* [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR4.CET before restoring MSR IA32_S_CET @ 2023-11-03 5:35 Sheng Wei 2023-11-03 8:38 ` duntan 2023-11-03 13:19 ` Laszlo Ersek 0 siblings, 2 replies; 4+ messages in thread From: Sheng Wei @ 2023-11-03 5:35 UTC (permalink / raw) To: devel; +Cc: Eric Dong, Ray Ni, Laszlo Ersek, Wu Jiaxin, Tan Dun Clear CR4.CET bit before restoring MSR IA32_S_CET. Backup/restore MSR IA32_U_CET in SMI. Use current CR4 value when changing CR4.CET. Initial mSmmInterruptSspTables to 0. Signed-off-by: Sheng Wei <w.sheng@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Wu Jiaxin <jiaxin.wu@intel.com> Cc: Tan Dun <dun.tan@intel.com> --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 62 +++++++++++++---- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 72 ++++++++++++++++---- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c | 2 +- 3 files changed, 107 insertions(+), 29 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm index 19de5f614e..a087576a54 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm @@ -16,18 +16,19 @@ %include "StuffRsbNasm.inc" %include "Nasm.inc" +%define MSR_IA32_U_CET 0x6A0 %define MSR_IA32_S_CET 0x6A2 -%define MSR_IA32_CET_SH_STK_EN 0x1 -%define MSR_IA32_CET_WR_SHSTK_EN 0x2 -%define MSR_IA32_CET_ENDBR_EN 0x4 -%define MSR_IA32_CET_LEG_IW_EN 0x8 -%define MSR_IA32_CET_NO_TRACK_EN 0x10 -%define MSR_IA32_CET_SUPPRESS_DIS 0x20 -%define MSR_IA32_CET_SUPPRESS 0x400 -%define MSR_IA32_CET_TRACKER 0x800 +%define MSR_IA32_CET_SH_STK_EN 0x1 +%define MSR_IA32_CET_WR_SHSTK_EN 0x2 +%define MSR_IA32_CET_ENDBR_EN 0x4 +%define MSR_IA32_CET_LEG_IW_EN 0x8 +%define MSR_IA32_CET_NO_TRACK_EN 0x10 +%define MSR_IA32_CET_SUPPRESS_DIS 0x20 +%define MSR_IA32_CET_SUPPRESS 0x400 +%define MSR_IA32_CET_TRACKER 0x800 %define MSR_IA32_PL0_SSP 0x6A4 -%define CR4_CET 0x800000 +%define CR4_CET_BIT 23 %define MSR_IA32_MISC_ENABLE 0x1A0 %define MSR_EFER 0xc0000080 @@ -214,11 +215,21 @@ ASM_PFX(mPatchCetSupported): push edx push eax + mov ecx, MSR_IA32_U_CET + rdmsr + push edx + push eax + mov ecx, MSR_IA32_PL0_SSP rdmsr push edx push eax + mov ecx, MSR_IA32_U_CET + xor eax, eax + xor edx, edx + wrmsr + mov ecx, MSR_IA32_S_CET mov eax, MSR_IA32_CET_SH_STK_EN xor edx, edx @@ -249,7 +260,8 @@ CetInterruptDone: bts ecx, 16 ; set WP mov cr0, ecx - mov eax, 0x668 | CR4_CET + mov eax, cr4 + bts eax, CR4_CET_BIT mov cr4, eax setssbsy @@ -276,18 +288,30 @@ CetDone: cmp al, 0 jz CetDone2 - mov eax, 0x668 - mov cr4, eax ; disable CET + mov ecx, MSR_IA32_S_CET + xor eax, eax + xor edx, edx + wrmsr + + ; clear CR4.CET bit + mov eax, cr4 + btr eax, CR4_CET_BIT + mov cr4, eax mov ecx, MSR_IA32_PL0_SSP pop eax pop edx wrmsr - mov ecx, MSR_IA32_S_CET + mov ecx, MSR_IA32_U_CET pop eax pop edx wrmsr + + mov ecx, MSR_IA32_S_CET + pop eax + pop edx + mov ebx, eax CetDone2: mov eax, ASM_PFX(mXdSupported) @@ -305,6 +329,18 @@ CetDone2: .7: StuffRsb32 + + mov eax, ASM_PFX(mCetSupported) + mov al, [eax] + cmp al, 0 + jz CetDone3 + + mov ecx, MSR_IA32_S_CET + mov eax, ebx + xor edx, edx + wrmsr +CetDone3: + rsm ASM_PFX(gcSmiHandlerSize): DW $ - _SmiEntryPoint diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm index d302ca8d01..7aed7c8dda 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm @@ -20,19 +20,20 @@ ; Variables referenced by C code ; +%define MSR_IA32_U_CET 0x6A0 %define MSR_IA32_S_CET 0x6A2 -%define MSR_IA32_CET_SH_STK_EN 0x1 -%define MSR_IA32_CET_WR_SHSTK_EN 0x2 -%define MSR_IA32_CET_ENDBR_EN 0x4 -%define MSR_IA32_CET_LEG_IW_EN 0x8 -%define MSR_IA32_CET_NO_TRACK_EN 0x10 -%define MSR_IA32_CET_SUPPRESS_DIS 0x20 -%define MSR_IA32_CET_SUPPRESS 0x400 -%define MSR_IA32_CET_TRACKER 0x800 +%define MSR_IA32_CET_SH_STK_EN 0x1 +%define MSR_IA32_CET_WR_SHSTK_EN 0x2 +%define MSR_IA32_CET_ENDBR_EN 0x4 +%define MSR_IA32_CET_LEG_IW_EN 0x8 +%define MSR_IA32_CET_NO_TRACK_EN 0x10 +%define MSR_IA32_CET_SUPPRESS_DIS 0x20 +%define MSR_IA32_CET_SUPPRESS 0x400 +%define MSR_IA32_CET_TRACKER 0x800 %define MSR_IA32_PL0_SSP 0x6A4 %define MSR_IA32_INTERRUPT_SSP_TABLE_ADDR 0x6A8 -%define CR4_CET 0x800000 +%define CR4_CET_BIT 23 %define MSR_IA32_MISC_ENABLE 0x1A0 %define MSR_EFER 0xc0000080 @@ -230,6 +231,11 @@ ASM_PFX(mPatchCetSupported): push rdx push rax + mov ecx, MSR_IA32_U_CET + rdmsr + push rdx + push rax + mov ecx, MSR_IA32_PL0_SSP rdmsr push rdx @@ -240,6 +246,11 @@ ASM_PFX(mPatchCetSupported): push rdx push rax + mov ecx, MSR_IA32_U_CET + xor eax, eax + xor edx, edx + wrmsr + mov ecx, MSR_IA32_S_CET mov eax, MSR_IA32_CET_SH_STK_EN xor edx, edx @@ -276,7 +287,8 @@ CetInterruptDone: bts ecx, 16 ; set WP mov cr0, rcx - mov eax, 0x668 | CR4_CET + mov rax, cr4 + bts rax, CR4_CET_BIT mov cr4, rax setssbsy @@ -316,13 +328,20 @@ CpuSmmDebugExitAbsAddr: add rsp, 0x200 mov rax, strict qword 0 ; mov rax, ASM_PFX(mCetSupported) -mCetSupportedAbsAddr: +mCetSupportedAbsAddr1: mov al, [rax] cmp al, 0 jz CetDone2 - mov eax, 0x668 - mov cr4, rax ; disable CET + mov ecx, MSR_IA32_S_CET + xor eax, eax + xor edx, edx + wrmsr + + ; clear CR4.CET bit + mov rax, cr4 + btr rax, CR4_CET_BIT + mov cr4, rax mov ecx, MSR_IA32_INTERRUPT_SSP_TABLE_ADDR pop rax @@ -334,10 +353,15 @@ mCetSupportedAbsAddr: pop rdx wrmsr - mov ecx, MSR_IA32_S_CET + mov ecx, MSR_IA32_U_CET pop rax pop rdx wrmsr + + mov ecx, MSR_IA32_S_CET + pop rax + pop rdx + mov ebx, eax CetDone2: mov rax, strict qword 0 ; lea rax, [ASM_PFX(mXdSupported)] @@ -356,6 +380,19 @@ mXdSupportedAbsAddr: .1: StuffRsb64 + + mov rax, strict qword 0 ; mov rax, ASM_PFX(mCetSupported) +mCetSupportedAbsAddr2: + mov al, [rax] + cmp al, 0 + jz CetDone3 + + mov ecx, MSR_IA32_S_CET + mov eax, ebx + xor edx, edx + wrmsr +CetDone3: + rsm ASM_PFX(gcSmiHandlerSize) DW $ - _SmiEntryPoint @@ -391,6 +428,11 @@ ASM_PFX(PiSmmCpuSmiEntryFixupAddress): mov qword [rcx - 8], rax lea rax, [ASM_PFX(mCetSupported)] - lea rcx, [mCetSupportedAbsAddr] + lea rcx, [mCetSupportedAbsAddr1] mov qword [rcx - 8], rax + + lea rax, [ASM_PFX(mCetSupported)] + lea rcx, [mCetSupportedAbsAddr2] + mov qword [rcx - 8], rax + ret diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c index c4f21e2155..6c53213b0b 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c @@ -20,7 +20,7 @@ UINT32 mCetPl0Ssp; UINT32 mCetInterruptSsp; UINT32 mCetInterruptSspTable; -UINTN mSmmInterruptSspTables; +UINTN mSmmInterruptSspTables = 0; /** Initialize IDT IST Field. -- 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110605): https://edk2.groups.io/g/devel/message/110605 Mute This Topic: https://groups.io/mt/102358752/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=- ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR4.CET before restoring MSR IA32_S_CET 2023-11-03 5:35 [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR4.CET before restoring MSR IA32_S_CET Sheng Wei @ 2023-11-03 8:38 ` duntan 2023-11-03 13:19 ` Laszlo Ersek 1 sibling, 0 replies; 4+ messages in thread From: duntan @ 2023-11-03 8:38 UTC (permalink / raw) To: Sheng, W, devel@edk2.groups.io Cc: Dong, Eric, Ni, Ray, Laszlo Ersek, Wu, Jiaxin Hi Wei, Could you please split the patch to into separate patches? Different patch for different issue may looks clearer. Thanks, Dun -----Original Message----- From: Sheng, W <w.sheng@intel.com> Sent: Friday, November 3, 2023 1:35 PM To: devel@edk2.groups.io Cc: Dong, Eric <eric.dong@intel.com>; Ni, Ray <ray.ni@intel.com>; Laszlo Ersek <lersek@redhat.com>; Wu, Jiaxin <jiaxin.wu@intel.com>; Tan, Dun <dun.tan@intel.com> Subject: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR4.CET before restoring MSR IA32_S_CET Clear CR4.CET bit before restoring MSR IA32_S_CET. Backup/restore MSR IA32_U_CET in SMI. Use current CR4 value when changing CR4.CET. Initial mSmmInterruptSspTables to 0. Signed-off-by: Sheng Wei <w.sheng@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Wu Jiaxin <jiaxin.wu@intel.com> Cc: Tan Dun <dun.tan@intel.com> --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 62 +++++++++++++---- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 72 ++++++++++++++++---- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c | 2 +- 3 files