[mirror_edk2.git] / UefiCpuPkg / PiSmmCpuDxeSmm / X64 / SmiEntry.asm

;------------------------------------------------------------------------------ ;\r
; Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>\r
; This program and the accompanying materials\r
; are licensed and made available under the terms and conditions of the BSD License\r
; which accompanies this distribution.  The full text of the license may be found at\r
; http://opensource.org/licenses/bsd-license.php.\r
;\r
; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
;\r
; Module Name:\r
;\r
;   SmiEntry.asm\r
;\r
; Abstract:\r
;\r
;   Code template of the SMI handler for a particular processor\r
;\r
;-------------------------------------------------------------------------------\r
\r
;\r
; Variables referenced by C code\r
;\r
EXTERNDEF   SmiRendezvous:PROC\r
EXTERNDEF   CpuSmmDebugEntry:PROC\r
EXTERNDEF   CpuSmmDebugExit:PROC\r
EXTERNDEF   gcSmiHandlerTemplate:BYTE\r
EXTERNDEF   gcSmiHandlerSize:WORD\r
EXTERNDEF   gSmiCr3:DWORD\r
EXTERNDEF   gSmiStack:DWORD\r
EXTERNDEF   gSmbase:DWORD\r
EXTERNDEF   mXdSupported:BYTE\r
EXTERNDEF   gSmiHandlerIdtr:FWORD\r
\r
MSR_IA32_MISC_ENABLE  EQU     1A0h\r
MSR_EFER      EQU     0c0000080h\r
MSR_EFER_XD   EQU     0800h\r
\r
;\r
; Constants relating to PROCESSOR_SMM_DESCRIPTOR\r
;\r
DSC_OFFSET    EQU     0fb00h\r
DSC_GDTPTR    EQU     30h\r
DSC_GDTSIZ    EQU     38h\r
DSC_CS        EQU     14\r
DSC_DS        EQU     16\r
DSC_SS        EQU     18\r
DSC_OTHERSEG  EQU     20\r
;\r
; Constants relating to CPU State Save Area\r
;\r
SSM_DR6         EQU     0ffd0h\r
SSM_DR7         EQU     0ffc8h\r
\r
PROTECT_MODE_CS EQU     08h\r
PROTECT_MODE_DS EQU     20h\r
LONG_MODE_CS    EQU     38h\r
TSS_SEGMENT     EQU     40h\r
GDT_SIZE        EQU     50h\r
\r
    .code\r
\r
gcSmiHandlerTemplate    LABEL   BYTE\r
\r
_SmiEntryPoint:\r
    ;\r
    ; The encoding of BX in 16-bit addressing mode is the same as of RDI in 64-\r
    ; bit addressing mode. And that coincidence has been used in the following\r
    ; "64-bit like" 16-bit code. Be aware that once RDI is referenced as a\r
    ; base address register, it is actually BX that is referenced.\r
    ;\r
    DB      0bbh                        ; mov bx, imm16\r
    DW      offset _GdtDesc - _SmiEntryPoint + 8000h  ; bx = GdtDesc offset\r
; fix GDT descriptor\r
    DB      2eh, 0a1h                   ; mov ax, cs:[offset16]\r
    DW      DSC_OFFSET + DSC_GDTSIZ\r
    DB      48h                         ; dec ax\r
    DB      2eh\r
    mov     [rdi], eax                  ; mov cs:[bx], ax\r
    DB      66h, 2eh, 0a1h              ; mov eax, cs:[offset16]\r
    DW      DSC_OFFSET + DSC_GDTPTR\r
    DB      2eh\r
    mov     [rdi + 2], ax               ; mov cs:[bx + 2], eax\r
    DB      66h, 2eh\r
