]>
Commit | Line | Data |
---|---|---|
1 | /** @file\r | |
2 | Page Fault (#PF) handler for X64 processors\r | |
3 | \r | |
4 | Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>\r | |
5 | Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>\r | |
6 | \r | |
7 | SPDX-License-Identifier: BSD-2-Clause-Patent\r | |
8 | \r | |
9 | **/\r | |
10 | \r | |
11 | #include "PiSmmCpuDxeSmm.h"\r | |
12 | \r | |
13 | #define PAGE_TABLE_PAGES 8\r | |
14 | #define ACC_MAX_BIT BIT3\r | |
15 | \r | |
16 | extern UINTN mSmmShadowStackSize;\r | |
17 | \r | |
18 | LIST_ENTRY mPagePool = INITIALIZE_LIST_HEAD_VARIABLE (mPagePool);\r | |
19 | BOOLEAN m1GPageTableSupport = FALSE;\r | |
20 | BOOLEAN mCpuSmmRestrictedMemoryAccess;\r | |
21 | BOOLEAN m5LevelPagingNeeded;\r | |
22 | X86_ASSEMBLY_PATCH_LABEL gPatch5LevelPagingNeeded;\r | |
23 | \r | |
24 | /**\r | |
25 | Disable CET.\r | |
26 | **/\r | |
27 | VOID\r | |
28 | EFIAPI\r | |
29 | DisableCet (\r | |
30 | VOID\r | |
31 | );\r | |
32 | \r | |
33 | /**\r | |
34 | Enable CET.\r | |
35 | **/\r | |
36 | VOID\r | |
37 | EFIAPI\r | |
38 | EnableCet (\r | |
39 | VOID\r | |
40 | );\r | |
41 | \r | |
42 | /**\r | |
43 | Check if 1-GByte pages is supported by processor or not.\r | |
44 | \r | |
45 | @retval TRUE 1-GByte pages is supported.\r | |
46 | @retval FALSE 1-GByte pages is not supported.\r | |
47 | \r | |
48 | **/\r | |
49 | BOOLEAN\r | |
50 | Is1GPageSupport (\r | |
51 | VOID\r | |
52 | )\r | |
53 | {\r | |
54 | UINT32 RegEax;\r | |
55 | UINT32 RegEdx;\r | |
56 | \r | |
57 | AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);\r | |
58 | if (RegEax >= 0x80000001) {\r | |
59 | AsmCpuid (0x80000001, NULL, NULL, NULL, &RegEdx);\r | |
60 | if ((RegEdx & BIT26) != 0) {\r | |
61 | return TRUE;\r | |
62 | }\r | |
63 | }\r | |
64 | return FALSE;\r | |
65 | }\r | |
66 | \r | |
67 | /**\r | |
68 | The routine returns TRUE when CPU supports it (CPUID[7,0].ECX.BIT[16] is set) and\r | |
69 | the max physical address bits is bigger than 48. Because 4-level paging can support\r | |
70 | to address physical address up to 2^48 - 1, there is no need to enable 5-level paging\r | |
71 | with max physical address bits <= 48.\r | |
72 | \r | |
73 | @retval TRUE 5-level paging enabling is needed.\r | |
74 | @retval FALSE 5-level paging enabling is not needed.\r | |
75 | **/\r | |
76 | BOOLEAN\r | |
77 | Is5LevelPagingNeeded (\r | |
78 | VOID\r | |
79 | )\r | |
80 | {\r | |
81 | CPUID_VIR_PHY_ADDRESS_SIZE_EAX VirPhyAddressSize;\r | |
82 | CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS_ECX ExtFeatureEcx;\r | |
83 | UINT32 MaxExtendedFunctionId;\r | |
84 | \r | |
85 | AsmCpuid (CPUID_EXTENDED_FUNCTION, &MaxExtendedFunctionId, NULL, NULL, NULL);\r | |
86 | if (MaxExtendedFunctionId >= CPUID_VIR_PHY_ADDRESS_SIZE) {\r | |
87 | AsmCpuid (CPUID_VIR_PHY_ADDRESS_SIZE, &VirPhyAddressSize.Uint32, NULL, NULL, NULL);\r | |
88 | } else {\r | |
89 | VirPhyAddressSize.Bits.PhysicalAddressBits = 36;\r | |
90 | }\r | |
91 | AsmCpuidEx (\r | |
92 | CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS,\r | |
93 | CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS_SUB_LEAF_INFO,\r | |
94 | NULL, NULL, &ExtFeatureEcx.Uint32, NULL\r | |
95 | );\r | |
96 | DEBUG ((\r | |
97 | DEBUG_INFO, "PhysicalAddressBits = %d, 5LPageTable = %d.\n",\r | |
98 | VirPhyAddressSize.Bits.PhysicalAddressBits, ExtFeatureEcx.Bits.FiveLevelPage\r | |
99 | ));\r | |
100 | \r | |
101 | if (VirPhyAddressSize.Bits.PhysicalAddressBits > 4 * 9 + 12) {\r | |
102 | ASSERT (ExtFeatureEcx.Bits.FiveLevelPage == 1);\r | |
103 | return TRUE;\r | |
104 | } else {\r | |
105 | return FALSE;\r | |
106 | }\r | |
107 | }\r | |
108 | \r | |
109 | /**\r | |
110 | Get page table base address and the depth of the page table.\r | |
111 | \r | |
112 | @param[out] Base Page table base address.\r | |
113 | @param[out] FiveLevels TRUE means 5 level paging. FALSE means 4 level paging.\r | |
114 | **/\r | |
115 | VOID\r | |
116 | GetPageTable (\r | |
117 | OUT UINTN *Base,\r | |
118 | OUT BOOLEAN *FiveLevels OPTIONAL\r | |
119 | )\r | |
120 | {\r | |
121 | IA32_CR4 Cr4;\r | |
122 | \r | |
123 | if (mInternalCr3 == 0) {\r | |
124 | *Base = AsmReadCr3 () & PAGING_4K_ADDRESS_MASK_64;\r | |
125 | if (FiveLevels != NULL) {\r | |
126 | Cr4.UintN = AsmReadCr4 ();\r | |
127 | *FiveLevels = (BOOLEAN)(Cr4.Bits.LA57 == 1);\r | |
128 | }\r | |
129 | return;\r | |
130 | }\r | |
131 | \r | |
132 | *Base = mInternalCr3;\r | |
133 | if (FiveLevels != NULL) {\r | |
134 | *FiveLevels = m5LevelPagingNeeded;\r | |
135 | }\r | |
136 | }\r | |
137 | \r | |
138 | /**\r | |
139 | Set sub-entries number in entry.\r | |
140 | \r | |
141 | @param[in, out] Entry Pointer to entry\r | |
142 | @param[in] SubEntryNum Sub-entries number based on 0:\r | |
143 | 0 means there is 1 sub-entry under this entry\r | |
144 | 0x1ff means there is 512 sub-entries under this entry\r | |
145 | \r | |
146 | **/\r | |
147 | VOID\r | |
148 | SetSubEntriesNum (\r | |
149 | IN OUT UINT64 *Entry,\r | |
150 | IN UINT64 SubEntryNum\r | |
151 | )\r | |
152 | {\r | |
153 | //\r | |
154 | // Sub-entries number is saved in BIT52 to BIT60 (reserved field) in Entry\r | |
155 | //\r | |
156 | *Entry = BitFieldWrite64 (*Entry, 52, 60, SubEntryNum);\r | |
157 | }\r | |
158 | \r | |
159 | /**\r | |
160 | Return sub-entries number in entry.\r | |
161 | \r | |
162 | @param[in] Entry Pointer to entry\r | |
163 | \r | |
164 | @return Sub-entries number based on 0:\r | |
165 | 0 means there is 1 sub-entry under this entry\r | |
166 | 0x1ff means there is 512 sub-entries under this entry\r | |
167 | **/\r | |
168 | UINT64\r | |
169 | GetSubEntriesNum (\r | |
170 | IN UINT64 *Entry\r | |
171 | )\r | |
172 | {\r | |
173 | //\r | |
174 | // Sub-entries number is saved in BIT52 to BIT60 (reserved field) in Entry\r | |
175 | //\r | |
176 | return BitFieldRead64 (*Entry, 52, 60);\r | |
177 | }\r | |
178 | \r | |
179 | /**\r | |
180 | Calculate the maximum support address.\r | |
181 | \r | |
182 | @return the maximum support address.\r | |
183 | **/\r | |
184 | UINT8\r | |
185 | CalculateMaximumSupportAddress (\r | |
186 | VOID\r | |
187 | )\r | |
188 | {\r | |
189 | UINT32 RegEax;\r | |
190 | UINT8 PhysicalAddressBits;\r | |
191 | VOID *Hob;\r | |
192 | \r | |
193 | //\r | |
194 | // Get physical address bits supported.\r | |
195 | //\r | |
196 | Hob = GetFirstHob (EFI_HOB_TYPE_CPU);\r | |
197 | if (Hob != NULL) {\r | |
198 | PhysicalAddressBits = ((EFI_HOB_CPU *) Hob)->SizeOfMemorySpace;\r | |
199 | } else {\r | |
200 | AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);\r | |
201 | if (RegEax >= 0x80000008) {\r | |
202 | AsmCpuid (0x80000008, &RegEax, NULL, NULL, NULL);\r | |
203 | PhysicalAddressBits = (UINT8) RegEax;\r | |
204 | } else {\r | |
205 | PhysicalAddressBits = 36;\r | |
206 | }\r | |
207 | }\r | |
208 | return PhysicalAddressBits;\r | |
209 | }\r | |
210 | \r | |
211 | /**\r | |
212 | Set static page table.\r | |
213 | \r | |
214 | @param[in] PageTable Address of page table.\r | |
215 | @param[in] PhysicalAddressBits The maximum physical address bits supported.\r | |
216 | **/\r | |
217 | VOID\r | |
218 | SetStaticPageTable (\r | |
219 | IN UINTN PageTable,\r | |
220 | IN UINT8 PhysicalAddressBits\r | |
221 | )\r | |
222 | {\r | |
223 | UINT64 PageAddress;\r | |
224 | UINTN NumberOfPml5EntriesNeeded;\r | |
225 | UINTN NumberOfPml4EntriesNeeded;\r | |
226 | UINTN NumberOfPdpEntriesNeeded;\r | |
227 | UINTN IndexOfPml5Entries;\r | |
228 | UINTN IndexOfPml4Entries;\r | |
229 | UINTN IndexOfPdpEntries;\r | |
230 | UINTN IndexOfPageDirectoryEntries;\r | |
231 | UINT64 *PageMapLevel5Entry;\r | |
232 | UINT64 *PageMapLevel4Entry;\r | |
233 | UINT64 *PageMap;\r | |
234 | UINT64 *PageDirectoryPointerEntry;\r | |
235 | UINT64 *PageDirectory1GEntry;\r | |
236 | UINT64 *PageDirectoryEntry;\r | |
237 | \r | |
238 | //\r | |
239 | // IA-32e paging translates 48-bit linear addresses to 52-bit physical addresses\r | |
240 | // when 5-Level Paging is disabled.\r | |
241 | //\r | |
242 | ASSERT (PhysicalAddressBits <= 52);\r | |
243 | if (!m5LevelPagingNeeded && PhysicalAddressBits > 48) {\r | |
244 | PhysicalAddressBits = 48;\r | |
245 | }\r | |
246 | \r | |
247 | NumberOfPml5EntriesNeeded = 1;\r | |
248 | if (PhysicalAddressBits > 48) {\r | |
249 | NumberOfPml5EntriesNeeded = (UINTN) LShiftU64 (1, PhysicalAddressBits - 48);\r | |
250 | PhysicalAddressBits = 48;\r | |
251 | }\r | |
252 | \r | |
253 | NumberOfPml4EntriesNeeded = 1;\r | |
254 | if (PhysicalAddressBits > 39) {\r | |
255 | NumberOfPml4EntriesNeeded = (UINTN) LShiftU64 (1, PhysicalAddressBits - 39);\r | |
256 | PhysicalAddressBits = 39;\r | |
257 | }\r | |
258 | \r | |
259 | NumberOfPdpEntriesNeeded = 1;\r | |
260 | ASSERT (PhysicalAddressBits > 30);\r | |
261 | NumberOfPdpEntriesNeeded = (UINTN) LShiftU64 (1, PhysicalAddressBits - 30);\r | |
262 | \r | |
263 | //\r | |
264 | // By architecture only one PageMapLevel4 exists - so lets allocate storage for it.\r | |
265 | //\r | |
266 | PageMap = (VOID *) PageTable;\r | |
267 | \r | |
268 | PageMapLevel4Entry = PageMap;\r | |
269 | PageMapLevel5Entry = NULL;\r | |
270 | if (m5LevelPagingNeeded) {\r | |
271 | //\r | |
272 | // By architecture only one PageMapLevel5 exists - so lets allocate storage for it.\r | |
273 | //\r | |
274 | PageMapLevel5Entry = PageMap;\r | |
275 | }\r | |
276 | PageAddress = 0;\r | |
277 | \r | |
278 | for ( IndexOfPml5Entries = 0\r | |
279 | ; IndexOfPml5Entries < NumberOfPml5EntriesNeeded\r | |
280 | ; IndexOfPml5Entries++, PageMapLevel5Entry++) {\r | |
281 | //\r | |
282 | // Each PML5 entry points to a page of PML4 entires.\r | |
283 | // So lets allocate space for them and fill them in in the IndexOfPml4Entries loop.\r | |
284 | // When 5-Level Paging is disabled, below allocation happens only once.\r | |
285 | //\r | |
286 | if (m5LevelPagingNeeded) {\r | |
287 | PageMapLevel4Entry = (UINT64 *) ((*PageMapLevel5Entry) & ~mAddressEncMask & gPhyMask);\r | |
288 | if (PageMapLevel4Entry == NULL) {\r | |
289 | PageMapLevel4Entry = AllocatePageTableMemory (1);\r | |
290 | ASSERT(PageMapLevel4Entry != NULL);\r | |
291 | ZeroMem (PageMapLevel4Entry, EFI_PAGES_TO_SIZE(1));\r | |
292 | \r | |
293 | *PageMapLevel5Entry = (UINT64)(UINTN)PageMapLevel4Entry | mAddressEncMask | PAGE_ATTRIBUTE_BITS;\r | |
294 | }\r | |
295 | }\r | |
296 | \r | |
297 | for (IndexOfPml4Entries = 0; IndexOfPml4Entries < (NumberOfPml5EntriesNeeded == 1 ? NumberOfPml4EntriesNeeded : 512); IndexOfPml4Entries++, PageMapLevel4Entry++) {\r | |
298 | //\r | |
299 | // Each PML4 entry points to a page of Page Directory Pointer entries.\r | |
300 | //\r | |
301 | PageDirectoryPointerEntry = (UINT64 *) ((*PageMapLevel4Entry) & ~mAddressEncMask & gPhyMask);\r | |
302 | if (PageDirectoryPointerEntry == NULL) {\r | |
303 | PageDirectoryPointerEntry = AllocatePageTableMemory (1);\r | |
304 | ASSERT(PageDirectoryPointerEntry != NULL);\r | |
305 | ZeroMem (PageDirectoryPointerEntry, EFI_PAGES_TO_SIZE(1));\r | |
306 | \r | |
307 | *PageMapLevel4Entry = (UINT64)(UINTN)PageDirectoryPointerEntry | mAddressEncMask | PAGE_ATTRIBUTE_BITS;\r | |
308 | }\r | |
309 | \r | |
310 | if (m1GPageTableSupport) {\r | |
311 | PageDirectory1GEntry = PageDirectoryPointerEntry;\r | |
312 | for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectory1GEntry++, PageAddress += SIZE_1GB) {\r | |
313 | if (IndexOfPml4Entries == 0 && IndexOfPageDirectoryEntries < 4) {\r | |
314 | //\r | |
315 | // Skip the < 4G entries\r | |
316 | //\r | |
317 | continue;\r | |
318 | }\r | |
319 | //\r | |
320 | // Fill in the Page Directory entries\r | |
321 | //\r | |
322 | *PageDirectory1GEntry = PageAddress | mAddressEncMask | IA32_PG_PS | PAGE_ATTRIBUTE_BITS;\r | |
323 | }\r | |
324 | } else {\r | |
325 | PageAddress = BASE_4GB;\r | |
326 | for (IndexOfPdpEntries = 0; IndexOfPdpEntries < (NumberOfPml4EntriesNeeded == 1 ? NumberOfPdpEntriesNeeded : 512); IndexOfPdpEntries++, PageDirectoryPointerEntry++) {\r | |
327 | if (IndexOfPml4Entries == 0 && IndexOfPdpEntries < 4) {\r | |
328 | //\r | |
329 | // Skip the < 4G entries\r | |
330 | //\r | |
331 | continue;\r | |
332 | }\r | |
333 | //\r | |
334 | // Each Directory Pointer entries points to a page of Page Directory entires.\r | |
335 | // So allocate space for them and fill them in in the IndexOfPageDirectoryEntries loop.\r | |
336 | //\r | |
337 | PageDirectoryEntry = (UINT64 *) ((*PageDirectoryPointerEntry) & ~mAddressEncMask & gPhyMask);\r | |
338 | if (PageDirectoryEntry == NULL) {\r | |
339 | PageDirectoryEntry = AllocatePageTableMemory (1);\r | |
340 | ASSERT(PageDirectoryEntry != NULL);\r | |
341 | ZeroMem (PageDirectoryEntry, EFI_PAGES_TO_SIZE(1));\r | |
342 | \r | |
343 | //\r | |
344 | // Fill in a Page Directory Pointer Entries\r | |
345 | //\r | |
346 | *PageDirectoryPointerEntry = (UINT64)(UINTN)PageDirectoryEntry | mAddressEncMask | PAGE_ATTRIBUTE_BITS;\r | |
347 | }\r | |
348 | \r | |
349 | for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PageAddress += SIZE_2MB) {\r | |
350 | //\r | |
351 | // Fill in the Page Directory entries\r | |
352 | //\r | |
353 | *PageDirectoryEntry = PageAddress | mAddressEncMask | IA32_PG_PS | PAGE_ATTRIBUTE_BITS;\r | |
354 | }\r | |
355 | }\r | |
356 | }\r | |
357 | }\r | |
358 | }\r | |
359 | }\r | |
360 | \r | |
361 | /**\r | |
362 | Create PageTable for SMM use.\r | |
363 | \r | |
364 | @return The address of PML4 (to set CR3).\r | |
365 | \r | |
366 | **/\r | |
367 | UINT32\r | |
368 | SmmInitPageTable (\r | |
369 | VOID\r | |
370 | )\r | |
371 | {\r | |
372 | EFI_PHYSICAL_ADDRESS Pages;\r | |
373 | UINT64 *PTEntry;\r | |
374 | LIST_ENTRY *FreePage;\r | |
375 | UINTN Index;\r | |
376 | UINTN PageFaultHandlerHookAddress;\r | |
377 | IA32_IDT_GATE_DESCRIPTOR *IdtEntry;\r | |
378 | EFI_STATUS Status;\r | |
379 | UINT64 *Pml4Entry;\r | |
380 | UINT64 *Pml5Entry;\r | |
381 | \r | |
382 | //\r | |
383 | // Initialize spin lock\r | |
384 | //\r | |
385 | InitializeSpinLock (mPFLock);\r | |
386 | \r | |
387 | mCpuSmmRestrictedMemoryAccess = PcdGetBool (PcdCpuSmmRestrictedMemoryAccess);\r | |
388 | m1GPageTableSupport = Is1GPageSupport ();\r | |
389 | m5LevelPagingNeeded = Is5LevelPagingNeeded ();\r | |
390 | mPhysicalAddressBits = CalculateMaximumSupportAddress ();\r | |
391 | PatchInstructionX86 (gPatch5LevelPagingNeeded, m5LevelPagingNeeded, 1);\r | |
392 | DEBUG ((DEBUG_INFO, "5LevelPaging Needed - %d\n", m5LevelPagingNeeded));\r | |
393 | DEBUG ((DEBUG_INFO, "1GPageTable Support - %d\n", m1GPageTableSupport));\r | |
394 | DEBUG ((DEBUG_INFO, "PcdCpuSmmRestrictedMemoryAccess - %d\n", mCpuSmmRestrictedMemoryAccess));\r | |
395 | DEBUG ((DEBUG_INFO, "PhysicalAddressBits - %d\n", mPhysicalAddressBits));\r | |
396 | //\r | |
397 | // Generate PAE page table for the first 4GB memory space\r | |
398 | //\r | |
399 | Pages = Gen4GPageTable (FALSE);\r | |
400 | \r | |
401 | //\r | |
402 | // Set IA32_PG_PMNT bit to mask this entry\r | |
403 | //\r | |
404 | PTEntry = (UINT64*)(UINTN)Pages;\r | |
405 | for (Index = 0; Index < 4; Index++) {\r | |
406 | PTEntry[Index] |= IA32_PG_PMNT;\r | |
407 | }\r | |
408 | \r | |
409 | //\r | |
410 | // Fill Page-Table-Level4 (PML4) entry\r | |
411 | //\r | |
412 | Pml4Entry = (UINT64*)AllocatePageTableMemory (1);\r | |
413 | ASSERT (Pml4Entry != NULL);\r | |
414 | *Pml4Entry = Pages | mAddressEncMask | PAGE_ATTRIBUTE_BITS;\r | |
415 | ZeroMem (Pml4Entry + 1, EFI_PAGE_SIZE - sizeof (*Pml4Entry));\r | |
416 | \r | |
417 | //\r | |
418 | // Set sub-entries number\r | |
419 | //\r | |
420 | SetSubEntriesNum (Pml4Entry, 3);\r | |
421 | PTEntry = Pml4Entry;\r | |
422 | \r | |
423 | if (m5LevelPagingNeeded) {\r | |
424 | //\r | |
425 | // Fill PML5 entry\r | |
426 | //\r | |
427 | Pml5Entry = (UINT64*)AllocatePageTableMemory (1);\r | |
428 | ASSERT (Pml5Entry != NULL);\r | |
429 | *Pml5Entry = (UINTN) Pml4Entry | mAddressEncMask | PAGE_ATTRIBUTE_BITS;\r | |
430 | ZeroMem (Pml5Entry + 1, EFI_PAGE_SIZE - sizeof (*Pml5Entry));\r | |
431 | //\r | |
432 | // Set sub-entries number\r | |
433 | //\r | |
434 | SetSubEntriesNum (Pml5Entry, 1);\r | |
435 | PTEntry = Pml5Entry;\r | |
436 | }\r | |
437 | \r | |
438 | if (mCpuSmmRestrictedMemoryAccess) {\r | |
439 | //\r | |
440 | // When access to non-SMRAM memory is restricted, create page table\r | |
441 | // that covers all memory space.\r | |
442 | //\r | |
443 | SetStaticPageTable ((UINTN)PTEntry, mPhysicalAddressBits);\r | |
444 | } else {\r | |
445 | //\r | |
446 | // Add pages to page pool\r | |
447 | //\r | |
448 | FreePage = (LIST_ENTRY*)AllocatePageTableMemory (PAGE_TABLE_PAGES);\r | |
449 | ASSERT (FreePage != NULL);\r | |
450 | for (Index = 0; Index < PAGE_TABLE_PAGES; Index++) {\r | |
451 | InsertTailList (&mPagePool, FreePage);\r | |
452 | FreePage += EFI_PAGE_SIZE / sizeof (*FreePage);\r | |
453 | }\r | |
454 | }\r | |
455 | \r | |
456 | if (FeaturePcdGet (PcdCpuSmmProfileEnable) ||\r | |
457 | HEAP_GUARD_NONSTOP_MODE ||\r | |
458 | NULL_DETECTION_NONSTOP_MODE) {\r | |
459 | //\r | |
460 | // Set own Page Fault entry instead of the default one, because SMM Profile\r | |
461 | // feature depends on IRET instruction to do Single Step\r | |
462 | //\r | |
463 | PageFaultHandlerHookAddress = (UINTN)PageFaultIdtHandlerSmmProfile;\r | |
464 | IdtEntry = (IA32_IDT_GATE_DESCRIPTOR *) gcSmiIdtr.Base;\r | |
465 | IdtEntry += EXCEPT_IA32_PAGE_FAULT;\r | |
466 | IdtEntry->Bits.OffsetLow = (UINT16)PageFaultHandlerHookAddress;\r | |
467 | IdtEntry->Bits.Reserved_0 = 0;\r | |
468 | IdtEntry->Bits.GateType = IA32_IDT_GATE_TYPE_INTERRUPT_32;\r | |
469 | IdtEntry->Bits.OffsetHigh = (UINT16)(PageFaultHandlerHookAddress >> 16);\r | |
470 | IdtEntry->Bits.OffsetUpper = (UINT32)(PageFaultHandlerHookAddress >> 32);\r | |
471 | IdtEntry->Bits.Reserved_1 = 0;\r | |
472 | } else {\r | |
473 | //\r | |
474 | // Register Smm Page Fault Handler\r | |
475 | //\r | |
476 | Status = SmmRegisterExceptionHandler (&mSmmCpuService, EXCEPT_IA32_PAGE_FAULT, SmiPFHandler);\r | |
477 | ASSERT_EFI_ERROR (Status);\r | |
478 | }\r | |
479 | \r | |
480 | //\r | |
481 | // Additional SMM IDT initialization for SMM stack guard\r | |
482 | //\r | |
483 | if (FeaturePcdGet (PcdCpuSmmStackGuard)) {\r | |
484 | InitializeIDTSmmStackGuard ();\r | |
485 | }\r | |
486 | \r | |
487 | //\r | |
488 | // Return the address of PML4/PML5 (to set CR3)\r | |
489 | //\r | |
490 | return (UINT32)(UINTN)PTEntry;\r | |
491 | }\r | |
492 | \r | |
493 | /**\r | |
494 | Set access record in entry.\r | |
495 | \r | |
496 | @param[in, out] Entry Pointer to entry\r | |
497 | @param[in] Acc Access record value\r | |
498 | \r | |
499 | **/\r | |
500 | VOID\r | |
501 | SetAccNum (\r | |
502 | IN OUT UINT64 *Entry,\r | |
503 | IN UINT64 Acc\r | |
504 | )\r | |
505 | {\r | |
506 | //\r | |
507 | // Access record is saved in BIT9 to BIT11 (reserved field) in Entry\r | |
508 | //\r | |
509 | *Entry = BitFieldWrite64 (*Entry, 9, 11, Acc);\r | |
510 | }\r | |
511 | \r | |
512 | /**\r | |
513 | Return access record in entry.\r | |
514 | \r | |
515 | @param[in] Entry Pointer to entry\r | |
516 | \r | |
517 | @return Access record value.\r | |
518 | \r | |
519 | **/\r | |
520 | UINT64\r | |
521 | GetAccNum (\r | |
522 | IN UINT64 *Entry\r | |
523 | )\r | |
524 | {\r | |
525 | //\r | |
526 | // Access record is saved in BIT9 to BIT11 (reserved field) in Entry\r | |
527 | //\r | |
528 | return BitFieldRead64 (*Entry, 9, 11);\r | |
529 | }\r | |
530 | \r | |
531 | /**\r | |
532 | Return and update the access record in entry.\r | |
533 | \r | |
534 | @param[in, out] Entry Pointer to entry\r | |
535 | \r | |
536 | @return Access record value.\r | |
537 | \r | |
538 | **/\r | |
539 | UINT64\r | |
540 | GetAndUpdateAccNum (\r | |
541 | IN OUT UINT64 *Entry\r | |
542 | )\r | |
543 | {\r | |
544 | UINT64 Acc;\r | |
545 | \r | |
546 | Acc = GetAccNum (Entry);\r | |
547 | if ((*Entry & IA32_PG_A) != 0) {\r | |
548 | //\r | |
549 | // If this entry has been accessed, clear access flag in Entry and update access record\r | |
550 | // to the initial value 7, adding ACC_MAX_BIT is to make it larger than others\r | |
551 | //\r | |
552 | *Entry &= ~(UINT64)(UINTN)IA32_PG_A;\r | |
553 | SetAccNum (Entry, 0x7);\r | |
554 | return (0x7 + ACC_MAX_BIT);\r | |
555 | } else {\r | |
556 | if (Acc != 0) {\r | |
557 | //\r | |
558 | // If the access record is not the smallest value 0, minus 1 and update the access record field\r | |
559 | //\r | |
560 | SetAccNum (Entry, Acc - 1);\r | |
561 | }\r | |
562 | }\r | |
563 | return Acc;\r | |
564 | }\r | |
565 | \r | |
566 | /**\r | |
567 | Reclaim free pages for PageFault handler.\r | |
568 | \r | |
569 | Search the whole entries tree to find the leaf entry that has the smallest\r | |
570 | access record value. Insert the page pointed by this leaf entry into the\r | |
571 | page pool. And check its upper entries if need to be inserted into the page\r | |
572 | pool or not.\r | |
573 | \r | |
574 | **/\r | |
575 | VOID\r | |
576 | ReclaimPages (\r | |
577 | VOID\r | |
578 | )\r | |
579 | {\r | |
580 | UINT64 Pml5Entry;\r | |
581 | UINT64 *Pml5;\r | |
582 | UINT64 *Pml4;\r | |
583 | UINT64 *Pdpt;\r | |
584 | UINT64 *Pdt;\r | |
585 | UINTN Pml5Index;\r | |
586 | UINTN Pml4Index;\r | |
587 | UINTN PdptIndex;\r | |
588 | UINTN PdtIndex;\r | |
589 | UINTN MinPml5;\r | |
590 | UINTN MinPml4;\r | |
591 | UINTN MinPdpt;\r | |
592 | UINTN MinPdt;\r | |
593 | UINT64 MinAcc;\r | |
594 | UINT64 Acc;\r | |
595 | UINT64 SubEntriesNum;\r | |
596 | BOOLEAN PML4EIgnore;\r | |
597 | BOOLEAN PDPTEIgnore;\r | |
598 | UINT64 *ReleasePageAddress;\r | |
599 | IA32_CR4 Cr4;\r | |
600 | BOOLEAN Enable5LevelPaging;\r | |
601 | UINT64 PFAddress;\r | |
602 | UINT64 PFAddressPml5Index;\r | |
603 | UINT64 PFAddressPml4Index;\r | |
604 | UINT64 PFAddressPdptIndex;\r | |
605 | UINT64 PFAddressPdtIndex;\r | |
606 | \r | |
607 | Pml4 = NULL;\r | |
608 | Pdpt = NULL;\r | |
609 | Pdt = NULL;\r | |
610 | MinAcc = (UINT64)-1;\r | |
611 | MinPml4 = (UINTN)-1;\r | |
612 | MinPml5 = (UINTN)-1;\r | |
613 | MinPdpt = (UINTN)-1;\r | |
614 | MinPdt = (UINTN)-1;\r | |
615 | Acc = 0;\r | |
616 | ReleasePageAddress = 0;\r | |
617 | PFAddress = AsmReadCr2 ();\r | |
618 | PFAddressPml5Index = BitFieldRead64 (PFAddress, 48, 48 + 8);\r | |
619 | PFAddressPml4Index = BitFieldRead64 (PFAddress, 39, 39 + 8);\r | |
620 | PFAddressPdptIndex = BitFieldRead64 (PFAddress, 30, 30 + 8);\r | |
621 | PFAddressPdtIndex = BitFieldRead64 (PFAddress, 21, 21 + 8);\r | |
622 | \r | |
623 | Cr4.UintN = AsmReadCr4 ();\r | |
624 | Enable5LevelPaging = (BOOLEAN) (Cr4.Bits.LA57 == 1);\r | |
625 | Pml5 = (UINT64*)(UINTN)(AsmReadCr3 () & gPhyMask);\r | |
626 | \r | |
627 | if (!Enable5LevelPaging) {\r | |
628 | //\r | |
629 | // Create one fake PML5 entry for 4-Level Paging\r | |
630 | // so that the page table parsing logic only handles 5-Level page structure.\r | |
631 | //\r | |
632 | Pml5Entry = (UINTN) Pml5 | IA32_PG_P;\r | |
633 | Pml5 = &Pml5Entry;\r | |
634 | }\r | |
635 | \r | |
636 | //\r | |
637 | // First, find the leaf entry has the smallest access record value\r | |
638 | //\r | |
639 | for (Pml5Index = 0; Pml5Index < (Enable5LevelPaging ? (EFI_PAGE_SIZE / sizeof (*Pml4)) : 1); Pml5Index++) {\r | |
640 | if ((Pml5[Pml5Index] & IA32_PG_P) == 0 || (Pml5[Pml5Index] & IA32_PG_PMNT) != 0) {\r | |
641 | //\r | |
642 | // If the PML5 entry is not present or is masked, skip it\r | |
643 | //\r | |
644 | continue;\r | |
645 | }\r | |
646 | Pml4 = (UINT64*)(UINTN)(Pml5[Pml5Index] & gPhyMask);\r | |
647 | for (Pml4Index = 0; Pml4Index < EFI_PAGE_SIZE / sizeof (*Pml4); Pml4Index++) {\r | |
648 | if ((Pml4[Pml4Index] & IA32_PG_P) == 0 || (Pml4[Pml4Index] & IA32_PG_PMNT) != 0) {\r | |
649 | //\r | |
650 | // If the PML4 entry is not present or is masked, skip it\r | |
651 | //\r | |
652 | continue;\r | |
653 | }\r | |
654 | Pdpt = (UINT64*)(UINTN)(Pml4[Pml4Index] & ~mAddressEncMask & gPhyMask);\r | |
655 | PML4EIgnore = FALSE;\r | |
656 | for (PdptIndex = 0; PdptIndex < EFI_PAGE_SIZE / sizeof (*Pdpt); PdptIndex++) {\r | |
657 | if ((Pdpt[PdptIndex] & IA32_PG_P) == 0 || (Pdpt[PdptIndex] & IA32_PG_PMNT) != 0) {\r | |
658 | //\r | |
659 | // If the PDPT entry is not present or is masked, skip it\r | |
660 | //\r | |
661 | if ((Pdpt[PdptIndex] & IA32_PG_PMNT) != 0) {\r | |
662 | //\r | |
663 | // If the PDPT entry is masked, we will ignore checking the PML4 entry\r | |
664 | //\r | |
665 | PML4EIgnore = TRUE;\r | |
666 | }\r | |
667 | continue;\r | |
668 | }\r | |
669 | if ((Pdpt[PdptIndex] & IA32_PG_PS) == 0) {\r | |
670 | //\r | |
671 | // It's not 1-GByte pages entry, it should be a PDPT entry,\r | |
672 | // we will not check PML4 entry more\r | |
673 | //\r | |
674 | PML4EIgnore = TRUE;\r | |
675 | Pdt = (UINT64*)(UINTN)(Pdpt[PdptIndex] & ~mAddressEncMask & gPhyMask);\r | |
676 | PDPTEIgnore = FALSE;\r | |
677 | for (PdtIndex = 0; PdtIndex < EFI_PAGE_SIZE / sizeof(*Pdt); PdtIndex++) {\r | |
678 | if ((Pdt[PdtIndex] & IA32_PG_P) == 0 || (Pdt[PdtIndex] & IA32_PG_PMNT) != 0) {\r | |
679 | //\r | |
680 | // If the PD entry is not present or is masked, skip it\r | |
681 | //\r | |
682 | if ((Pdt[PdtIndex] & IA32_PG_PMNT) != 0) {\r | |
683 | //\r | |
684 | // If the PD entry is masked, we will not PDPT entry more\r | |
685 | //\r | |
686 | PDPTEIgnore = TRUE;\r | |
687 | }\r | |
688 | continue;\r | |
689 | }\r | |
690 | if ((Pdt[PdtIndex] & IA32_PG_PS) == 0) {\r | |
691 | //\r | |
692 | // It's not 2 MByte page table entry, it should be PD entry\r | |
693 | // we will find the entry has the smallest access record value\r | |
694 | //\r | |
695 | PDPTEIgnore = TRUE;\r | |
696 | if (PdtIndex != PFAddressPdtIndex || PdptIndex != PFAddressPdptIndex ||\r | |
697 | Pml4Index != PFAddressPml4Index || Pml5Index != PFAddressPml5Index) {\r | |
698 | Acc = GetAndUpdateAccNum (Pdt + PdtIndex);\r | |
699 | if (Acc < MinAcc) {\r | |
700 | //\r | |
701 | // If the PD entry has the smallest access record value,\r | |
702 | // save the Page address to be released\r | |
703 | //\r | |
704 | MinAcc = Acc;\r | |
705 | MinPml5 = Pml5Index;\r | |
706 | MinPml4 = Pml4Index;\r | |
707 | MinPdpt = PdptIndex;\r | |
708 | MinPdt = PdtIndex;\r | |
709 | ReleasePageAddress = Pdt + PdtIndex;\r | |
710 | }\r | |
711 | }\r | |
712 | }\r | |
713 | }\r | |
714 | if (!PDPTEIgnore) {\r | |
715 | //\r | |
716 | // If this PDPT entry has no PDT entries pointer to 4 KByte pages,\r | |
717 | // it should only has the entries point to 2 MByte Pages\r | |
718 | //\r | |
719 | if (PdptIndex != PFAddressPdptIndex || Pml4Index != PFAddressPml4Index ||\r | |
720 | Pml5Index != PFAddressPml5Index) {\r | |
721 | Acc = GetAndUpdateAccNum (Pdpt + PdptIndex);\r | |
722 | if (Acc < MinAcc) {\r | |
723 | //\r | |
724 | // If the PDPT entry has the smallest access record value,\r | |
725 | // save the Page address to be released\r | |
726 | //\r | |
727 | MinAcc = Acc;\r | |
728 | MinPml5 = Pml5Index;\r | |
729 | MinPml4 = Pml4Index;\r | |
730 | MinPdpt = PdptIndex;\r | |
731 | MinPdt = (UINTN)-1;\r | |
732 | ReleasePageAddress = Pdpt + PdptIndex;\r | |
733 | }\r | |
734 | }\r | |
735 | }\r | |
736 | }\r | |
737 | }\r | |
738 | if (!PML4EIgnore) {\r | |
739 | //\r | |
740 | // If PML4 entry has no the PDPT entry pointer to 2 MByte pages,\r | |
741 | // it should only has the entries point to 1 GByte Pages\r | |
742 | //\r | |
743 | if (Pml4Index != PFAddressPml4Index || Pml5Index != PFAddressPml5Index) {\r | |
744 | Acc = GetAndUpdateAccNum (Pml4 + Pml4Index);\r | |
745 | if (Acc < MinAcc) {\r | |
746 | //\r | |
747 | // If the PML4 entry has the smallest access record value,\r | |
748 | // save the Page address to be released\r | |
749 | //\r | |
750 | MinAcc = Acc;\r | |
751 | MinPml5 = Pml5Index;\r | |
752 | MinPml4 = Pml4Index;\r | |
753 | MinPdpt = (UINTN)-1;\r | |
754 | MinPdt = (UINTN)-1;\r | |
755 | ReleasePageAddress = Pml4 + Pml4Index;\r | |
756 | }\r | |
757 | }\r | |
758 | }\r | |
759 | }\r | |
760 | }\r | |
761 | //\r | |
762 | // Make sure one PML4/PDPT/PD entry is selected\r | |
763 | //\r | |
764 | ASSERT (MinAcc != (UINT64)-1);\r | |
765 | \r | |
766 | //\r | |
767 | // Secondly, insert the page pointed by this entry into page pool and clear this entry\r | |
768 | //\r | |
769 | InsertTailList (&mPagePool, (LIST_ENTRY*)(UINTN)(*ReleasePageAddress & ~mAddressEncMask & gPhyMask));\r | |
770 | *ReleasePageAddress = 0;\r | |
771 | \r | |
772 | //\r | |
773 | // Lastly, check this entry's upper entries if need to be inserted into page pool\r | |
774 | // or not\r | |
775 | //\r | |
776 | while (TRUE) {\r | |
777 | if (MinPdt != (UINTN)-1) {\r | |
778 | //\r | |
779 | // If 4 KByte Page Table is released, check the PDPT entry\r | |
780 | //\r | |
781 | Pml4 = (UINT64 *) (UINTN) (Pml5[MinPml5] & gPhyMask);\r | |
782 | Pdpt = (UINT64*)(UINTN)(Pml4[MinPml4] & ~mAddressEncMask & gPhyMask);\r | |
783 | SubEntriesNum = GetSubEntriesNum(Pdpt + MinPdpt);\r | |
784 | if (SubEntriesNum == 0 &&\r | |
785 | (MinPdpt != PFAddressPdptIndex || MinPml4 != PFAddressPml4Index || MinPml5 != PFAddressPml5Index)) {\r | |
786 | //\r | |
787 | // Release the empty Page Directory table if there was no more 4 KByte Page Table entry\r | |
788 | // clear the Page directory entry\r | |
789 | //\r | |
790 | InsertTailList (&mPagePool, (LIST_ENTRY*)(UINTN)(Pdpt[MinPdpt] & ~mAddressEncMask & gPhyMask));\r | |
791 | Pdpt[MinPdpt] = 0;\r | |
792 | //\r | |
793 | // Go on checking the PML4 table\r | |
794 | //\r | |
795 | MinPdt = (UINTN)-1;\r | |
796 | continue;\r | |
797 | }\r | |
798 | //\r | |
799 | // Update the sub-entries filed in PDPT entry and exit\r | |
800 | //\r | |
801 | SetSubEntriesNum (Pdpt + MinPdpt, (SubEntriesNum - 1) & 0x1FF);\r | |
802 | break;\r | |
803 | }\r | |
804 | if (MinPdpt != (UINTN)-1) {\r | |
805 | //\r | |
806 | // One 2MB Page Table is released or Page Directory table is released, check the PML4 entry\r | |
807 | //\r | |
808 | SubEntriesNum = GetSubEntriesNum (Pml4 + MinPml4);\r | |
809 | if (SubEntriesNum == 0 && (MinPml4 != PFAddressPml4Index || MinPml5 != PFAddressPml5Index)) {\r | |
810 | //\r | |
811 | // Release the empty PML4 table if there was no more 1G KByte Page Table entry\r | |
812 | // clear the Page directory entry\r | |
813 | //\r | |
814 | InsertTailList (&mPagePool, (LIST_ENTRY*)(UINTN)(Pml4[MinPml4] & ~mAddressEncMask & gPhyMask));\r | |
815 | Pml4[MinPml4] = 0;\r | |
816 | MinPdpt = (UINTN)-1;\r | |
817 | continue;\r | |
818 | }\r | |
819 | //\r | |
820 | // Update the sub-entries filed in PML4 entry and exit\r | |
821 | //\r | |
822 | SetSubEntriesNum (Pml4 + MinPml4, (SubEntriesNum - 1) & 0x1FF);\r | |
823 | break;\r | |
824 | }\r | |
825 | //\r | |
826 | // PLM4 table has been released before, exit it\r | |
827 | //\r | |
828 | break;\r | |
829 | }\r | |
830 | }\r | |
831 | \r | |
832 | /**\r | |
833 | Allocate free Page for PageFault handler use.\r | |
834 | \r | |
835 | @return Page address.\r | |
836 | \r | |
837 | **/\r | |
838 | UINT64\r | |
839 | AllocPage (\r | |
840 | VOID\r | |
841 | )\r | |
842 | {\r | |
843 | UINT64 RetVal;\r | |
844 | \r | |
845 | if (IsListEmpty (&mPagePool)) {\r | |
846 | //\r | |
847 | // If page pool is empty, reclaim the used pages and insert one into page pool\r | |
848 | //\r | |
849 | ReclaimPages ();\r | |
850 | }\r | |
851 | \r | |
852 | //\r | |
853 | // Get one free page and remove it from page pool\r | |
854 | //\r | |
855 | RetVal = (UINT64)(UINTN)mPagePool.ForwardLink;\r | |
856 | RemoveEntryList (mPagePool.ForwardLink);\r | |
857 | //\r | |
858 | // Clean this page and return\r | |
859 | //\r | |
860 | ZeroMem ((VOID*)(UINTN)RetVal, EFI_PAGE_SIZE);\r | |
861 | return RetVal;\r | |
862 | }\r | |
863 | \r | |
864 | /**\r | |
865 | Page Fault handler for SMM use.\r | |
866 | \r | |
867 | **/\r | |
868 | VOID\r | |
869 | SmiDefaultPFHandler (\r | |
870 | VOID\r | |
871 | )\r | |
872 | {\r | |
873 | UINT64 *PageTable;\r | |
874 | UINT64 *PageTableTop;\r | |
875 | UINT64 PFAddress;\r | |
876 | UINTN StartBit;\r | |
877 | UINTN EndBit;\r | |
878 | UINT64 PTIndex;\r | |
879 | UINTN Index;\r | |
880 | SMM_PAGE_SIZE_TYPE PageSize;\r | |
881 | UINTN NumOfPages;\r | |
882 | UINTN PageAttribute;\r | |
883 | EFI_STATUS Status;\r | |
884 | UINT64 *UpperEntry;\r | |
885 | BOOLEAN Enable5LevelPaging;\r | |
886 | IA32_CR4 Cr4;\r | |
887 | \r | |
888 | //\r | |
889 | // Set default SMM page attribute\r | |
890 | //\r | |
891 | PageSize = SmmPageSize2M;\r | |
892 | NumOfPages = 1;\r | |
893 | PageAttribute = 0;\r | |
894 | \r | |
895 | EndBit = 0;\r | |
896 | PageTableTop = (UINT64*)(AsmReadCr3 () & gPhyMask);\r | |
897 | PFAddress = AsmReadCr2 ();\r | |
898 | \r | |
899 | Cr4.UintN = AsmReadCr4 ();\r | |
900 | Enable5LevelPaging = (BOOLEAN) (Cr4.Bits.LA57 != 0);\r | |
901 | \r | |
902 | Status = GetPlatformPageTableAttribute (PFAddress, &PageSize, &NumOfPages, &PageAttribute);\r | |
903 | //\r | |
904 | // If platform not support page table attribute, set default SMM page attribute\r | |
905 | //\r | |
906 | if (Status != EFI_SUCCESS) {\r | |
907 | PageSize = SmmPageSize2M;\r | |
908 | NumOfPages = 1;\r | |
909 | PageAttribute = 0;\r | |
910 | }\r | |
911 | if (PageSize >= MaxSmmPageSizeType) {\r | |
912 | PageSize = SmmPageSize2M;\r | |
913 | }\r | |
914 | if (NumOfPages > 512) {\r | |
915 | NumOfPages = 512;\r | |
916 | }\r | |
917 | \r | |
918 | switch (PageSize) {\r | |
919 | case SmmPageSize4K:\r | |
920 | //\r | |
921 | // BIT12 to BIT20 is Page Table index\r | |
922 | //\r | |
923 | EndBit = 12;\r | |
924 | break;\r | |
925 | case SmmPageSize2M:\r | |
926 | //\r | |
927 | // BIT21 to BIT29 is Page Directory index\r | |
928 | //\r | |
929 | EndBit = 21;\r | |
930 | PageAttribute |= (UINTN)IA32_PG_PS;\r | |
931 | break;\r | |
932 | case SmmPageSize1G:\r | |
933 | if (!m1GPageTableSupport) {\r | |
934 | DEBUG ((DEBUG_ERROR, "1-GByte pages is not supported!"));\r | |
935 | ASSERT (FALSE);\r | |
936 | }\r | |
937 | //\r | |
938 | // BIT30 to BIT38 is Page Directory Pointer Table index\r | |
939 | //\r | |
940 | EndBit = 30;\r | |
941 | PageAttribute |= (UINTN)IA32_PG_PS;\r | |
942 | break;\r | |
943 | default:\r | |
944 | ASSERT (FALSE);\r | |
945 | }\r | |
946 | \r | |
947 | //\r | |
948 | // If execute-disable is enabled, set NX bit\r | |
949 | //\r | |
950 | if (mXdEnabled) {\r | |
951 | PageAttribute |= IA32_PG_NX;\r | |
952 | }\r | |
953 | \r | |
954 | for (Index = 0; Index < NumOfPages; Index++) {\r | |
955 | PageTable = PageTableTop;\r | |
956 | UpperEntry = NULL;\r | |
957 | for (StartBit = Enable5LevelPaging ? 48 : 39; StartBit > EndBit; StartBit -= 9) {\r | |
958 | PTIndex = BitFieldRead64 (PFAddress, StartBit, StartBit + 8);\r | |
959 | if ((PageTable[PTIndex] & IA32_PG_P) == 0) {\r | |
960 | //\r | |
961 | // If the entry is not present, allocate one page from page pool for it\r | |
962 | //\r | |
963 | PageTable[PTIndex] = AllocPage () | mAddressEncMask | PAGE_ATTRIBUTE_BITS;\r | |
964 | } else {\r | |
965 | //\r | |
966 | // Save the upper entry address\r | |
967 | //\r | |
968 | UpperEntry = PageTable + PTIndex;\r | |
969 | }\r | |
970 | //\r | |
971 | // BIT9 to BIT11 of entry is used to save access record,\r | |
972 | // initialize value is 7\r | |
973 | //\r | |
974 | PageTable[PTIndex] |= (UINT64)IA32_PG_A;\r | |
975 | SetAccNum (PageTable + PTIndex, 7);\r | |
976 | PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & ~mAddressEncMask & gPhyMask);\r | |
977 | }\r | |
978 | \r | |
979 | PTIndex = BitFieldRead64 (PFAddress, StartBit, StartBit + 8);\r | |
980 | if ((PageTable[PTIndex] & IA32_PG_P) != 0) {\r | |
981 | //\r | |
982 | // Check if the entry has already existed, this issue may occur when the different\r | |
983 | // size page entries created under the same entry\r | |
984 | //\r | |
985 | DEBUG ((DEBUG_ERROR, "PageTable = %lx, PTIndex = %x, PageTable[PTIndex] = %lx\n", PageTable, PTIndex, PageTable[PTIndex]));\r | |
986 | DEBUG ((DEBUG_ERROR, "New page table overlapped with old page table!\n"));\r | |
987 | ASSERT (FALSE);\r | |
988 | }\r | |
989 | //\r | |
990 | // Fill the new entry\r | |
991 | //\r | |
992 | PageTable[PTIndex] = ((PFAddress | mAddressEncMask) & gPhyMask & ~((1ull << EndBit) - 1)) |\r | |
993 | PageAttribute | IA32_PG_A | PAGE_ATTRIBUTE_BITS;\r | |
994 | if (UpperEntry != NULL) {\r | |
995 | SetSubEntriesNum (UpperEntry, (GetSubEntriesNum (UpperEntry) + 1) & 0x1FF);\r | |
996 | }\r | |
997 | //\r | |
998 | // Get the next page address if we need to create more page tables\r | |
999 | //\r | |
1000 | PFAddress += (1ull << EndBit);\r | |
1001 | }\r | |
1002 | }\r | |
1003 | \r | |
1004 | /**\r | |
1005 | ThePage Fault handler wrapper for SMM use.\r | |
1006 | \r | |
1007 | @param InterruptType Defines the type of interrupt or exception that\r | |
1008 | occurred on the processor.This parameter is processor architecture specific.\r | |
1009 | @param SystemContext A pointer to the processor context when\r | |
1010 | the interrupt occurred on the processor.\r | |
1011 | **/\r | |
1012 | VOID\r | |
1013 | EFIAPI\r | |
1014 | SmiPFHandler (\r | |
1015 | IN EFI_EXCEPTION_TYPE InterruptType,\r | |
1016 | IN EFI_SYSTEM_CONTEXT SystemContext\r | |
1017 | )\r | |
1018 | {\r | |
1019 | UINTN PFAddress;\r | |
1020 | UINTN GuardPageAddress;\r | |
1021 | UINTN ShadowStackGuardPageAddress;\r | |
1022 | UINTN CpuIndex;\r | |
1023 | \r | |
1024 | ASSERT (InterruptType == EXCEPT_IA32_PAGE_FAULT);\r | |
1025 | \r | |
1026 | AcquireSpinLock (mPFLock);\r | |
1027 | \r | |
1028 | PFAddress = AsmReadCr2 ();\r | |
1029 | \r | |
1030 | if (mCpuSmmRestrictedMemoryAccess && (PFAddress >= LShiftU64 (1, (mPhysicalAddressBits - 1)))) {\r | |
1031 | DumpCpuContext (InterruptType, SystemContext);\r | |
1032 | DEBUG ((DEBUG_ERROR, "Do not support address 0x%lx by processor!\n", PFAddress));\r | |
1033 | CpuDeadLoop ();\r | |
1034 | goto Exit;\r | |
1035 | }\r | |
1036 | \r | |
1037 | //\r | |
1038 | // If a page fault occurs in SMRAM range, it might be in a SMM stack/shadow stack guard page,\r | |
1039 | // or SMM page protection violation.\r | |
1040 | //\r | |
1041 | if ((PFAddress >= mCpuHotPlugData.SmrrBase) &&\r | |
1042 | (PFAddress < (mCpuHotPlugData.SmrrBase + mCpuHotPlugData.SmrrSize))) {\r | |
1043 | DumpCpuContext (InterruptType, SystemContext);\r | |
1044 | CpuIndex = GetCpuIndex ();\r | |
1045 | GuardPageAddress = (mSmmStackArrayBase + EFI_PAGE_SIZE + CpuIndex * (mSmmStackSize + mSmmShadowStackSize));\r | |
1046 | ShadowStackGuardPageAddress = (mSmmStackArrayBase + mSmmStackSize + EFI_PAGE_SIZE + CpuIndex * (mSmmStackSize + mSmmShadowStackSize));\r | |
1047 | if ((FeaturePcdGet (PcdCpuSmmStackGuard)) &&\r | |
1048 | (PFAddress >= GuardPageAddress) &&\r | |
1049 | (PFAddress < (GuardPageAddress + EFI_PAGE_SIZE))) {\r | |
1050 | DEBUG ((DEBUG_ERROR, "SMM stack overflow!\n"));\r | |
1051 | } else if ((FeaturePcdGet (PcdCpuSmmStackGuard)) &&\r | |
1052 | (mSmmShadowStackSize > 0) &&\r | |
1053 | (PFAddress >= ShadowStackGuardPageAddress) &&\r | |
1054 | (PFAddress < (ShadowStackGuardPageAddress + EFI_PAGE_SIZE))) {\r | |
1055 | DEBUG ((DEBUG_ERROR, "SMM shadow stack overflow!\n"));\r | |
1056 | } else {\r | |
1057 | if ((SystemContext.SystemContextX64->ExceptionData & IA32_PF_EC_ID) != 0) {\r | |
1058 | DEBUG ((DEBUG_ERROR, "SMM exception at execution (0x%lx)\n", PFAddress));\r | |
1059 | DEBUG_CODE (\r | |
1060 | DumpModuleInfoByIp (*(UINTN *)(UINTN)SystemContext.SystemContextX64->Rsp);\r | |
1061 | );\r | |
1062 | } else {\r | |
1063 | DEBUG ((DEBUG_ERROR, "SMM exception at access (0x%lx)\n", PFAddress));\r | |
1064 | DEBUG_CODE (\r | |
1065 | DumpModuleInfoByIp ((UINTN)SystemContext.SystemContextX64->Rip);\r | |
1066 | );\r | |
1067 | }\r | |
1068 | \r | |
1069 | if (HEAP_GUARD_NONSTOP_MODE) {\r | |
1070 | GuardPagePFHandler (SystemContext.SystemContextX64->ExceptionData);\r | |
1071 | goto Exit;\r | |
1072 | }\r | |
1073 | }\r | |
1074 | CpuDeadLoop ();\r | |
1075 | goto Exit;\r | |
1076 | }\r | |
1077 | \r | |
1078 | //\r | |
1079 | // If a page fault occurs in non-SMRAM range.\r | |
1080 | //\r | |
1081 | if ((PFAddress < mCpuHotPlugData.SmrrBase) ||\r | |
1082 | (PFAddress >= mCpuHotPlugData.SmrrBase + mCpuHotPlugData.SmrrSize)) {\r | |
1083 | if ((SystemContext.SystemContextX64->ExceptionData & IA32_PF_EC_ID) != 0) {\r | |
1084 | DumpCpuContext (InterruptType, SystemContext);\r | |
1085 | DEBUG ((DEBUG_ERROR, "Code executed on IP(0x%lx) out of SMM range after SMM is locked!\n", PFAddress));\r | |
1086 | DEBUG_CODE (\r | |
1087 | DumpModuleInfoByIp (*(UINTN *)(UINTN)SystemContext.SystemContextX64->Rsp);\r | |
1088 | );\r | |
1089 | CpuDeadLoop ();\r | |
1090 | goto Exit;\r | |
1091 | }\r | |
1092 | \r | |
1093 | //\r | |
1094 | // If NULL pointer was just accessed\r | |
1095 | //\r | |
1096 | if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT1) != 0 &&\r | |
1097 | (PFAddress < EFI_PAGE_SIZE)) {\r | |
1098 | DumpCpuContext (InterruptType, SystemContext);\r | |
1099 | DEBUG ((DEBUG_ERROR, "!!! NULL pointer access !!!\n"));\r | |
1100 | DEBUG_CODE (\r | |
1101 | DumpModuleInfoByIp ((UINTN)SystemContext.SystemContextX64->Rip);\r | |
1102 | );\r | |
1103 | \r | |
1104 | if (NULL_DETECTION_NONSTOP_MODE) {\r | |
1105 | GuardPagePFHandler (SystemContext.SystemContextX64->ExceptionData);\r | |
1106 | goto Exit;\r | |
1107 | }\r | |
1108 | \r | |
1109 | CpuDeadLoop ();\r | |
1110 | goto Exit;\r | |
1111 | }\r | |
1112 | \r | |
1113 | if (mCpuSmmRestrictedMemoryAccess && IsSmmCommBufferForbiddenAddress (PFAddress)) {\r | |
1114 | DumpCpuContext (InterruptType, SystemContext);\r | |
1115 | DEBUG ((DEBUG_ERROR, "Access SMM communication forbidden address (0x%lx)!\n", PFAddress));\r | |
1116 | DEBUG_CODE (\r | |
1117 | DumpModuleInfoByIp ((UINTN)SystemContext.SystemContextX64->Rip);\r | |
1118 | );\r | |
1119 | CpuDeadLoop ();\r | |
1120 | goto Exit;\r | |
1121 | }\r | |
1122 | }\r | |
1123 | \r | |
1124 | if (FeaturePcdGet (PcdCpuSmmProfileEnable)) {\r | |
1125 | SmmProfilePFHandler (\r | |
1126 | SystemContext.SystemContextX64->Rip,\r | |
1127 | SystemContext.SystemContextX64->ExceptionData\r | |
1128 | );\r | |
1129 | } else {\r | |
1130 | SmiDefaultPFHandler ();\r | |
1131 | }\r | |
1132 | \r | |
1133 | Exit:\r | |
1134 | ReleaseSpinLock (mPFLock);\r | |
1135 | }\r | |
1136 | \r | |
1137 | /**\r | |
1138 | This function sets memory attribute for page table.\r | |
1139 | **/\r | |
1140 | VOID\r | |
1141 | SetPageTableAttributes (\r | |
1142 | VOID\r | |
1143 | )\r | |
1144 | {\r | |
1145 | UINTN Index2;\r | |
1146 | UINTN Index3;\r | |
1147 | UINTN Index4;\r | |
1148 | UINTN Index5;\r | |
1149 | UINT64 *L1PageTable;\r | |
1150 | UINT64 *L2PageTable;\r | |
1151 | UINT64 *L3PageTable;\r | |
1152 | UINT64 *L4PageTable;\r | |
1153 | UINT64 *L5PageTable;\r | |
1154 | UINTN PageTableBase;\r | |
1155 | BOOLEAN IsSplitted;\r | |
1156 | BOOLEAN PageTableSplitted;\r | |
1157 | BOOLEAN CetEnabled;\r | |
1158 | BOOLEAN Enable5LevelPaging;\r | |
1159 | \r | |
1160 | //\r | |
1161 | // Don't mark page table memory as read-only if\r | |
1162 | // - no restriction on access to non-SMRAM memory; or\r | |
1163 | // - SMM heap guard feature enabled; or\r | |
1164 | // BIT2: SMM page guard enabled\r | |
1165 | // BIT3: SMM pool guard enabled\r | |
1166 | // - SMM profile feature enabled\r | |
1167 | //\r | |
1168 | if (!mCpuSmmRestrictedMemoryAccess ||\r | |
1169 | ((PcdGet8 (PcdHeapGuardPropertyMask) & (BIT3 | BIT2)) != 0) ||\r | |
1170 | FeaturePcdGet (PcdCpuSmmProfileEnable)) {\r | |
1171 | //\r | |
1172 | // Restriction on access to non-SMRAM memory and heap guard could not be enabled at the same time.\r | |
1173 | //\r | |
1174 | ASSERT (!(mCpuSmmRestrictedMemoryAccess &&\r | |
1175 | (PcdGet8 (PcdHeapGuardPropertyMask) & (BIT3 | BIT2)) != 0));\r | |
1176 | \r | |
1177 | //\r | |
1178 | // Restriction on access to non-SMRAM memory and SMM profile could not be enabled at the same time.\r | |
1179 | //\r | |
1180 | ASSERT (!(mCpuSmmRestrictedMemoryAccess && FeaturePcdGet (PcdCpuSmmProfileEnable)));\r | |
1181 | return ;\r | |
1182 | }\r | |
1183 | \r | |
1184 | DEBUG ((DEBUG_INFO, "SetPageTableAttributes\n"));\r | |
1185 | \r | |
1186 | //\r | |
1187 | // Disable write protection, because we need mark page table to be write protected.\r | |
1188 | // We need *write* page table memory, to mark itself to be *read only*.\r | |
1189 | //\r | |
1190 | CetEnabled = ((AsmReadCr4() & CR4_CET_ENABLE) != 0) ? TRUE : FALSE;\r | |
1191 | if (CetEnabled) {\r | |
1192 | //\r | |
1193 | // CET must be disabled if WP is disabled.\r | |
1194 | //\r | |
1195 | DisableCet();\r | |
1196 | }\r | |
1197 | AsmWriteCr0 (AsmReadCr0() & ~CR0_WP);\r | |
1198 | \r | |
1199 | do {\r | |
1200 | DEBUG ((DEBUG_INFO, "Start...\n"));\r | |
1201 | PageTableSplitted = FALSE;\r | |
1202 | L5PageTable = NULL;\r | |
1203 | \r | |
1204 | GetPageTable (&PageTableBase, &Enable5LevelPaging);\r | |
1205 | \r | |
1206 | if (Enable5LevelPaging) {\r | |
1207 | L5PageTable = (UINT64 *)PageTableBase;\r | |
1208 | SmmSetMemoryAttributesEx ((EFI_PHYSICAL_ADDRESS)PageTableBase, SIZE_4KB, EFI_MEMORY_RO, &IsSplitted);\r | |
1209 | PageTableSplitted = (PageTableSplitted || IsSplitted);\r | |
1210 | }\r | |
1211 | \r | |
1212 | for (Index5 = 0; Index5 < (Enable5LevelPaging ? SIZE_4KB/sizeof(UINT64) : 1); Index5++) {\r | |
1213 | if (Enable5LevelPaging) {\r | |
1214 | L4PageTable = (UINT64 *)(UINTN)(L5PageTable[Index5] & ~mAddressEncMask & PAGING_4K_ADDRESS_MASK_64);\r | |
1215 | if (L4PageTable == NULL) {\r | |
1216 | continue;\r | |
1217 | }\r | |
1218 | } else {\r | |
1219 | L4PageTable = (UINT64 *)PageTableBase;\r | |
1220 | }\r | |
1221 | SmmSetMemoryAttributesEx ((EFI_PHYSICAL_ADDRESS)(UINTN)L4PageTable, SIZE_4KB, EFI_MEMORY_RO, &IsSplitted);\r | |
1222 | PageTableSplitted = (PageTableSplitted || IsSplitted);\r | |
1223 | \r | |
1224 | for (Index4 = 0; Index4 < SIZE_4KB/sizeof(UINT64); Index4++) {\r | |
1225 | L3PageTable = (UINT64 *)(UINTN)(L4PageTable[Index4] & ~mAddressEncMask & PAGING_4K_ADDRESS_MASK_64);\r | |
1226 | if (L3PageTable == NULL) {\r | |
1227 | continue;\r | |
1228 | }\r | |
1229 | \r | |
1230 | SmmSetMemoryAttributesEx ((EFI_PHYSICAL_ADDRESS)(UINTN)L3PageTable, SIZE_4KB, EFI_MEMORY_RO, &IsSplitted);\r | |
1231 | PageTableSplitted = (PageTableSplitted || IsSplitted);\r | |
1232 | \r | |
1233 | for (Index3 = 0; Index3 < SIZE_4KB/sizeof(UINT64); Index3++) {\r | |
1234 | if ((L3PageTable[Index3] & IA32_PG_PS) != 0) {\r | |
1235 | // 1G\r | |
1236 | continue;\r | |
1237 | }\r | |
1238 | L2PageTable = (UINT64 *)(UINTN)(L3PageTable[Index3] & ~mAddressEncMask & PAGING_4K_ADDRESS_MASK_64);\r | |
1239 | if (L2PageTable == NULL) {\r | |
1240 | continue;\r | |
1241 | }\r | |
1242 | \r | |
1243 | SmmSetMemoryAttributesEx ((EFI_PHYSICAL_ADDRESS)(UINTN)L2PageTable, SIZE_4KB, EFI_MEMORY_RO, &IsSplitted);\r | |
1244 | PageTableSplitted = (PageTableSplitted || IsSplitted);\r | |
1245 | \r | |
1246 | for (Index2 = 0; Index2 < SIZE_4KB/sizeof(UINT64); Index2++) {\r | |
1247 | if ((L2PageTable[Index2] & IA32_PG_PS) != 0) {\r | |
1248 | // 2M\r | |
1249 | continue;\r | |
1250 | }\r | |
1251 | L1PageTable = (UINT64 *)(UINTN)(L2PageTable[Index2] & ~mAddressEncMask & PAGING_4K_ADDRESS_MASK_64);\r | |
1252 | if (L1PageTable == NULL) {\r | |
1253 | continue;\r | |
1254 | }\r | |
1255 | SmmSetMemoryAttributesEx ((EFI_PHYSICAL_ADDRESS)(UINTN)L1PageTable, SIZE_4KB, EFI_MEMORY_RO, &IsSplitted);\r | |
1256 | PageTableSplitted = (PageTableSplitted || IsSplitted);\r | |
1257 | }\r | |
1258 | }\r | |
1259 | }\r | |
1260 | }\r | |
1261 | } while (PageTableSplitted);\r | |
1262 | \r | |
1263 | //\r | |
1264 | // Enable write protection, after page table updated.\r | |
1265 | //\r | |
1266 | AsmWriteCr0 (AsmReadCr0() | CR0_WP);\r | |
1267 | if (CetEnabled) {\r | |
1268 | //\r | |
1269 | // re-enable CET.\r | |
1270 | //\r | |
1271 | EnableCet();\r | |
1272 | }\r | |
1273 | \r | |
1274 | return ;\r | |
1275 | }\r | |
1276 | \r | |
1277 | /**\r | |
1278 | This function reads CR2 register when on-demand paging is enabled.\r | |
1279 | \r | |
1280 | @param[out] *Cr2 Pointer to variable to hold CR2 register value.\r | |
1281 | **/\r | |
1282 | VOID\r | |
1283 | SaveCr2 (\r | |
1284 | OUT UINTN *Cr2\r | |
1285 | )\r | |
1286 | {\r | |
1287 | if (!mCpuSmmRestrictedMemoryAccess) {\r | |
1288 | //\r | |
1289 | // On-demand paging is enabled when access to non-SMRAM is not restricted.\r | |
1290 | //\r | |
1291 | *Cr2 = AsmReadCr2 ();\r | |
1292 | }\r | |
1293 | }\r | |
1294 | \r | |
1295 | /**\r | |
1296 | This function restores CR2 register when on-demand paging is enabled.\r | |
1297 | \r | |
1298 | @param[in] Cr2 Value to write into CR2 register.\r | |
1299 | **/\r | |
1300 | VOID\r | |
1301 | RestoreCr2 (\r | |
1302 | IN UINTN Cr2\r | |
1303 | )\r | |
1304 | {\r | |
1305 | if (!mCpuSmmRestrictedMemoryAccess) {\r | |
1306 | //\r | |
1307 | // On-demand paging is enabled when access to non-SMRAM is not restricted.\r | |
1308 | //\r | |
1309 | AsmWriteCr2 (Cr2);\r | |
1310 | }\r | |
1311 | }\r | |
1312 | \r | |
1313 | /**\r | |
1314 | Return whether access to non-SMRAM is restricted.\r | |
1315 | \r | |
1316 | @retval TRUE Access to non-SMRAM is restricted.\r | |
1317 | @retval FALSE Access to non-SMRAM is not restricted.\r | |
1318 | **/\r | |
1319 | BOOLEAN\r | |
1320 | IsRestrictedMemoryAccess (\r | |
1321 | VOID\r | |
1322 | )\r | |
1323 | {\r | |
1324 | return mCpuSmmRestrictedMemoryAccess;\r | |
1325 | }\r |