X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=UefiCpuPkg%2FPiSmmCpuDxeSmm%2FX64%2FSmmFuncsArch.c;h=9d26e44a9acd58c1f279694d0afa3eac2498a544;hb=827330ccd1d0983fe4d059fee518bf42c70ef31e;hp=bd465c7a067b6414865b4f7334351bdd544b9231;hpb=4a0f88dd6458528fc24ad320a05105150c9fb3bb;p=mirror_edk2.git diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c index bd465c7a06..9d26e44a9a 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c @@ -14,6 +14,30 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include "PiSmmCpuDxeSmm.h" +EFI_PHYSICAL_ADDRESS mGdtBuffer; +UINTN mGdtBufferSize; + +/** + Initialize IDT for SMM Stack Guard. + +**/ +VOID +EFIAPI +InitializeIDTSmmStackGuard ( + VOID + ) +{ + IA32_IDT_GATE_DESCRIPTOR *IdtGate; + + // + // If SMM Stack Guard feature is enabled, set the IST field of + // the interrupt gate for Page Fault Exception to be 1 + // + IdtGate = (IA32_IDT_GATE_DESCRIPTOR *)gcSmiIdtr.Base; + IdtGate += EXCEPT_IA32_PAGE_FAULT; + IdtGate->Bits.Reserved_0 = 1; +} + /** Initialize Gdt for all processors. @@ -41,8 +65,10 @@ InitGdt ( // on each SMI entry. // GdtTssTableSize = (gcSmiGdtr.Limit + 1 + TSS_SIZE + 7) & ~7; // 8 bytes aligned - GdtTssTables = (UINT8*)AllocatePages (EFI_SIZE_TO_PAGES (GdtTssTableSize * gSmmCpuPrivate->SmmCoreEntryContext.NumberOfCpus)); + mGdtBufferSize = GdtTssTableSize * gSmmCpuPrivate->SmmCoreEntryContext.NumberOfCpus; + GdtTssTables = (UINT8*)AllocateCodePages (EFI_SIZE_TO_PAGES (mGdtBufferSize)); ASSERT (GdtTssTables != NULL); + mGdtBuffer = (UINTN)GdtTssTables; GdtTableStepSize = GdtTssTableSize; for (Index = 0; Index < gSmmCpuPrivate->SmmCoreEntryContext.NumberOfCpus; Index++) { @@ -69,24 +95,106 @@ InitGdt ( return GdtTssTables; } +/** + This function sets GDT/IDT buffer to be RO and XP. +**/ +VOID +PatchGdtIdtMap ( + VOID + ) +{ + EFI_PHYSICAL_ADDRESS BaseAddress; + UINTN Size; + + // + // GDT + // + DEBUG ((DEBUG_INFO, "PatchGdtIdtMap - GDT:\n")); + + BaseAddress = mGdtBuffer; + Size = ALIGN_VALUE(mGdtBufferSize, SIZE_4KB); + SmmSetMemoryAttributes ( + BaseAddress, + Size, + EFI_MEMORY_RO + ); + SmmSetMemoryAttributes ( + BaseAddress, + Size, + EFI_MEMORY_XP + ); + + // + // IDT + // + DEBUG ((DEBUG_INFO, "PatchGdtIdtMap - IDT:\n")); + + BaseAddress = gcSmiIdtr.Base; + Size = ALIGN_VALUE(gcSmiIdtr.Limit + 1, SIZE_4KB); + SmmSetMemoryAttributes ( + BaseAddress, + Size, + EFI_MEMORY_RO + ); + SmmSetMemoryAttributes ( + BaseAddress, + Size, + EFI_MEMORY_XP + ); +} + +/** + Get Protected mode code segment from current GDT table. + + @return Protected mode code segment value. +**/ +UINT16 +GetProtectedModeCS ( + VOID + ) +{ + IA32_DESCRIPTOR GdtrDesc; + IA32_SEGMENT_DESCRIPTOR *GdtEntry; + UINTN GdtEntryCount; + UINT16 Index; + + Index = (UINT16) -1; + AsmReadGdtr (&GdtrDesc); + GdtEntryCount = (GdtrDesc.Limit + 1) / sizeof (IA32_SEGMENT_DESCRIPTOR); + GdtEntry = (IA32_SEGMENT_DESCRIPTOR *) GdtrDesc.Base; + for (Index = 0; Index < GdtEntryCount; Index++) { + if (GdtEntry->Bits.L == 0) { + if (GdtEntry->Bits.Type > 8 && GdtEntry->Bits.L == 0) { + break; + } + } + GdtEntry++; + } + ASSERT (Index != -1); + return Index * 8; +} + /** Transfer AP to safe hlt-loop after it finished restore CPU features on S3 patch. - @param[in] ApHltLoopCode The 32-bit address of the safe hlt-loop function. - @param[in] TopOfStack A pointer to the new stack to use for the ApHltLoopCode. + @param[in] ApHltLoopCode The address of the safe hlt-loop function. + @param[in] TopOfStack A pointer to the new stack to use for the ApHltLoopCode. + @param[in] NumberToFinishAddress Address of Semaphore of APs finish count. **/ VOID TransferApToSafeState ( - IN UINT32 ApHltLoopCode, - IN UINT32 TopOfStack + IN UINTN ApHltLoopCode, + IN UINTN TopOfStack, + IN UINTN NumberToFinishAddress ) { - SwitchStack ( - (SWITCH_STACK_ENTRY_POINT) (UINTN) ApHltLoopCode, - NULL, - NULL, - (VOID *) (UINTN) TopOfStack + AsmDisablePaging64 ( + GetProtectedModeCS (), + (UINT32)ApHltLoopCode, + (UINT32)NumberToFinishAddress, + 0, + (UINT32)TopOfStack ); // // It should never reach here @@ -94,4 +202,3 @@ TransferApToSafeState ( ASSERT (FALSE); } -