]>
Commit | Line | Data |
---|---|---|
fe5f1949 JY |
1 | /** @file\r |
2 | SMM CPU misc functions for Ia32 arch specific.\r | |
7367cc6c | 3 | \r |
3eb69b08 | 4 | Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>\r |
fe5f1949 JY |
5 | This program and the accompanying materials\r |
6 | are licensed and made available under the terms and conditions of the BSD License\r | |
7 | which accompanies this distribution. The full text of the license may be found at\r | |
8 | http://opensource.org/licenses/bsd-license.php\r | |
9 | \r | |
10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
12 | \r | |
13 | **/\r | |
14 | \r | |
15 | #include "PiSmmCpuDxeSmm.h"\r | |
16 | \r | |
717fb604 JY |
17 | extern UINT64 gTaskGateDescriptor;\r |
18 | \r | |
19 | EFI_PHYSICAL_ADDRESS mGdtBuffer;\r | |
20 | UINTN mGdtBufferSize;\r | |
21 | \r | |
3eb69b08 JY |
22 | extern BOOLEAN mCetSupported;\r |
23 | extern UINTN mSmmShadowStackSize;\r | |
24 | \r | |
25 | X86_ASSEMBLY_PATCH_LABEL mPatchCetPl0Ssp;\r | |
26 | X86_ASSEMBLY_PATCH_LABEL mPatchCetInterruptSsp;\r | |
27 | UINT32 mCetPl0Ssp;\r | |
28 | UINT32 mCetInterruptSsp;\r | |
29 | \r | |
717fb604 JY |
30 | /**\r |
31 | Initialize IDT for SMM Stack Guard.\r | |
32 | \r | |
33 | **/\r | |
34 | VOID\r | |
35 | EFIAPI\r | |
36 | InitializeIDTSmmStackGuard (\r | |
37 | VOID\r | |
38 | )\r | |
39 | {\r | |
40 | IA32_IDT_GATE_DESCRIPTOR *IdtGate;\r | |
41 | \r | |
42 | //\r | |
43 | // If SMM Stack Guard feature is enabled, the Page Fault Exception entry in IDT\r | |
44 | // is a Task Gate Descriptor so that when a Page Fault Exception occurs,\r | |
45 | // the processors can use a known good stack in case stack is ran out.\r | |
46 | //\r | |
47 | IdtGate = (IA32_IDT_GATE_DESCRIPTOR *)gcSmiIdtr.Base;\r | |
48 | IdtGate += EXCEPT_IA32_PAGE_FAULT;\r | |
49 | IdtGate->Uint64 = gTaskGateDescriptor;\r | |
50 | }\r | |
51 | \r | |
fe5f1949 JY |
52 | /**\r |
53 | Initialize Gdt for all processors.\r | |
7367cc6c | 54 | \r |
fe5f1949 JY |
55 | @param[in] Cr3 CR3 value.\r |
56 | @param[out] GdtStepSize The step size for GDT table.\r | |
57 | \r | |
58 | @return GdtBase for processor 0.\r | |
59 | GdtBase for processor X is: GdtBase + (GdtStepSize * X)\r | |
60 | **/\r | |
61 | VOID *\r | |
62 | InitGdt (\r | |
63 | IN UINTN Cr3,\r | |
64 | OUT UINTN *GdtStepSize\r | |
65 | )\r | |
66 | {\r | |
67 | UINTN Index;\r | |
68 | IA32_SEGMENT_DESCRIPTOR *GdtDescriptor;\r | |
69 | UINTN TssBase;\r | |
70 | UINTN GdtTssTableSize;\r | |
71 | UINT8 *GdtTssTables;\r | |
72 | UINTN GdtTableStepSize;\r | |
3eb69b08 | 73 | UINTN InterruptShadowStack;\r |
fe5f1949 JY |
74 | \r |
75 | if (FeaturePcdGet (PcdCpuSmmStackGuard)) {\r | |
76 | //\r | |
77 | // For IA32 SMM, if SMM Stack Guard feature is enabled, we use 2 TSS.\r | |
78 | // in this case, we allocate separate GDT/TSS for each CPUs to avoid TSS load contention\r | |
79 | // on each SMI entry.\r | |
80 | //\r | |
81 | \r | |
82 | //\r | |
83 | // Enlarge GDT to contain 2 TSS descriptors\r | |
84 | //\r | |
