From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (NAM12-BN8-obe.outbound.protection.outlook.com [40.107.237.54]) by mx.groups.io with SMTP id smtpd.web08.14221.1607611077301385901 for ; Thu, 10 Dec 2020 06:37:57 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=iVFP5XCv; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.237.54, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=moXby4BjYJR9zSBZ7V/ziXE3SJ75zminV2Ut+uPREe+pF2pDigdmEOR3Gpu+ooApuHo1S0JMqwlExCU0JvZWsLG8hCJKEzKV9jzUNzOCTY9phdwXFtvCAyCLtTuip6M9n+4UY2VIA64jV6/JBTKWVLPptJnqtZ1aQxGwJEHl1RSYxPbOHMsaEFD04kIp/xkPvfAOEIWIJkdRF0M2vt7CdyZg0/zmSq/Ve30mFbL6+4MlvON3zcn1XAMfF73VQy6cOsMNF+/aZJTOQFycKk8FQur9YBpI0rdfPm9wyk0vqOjXyU9PnWSp/Tssm4pGqG+fr1CXDkJGsyt49a/rRwrtjQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CQi3JGjjxmMyqy1M+UWz9nnzmzEFONLU50UbU/YmKRc=; b=ZlPKG85oyCEPlrj/kcYGf4+8ulOIHRfwr2fgh6bfe7rJL+8fnFz/sKpLJiYPZpPgp+CBVEXFz2iyZYMatu5C9iCJFiOj5Gxr+Z0uPdV8y9oIN/QsOS8MdS3tNZ/YlbzkecT90c4gQZGXFV8NA3Hpa0pZcjp3rJXViXFZodXoVW/KuilrFr2Pk1kxgpTINyGDamppekuVhW7AAVeiP5PvAxt2MaXfM5niv7kE9UT8ljXuqPynVPlkwU0n4EHdDZl7NKvhA6XSkYmMPf+TwEBLGYb+0kpe9hfyBagyjWS4p4pfkrxl5yCljr8xPhrPOuO7LSfDrmZp9QdE7q9j/aL1pA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CQi3JGjjxmMyqy1M+UWz9nnzmzEFONLU50UbU/YmKRc=; b=iVFP5XCvBehzJ0WFFafMn56O1wMFEcCheOd0hFV3kZCBNBgsAezkge9NHzFqMlcigl6nxvr1YgqG4i+XLJ9XhRgYKzEVn60BcZtEnr0vo9V2ofoOZMGy+B50LiUPjnIb5nHZIJEAnIZnC+lqXBaDB0/82YzoCGYFlrjCCwspgSo= Authentication-Results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=amd.com; Received: from CY4PR12MB1352.namprd12.prod.outlook.com (2603:10b6:903:3a::13) by CY4PR12MB1720.namprd12.prod.outlook.com (2603:10b6:903:121::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.21; Thu, 10 Dec 2020 14:37:55 +0000 Received: from CY4PR12MB1352.namprd12.prod.outlook.com ([fe80::a10a:295e:908d:550d]) by CY4PR12MB1352.namprd12.prod.outlook.com ([fe80::a10a:295e:908d:550d%8]) with mapi id 15.20.3632.021; Thu, 10 Dec 2020 14:37:54 +0000 Subject: Re: [edk2-devel] [PATCH] UefiCpuPkg/CpuDxe: Fix boot error To: Laszlo Ersek , devel@edk2.groups.io, guo.dong@intel.com CC: eric.dong@intel.com, ray.ni@intel.com, rahul1.kumar@intel.com References: <20201202213833.23316-1-guo.dong@intel.com> <83c9e8ef-d921-2cd2-4de1-b5d97b9a3d30@amd.com> <630b4e8e-ad1a-c36d-90d1-8bc8b34a7ad6@redhat.com> From: "Lendacky, Thomas" Message-ID: Date: Thu, 10 Dec 2020 08:37:51 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 In-Reply-To: <630b4e8e-ad1a-c36d-90d1-8bc8b34a7ad6@redhat.com> X-Originating-IP: [67.79.209.213] X-ClientProxiedBy: SN6PR04CA0108.namprd04.prod.outlook.com (2603:10b6:805:f2::49) To CY4PR12MB1352.namprd12.prod.outlook.com (2603:10b6:903:3a::13) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from office-linux.texastahm.com (67.79.209.213) by SN6PR04CA0108.namprd04.prod.outlook.com (2603:10b6:805:f2::49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.12 via Frontend Transport; Thu, 10 Dec 2020 14:37:53 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 488c0b22-3fc6-478c-1b97-08d89d192deb