changed, 107 insertions(+), 29 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm index 19de5f614e..a087576a54 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm @@ -16,18 +16,19 @@ %include "StuffRsbNasm.inc" %include "Nasm.inc" +%define MSR_IA32_U_CET 0x6A0 %define MSR_IA32_S_CET 0x6A2-%define MSR_IA32_CET_SH_STK_EN 0x1-%define MSR_IA32_CET_WR_SHSTK_EN 0x2-%define MSR_IA32_CET_ENDBR_EN 0x4-%define MSR_IA32_CET_LEG_IW_EN 0x8-%define MSR_IA32_CET_NO_TRACK_EN 0x10-%define MSR_IA32_CET_SUPPRESS_DIS 0x20-%define MSR_IA32_CET_SUPPRESS 0x400-%define MSR_IA32_CET_TRACKER 0x800+%define MSR_IA32_CET_SH_STK_EN 0x1+%define MSR_IA32_CET_WR_SHSTK_EN 0x2+%define MSR_IA32_CET_ENDBR_EN 0x4+%define MSR_IA32_CET_LEG_IW_EN 0x8+%define MSR_IA32_CET_NO_TRACK_EN 0x10+%define MSR_IA32_CET_SUPPRESS_DIS 0x20+%define MSR_IA32_CET_SUPPRESS 0x400+%define MSR_IA32_CET_TRACKER 0x800 %define MSR_IA32_PL0_SSP 0x6A4 -%define CR4_CET 0x800000+%define CR4_CET_BIT 23 %define MSR_IA32_MISC_ENABLE 0x1A0 %define MSR_EFER 0xc0000080@@ -214,11 +215,21 @@ ASM_PFX(mPatchCetSupported): push edx push eax + mov ecx, MSR_IA32_U_CET+ rdmsr+ push edx+ push eax+ mov ecx, MSR_IA32_PL0_SSP rdmsr push edx push eax + mov ecx, MSR_IA32_U_CET+ xor eax, eax+ xor edx, edx+ wrmsr+ mov ecx, MSR_IA32_S_CET mov eax, MSR_IA32_CET_SH_STK_EN xor edx, edx@@ -249,7 +260,8 @@ CetInterruptDone: bts ecx, 16 ; set WP mov cr0, ecx - mov eax, 0x668 | CR4_CET+ mov eax, cr4+ bts eax, CR4_CET_BIT mov cr4, eax setssbsy@@ -276,18 +288,30 @@ CetDone: cmp al, 0 jz CetDone2 - mov eax, 0x668- mov cr4, eax ; disable CET+ mov ecx, MSR_IA32_S_CET+ xor eax, eax+ xor edx, edx+ wrmsr++ ; clear CR4.CET bit+ mov eax, cr4+ btr eax, CR4_CET_BIT+ mov cr4, eax mov ecx, MSR_IA32_PL0_SSP pop eax pop edx wrmsr - mov ecx, MSR_IA32_S_CET+ mov ecx, MSR_IA32_U_CET pop eax pop edx wrmsr++ mov ecx, MSR_IA32_S_CET+ pop eax+ pop edx+ mov ebx, eax CetDone2: mov eax, ASM_PFX(mXdSupported)@@ -305,6 +329,18 @@ CetDone2: .7: StuffRsb32++ mov eax, ASM_PFX(mCetSupported)+ mov al, [eax]+ cmp al, 0+ jz CetDone3++ mov ecx, MSR_IA32_S_CET+ mov eax, ebx+ xor edx, edx+ wrmsr+CetDone3:+ rsm ASM_PFX(gcSmiHandlerSize): DW $ - _SmiEntryPointdiff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm index d302ca8d01..7aed7c8dda 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm @@ -20,19 +20,20 @@ ; Variables referenced by C code ; +%define MSR_IA32_U_CET 0x6A0 %define MSR_IA32_S_CET 0x6A2-%define MSR_IA32_CET_SH_STK_EN 0x1-%define MSR_IA32_CET_WR_SHSTK_EN 0x2-%define MSR_IA32_CET_ENDBR_EN 0x4-%define MSR_IA32_CET_LEG_IW_EN 0x8-%define MSR_IA32_CET_NO_TRACK_EN 0x10-%define MSR_IA32_CET_SUPPRESS_DIS 0x20-%define MSR_IA32_CET_SUPPRESS 0x400-%define MSR_IA32_CET_TRACKER 0x800+%define MSR_IA32_CET_SH_STK_EN 0x1+%define MSR_IA32_CET_WR_SHSTK_EN 0x2+%define MSR_IA32_CET_ENDBR_EN 0x4+%define MSR_IA32_CET_LEG_IW_EN 0x8+%define MSR_IA32_CET_NO_TRACK_EN 0x10+%define MSR_IA32_CET_SUPPRESS_DIS 0x20+%define MSR_IA32_CET_SUPPRESS 0x400+%define MSR_IA32_CET_TRACKER 0x800 %define MSR_IA32_PL0_SSP 0x6A4 %define MSR_IA32_INTERRUPT_SSP_TABLE_ADDR 0x6A8 -%define CR4_CET 0x800000+%define CR4_CET_BIT 23 %define MSR_IA32_MISC_ENABLE 0x1A0 %define MSR_EFER 0xc0000080@@ -230,6 +231,11 @@ ASM_PFX(mPatchCetSupported): push rdx push rax + mov ecx, MSR_IA32_U_CET+ rdmsr+ push rdx+ push rax+ mov ecx, MSR_IA32_PL0_SSP rdmsr push rdx@@ -240,6 +246,11 @@ ASM_PFX(mPatchCetSupported): push rdx push rax + mov ecx, MSR_IA32_U_CET+ xor eax, eax+ xor edx, edx+ wrmsr+ mov ecx, MSR_IA32_S_CET mov eax, MSR_IA32_CET_SH_STK_EN xor edx, edx@@ -276,7 +287,8 @@ CetInterruptDone: bts ecx, 16 ; set WP mov cr0, rcx - mov eax, 0x668 | CR4_CET+ mov rax, cr4+ bts rax, CR4_CET_BIT mov cr4, rax setssbsy@@ -316,13 +328,20 @@ CpuSmmDebugExitAbsAddr: add rsp, 0x200 mov rax, strict qword 0 ; mov rax, ASM_PFX(mCetSupported)-mCetSupportedAbsAddr:+mCetSupportedAbsAddr1: mov al, [rax] cmp al, 0 jz CetDone2 - mov eax, 0x668- mov cr4, rax ; disable CET+ mov ecx, MSR_IA32_S_CET+ xor eax, eax+ xor edx, edx+ wrmsr++ ; clear CR4.CET bit+ mov rax, cr4+ btr rax, CR4_CET_BIT+ mov cr4, rax mov ecx, MSR_IA32_INTERRUPT_SSP_TABLE_ADDR pop rax@@ -334,10 +353,15 @@ mCetSupportedAbsAddr: pop rdx wrmsr - mov ecx, MSR_IA32_S_CET+ mov ecx, MSR_IA32_U_CET pop rax pop rdx wrmsr++ mov ecx, MSR_IA32_S_CET+ pop rax+ pop rdx+ mov ebx, eax CetDone2: mov rax, strict qword 0 ; lea rax, [ASM_PFX(mXdSupported)]@@ -356,6 +380,19 @@ mXdSupportedAbsAddr: .1: StuffRsb64++ mov rax, strict qword 0 ; mov rax, ASM_PFX(mCetSupported)+mCetSupportedAbsAddr2:+ mov al, [rax]+ cmp al, 0+ jz CetDone3++ mov ecx, MSR_IA32_S_CET+ mov eax, ebx+ xor edx, edx+ wrmsr+CetDone3:+ rsm ASM_PFX(gcSmiHandlerSize) DW $ - _SmiEntryPoint@@ -391,6 +428,11 @@ ASM_PFX(PiSmmCpuSmiEntryFixupAddress): mov qword [rcx - 8], rax lea rax, [ASM_PFX(mCetSupported)]- lea rcx, [mCetSupportedAbsAddr]+ lea rcx, [mCetSupportedAbsAddr1] mov qword [rcx - 8], rax++ lea rax, [ASM_PFX(mCetSupported)]+ lea rcx, [mCetSupportedAbsAddr2]+ mov qword [rcx - 8], rax+ retdiff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c index c4f21e2155..6c53213b0b 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c @@ -20,7 +20,7 @@ UINT32 mCetPl0Ssp; UINT32 mCetInterruptSsp; UINT32 mCetInterruptSspTable; -UINTN mSmmInterruptSspTables;+UINTN mSmmInterruptSspTables = 0; /** Initialize IDT IST Field.-- 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110618): https://edk2.groups.io/g/devel/message/110618 Mute This Topic: https://groups.io/mt/102358752/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=- ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR4.CET before restoring MSR IA32_S_CET 2023-11-03 5:35 [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR4.CET before restoring MSR IA32_S_CET Sheng Wei 2023-11-03 8:38 ` duntan @ 2023-11-03 13:19 ` Laszlo Ersek 2023-11-08 2:12 ` Sheng Wei 1 sibling, 1 reply; 4+ messages in thread From: Laszlo Ersek @ 2023-11-03 13:19 UTC (permalink / raw) To: devel, w.sheng; +Cc: Eric Dong, Ray Ni, Wu Jiaxin, Tan Dun On 11/3/23 06:35, Sheng Wei wrote: > Clear CR4.CET bit before restoring MSR IA32_S_CET. > Backup/restore MSR IA32_U_CET in SMI. > Use current CR4 value when changing CR4.CET. (1) Why? (It's fine if you can provide a reference from the Intel SDM, but then please do provide it.) No problem has been stated. What is broken, and how does the proposed patch solve the issue? (2) I could be mistaken, but the above changes are three separate fixes. If you agree, then please split the patch in three patches. > Initial mSmmInterruptSspTables to 0. (3) The "mSmmInterruptSspTables" object has static storage duration (it is a "global variable"), and its current definition UINTN mSmmInterruptSspTables; already ensures that it is initialized to zero. Therefore this change is unnecessary. It does not hurt either, of course, so if you argument is that we should improve readability, I don't mind, but then it too belongs in a separate patch. Laszlo > > Signed-off-by: Sheng Wei <w.sheng@intel.com> > Cc: Eric Dong <eric.dong@intel.com> > Cc: Ray Ni <ray.ni@intel.com> > Cc: Laszlo Ersek <lersek@redhat.com> > Cc: Wu Jiaxin <jiaxin.wu@intel.com> > Cc: Tan Dun <dun.tan@intel.com> > --- > UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 62 +++++++++++++---- > UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 72 ++++++++++++++++---- > UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c | 2 +- > 3 files changed, 107 insertions(+), 29 deletions(-) > > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm > index 19de5f614e..a087576a54 100644 > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm > @@ -16,18 +16,19 @@ > %include "StuffRsbNasm.inc" > %include "Nasm.inc" > > +%define MSR_IA32_U_CET 0x6A0 > %define MSR_IA32_S_CET 0x6A2 > -%define MSR_IA32_CET_SH_STK_EN 0x1 > -%define MSR_IA32_CET_WR_SHSTK_EN 0x2 > -%define MSR_IA32_CET_ENDBR_EN 0x4 > -%define MSR_IA32_CET_LEG_IW_EN 0x8 > -%define MSR_IA32_CET_NO_TRACK_EN 0x10 > -%define MSR_IA32_CET_SUPPRESS_DIS 0x20 > -%define MSR_IA32_CET_SUPPRESS 0x400 > -%define MSR_IA32_CET_TRACKER 0x800 > +%define MSR_IA32_CET_SH_STK_EN 