85 | gcSmiGdtr.Limit += (UINT16)(2 * sizeof (IA32_SEGMENT_DESCRIPTOR));\r | |
86 | \r | |
3eb69b08 | 87 | GdtTssTableSize = (gcSmiGdtr.Limit + 1 + TSS_SIZE + EXCEPTION_TSS_SIZE + 7) & ~7; // 8 bytes aligned\r |
717fb604 | 88 | mGdtBufferSize = GdtTssTableSize * gSmmCpuPrivate->SmmCoreEntryContext.NumberOfCpus;\r |
6e601a41 SZ |
89 | //\r |
90 | // IA32 Stack Guard need use task switch to switch stack that need\r | |
91 | // write GDT and TSS, so AllocateCodePages() could not be used here\r | |
7367cc6c | 92 | // as code pages will be set to RO.\r |
6e601a41 SZ |
93 | //\r |
94 | GdtTssTables = (UINT8*)AllocatePages (EFI_SIZE_TO_PAGES (mGdtBufferSize));\r | |
fe5f1949 | 95 | ASSERT (GdtTssTables != NULL);\r |
717fb604 | 96 | mGdtBuffer = (UINTN)GdtTssTables;\r |
fe5f1949 JY |
97 | GdtTableStepSize = GdtTssTableSize;\r |
98 | \r | |
99 | for (Index = 0; Index < gSmmCpuPrivate->SmmCoreEntryContext.NumberOfCpus; Index++) {\r | |
3eb69b08 | 100 | CopyMem (GdtTssTables + GdtTableStepSize * Index, (VOID*)(UINTN)gcSmiGdtr.Base, gcSmiGdtr.Limit + 1 + TSS_SIZE + EXCEPTION_TSS_SIZE);\r |
fe5f1949 JY |
101 | //\r |
102 | // Fixup TSS descriptors\r | |
103 | //\r | |
104 | TssBase = (UINTN)(GdtTssTables + GdtTableStepSize * Index + gcSmiGdtr.Limit + 1);\r | |
105 | GdtDescriptor = (IA32_SEGMENT_DESCRIPTOR *)(TssBase) - 2;\r | |
106 | GdtDescriptor->Bits.BaseLow = (UINT16)TssBase;\r | |
107 | GdtDescriptor->Bits.BaseMid = (UINT8)(TssBase >> 16);\r | |
108 | GdtDescriptor->Bits.BaseHigh = (UINT8)(TssBase >> 24);\r | |
109 | \r | |
110 | TssBase += TSS_SIZE;\r | |
111 | GdtDescriptor++;\r | |
112 | GdtDescriptor->Bits.BaseLow = (UINT16)TssBase;\r | |
113 | GdtDescriptor->Bits.BaseMid = (UINT8)(TssBase >> 16);\r | |
114 | GdtDescriptor->Bits.BaseHigh = (UINT8)(TssBase >> 24);\r | |
115 | //\r | |
116 | // Fixup TSS segments\r | |
117 | //\r | |
118 | // ESP as known good stack\r | |
119 | //\r | |
120 | *(UINTN *)(TssBase + TSS_IA32_ESP_OFFSET) = mSmmStackArrayBase + EFI_PAGE_SIZE + Index * mSmmStackSize;\r | |
121 | *(UINT32 *)(TssBase + TSS_IA32_CR3_OFFSET) = Cr3;\r | |
3eb69b08 JY |
122 | \r |
123 | //\r | |
124 | // Setup ShadowStack for stack switch\r | |
125 | //\r | |
126 | if ((PcdGet32 (PcdControlFlowEnforcementPropertyMask) != 0) && mCetSupported) {\r | |
127 | InterruptShadowStack = (UINTN)(mSmmStackArrayBase + mSmmStackSize + EFI_PAGES_TO_SIZE (1) - sizeof(UINT64) + (mSmmStackSize + mSmmShadowStackSize) * Index);\r | |
128 | *(UINT32 *)(TssBase + TSS_IA32_SSP_OFFSET) = (UINT32)InterruptShadowStack;\r | |
129 | }\r | |
fe5f1949 JY |
130 | }\r |
131 | } else {\r | |
132 | //\r | |
133 | // Just use original table, AllocatePage and copy them here to make sure GDTs are covered in page memory.\r | |
134 | //\r | |
135 | GdtTssTableSize = gcSmiGdtr.Limit + 1;\r | |
717fb604 JY |
136 | mGdtBufferSize = GdtTssTableSize * gSmmCpuPrivate->SmmCoreEntryContext.NumberOfCpus;\r |
137 | GdtTssTables = (UINT8*)AllocateCodePages (EFI_SIZE_TO_PAGES (mGdtBufferSize));\r | |
fe5f1949 | 138 | ASSERT (GdtTssTables != NULL);\r |