X-MS-TrafficTypeDiagnostic: CY4PR12MB1720: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: efh1V4AeR3Q21FkcUFQ1jQ8JuBPMcar3p/QaaZ41L4guIOiOuxE1n72R3lfjaumLxzAYeBqhcnyUVveSUq3uub6r57UcObTjptL1T/yK39w8C+JWiy44HviDJngBg+4G2mt870fDpB0gjOGaJRXJBORr/TD+thULAJti7ZN3ZivoP9pxe8cItVmyvEemtJxlaToB80BBR/2WEpr48nKKC2IWFnVI50BVy8Ky4LNwVRCX/Sne9yK/qe+cRFZDAlZ8oYXukunpYeQAbJXJJAUC7IiEDCryNZP2XGHLlKyWuGuzUAF8u27XNGYURA8ioMnC0gEKr0uTnKXl43UcDdJyMLbumxF1RGPQrkY26HRdk9AxWJ6gWvxN62SwR/CP1IE4FHgywHq2vh0XYNBvlJvKJ14jrlFIZRt/BWXlM/eJZ2tc7CcEWtOadwcjnbhsUZHr839uTasB5S1Z4s8X4rTeYIZDuWJz9N9q60FI4g7ZkK9aZx0/6Utz7QcxpTsoFkwe4dBGwuc+z66fSTGzg14x9Q== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY4PR12MB1352.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(136003)(346002)(366004)(6506007)(53546011)(45080400002)(66946007)(186003)(16526019)(966005)(31686004)(36756003)(26005)(8936002)(66476007)(2906002)(508600001)(66556008)(34490700003)(19627235002)(52116002)(86362001)(5660300002)(83380400001)(31696002)(956004)(8676002)(6486002)(4326008)(2616005)(6512007)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?KyTv+NhulWi4aXkhZ67JUXOnUoAQh0L7xy0vYZdL/74NBRTvsxoqmfO20GNE?= =?us-ascii?Q?8VGJVe19gaeqESEoK8WJizxriDyUWCXpkX4ikRKHl2I0v2T8mNNJxzlIIzYv?= =?us-ascii?Q?gCSmNFd+By6CzJ0GSuSSV5cQjNqyrjwJLmA8r0pyV9xB7jAQa1u2znucGCMr?= =?us-ascii?Q?HBMjzfFMr4hc+E4P1V6BU/7HMGUaVGbjNaMQUov5QcDjLn8g5oGziF7BdNXt?= =?us-ascii?Q?C2uFLXf6IrX35noYu3RNc8Bo1bDrYMqIk8GxB/UsEJRPDXV0gX0R3sbgsNn1?= =?us-ascii?Q?Wd7CRvj/m9t1ipd55Gc86fuf7LtGTVAyDwPF71qAIhclAhkN3D808rLKgy/l?= =?us-ascii?Q?eaeISaZc8BhRhDnJQ+V6KmbaDVp1bXk6IQeRWKvKZP50X4yYLEBopAp8cgdV?= =?us-ascii?Q?VC/RIna+x1asdF85IDcr9C3smtb4sFN52QQdm1WCgv6Rsif/4WcnHQz1k1Co?= =?us-ascii?Q?isYAWgOYauSozEOVKOoL5rWCJB4OPRfzNoBjp5bAySRJeJQyRSMtb5GD831R?= =?us-ascii?Q?uE0Bc8BOBb5ZV9qcMDxDuTX6AYfZnQky2Sn2KbyLO7gugBI2Ooi8PccijGlK?= =?us-ascii?Q?Fn9JjlaLBN53e3Ooc71gtpDhvo+Q8CC8xe40Om/PvAomGQ5nKtk76vP2+SCM?= =?us-ascii?Q?QuneiIOLno/84rw582AGpKs0TJysNfUAAPj32y/TTyhWAxIP3VQo9wMHn+rB?= =?us-ascii?Q?E7ZlHKgKgIcsMpfOGGJVUeTZx7oEKtHLBrszubkrlHlU3Yd7M3WmQRsVJEks?= =?us-ascii?Q?NitkbmmN5rj5yxEld7q1K0RFMxqD1+KULaNIUMurhAMOP6w6QmnWCF3MwaSb?= =?us-ascii?Q?HSimnkxTneHNfrvzJ4qvhHTFmvI8LbQoqKIIQZXmbffRYaLRgjo/9m+SVJjM?= =?us-ascii?Q?nDo3RKlDloQInL3unTu5osAzQJmRqAdjEJ9TStGQTE5As/7Pl8gisuynO/43?= =?us-ascii?Q?Sqq8cbFDD9DRzKGpUu1walfTPJ8edFcfdrmwnbKcYxXhyNql7cXmYTD6EVw9?= =?us-ascii?Q?oC7T?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-AuthSource: CY4PR12MB1352.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Dec 2020 14:37:54.1711 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-Network-Message-Id: 488c0b22-3fc6-478c-1b97-08d89d192deb X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: FFBwH6588l2Mw7Ez2qkQNIJBkmYkFFtrA7ZB/03O4esi+oMnnaNBaO9k27j7OuXcqJFXdVy7axVVtAHMwZTrgg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR12MB1720 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 12/10/20 2:49 AM, Laszlo Ersek wrote: > On 12/09/20 21:02, Tom Lendacky wrote: >> On 12/2/20 3:38 PM, Guo Dong via groups.io wrote: >>> REF: https://nam11.