UefiCpuPkg/PiSmmCpu: Add Shadow Stack Support for X86 SMM.

[mirror_edk2.git] / UefiCpuPkg / Include / Library / SmmCpuFeaturesLib.h

diff --git a/UefiCpuPkg/Include/Library/SmmCpuFeaturesLib.h b/UefiCpuPkg/Include/Library/SmmCpuFeaturesLib.h
index 4478003467c88d30f7500032650ff991bc75b143..aec24b5ddab560bdb96fcdf6a8b73da3c3fcb431 100644 (file)
--- a/UefiCpuPkg/Include/Library/SmmCpuFeaturesLib.h
+++ b/UefiCpuPkg/Include/Library/SmmCpuFeaturesLib.h
@@ -1,7 +1,7 @@
 /** @file\r
 Library that provides CPU specific functions to support the PiSmmCpuDxeSmm module.\r
 \r
-Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>\r
 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 which accompanies this distribution.  The full text of the license may be found at\r
@@ -160,14 +160,33 @@ SmmCpuFeaturesGetSmiHandlerSize (
   than zero and is called by the CPU that was elected as monarch during System\r
   Management Mode initialization.\r
 \r
+    //\r
+    // Append Shadow Stack after normal stack\r
+    //\r
+    // |= SmiStack\r
+    // +--------------------------------------------------+---------------------------------------------------------------+\r
+    // | Known Good Stack | Guard Page |    SMM Stack     | Known Good Shadow Stack | Guard Page |    SMM Shadow Stack    |\r
+    // +--------------------------------------------------+---------------------------------------------------------------+\r
+    // |                               |PcdCpuSmmStackSize|                                      |PcdCpuSmmShadowStackSize|\r
+    // |<-------------------- StackSize ----------------->|<------------------------- ShadowStackSize ------------------->|\r
+    // |                                                                                                                  |\r
+    // |<-------------------------------------------- Processor N ------------------------------------------------------->|\r
+    // | low address (bottom)                                                                          high address (top) |\r
+    //\r
+\r
   @param[in] CpuIndex   The index of the CPU to install the custom SMI handler.\r
                         The value must be between 0 and the NumberOfCpus field\r
                         in the System Management System Table (SMST).\r
   @param[in] SmBase     The SMBASE address for the CPU specified by CpuIndex.\r
-  @param[in] SmiStack   The stack to use when an SMI is processed by the\r
+  @param[in] SmiStack   The bottom of stack to use when an SMI is processed by the\r
                         the CPU specified by CpuIndex.\r
   @param[in] StackSize  The size, in bytes, if the stack used when an SMI is\r
                         processed by the CPU specified by CpuIndex.\r
+                        StackSize should be PcdCpuSmmStackSize, with 2 more pages\r
+                        if PcdCpuSmmStackGuard is true.\r
+                        If ShadowStack is enabled, the shadow stack is allocated\r
+                        after the normal Stack. The size is PcdCpuSmmShadowStackSize.\r
+                        with 2 more pages if PcdCpuSmmStackGuard is true.\r
   @param[in] GdtBase    The base address of the GDT to use when an SMI is\r
                         processed by the CPU specified by CpuIndex.\r
   @param[in] GdtSize    The size, in bytes, of the GDT used when an SMI is\r