717fb604 | 139 | mGdtBuffer = (UINTN)GdtTssTables;\r |
fe5f1949 JY |
140 | GdtTableStepSize = GdtTssTableSize;\r |
141 | \r | |
142 | for (Index = 0; Index < gSmmCpuPrivate->SmmCoreEntryContext.NumberOfCpus; Index++) {\r | |
143 | CopyMem (GdtTssTables + GdtTableStepSize * Index, (VOID*)(UINTN)gcSmiGdtr.Base, gcSmiGdtr.Limit + 1);\r | |
144 | }\r | |
145 | }\r | |
146 | \r | |
147 | *GdtStepSize = GdtTableStepSize;\r | |
148 | return GdtTssTables;\r | |
149 | }\r | |
4a0f88dd JF |
150 | \r |
151 | /**\r | |
152 | Transfer AP to safe hlt-loop after it finished restore CPU features on S3 patch.\r | |
153 | \r | |
672b80c8 MK |
154 | @param[in] ApHltLoopCode The address of the safe hlt-loop function.\r |
155 | @param[in] TopOfStack A pointer to the new stack to use for the ApHltLoopCode.\r | |
156 | @param[in] NumberToFinishAddress Address of Semaphore of APs finish count.\r | |
4a0f88dd JF |
157 | \r |
158 | **/\r | |
159 | VOID\r | |
160 | TransferApToSafeState (\r | |
672b80c8 MK |
161 | IN UINTN ApHltLoopCode,\r |
162 | IN UINTN TopOfStack,\r | |
163 | IN UINTN NumberToFinishAddress\r | |
4a0f88dd JF |
164 | )\r |
165 | {\r | |
166 | SwitchStack (\r | |
672b80c8 MK |
167 | (SWITCH_STACK_ENTRY_POINT)ApHltLoopCode,\r |
168 | (VOID *)NumberToFinishAddress,\r | |
4a0f88dd | 169 | NULL,\r |
672b80c8 | 170 | (VOID *)TopOfStack\r |
4a0f88dd JF |
171 | );\r |
172 | //\r | |
173 | // It should never reach here\r | |
174 | //\r | |
175 | ASSERT (FALSE);\r | |
176 | }\r | |
3eb69b08 JY |
177 | \r |
178 | /**\r | |
179 | Initialize the shadow stack related data structure.\r | |
180 | \r | |
181 | @param CpuIndex The index of CPU.\r | |
182 | @param ShadowStack The bottom of the shadow stack for this CPU.\r | |
183 | **/\r | |
184 | VOID\r | |
185 | InitShadowStack (\r | |
186 | IN UINTN CpuIndex,\r | |
187 | IN VOID *ShadowStack\r | |
188 | )\r | |
189 | {\r | |
190 | UINTN SmmShadowStackSize;\r | |
191 | \r | |
192 | if ((PcdGet32 (PcdControlFlowEnforcementPropertyMask) != 0) && mCetSupported) {\r | |
193 | SmmShadowStackSize = EFI_PAGES_TO_SIZE (EFI_SIZE_TO_PAGES (PcdGet32 (PcdCpuSmmShadowStackSize)));\r | |
194 | if (FeaturePcdGet (PcdCpuSmmStackGuard)) {\r | |
195 | SmmShadowStackSize += EFI_PAGES_TO_SIZE (2);\r | |
196 | }\r | |
197 | mCetPl0Ssp = (UINT32)((UINTN)ShadowStack + SmmShadowStackSize - sizeof(UINT64));\r | |
198 | PatchInstructionX86 (mPatchCetPl0Ssp, mCetPl0Ssp, 4);\r | |
199 | DEBUG ((DEBUG_INFO, "mCetPl0Ssp - 0x%x\n", mCetPl0Ssp));\r | |
200 | DEBUG ((DEBUG_INFO, "ShadowStack - 0x%x\n", ShadowStack));\r | |
201 | DEBUG ((DEBUG_INFO, " SmmShadowStackSize - 0x%x\n", SmmShadowStackSize));\r | |
202 | \r | |
203 | if (FeaturePcdGet (PcdCpuSmmStackGuard)) {\r | |
204 | mCetInterruptSsp = (UINT32)((UINTN)ShadowStack + EFI_PAGES_TO_SIZE(1) - sizeof(UINT64));\r | |
205 | PatchInstructionX86 (mPatchCetInterruptSsp, mCetInterruptSsp, 4);\r | |
206 | DEBUG ((DEBUG_INFO, "mCetInterruptSsp - 0x%x\n", mCetInterruptSsp));\r | |
207 | }\r | |
208 | }\r | |
209 | }\r | |
210 | \r |