27 via Frontend Transport; Tue, 31 May 2022 01:03:52 -0700 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.101) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.27; Tue, 31 May 2022 01:03:52 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Fh3jaFnPRsSus5OfSF/sSRRK/n1EOE9ftYWaaT1qgnPJyj0NCLR3bzKw7JS3Xf0jrBPeKkbGzNWLSks5Od9NnAr629wqogQSNEIm61Nadk/PzjV72eF227Bbnv9JxwfPE3axqJeJVMtkV8BfMDMj5h2u4wsOun6jHiCH14x2NrpgT+NXd8liU8mUHt87uzmfEYlFjAMjygBhjoIRv6oJj65c6kgiTRyoWVSZ6D+RgxBTrKtjD3JkH0HYhF9gom8owQFl2RHX1Cl+2yxuOdBzM5DxyqA0scTvoywKJ7+QZZwoB7bbDHRHpcExQmBz2FOowDZRbcIwQyLwQ++5/4ChWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PQ8yBMQMfEMCnAv7pX6BjoAG874auAIui2aRIQUOJDQ=; b=DtZY7mace2Xyyblr0JMxj0Sqojj4uMxQEvUAGiO3fvIlfJCWbLlQOyl126lis0x4fIw6tD+ar5xvRTa2p+nn4AUu1xe7BvsQ4DNfli4yeM8caLWSqUGPi5YxOth6dDCHCYJl39uHmzM0C5WOCI3ukT2EwYu4w5bSgIrHs9Dm4W41g6uEScdZaA5U4IJZWUeEL3BOPVZ6eLR6Kpm/WIl8wo8QSsQHw/fIpZ3gpV8uq2lSkeKCWkIzpL8zQk/9kYusRYMNgA8+shvWsU6AHe6gu6bFuhab+43KYQfzzLq+m0x7hpHHUJIEBUJcopYoaA5C9Hm80mrV8NEgVwgyd8oqTw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MWHPR11MB1631.namprd11.prod.outlook.com (2603:10b6:301:10::10) by DM6PR11MB3468.namprd11.prod.outlook.com (2603:10b6:5:5c::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5293.17; Tue, 31 May 2022 08:03:49 +0000 Received: from MWHPR11MB1631.namprd11.prod.outlook.com ([fe80::4501:93e1:b65d:684c]) by MWHPR11MB1631.namprd11.prod.outlook.com ([fe80::4501:93e1:b65d:684c%11]) with mapi id 15.20.5293.019; Tue, 31 May 2022 08:03:49 +0000 From: "Ni, Ray" To: Gerd Hoffmann , "devel@edk2.groups.io" , "Liu, Zhiguang" CC: "Dong, Guo" , "You, Benjamin" , "Rhodes, Sean" Subject: Re: [edk2-devel] [PATCH] UefiPayloadPkg: Always split page table entry to 4K if it covers stack. Thread-Topic: [edk2-devel] [PATCH] UefiPayloadPkg: Always split page table entry to 4K if it covers stack. Thread-Index: AQHYdLDf+pu1rJsysECnhNZXCbSH3q04m1eAgAACBSA= Date: Tue, 31 May 2022 08:03:48 +0000 Message-ID: References: <20220531053937.19696-1-zhiguang.liu@intel.com> <20220531074513.fciegyxkrgiwwqem@sirius.home.kraxel.org> In-Reply-To: <20220531074513.fciegyxkrgiwwqem@sirius.home.kraxel.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: d4041ae5-67b5-4419-2a31-08da42dc180f x-ms-traffictypediagnostic: DM6PR11MB3468:EE_ x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: GTOg1m2YNh9yKlnpzVMzXmdaqvWGFbjeGRONegNIz1fMVOYBh7h+VrrdAl2HsNRH0A2RZGiRqkriAIS3bfEObGJG31U6qUIgo2pFGuKqL+2GDfBkX2lTbQXEhNHJRkM/1HSoqN15LbPJuyDepW+tlgQbWL1aIEimvsa/jS8sXD8Z3gU2LwCwLfpBTzGj3G4y/l0YqVDcodqmr2YdQ9+6oBk1Nu7qGBiA8G8c9vBeExeERIIKqNsfOMPBx/5jwmM94a0X4cMfFq1Fmzdyq7EEf6ZjoVQEM6m3BgGypbnl2zvZmGdjaC4gwP/BUGXxr/wYr8IeU0yTcgzFPBn0XhdsUPI+PT/4UZ3WJh3dR2OfuLIspMy5Et6iAYJYkfk0ahB9qFhFxO7dkhDVxKKwcRtFicxXYIMtO7plI5qr6wwB8HPlGUi0P1bvrm0eSj+zUAhmV16XXPnQi6pIaYCHZQCbnaGu7/N+LVwziheGU8qM69MmV4dplYJFK7hEiMrTMt439tNUdmA2xPgmtBbJwQnUgWU5wY8Z/8zOFkxg0Snn3e4D0rZkqZovmqiTfb35MCHCfsTLx+dG24lz0qQMU0uj7RTtEbCirDW06W/B/dPQNHOEC9eU2MsOgINQZ9O1c6Ltw9jvHKmfbORL/rkcZdSKZJHDnUD9ndoDNd/afQeVnPDYZh5EIPTQIdwPT6N9uPZgs1KbVPKbZOAlXIEfr68/iQ== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MWHPR11MB1631.