0x1 > +%define MSR_IA32_CET_WR_SHSTK_EN 0x2 > +%define MSR_IA32_CET_ENDBR_EN 0x4 > +%define MSR_IA32_CET_LEG_IW_EN 0x8 > +%define MSR_IA32_CET_NO_TRACK_EN 0x10 > +%define MSR_IA32_CET_SUPPRESS_DIS 0x20 > +%define MSR_IA32_CET_SUPPRESS 0x400 > +%define MSR_IA32_CET_TRACKER 0x800 > %define MSR_IA32_PL0_SSP 0x6A4 > > -%define CR4_CET 0x800000 > +%define CR4_CET_BIT 23 > > %define MSR_IA32_MISC_ENABLE 0x1A0 > %define MSR_EFER 0xc0000080 > @@ -214,11 +215,21 @@ ASM_PFX(mPatchCetSupported): > push edx > push eax > > + mov ecx, MSR_IA32_U_CET > + rdmsr > + push edx > + push eax > + > mov ecx, MSR_IA32_PL0_SSP > rdmsr > push edx > push eax > > + mov ecx, MSR_IA32_U_CET > + xor eax, eax > + xor edx, edx > + wrmsr > + > mov ecx, MSR_IA32_S_CET > mov eax, MSR_IA32_CET_SH_STK_EN > xor edx, edx > @@ -249,7 +260,8 @@ CetInterruptDone: > bts ecx, 16 ; set WP > mov cr0, ecx > > - mov eax, 0x668 | CR4_CET > + mov eax, cr4 > + bts eax, CR4_CET_BIT > mov cr4, eax > > setssbsy > @@ -276,18 +288,30 @@ CetDone: > cmp al, 0 > jz CetDone2 > > - mov eax, 0x668 > - mov cr4, eax ; disable CET > + mov ecx, MSR_IA32_S_CET > + xor eax, eax > + xor edx, edx > + wrmsr > + > + ; clear CR4.CET bit > + mov eax, cr4 > + btr eax, CR4_CET_BIT > + mov cr4, eax > > mov ecx, MSR_IA32_PL0_SSP > pop eax > pop edx > wrmsr > > - mov ecx, MSR_IA32_S_CET > + mov ecx, MSR_IA32_U_CET > pop eax > pop edx > wrmsr > + > + mov ecx, MSR_IA32_S_CET > + pop eax > + pop edx > + mov ebx, eax > CetDone2: > > mov eax, ASM_PFX(mXdSupported) > @@ -305,6 +329,18 @@ CetDone2: > .7: > > StuffRsb32 > + > + mov eax, ASM_PFX(mCetSupported) > + mov al, [eax] > + cmp al, 0 > + jz CetDone3 > + > + mov ecx, MSR_IA32_S_CET > + mov eax, ebx > + xor edx, edx > + wrmsr > +CetDone3: > + > rsm > > ASM_PFX(gcSmiHandlerSize): DW $ - _SmiEntryPoint > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm > index d302ca8d01..7aed7c8dda 100644 > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm > @@ -20,19 +20,20 @@ > ; Variables referenced by C code > ; > > +%define MSR_IA32_U_CET 0x6A0 > %define MSR_IA32_S_CET 0x6A2 > -%define MSR_IA32_CET_SH_STK_EN 0x1 > -%define MSR_IA32_CET_WR_SHSTK_EN 0x2 > -%define MSR_IA32_CET_ENDBR_EN 0x4 > -%define MSR_IA32_CET_LEG_IW_EN 0x8 > -%define MSR_IA32_CET_NO_TRACK_EN 0x10 > -%define MSR_IA32_CET_SUPPRESS_DIS 0x20 > -%define MSR_IA32_CET_SUPPRESS 0x400 > -%define MSR_IA32_CET_TRACKER 0x800 > +%define MSR_IA32_CET_SH_STK_EN 0x1 > +%define MSR_IA32_CET_WR_SHSTK_EN 0x2 > +%define MSR_IA32_CET_ENDBR_EN 0x4 > +%define MSR_IA32_CET_LEG_IW_EN 0x8 > +%define MSR_IA32_CET_NO_TRACK_EN 0x10 > +%define MSR_IA32_CET_SUPPRESS_DIS 0x20 > +%define MSR_IA32_CET_SUPPRESS 0x400 > +%define MSR_IA32_CET_TRACKER 0x800 > %define MSR_IA32_PL0_SSP 0x6A4 > %define MSR_IA32_INTERRUPT_SSP_TABLE_ADDR 0x6A8 > > -%define CR4_CET 0x800000 > +%define CR4_CET_BIT 23 > > %define MSR_IA32_MISC_ENABLE 0x1A0 > %define MSR_EFER 0xc0000080 > @@ -230,6 +231,11 @@ ASM_PFX(mPatchCetSupported): > push rdx > push rax > > + mov ecx, MSR_IA32_U_CET > + rdmsr > + push rdx > + push rax > + > mov ecx, MSR_IA32_PL0_SSP > rdmsr > push rdx > @@ -240,6 +246,11 @@ ASM_PFX(mPatchCetSupported): > push rdx > push rax > > + mov ecx, MSR_IA32_U_CET > + xor eax, eax > + xor edx, edx > + wrmsr > + > mov ecx, MSR_IA32_S_CET > mov eax, MSR_IA32_CET_SH_STK_EN > xor edx, edx > @@ -276,7 +287,8 @@ CetInterruptDone: > bts ecx, 16 ; set WP > mov cr0, rcx > > - mov eax, 0x668 | CR4_CET > + mov rax, cr4 > + bts rax, CR4_CET_BIT > mov cr4, rax > > setssbsy > @@ -316,13 +328,20 @@ CpuSmmDebugExitAbsAddr: > add rsp, 0x200 > > mov rax, strict qword 0 ; mov rax, ASM_PFX(mCetSupported) > -mCetSupportedAbsAddr: > +mCetSupportedAbsAddr1: > mov al, [rax] > cmp al, 0 > jz CetDone2 > > - mov eax, 0x668 > - mov cr4, rax ; disable CET > + mov ecx, MSR_IA32_S_CET > + xor eax, eax > + xor edx, edx > + wrmsr > + > + ; clear CR4.CET bit > + mov rax, cr4 > + btr rax, CR4_CET_BIT > + mov cr4, rax > > mov ecx, MSR_IA32_INTERRUPT_SSP_TABLE_ADDR > pop rax > @@ -334,10 +353,15 @@ mCetSupportedAbsAddr: > pop rdx > wrmsr > > - mov ecx, MSR_IA32_S_CET > + mov ecx, MSR_IA32_U_CET > pop rax > pop rdx > wrmsr > + > + mov ecx, MSR_IA32_S_CET > + pop rax > + pop rdx > + mov ebx, eax > CetDone2: > > mov rax, strict qword 0 ; lea rax, [ASM_PFX(mXdSupported)] > @@ -356,6 +380,19 @@ mXdSupportedAbsAddr: > .1: > > StuffRsb64 > + > + mov rax, strict qword 0 ; mov rax, ASM_PFX(mCetSupported) > +mCetSupportedAbsAddr2: > + mov al, [rax] > + cmp al, 0 > + jz CetDone3 > + > + mov ecx, MSR_IA32_S_CET > + mov eax, ebx > + xor edx, edx > + wrmsr > +CetDone3: > + > rsm > > ASM_PFX(gcSmiHandlerSize) DW $ - _SmiEntryPoint > @@ -391,6 +428,11 @@ ASM_PFX(PiSmmCpuSmiEntryFixupAddress): > mov qword [rcx - 8], rax > > lea rax, [ASM_PFX(mCetSupported)] > - lea rcx, [mCetSupportedAbsAddr] > + lea rcx, [mCetSupportedAbsAddr1] > mov qword [rcx - 8], rax > + > + lea rax, [ASM_PFX(mCetSupported)] > + lea rcx, [mCetSupportedAbsAddr2] > + mov qword [rcx - 8], rax > + > ret > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c > index c4f21e2155..6c53213b0b 100644 > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c > @@ -20,7 +20,7 @@ UINT32 mCetPl0Ssp; > UINT32 mCetInterruptSsp; > UINT32 mCetInterruptSspTable; > > -UINTN mSmmInterruptSspTables; > +UINTN mSmmInterruptSspTables = 0; > > /** > Initialize IDT IST Field. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110622): https://edk2.groups.io/g/devel/message/110622 Mute This Topic: https://groups.io/mt/102358752/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/xyzzy [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=- ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR4.CET before restoring MSR IA32_S_CET 2023-11-03 13:19 ` Laszlo Ersek @ 2023-11-08 2:12 ` Sheng Wei 0 siblings, 0 replies; 4+ messages in thread From: Sheng Wei @ 2023-11-08 2:12 UTC (permalink / raw) To: Laszlo Ersek, devel@edk2.groups.io Cc: Dong, Eric, Ni, Ray, Wu, Jiaxin, Tan, Dun Hi Laszlo, Thank you for the review comments. (1) This change is used to fix a hung issue when enable kernel CET-IBT. Kernel will enable CET-IBT by set IA32_U_CET.bit2. The issue only happens when it enters SMI with the state machine == WAIT_FOR_ENDBRANCH state. In SMI handler, when Set CR4.CET bit, CPU will check the next assembly code, if the next code is not ENDBR. It will trigger #CP exception. So, we need to backup current IA32_U_CET, and clear IA32_U_CET before enable CR4.CET. And when exit SMI, we need to restore the value in IA32_U_CET. (2) Yes, I have separated it to 3 patches. But last patch will be removed because of (3) (3) It is global variable. It is initialized to zero. I will remove this change. I will raise patch V3. Thank you. BR Sheng Wei > -----Original Message----- > From: Laszlo Ersek <lersek@redhat.com> > Sent: Friday, November 3, 2023 9:19 PM > To: devel@edk2.groups.io; Sheng, W <w.sheng@intel.com> > Cc: Dong, Eric <eric.dong@intel.com>; Ni, Ray <ray.ni@intel.com>; Wu, Jiaxin > <jiaxin.wu@intel.com>; Tan, Dun <dun.tan@intel.com> > Subject: Re: [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Clear > CR4.CET before restoring MSR IA32_S_CET > > On 11/3/23 06:35, Sheng Wei wrote: > > Clear CR4.CET bit before restoring MSR IA32_S_CET. > > Backup/restore MSR IA32_U_CET in SMI. > > Use current CR4 value when changing CR4.CET. > > (1) Why? > > (It's fine if you can provide a reference from the Intel SDM, but then please do > provide it.) > > No problem has been stated. What is broken, and how does the proposed > patch solve the issue? > > (2) I could be mistaken, but the above changes are three separate fixes. > If you agree, then please split the patch in three patches. > > > Initial mSmmInterruptSspTables to 0. > > (3) The "mSmmInterruptSspTables" object has static storage duration (it is a > "global variable"), and its current definition > > UINTN mSmmInterruptSspTables; > > already ensures that it is initialized to zero. Therefore this change is > unnecessary. > > It does not hurt either, of course, so if you argument is that we should > improve readability, I