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%= 2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3084&data=3D04%7C01%7Cth= omas.lendacky%40amd.com%7Ce2b6480c67df4f62e2ba08d89ce89aab%7C3dd8961fe4884e= 608e11a82d994e183d%7C0%7C0%7C637431870560945022%7CUnknown%7CTWFpbGZsb3d8eyJ= WIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&= sdata=3DOuvOcnWku0ct%2FHYebIVYoJ6vsqN%2F56%2BMANNkvc%2BLW38%3D&reserved= =3D0 >>> >>> When DXE drivers are dispatched above 4GB memory and >>> the system is already in 64bit mode, the address >>> setCodeSelectorLongJump in stack will be override >>> by parameter. so change to use 64bit address and >>> jump to qword address. >> >> This patch breaks AMD processors. AMD processors cannot do far jumps to >> 64-bit targets. Please see AMD APM Vol. 3 [1], JMP (Far), where it state= s: >> >> Target is a code segment =E2=80=94 Control is transferred to the target = CS:rIP. In >> this case, the target offset can only be a 16 or 32 bit value, depending >> on operand-size, and is zero-extended to 64 bits; 64-bit offsets are onl= y >> available via call gates. No CPL change is allowed. >> >> [1] https://nam11.safelinks.protection.outlook.com/?url=3Dhttp%3A%2F%2Fs= upport.amd.com%2FTechDocs%2F24594.pdf&data=3D04%7C01%7Cthomas.lendacky%= 40amd.com%7Ce2b6480c67df4f62e2ba08d89ce89aab%7C3dd8961fe4884e608e11a82d994e= 183d%7C0%7C0%7C637431870560945022%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwM= DAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=3D2rw8eZ= JNB5EgNR9JN87eWLgnHCYM0mWVJIphSyrtmug%3D&reserved=3D0 >> >=20 > Should we revert the patch, or predicate the change on something similar > to StandardSignatureIsAuthenticAMD() > [UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.c]? The CPUID check > could be open-coded in the assembly file. (Maybe there's a better > method, I'm not sure.) I'm not sure what the best approach would be. Guo, thoughts? If there aren't any plans to enable shadow stacks, I think you can=20 accomplish the 64-bit support with a far ret instead of a far jmp. If=20 shadow stack is enabled, then that becomes a problem when tracking stack=20 usage through shadow stack. If more time is needed to figure it out, though, it is probably best to=20 revert this in the mean time since I can't launch a VM (be it legacy or=20 SEV) on the latest tree. Thanks, Tom >=20 > Thanks > Laszlo >=20 >> Thanks, >> Tom >> >>>> Signed-off-by: Guo Dong >>> --- >>> UefiCpuPkg/CpuDxe/X64/CpuAsm.nasm | 4 ++-- >>> 1 file changed, 2 insertions(+), 2 deletions(-) >>> >>> diff --git a/UefiCpuPkg/CpuDxe/X64/CpuAsm.nasm b/UefiCpuPkg/CpuDxe/X64/= CpuAsm.nasm >>> index c3489bcc3e..6ad32b49f4 100644 >>> --- a/UefiCpuPkg/CpuDxe/X64/CpuAsm.nasm >>> +++ b/UefiCpuPkg/CpuDxe/X64/CpuAsm.nasm >>> @@ -23,8 +23,8 @@ ASM_PFX(SetCodeSelector): >>> sub rsp, 0x10 >>> lea rax, [setCodeSelectorLongJump] >>> mov [rsp], rax >>> - mov [rsp+4], cx >>> - jmp dword far [rsp] >>> + mov [rsp+8], cx >>> + jmp qword far [rsp] >>> setCodeSelectorLongJump: >>> add rsp, 0x10 >>> ret >>> >> >=20