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(52536014)(6636002)(38100700002)(54906003)(2906002)(316002)(26005)(110136005)(9686003)(53546011)(186003)(55016003)(7696005)(76116006)(5660300002)(66946007)(86362001)(6506007)(82960400001)(4326008)(64756008)(66556008)(8676002)(66476007)(66446008)(71200400001)(122000001)(83380400001)(38070700005)(8936002)(508600001)(33656002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?z1SKC+hRYZ9xd8JrI369hAPPq0eKjw69CcHAcMtMNybCywhkaezf+bOuN4Er?= =?us-ascii?Q?rhMu9Y1p6k2BpU47bhpZ6y1JRyArhP2riCTCdKBQA6pAFchM+XbHHyVbyKNa?= =?us-ascii?Q?D7e1h231PK9bXKNyrlMq+rv1S24clNL6hhMl9T3s7hPbp7YPgKTmf03Ko0qp?= =?us-ascii?Q?DHkZX0CNDmfHdEuUIePj8utrxii054+3cRtbrx4zZLKvuCyKlUceHFxZqhjf?= =?us-ascii?Q?dNBKGJ9oWm4riwj3dkl5Fa2GTVYcWsCsRw0dcSbSe4kSBoxpCmsmYY57D9Wf?= =?us-ascii?Q?ZVs/90YVtKKCcdXMrjmhcJi2IwVjbqXkw97auIRRz+HaNPU9hpHAAlzGxoQO?= =?us-ascii?Q?+D/69m3aiSdlUrb4p0Rcmh6z3Q/6YdgmYmDmn/lo9cJuao/a3XSbJo3e1wjb?= =?us-ascii?Q?I2RnksSAnrnEz7hm7mUC/+4IDmJ9Kf+/6pfgwJN31F7Trjxk1W7N5rDLqlnS?= =?us-ascii?Q?9W8CirG88XdLdVaM64wG5VTjxJeGnvd8v6Ze5X0gH+rsKcGxDxj1/4JMB0YI?= =?us-ascii?Q?hkcbQAgz95HwoI23rp4ANbm9aqMj9T+7Efx6HKbOysVxRTRzHFkY1p8o1YDG?= =?us-ascii?Q?UzUfgdcqRt9eGwKom//Tur8QZ/Os+/rNF8O0y0icz3jQHaLBKSA1923r3Ays?= =?us-ascii?Q?SOStfuiEmlym/tfRr/GKItmH+4GsUCxEIGox28ijzk2zzHnUrUX6qTdx0wyO?= =?us-ascii?Q?Zvce70xz/1y2JcwgjBHA8t699y+N2TV5Ld9pv8wIHgv3AWMtY/QvmbZbnZBw?= =?us-ascii?Q?OtB29nTGNa8X/ihUFs3UuhxFfFAfirOjgEExGM5sHCNXNqpQwlBD9bma8JTz?= =?us-ascii?Q?bqHUNrGRjIzOQslvcqoqEB8/YYtVoRa0lmGUwOrFlA6PcWHLu9IAJPpP2xQq?= =?us-ascii?Q?AGsfym82qIlr+JZ5FZyAv7KhtKaOdavXGrwx/8az8kdb9LKU6RGd6puxtrEw?= =?us-ascii?Q?cRca95bFWxFEbypnB88AJc4vVq5v6nsJlr8v/6CdIplgQiP15tOVDBJnJMLf?= =?us-ascii?Q?GVvh49z3l3GHgB58Euzul8E9JhkSp0xQnCjtbWAn9NEHU4YoecmeFBjLlfNb?= =?us-ascii?Q?SQN9Q04tUGF/r0BlE7UbSXuFCA1tW55uHzWU8wMKqFWaAlvbddRoBdm8OXaK?= =?us-ascii?Q?VjondG4/vJnl+JJ3m4AcE7IsmXOvzfhTXLt1F02ktZCFHcU4L0heh1cp+oI3?= =?us-ascii?Q?wjRXHTYkN69GVZYCBBJSmGaLk4eDBjWPslXIcaW17MH4ZSnb9OU6FpmqqXMZ?= =?us-ascii?Q?L5ggsg4ivkDeXXEwD8Lcv6p4+7lKmK8pyORZVh/azHM0yi0LKHTjh8epLcnX?= =?us-ascii?Q?+0BjLsbegCc3Y7HZukiYTz0j0ySS+N28GSKpfHt9Y83ERVQS4Vvs1ZX2qJis?= =?us-ascii?Q?WC0U4gMYvEpBHql56Z82D0Q2pR4sAr3sBNKTXR9LUd8kF6wUcyGHotpPZcIO?= =?us-ascii?Q?H1xhbUpfEmREgfW7xuD+v8Hvanq5JbSXK9fdgMq+Q1fmslCDDAPAUHiK6wZq?= =?us-ascii?Q?gOVQtmA9PZIeoe3we/+ZVBc/Jztq96XHbjymKnTbq9EMrlUsgFlBj3FojLdX?= =?us-ascii?Q?MNw3WqwIQZPDOy5kqti9m9YYSqwPzEar2qc4FoFb2RAFrsNRq1XRned4HRBD?= =?us-ascii?Q?4lXm6HV4/HK9DTgejnwdHn9UoOW5WMJPOYw2oTCcoRzoHI44GH5qBOi2Bpl+?= =?us-ascii?Q?hhv+PclRLCw3OTVBQY/8akGH/POJhKdsw9sNc0YQNRexoE6C?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MWHPR11MB1631.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: d4041ae5-67b5-4419-2a31-08da42dc180f X-MS-Exchange-CrossTenant-originalarrivaltime: 31 May 2022 08:03:48.9919 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: vblZt4/lZtS/1irW+0YZuskTvK2o2ubyNaq1qES3epIITb0495ShCJvPWH2e8iRaDrjvPyKLxWCd76P51f1xrw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3468 Return-Path: ray.ni@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Gerd, We saw page fault in the following situation: * a 2M page entry (with present bit set) points to some memory [p, p+2M) * Firmware code wants to mark [p, p+4k) as read-only * Firstly [p, p+2M) is split to 512 page-entries with each pointing to 4K m= emory (with present bit set still) * Secondly, the R/W bit in first page entry is cleared The code is in UefiCpuPkg/CpuDxe/CpuPageTable.c: // // Split 2M to 4K // ASSERT (SplitAttribute =3D=3D Page4K); if (SplitAttribute =3D=3D Page4K) { NewPageEntry =3D AllocatePagesFunc (1); DEBUG ((DEBUG_VERBOSE, "Split - 0x%x\n", NewPageEntry)); if (NewPageEntry =3D=3D NULL) { return RETURN_OUT_OF_RESOURCES; } BaseAddress =3D *PageEntry & ~AddressEncMask & PAGING_2M_ADDRESS_MASK= _64; for (Index =3D 0; Index < SIZE_4KB / sizeof (UINT64); Index++) { NewPageEntry[Index] =3D (BaseAddress + SIZE_4KB * Index) | AddressE= ncMask | ((*PageEntry) & PAGE_PROGATE_BITS); } (*PageEntry) =3D (UINT64)(UINTN)NewPageEntry | AddressEncMask | ((*Pa= geEntry) & PAGE_ATTRIBUTE_BITS); Page fault exception happens just after the above assignment. We observed that the instruction causing the exception is accessing the sta= ck and stack is within [p, p+2M) range. To be frank, we are still trying to understand whether a CR3 flush or INVLP= G should be performed immediately after the above assignment. Before that's fully understood, we think the page table split for stack doe= s no harm to the functionality and code complexity. That's why we choose th= is fix first. I am not quite sure how Linux handles such case? Thanks, Ray > -----Original Message----- > From: Gerd Hoffmann > Sent: Tuesday, May 31, 2022 3:45 PM > To: devel@edk2.groups.io; Liu, Zhiguang > Cc: Dong, Guo ; Ni, Ray ; Maurice M= a ; You, Benjamin > ; Rhodes, Sean > Subject: Re: [edk2-devel] [PATCH] UefiPayloadPkg: Always split page table= entry to 4K if it covers stack. >=20 > On Tue, May 31, 2022 at 01:39:37PM +0800, Zhiguang Liu wrote: > > There is a concern case that stack and a proteced DXE memory range is i= n > > the same 2M Page Table entry, and somehow CPU doesn't flash the page > > table entry cache for stack, and causes Page fault when using stack. >=20 > Can you clarify the "somehow" please? Are we discussing a workaround > for a cpu bug here? If not this sounds like a tlbflush instruction is > missing somewhere ... >=20 > take care, > Gerd