don't mind, but then it too belongs in a separate patch. > > Laszlo > > > > > Signed-off-by: Sheng Wei <w.sheng@intel.com> > > Cc: Eric Dong <eric.dong@intel.com> > > Cc: Ray Ni <ray.ni@intel.com> > > Cc: Laszlo Ersek <lersek@redhat.com> > > Cc: Wu Jiaxin <jiaxin.wu@intel.com> > > Cc: Tan Dun <dun.tan@intel.com> > > --- > > UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 62 > +++++++++++++---- > > UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 72 > ++++++++++++++++---- > > UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c | 2 +- > > 3 files changed, 107 insertions(+), 29 deletions(-) > > > > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm > > b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm > > index 19de5f614e..a087576a54 100644 > > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm > > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm > > @@ -16,18 +16,19 @@ > > %include "StuffRsbNasm.inc" > > %include "Nasm.inc" > > > > +%define MSR_IA32_U_CET 0x6A0 > > %define MSR_IA32_S_CET 0x6A2 > > -%define MSR_IA32_CET_SH_STK_EN 0x1 > > -%define MSR_IA32_CET_WR_SHSTK_EN 0x2 > > -%define MSR_IA32_CET_ENDBR_EN 0x4 > > -%define MSR_IA32_CET_LEG_IW_EN 0x8 > > -%define MSR_IA32_CET_NO_TRACK_EN 0x10 > > -%define MSR_IA32_CET_SUPPRESS_DIS 0x20 > > -%define MSR_IA32_CET_SUPPRESS 0x400 > > -%define MSR_IA32_CET_TRACKER 0x800 > > +%define MSR_IA32_CET_SH_STK_EN 0x1 > > +%define MSR_IA32_CET_WR_SHSTK_EN 0x2 > > +%define MSR_IA32_CET_ENDBR_EN 0x4 > > +%define MSR_IA32_CET_LEG_IW_EN 0x8 > > +%define MSR_IA32_CET_NO_TRACK_EN 0x10 > > +%define MSR_IA32_CET_SUPPRESS_DIS 0x20 > > +%define MSR_IA32_CET_SUPPRESS 0x400 > > +%define MSR_IA32_CET_TRACKER 0x800 > > %define MSR_IA32_PL0_SSP 0x6A4 > > > > -%define CR4_CET 0x800000 > > +%define CR4_CET_BIT 23 > > > > %define MSR_IA32_MISC_ENABLE 0x1A0 > > %define MSR_EFER 0xc0000080 > > @@ -214,11 +215,21 @@ ASM_PFX(mPatchCetSupported): > > push edx > > push eax > > > > + mov ecx, MSR_IA32_U_CET > > + rdmsr > > + push edx > > + push eax > > + > > mov ecx, MSR_IA32_PL0_SSP > > rdmsr > > push edx > > push eax > > > > + mov ecx, MSR_IA32_U_CET > > + xor eax, eax > > + xor edx, edx > > + wrmsr > > + > > mov ecx, MSR_IA32_S_CET > > mov eax, MSR_IA32_CET_SH_STK_EN > > xor edx, edx > > @@ -249,7 +260,8 @@ CetInterruptDone: > > bts ecx, 16 ; set WP > > mov cr0, ecx > > > > - mov eax, 0x668 | CR4_CET > > + mov eax, cr4 > > + bts eax, CR4_CET_BIT > > mov cr4, eax > > > > setssbsy > > @@ -276,18 +288,30 @@ CetDone: > > cmp al, 0 > > jz CetDone2 > > > > - mov eax, 0x668 > > - mov cr4, eax ; disable CET > > + mov ecx, MSR_IA32_S_CET > > + xor eax, eax > > + xor edx, edx > > + wrmsr > > + > > + ; clear CR4.CET bit > > + mov eax, cr4 > > + btr eax, CR4_CET_BIT > > + mov cr4, eax > > > > mov ecx, MSR_IA32_PL0_SSP > > pop eax > > pop edx > > wrmsr > > > > - mov ecx, MSR_IA32_S_CET > > + mov ecx, MSR_IA32_U_CET > > pop eax > > pop edx > > wrmsr > > + > > + mov ecx, MSR_IA32_S_CET > > + pop eax > > + pop edx > > + mov ebx, eax > > CetDone2: > > > > mov eax, ASM_PFX(mXdSupported) > > @@ -305,6 +329,18 @@ CetDone2: > > .7: > > > > StuffRsb32 > > + > > + mov eax, ASM_PFX(mCetSupported) > > + mov al, [eax] > > + cmp al, 0 > > + jz CetDone3 > > + > > + mov ecx, MSR_IA32_S_CET > > + mov eax, ebx > > + xor edx, edx > > + wrmsr > > +CetDone3: > > + > > rsm > > > > ASM_PFX(gcSmiHandlerSize): DW $ - _SmiEntryPoint diff --git > > a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm > > b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm > > index d302ca8d01..7aed7c8dda 100644 > > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm > > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm > > @@ -20,19 +20,20 @@ > > ; Variables referenced by C code > > ; > > > > +%define MSR_IA32_U_CET 0x6A0 > > %define MSR_IA32_S_CET 0x6A2 > > -%define MSR_IA32_CET_SH_STK_EN 0x1 > > -%define MSR_IA32_CET_WR_SHSTK_EN 0x2 > > -%define MSR_IA32_CET_ENDBR_EN 0x4 > > -%define MSR_IA32_CET_LEG_IW_EN 0x8 > > -%define MSR_IA32_CET_NO_TRACK_EN 0x10 > > -%define