    lgdt    fword ptr [rdi]             ; lgdt fword ptr cs:[bx]\r
; Patch ProtectedMode Segment\r
    DB      0b8h                        ; mov ax, imm16\r
    DW      PROTECT_MODE_CS             ; set AX for segment directly\r
    DB      2eh\r
    mov     [rdi - 2], eax              ; mov cs:[bx - 2], ax\r
; Patch ProtectedMode entry\r
    DB      66h, 0bfh                   ; mov edi, SMBASE\r
gSmbase    DD    ?\r
    lea     ax, [edi + (@ProtectedMode - _SmiEntryPoint) + 8000h]\r
    DB      2eh\r
    mov     [rdi - 6], ax               ; mov cs:[bx - 6], eax\r
; Switch into @ProtectedMode\r
    mov     rbx, cr0\r
    DB      66h\r
    and     ebx, 9ffafff3h\r
    DB      66h\r
    or      ebx, 00000023h\r
\r
    mov     cr0, rbx\r
    DB      66h, 0eah\r
    DD      ?\r
    DW      ?\r
\r
_GdtDesc    FWORD   ?\r
@ProtectedMode:\r
    mov     ax, PROTECT_MODE_DS\r
    mov     ds, ax\r
    mov     es, ax\r
    mov     fs, ax\r
    mov     gs, ax\r
    mov     ss, ax\r
    DB      0bch                   ; mov esp, imm32\r
gSmiStack   DD      ?\r
    jmp     ProtFlatMode\r
\r
ProtFlatMode:\r
    DB      0b8h                        ; mov eax, offset gSmiCr3\r
gSmiCr3     DD      ?\r
    mov     cr3, rax\r
    mov     eax, 668h                   ; as cr4.PGE is not set here, refresh cr3\r
    mov     cr4, rax                    ; in PreModifyMtrrs() to flush TLB.\r
; Load TSS\r
    sub     esp, 8                      ; reserve room in stack\r
    sgdt    fword ptr [rsp]\r
    mov     eax, [rsp + 2]              ; eax = GDT base\r
    add     esp, 8\r
    mov     dl, 89h\r
    mov     [rax + TSS_SEGMENT + 5], dl ; clear busy flag\r
    mov     eax, TSS_SEGMENT\r
    ltr     ax\r
\r
; enable NXE if supported\r
    DB      0b0h                        ; mov al, imm8\r
mXdSupported     DB      1\r
    cmp     al, 0\r
    jz      @SkipXd\r
;\r
; Check XD disable bit\r
;\r
    mov     ecx, MSR_IA32_MISC_ENABLE\r
    rdmsr\r
    sub     esp, 4\r
    push    rdx                        ; save MSR_IA32_MISC_ENABLE[63-32]\r
    test    edx, BIT2                  ; MSR_IA32_MISC_ENABLE[34]\r
    jz      @f\r
    and     dx, 0FFFBh                 ; clear XD Disable bit if it is set\r
    wrmsr\r
@@:\r
    mov     ecx, MSR_EFER\r
    rdmsr\r
    or      ax, MSR_EFER_XD            ; enable NXE\r
    wrmsr\r
    jmp     @XdDone\r
@SkipXd:\r
    sub     esp, 8\r
@XdDone:\r
\r
; Switch into @LongMode\r
    push    LONG_MODE_CS                ; push cs hardcore here\r
    call    Base                       ; push return address for retf later\r
Base:\r
    add     dword ptr [rsp], @LongMode - Base; offset for far retf, seg is the 1st arg\r
\r
    mov     ecx, MSR_EFER\r
    rdmsr\r
    or      ah, 1                      ; enable LME\r
    wrmsr\r
    mov     rbx, cr0\r
    or      ebx, 080010023h            ; enable paging + WP + NE + MP + PE\r
    mov     cr0, rbx\r
    retf\r
@LongMode:                              ; long mode (64-bit code) starts here\r
    mov     rax, offset gSmiHandlerIdtr\r
    lidt    fword ptr [rax]\r
    lea     ebx, [rdi + DSC_OFFSET]\r
    mov     ax, [rbx + DSC_DS]\r
    mov     ds, eax\r
    mov     ax, [rbx + DSC_OTHERSEG]\r
    mov     es, eax\r
    mov     fs, eax\r
    mov     gs, eax\r
    mov     ax, [rbx + DSC_SS]\r
    mov     ss, eax\r
;   jmp     _SmiHandler                 ; instruction is not needed\r
\r
_SmiHandler:\r
    mov     rbx, [rsp]                  ; rbx <- CpuIndex\r
\r
    ;\r
    ; Save FP registers\r
    ;\r
    sub     rsp, 200h\r
    DB      48h                         ; FXSAVE64\r
    fxsave  [rsp]\r
\r
    add     rsp, -20h\r
\r
    mov     rcx, rbx\r
    mov     rax, CpuSmmDebugEntry\r
    call    rax\r
\r
    mov     rcx, rbx\r
    mov     rax, SmiRendezvous          ; rax <- absolute addr of SmiRedezvous\r
    call    rax\r
\r
    mov     rcx, rbx\r
    mov     rax, CpuSmmDebugExit\r
    call    rax\r
\r
    add     rsp, 20h\r
\r
    ;\r
    ; Restore FP registers\r
    ;\r
    DB      48h                         ; FXRSTOR64\r
    fxrstor [rsp]\r
\r
    add     rsp, 200h\r
\r
    mov     rax, ASM_PFX(mXdSupported)\r
    mov     al, [rax]\r
    cmp     al, 0\r
    jz      @f\r
    pop     rdx                       ; get saved MSR_IA32_MISC_ENABLE[63-32]\r
    test    edx, BIT2\r
    jz      @f\r
    mov     ecx, MSR_IA32_MISC_ENABLE\r
    rdmsr\r
    or      dx, BIT2                  ; set XD Disable bit if it was set before entering into SMM\r
    wrmsr\r
\r
@@:\r
    rsm\r
\r
gcSmiHandlerSize    DW      $ - _SmiEntryPoint\r
\r
    END\r
Commit	Line	Data
	1	;------------------------------------------------------------------------------ ;\r
	2	; Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>\r
	3	; This program and the accompanying materials\r
	4	; are licensed and made available under the terms and conditions of the BSD License\r
	5	; which accompanies this distribution. The full text of the license may be found at\r
	6	; http://opensource.org/licenses/bsd-license.php.\r
	7	;\r
	8	; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	9	; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	10	;\r
	11	; Module Name:\r
	12	;\r
	13	; SmiEntry.asm\r
	14	;\r
	15	; Abstract:\r
	16	;\r
	17	; Code template of the SMI handler for a particular processor\r
	18	;\r
	19	;-------------------------------------------------------------------------------\r
	20	\r
	21	;\r
	22	; Variables referenced by C code\r
	23	;\r
	24	EXTERNDEF SmiRendezvous:PROC\r
	25	EXTERNDEF CpuSmmDebugEntry:PROC\r
	26	EXTERNDEF CpuSmmDebugExit:PROC\r
	27	EXTERNDEF gcSmiHandlerTemplate:BYTE\r
	28	EXTERNDEF gcSmiHandlerSize:WORD\r
	29	EXTERNDEF gSmiCr3:DWORD\r
	30	EXTERNDEF gSmiStack:DWORD\r
	31	EXTERNDEF gSmbase:DWORD\r
	32	EXTERNDEF mXdSupported:BYTE\r
	33	EXTERNDEF gSmiHandlerIdtr:FWORD\r
	34	\r
	35	MSR_IA32_MISC_ENABLE EQU 1A0h\r
	36	MSR_EFER EQU 0c0000080h\r
	37	MSR_EFER_XD EQU 0800h\r
	38	\r
	39	;\r
	40	; Constants relating to PROCESSOR_SMM_DESCRIPTOR\r
	41	;\r
	42	DSC_OFFSET EQU 0fb00h\r
	43	DSC_GDTPTR EQU 30h\r
	44	DSC_GDTSIZ EQU 38h\r
	45	DSC_CS EQU 14\r
	46	DSC_DS EQU 16\r
	47	DSC_SS EQU 18\r
	48	DSC_OTHERSEG EQU 20\r
	49	;\r
	50	; Constants relating to CPU State Save Area\r
	51	;\r
	52	SSM_DR6 EQU 0ffd0h\r
	53	SSM_DR7 EQU 0ffc8h\r
	54	\r
	55	PROTECT_MODE_CS EQU 08h\r
	56	PROTECT_MODE_DS EQU 20h\r
	57	LONG_MODE_CS EQU 38h\r
	58	TSS_SEGMENT EQU 40h\r
	59	GDT_SIZE EQU 50h\r
	60	\r
	61	.code\r
	62	\r
	63	gcSmiHandlerTemplate LABEL BYTE\r
	64	\r
	65	_SmiEntryPoint:\r
	66	;\r
	67	; The encoding of BX in 16-bit addressing mode is the same as of RDI in 64-\r
	68	; bit addressing mode. And that coincidence has been used in the following\r
	69	; "64-bit like" 16-bit code. Be aware that once RDI is referenced as a\r
	70	; base address register, it is actually BX that is referenced.\r
	71	;\r
	72	DB 0bbh ; mov bx, imm16\r
	73	DW offset _GdtDesc - _SmiEntryPoint + 8000h ; bx = GdtDesc offset\r
	74	; fix GDT descriptor\r
	75	DB 2eh, 0a1h ; mov ax, cs:[offset16]\r
	76	DW DSC_OFFSET + DSC_GDTSIZ\r
	77	DB 48h ; dec ax\r
	78	DB 2eh\r
	79	mov [rdi], eax ; mov cs:[bx], ax\r
	80	DB 66h, 2eh, 0a1h ; mov eax, cs:[offset16]\r
	81	DW DSC_OFFSET + DSC_GDTPTR\r
	82	DB 2eh\r
	83	mov [rdi + 2], ax ; mov cs:[bx + 2], eax\r
	84	DB 66h, 2eh\r
	85	lgdt fword ptr [rdi] ; lgdt fword ptr cs:[bx]\r
	86	; Patch ProtectedMode Segment\r
	87	DB 0b8h ; mov ax, imm16\r
	88	DW PROTECT_MODE_CS ; set AX for segment directly\r
	89	DB 2eh\r
	90	mov [rdi - 2], eax ; mov cs:[bx - 2], ax\r
	91	; Patch ProtectedMode entry\r
	92	DB 66h, 0bfh ; mov edi, SMBASE\r
	93	gSmbase DD ?\r
	94	lea ax, [edi + (@ProtectedMode - _SmiEntryPoint) + 8000h]\r
	95	DB 2eh\r
	96	mov [rdi - 6], ax ; mov cs:[bx - 6], eax\r
	97	; Switch into @ProtectedMode\r
	98	mov rbx, cr0\r
	99	DB 66h\r
	100	and ebx, 9ffafff3h\r
	101	DB 66h\r
	102	or ebx, 00000023h\r
	103	\r
	104	mov cr0, rbx\r
	105	DB 66h, 0eah\r
	106	DD ?\r
	107	DW ?\r
	108	\r
	109	_GdtDesc FWORD ?\r
	110	@ProtectedMode:\r
	111	mov ax, PROTECT_MODE_DS\r
	112	mov ds, ax\r
	113	mov es, ax\r
	114	mov fs, ax\r
	115	mov gs, ax\r
	116	mov ss, ax\r
	117	DB 0bch ; mov esp, imm32\r
	118	gSmiStack DD ?\r
	119	jmp ProtFlatMode\r
	120	\r
	121	ProtFlatMode:\r
	122	DB 0b8h ; mov eax, offset gSmiCr3\r
	123	gSmiCr3 DD ?\r
	124	mov cr3, rax\r
	125	mov eax, 668h ; as cr4.PGE is not set here, refresh cr3\r
	126	mov cr4, rax ; in PreModifyMtrrs() to flush TLB.\r
	127	; Load TSS\r
	128	sub esp, 8 ; reserve room in stack\r
	129	sgdt fword ptr [rsp]\r
	130	mov eax, [rsp + 2] ; eax = GDT base\r
	131	add esp, 8\r
	132	mov dl, 89h\r
	133	mov [rax + TSS_SEGMENT + 5], dl ; clear busy flag\r
	134	mov eax, TSS_SEGMENT\r
	135	ltr ax\r
	136	\r
	137	; enable NXE if supported\r
	138	DB 0b0h ; mov al, imm8\r
	139	mXdSupported DB 1\r
	140	cmp al, 0\r
	141	jz @SkipXd\r
	142	;\r
	143	; Check XD disable bit\r
	144	;\r
	145	mov ecx, MSR_IA32_MISC_ENABLE\r
	146	rdmsr\r
	147	sub esp, 4\r
	148	push rdx ; save MSR_IA32_MISC_ENABLE[63-32]\r
	149	test edx, BIT2 ; MSR_IA32_MISC_ENABLE[34]\r
	150	jz @f\r
	151	and dx, 0FFFBh ; clear XD Disable bit if it is set\r
	152	wrmsr\r
	153	@@:\r
	154	mov ecx, MSR_EFER\r
	155	rdmsr\r
	156	or ax, MSR_EFER_XD ; enable NXE\r
	157	wrmsr\r
	158	jmp @XdDone\r
	159	@SkipXd:\r
	160	sub esp, 8\r
	161	@XdDone:\r
	162	\r
	163	; Switch into @LongMode\r
	164	push LONG_MODE_CS ; push cs hardcore here\r
	165	call Base ; push return address for retf later\r
	166	Base:\r
	167	add dword ptr [rsp], @LongMode - Base; offset for far retf, seg is the 1st arg\r
	168	\r
	169	mov ecx, MSR_EFER\r
	170	rdmsr\r
	171	or ah, 1 ; enable LME\r
	172	wrmsr\r
	173	mov rbx, cr0\r
	174	or ebx, 080010023h ; enable paging + WP + NE + MP + PE\r
	175	mov cr0, rbx\r
	176	retf\r
	177	@LongMode: ; long mode (64-bit code) starts here\r
	178	mov rax, offset gSmiHandlerIdtr\r
	179	lidt fword ptr [rax]\r
	180	lea ebx, [rdi + DSC_OFFSET]\r
	181	mov ax, [rbx + DSC_DS]\r
	182	mov ds, eax\r
	183	mov ax, [rbx + DSC_OTHERSEG]\r
	184	mov es, eax\r
	185	mov fs, eax\r
	186	mov gs, eax\r
	187	mov ax, [rbx + DSC_SS]\r
	188	mov ss, eax\r
	189	; jmp _SmiHandler ; instruction is not needed\r
	190	\r
	191	_SmiHandler:\r
	192	mov rbx, [rsp] ; rbx <- CpuIndex\r
	193	\r
	194	;\r
	195	; Save FP registers\r
	196	;\r
	197	sub rsp, 200h\r
	198	DB 48h ; FXSAVE64\r
	199	fxsave [rsp]\r
	200	\r
	201	add rsp, -20h\r
	202	\r
	203	mov rcx, rbx\r
	204	mov rax, CpuSmmDebugEntry\r
	205	call rax\r
	206	\r
	207	mov rcx, rbx\r
	208	mov rax, SmiRendezvous ; rax <- absolute addr of SmiRedezvous\r
	209	call rax\r
	210	\r
	211	mov rcx, rbx\r
	212	mov rax, CpuSmmDebugExit\r
	213	call rax\r
	214	\r
	215	add rsp, 20h\r
	216	\r
	217	;\r
	218	; Restore FP registers\r
	219	;\r
	220	DB 48h ; FXRSTOR64\r
	221	fxrstor [rsp]\r
	222	\r
	223	add rsp, 200h\r
	224	\r
	225	mov rax, ASM_PFX(mXdSupported)\r
	226	mov al, [rax]\r
	227	cmp al, 0\r
	228	jz @f\r
	229	pop rdx ; get saved MSR_IA32_MISC_ENABLE[63-32]\r
	230	test edx, BIT2\r
	231	jz @f\r
	232	mov ecx, MSR_IA32_MISC_ENABLE\r
	233	rdmsr\r
	234	or dx, BIT2 ; set XD Disable bit if it was set before entering into SMM\r
	235	wrmsr\r
	236	\r
	237	@@:\r
	238	rsm\r
	239	\r
	240	gcSmiHandlerSize DW $ - _SmiEntryPoint\r
	241	\r
	242	END\r