From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <lersek@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 7F21481EBB
 for <edk2-devel@ml01.01.org>; Wed, 23 Nov 2016 08:37:43 -0800 (PST)
Received: from int-mx11.intmail.prod.int.phx2.redhat.com
 (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.redhat.com (Postfix) with ESMTPS id EAAB2C04D2F2;
 Wed, 23 Nov 2016 16:37:42 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-97.phx2.redhat.com
 [10.3.116.97])
 by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id
 uANGbfsb031689; Wed, 23 Nov 2016 11:37:41 -0500
To: Jiewen Yao <jiewen.yao@intel.com>, edk2-devel@ml01.01.org
References: <1479911218-34804-1-git-send-email-jiewen.yao@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>,
 Michael D Kinney <michael.d.kinney@intel.com>
From: Laszlo Ersek <lersek@redhat.com>
Message-ID: <b903bdae-b094-f3fc-b787-63a5a4343638@redhat.com>
Date: Wed, 23 Nov 2016 17:37:40 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.5.0
MIME-Version: 1.0
In-Reply-To: <1479911218-34804-1-git-send-email-jiewen.yao@intel.com>
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
 (mx1.redhat.com [10.5.110.31]); Wed, 23 Nov 2016 16:37:43 +0000 (UTC)
Subject: Re: [PATCH V3] UefiCpuPkg/PiSmmCpu: Correct exception message.
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Nov 2016 16:37:43 -0000
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit

On 11/23/16 15:26, Jiewen Yao wrote:
> This patch fixes the first part of
> https://bugzilla.tianocore.org/show_bug.cgi?id=242
> 
> Previously, when SMM exception happens, "stack overflow" is misreported.
> This patch checked the PF address to see it is stack overflow, or
> it is caused by SMM page protection.
> 
> It dumps exception data, PF address and the module trigger the issue.
> 
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Jeff Fan <jeff.fan@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
> ---
>  UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 38 ++++++++++++++++++--
>  UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.h   |  9 +++++
>  UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c  | 37 ++++++++++++++++---
>  3 files changed, 77 insertions(+), 7 deletions(-)
> 
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c
> index 5033bc5..39e6c9a 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c
> @@ -91,6 +91,8 @@ SmiPFHandler (
>    )
>  {
>    UINTN             PFAddress;
> +  UINTN             GuardPageAddress;
> +  UINTN             CpuIndex;
>  
>    ASSERT (InterruptType == EXCEPT_IA32_PAGE_FAULT);
>  
> @@ -98,10 +100,40 @@ SmiPFHandler (
>  
>    PFAddress = AsmReadCr2 ();
>  
> -  if ((FeaturePcdGet (PcdCpuSmmStackGuard)) &&
> -      (PFAddress >= mCpuHotPlugData.SmrrBase) &&
> +  //
> +  // If a page fault occurs in SMRAM range, it might be in a SMM stack guard page,
> +  // or SMM page protection violation.
> +  //
> +  if ((PFAddress >= mCpuHotPlugData.SmrrBase) &&
>        (PFAddress < (mCpuHotPlugData.SmrrBase + mCpuHotPlugData.SmrrSize))) {
> -    DEBUG ((DEBUG_ERROR, "SMM stack overflow!\n"));
> +    CpuIndex = GetCpuIndex ();
> +    GuardPageAddress = (mSmmStackArrayBase + EFI_PAGE_SIZE + CpuIndex * mSmmStackSize);
> +    if ((FeaturePcdGet (PcdCpuSmmStackGuard)) &&
> +        (PFAddress >= GuardPageAddress) &&
> +        (PFAddress < (GuardPageAddress + EFI_PAGE_SIZE))) {
> +      DEBUG ((DEBUG_ERROR, "SMM stack overflow!\n"));
> +    } else {
> +      DEBUG ((DEBUG_ERROR, "SMM exception data - 0x%x(", SystemContext.SystemContextIa32->ExceptionData));
> +      DEBUG ((DEBUG_ERROR, "I:%x, R:%x, U:%x, W:%X, P:%x",
> +        (SystemContext.SystemContextIa32->ExceptionData & IA32_PF_EC_ID) != 0,
> +        (SystemContext.SystemContextIa32->ExceptionData & IA32_PF_EC_RSVD) != 0,
> +        (SystemContext.SystemContextIa32->ExceptionData & IA32_PF_EC_US) != 0,
> +        (SystemContext.SystemContextIa32->ExceptionData & IA32_PF_EC_WR) != 0,
> +        (SystemContext.SystemContextIa32->ExceptionData & IA32_PF_EC_P) != 0
> +        ));
> +      DEBUG ((DEBUG_ERROR, ")\n", SystemContext.SystemContextIa32->ExceptionData));

The last argument in this DEBUG call can be removed. It causes no bugs
(it is simply ignored), but it would be nice to remove it.

No need to repost just for this.

> +      if ((SystemContext.SystemContextIa32->ExceptionData & IA32_PF_EC_ID) != 0) {
> +        DEBUG ((DEBUG_ERROR, "SMM exception at execution (0x%x)\n", PFAddress));
> +        DEBUG_CODE (
> +          DumpModuleInfoByIp (*(UINTN *)(UINTN)SystemContext.SystemContextIa32->Esp);
> +        );
> +      } else {
> +        DEBUG ((DEBUG_ERROR, "SMM exception at access (0x%x)\n", PFAddress));
> +        DEBUG_CODE (
> +          DumpModuleInfoByIp ((UINTN)SystemContext.SystemContextIa32->Eip);
> +        );
> +      }
> +    }
>      CpuDeadLoop ();
>    }
>  
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.h b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.h
> index b6fb5cf..04a3dfb 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.h
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.h
> @@ -105,6 +105,15 @@ InitPaging (
>    VOID
>    );
>  
> +/**
> +  Get CPU Index from APIC ID.
> +
> +**/
> +UINTN
> +GetCpuIndex (
> +  VOID
> +  );
> +
>  //
>  // The flag indicates if execute-disable is supported by processor.
>  //
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c
> index 531e188..94f2e03 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c
> @@ -804,6 +804,8 @@ SmiPFHandler (
>    )
>  {
>    UINTN             PFAddress;
> +  UINTN             GuardPageAddress;
> +  UINTN             CpuIndex;
>  
>    ASSERT (InterruptType == EXCEPT_IA32_PAGE_FAULT);
>  
> @@ -817,12 +819,39 @@ SmiPFHandler (
>    }
>  
>    //
> -  // If a page fault occurs in SMRAM range, it should be in a SMM stack guard page.
> +  // If a page fault occurs in SMRAM range, it might be in a SMM stack guard page,
> +  // or SMM page protection violation.
>    //
> -  if ((FeaturePcdGet (PcdCpuSmmStackGuard)) &&
> -      (PFAddress >= mCpuHotPlugData.SmrrBase) &&
> +  if ((PFAddress >= mCpuHotPlugData.SmrrBase) &&
>        (PFAddress < (mCpuHotPlugData.SmrrBase + mCpuHotPlugData.SmrrSize))) {
> -    DEBUG ((DEBUG_ERROR, "SMM stack overflow!\n"));
> +    CpuIndex = GetCpuIndex ();
> +    GuardPageAddress = (mSmmStackArrayBase + EFI_PAGE_SIZE + CpuIndex * mSmmStackSize);
> +    if ((FeaturePcdGet (PcdCpuSmmStackGuard)) &&
> +        (PFAddress >= GuardPageAddress) &&
> +        (PFAddress < (GuardPageAddress + EFI_PAGE_SIZE))) {
> +      DEBUG ((DEBUG_ERROR, "SMM stack overflow!\n"));
> +    } else {
> +      DEBUG ((DEBUG_ERROR, "SMM exception data - 0x%lx(", SystemContext.SystemContextX64->ExceptionData));
> +      DEBUG ((DEBUG_ERROR, "I:%x, R:%x, U:%x, W:%X, P:%x",
> +        (SystemContext.SystemContextX64->ExceptionData & IA32_PF_EC_ID) != 0,
> +        (SystemContext.SystemContextX64->ExceptionData & IA32_PF_EC_RSVD) != 0,
> +        (SystemContext.SystemContextX64->ExceptionData & IA32_PF_EC_US) != 0,
> +        (SystemContext.SystemContextX64->ExceptionData & IA32_PF_EC_WR) != 0,
> +        (SystemContext.SystemContextX64->ExceptionData & IA32_PF_EC_P) != 0
> +        ));
> +      DEBUG ((DEBUG_ERROR, ")\n", SystemContext.SystemContextX64->ExceptionData));

Same comment as above: the last argument is superfluous.

> +      if ((SystemContext.SystemContextX64->ExceptionData & IA32_PF_EC_ID) != 0) {
> +        DEBUG ((DEBUG_ERROR, "SMM exception at execution (0x%lx)\n", PFAddress));
> +        DEBUG_CODE (
> +          DumpModuleInfoByIp (*(UINTN *)(UINTN)SystemContext.SystemContextX64->Rsp);
> +        );
> +      } else {
> +        DEBUG ((DEBUG_ERROR, "SMM exception at access (0x%lx)\n", PFAddress));
> +        DEBUG_CODE (
> +          DumpModuleInfoByIp ((UINTN)SystemContext.SystemContextX64->Rip);
> +        );
> +      }
> +    }
>      CpuDeadLoop ();
>    }
>  
> 

Another thing I noticed: in the following format string, which is used
in two places:

  "I:%x, R:%x, U:%x, W:%X, P:%x"
                        ^
                        |

the %X that stands after W is upper-case, while the rest is lower-case.
It is entirely correct of course, but you might want to lower-case it
for consistency, before pushing the patch.

Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>

Very nice patch, thank you for it!

Laszlo