MSR_IA32_CET_SUPPRESS_DIS 0x20 > > -%define MSR_IA32_CET_SUPPRESS 0x400 > > -%define MSR_IA32_CET_TRACKER 0x800 > > +%define MSR_IA32_CET_SH_STK_EN 0x1 > > +%define MSR_IA32_CET_WR_SHSTK_EN 0x2 > > +%define MSR_IA32_CET_ENDBR_EN 0x4 > > +%define MSR_IA32_CET_LEG_IW_EN 0x8 > > +%define MSR_IA32_CET_NO_TRACK_EN 0x10 > > +%define MSR_IA32_CET_SUPPRESS_DIS 0x20 > > +%define MSR_IA32_CET_SUPPRESS 0x400 > > +%define MSR_IA32_CET_TRACKER 0x800 > > %define MSR_IA32_PL0_SSP 0x6A4 > > %define MSR_IA32_INTERRUPT_SSP_TABLE_ADDR 0x6A8 > > > > -%define CR4_CET 0x800000 > > +%define CR4_CET_BIT 23 > > > > %define MSR_IA32_MISC_ENABLE 0x1A0 > > %define MSR_EFER 0xc0000080 > > @@ -230,6 +231,11 @@ ASM_PFX(mPatchCetSupported): > > push rdx > > push rax > > > > + mov ecx, MSR_IA32_U_CET > > + rdmsr > > + push rdx > > + push rax > > + > > mov ecx, MSR_IA32_PL0_SSP > > rdmsr > > push rdx > > @@ -240,6 +246,11 @@ ASM_PFX(mPatchCetSupported): > > push rdx > > push rax > > > > + mov ecx, MSR_IA32_U_CET > > + xor eax, eax > > + xor edx, edx > > + wrmsr > > + > > mov ecx, MSR_IA32_S_CET > > mov eax, MSR_IA32_CET_SH_STK_EN > > xor edx, edx > > @@ -276,7 +287,8 @@ CetInterruptDone: > > bts ecx, 16 ; set WP > > mov cr0, rcx > > > > - mov eax, 0x668 | CR4_CET > > + mov rax, cr4 > > + bts rax, CR4_CET_BIT > > mov cr4, rax > > > > setssbsy > > @@ -316,13 +328,20 @@ CpuSmmDebugExitAbsAddr: > > add rsp, 0x200 > > > > mov rax, strict qword 0 ; mov rax, ASM_PFX(mCetSupported) > > -mCetSupportedAbsAddr: > > +mCetSupportedAbsAddr1: > > mov al, [rax] > > cmp al, 0 > > jz CetDone2 > > > > - mov eax, 0x668 > > - mov cr4, rax ; disable CET > > + mov ecx, MSR_IA32_S_CET > > + xor eax, eax > > + xor edx, edx > > + wrmsr > > + > > + ; clear CR4.CET bit > > + mov rax, cr4 > > + btr rax, CR4_CET_BIT > > + mov cr4, rax > > > > mov ecx, MSR_IA32_INTERRUPT_SSP_TABLE_ADDR > > pop rax > > @@ -334,10 +353,15 @@ mCetSupportedAbsAddr: > > pop rdx > > wrmsr > > > > - mov ecx, MSR_IA32_S_CET > > + mov ecx, MSR_IA32_U_CET > > pop rax > > pop rdx > > wrmsr > > + > > + mov ecx, MSR_IA32_S_CET > > + pop rax > > + pop rdx > > + mov ebx, eax > > CetDone2: > > > > mov rax, strict qword 0 ; lea rax, [ASM_PFX(mXdSupported)] > > @@ -356,6 +380,19 @@ mXdSupportedAbsAddr: > > .1: > > > > StuffRsb64 > > + > > + mov rax, strict qword 0 ; mov rax, ASM_PFX(mCetSupported) > > +mCetSupportedAbsAddr2: > > + mov al, [rax] > > + cmp al, 0 > > + jz CetDone3 > > + > > + mov ecx, MSR_IA32_S_CET > > + mov eax, ebx > > + xor edx, edx > > + wrmsr > > +CetDone3: > > + > > rsm > > > > ASM_PFX(gcSmiHandlerSize) DW $ - _SmiEntryPoint > > @@ -391,6 +428,11 @@ ASM_PFX(PiSmmCpuSmiEntryFixupAddress): > > mov qword [rcx - 8], rax > > > > lea rax, [ASM_PFX(mCetSupported)] > > - lea rcx, [mCetSupportedAbsAddr] > > + lea rcx, [mCetSupportedAbsAddr1] > > mov qword [rcx - 8], rax > > + > > + lea rax, [ASM_PFX(mCetSupported)] > > + lea rcx, [mCetSupportedAbsAddr2] > > + mov qword [rcx - 8], rax > > + > > ret > > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c > > b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c > > index c4f21e2155..6c53213b0b 100644 > > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c > > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c > > @@ -20,7 +20,7 @@ UINT32 mCetPl0Ssp; > > UINT32 mCetInterruptSsp; > > UINT32 mCetInterruptSspTable; > > > > -UINTN mSmmInterruptSspTables; > > +UINTN mSmmInterruptSspTables = 0; > > > > /** > > Initialize IDT IST Field. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110882): https://edk2.groups.io/g/devel/message/110882 Mute This Topic: https://groups.io/mt/102358752/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=- ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-11-08 2:12 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2023-11-03 5:35 [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR4.CET before restoring MSR IA32_S_CET Sheng Wei 2023-11-03 8:38 ` duntan 2023-11-03 13:19 ` Laszlo Ersek 2023-11-08 2:12 ` Sheng Wei
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox