;------------------------------------------------------------------------------ ;\r
-; Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>\r
-; This program and the accompanying materials\r
-; are licensed and made available under the terms and conditions of the BSD License\r
-; which accompanies this distribution. The full text of the license may be found at\r
-; http://opensource.org/licenses/bsd-license.php.\r
-;\r
-; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+; Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.<BR>\r
+; Copyright (c) 2020, AMD Incorporated. All rights reserved.<BR>\r
+; SPDX-License-Identifier: BSD-2-Clause-Patent\r
;\r
; Module Name:\r
;\r
;\r
;-------------------------------------------------------------------------------\r
\r
+%include "StuffRsbNasm.inc"\r
+%include "Nasm.inc"\r
+\r
+%define MSR_IA32_S_CET 0x6A2\r
+%define MSR_IA32_CET_SH_STK_EN 0x1\r
+%define MSR_IA32_CET_WR_SHSTK_EN 0x2\r
+%define MSR_IA32_CET_ENDBR_EN 0x4\r
+%define MSR_IA32_CET_LEG_IW_EN 0x8\r
+%define MSR_IA32_CET_NO_TRACK_EN 0x10\r
+%define MSR_IA32_CET_SUPPRESS_DIS 0x20\r
+%define MSR_IA32_CET_SUPPRESS 0x400\r
+%define MSR_IA32_CET_TRACKER 0x800\r
+%define MSR_IA32_PL0_SSP 0x6A4\r
+\r
+%define CR4_CET 0x800000\r
+\r
%define MSR_IA32_MISC_ENABLE 0x1A0\r
%define MSR_EFER 0xc0000080\r
%define MSR_EFER_XD 0x800\r
\r
global ASM_PFX(gcSmiHandlerTemplate)\r
global ASM_PFX(gcSmiHandlerSize)\r
-global ASM_PFX(gSmiCr3)\r
+global ASM_PFX(gPatchSmiCr3)\r
global ASM_PFX(gPatchSmiStack)\r
global ASM_PFX(gPatchSmbase)\r
-global ASM_PFX(mXdSupported)\r
+extern ASM_PFX(mXdSupported)\r
+global ASM_PFX(gPatchXdSupported)\r
+global ASM_PFX(gPatchMsrIa32MiscEnableSupported)\r
extern ASM_PFX(gSmiHandlerIdtr)\r
\r
+extern ASM_PFX(mCetSupported)\r
+global ASM_PFX(mPatchCetSupported)\r
+global ASM_PFX(mPatchCetPl0Ssp)\r
+global ASM_PFX(mPatchCetInterruptSsp)\r
+\r
SECTION .text\r
\r
BITS 16\r
jmp ProtFlatMode\r
\r
ProtFlatMode:\r
- DB 0xb8 ; mov eax, imm32\r
-ASM_PFX(gSmiCr3): DD 0\r
+ mov eax, strict dword 0 ; source operand will be patched\r
+ASM_PFX(gPatchSmiCr3):\r
mov cr3, eax\r
;\r
; Need to test for CR4 specific bit support\r
.6:\r
\r
; enable NXE if supported\r
- DB 0b0h ; mov al, imm8\r
-ASM_PFX(mXdSupported): DB 1\r
+ mov al, strict byte 1 ; source operand may be patched\r
+ASM_PFX(gPatchXdSupported):\r
cmp al, 0\r
jz @SkipXd\r
+\r
+; If MSR_IA32_MISC_ENABLE is supported, clear XD Disable bit\r
+ mov al, strict byte 1 ; source operand may be patched\r
+ASM_PFX(gPatchMsrIa32MiscEnableSupported):\r
+ cmp al, 1\r
+ jz MsrIa32MiscEnableSupported\r
+\r
+; MSR_IA32_MISC_ENABLE not supported\r
+ xor edx, edx\r
+ push edx ; don't try to restore the XD Disable bit just before RSM\r
+ jmp EnableNxe\r
+\r
;\r
; Check XD disable bit\r
;\r
+MsrIa32MiscEnableSupported:\r
mov ecx, MSR_IA32_MISC_ENABLE\r
rdmsr\r
push edx ; save MSR_IA32_MISC_ENABLE[63-32]\r
test edx, BIT2 ; MSR_IA32_MISC_ENABLE[34]\r
- jz .5\r
+ jz EnableNxe\r
and dx, 0xFFFB ; clear XD Disable bit if it is set\r
wrmsr\r
-.5:\r
+EnableNxe:\r
mov ecx, MSR_EFER\r
rdmsr\r
or ax, MSR_EFER_XD ; enable NXE\r
mov ax, [ebx + DSC_SS]\r
mov ss, eax\r
\r
-; jmp _SmiHandler ; instruction is not needed\r
+ mov ebx, [esp + 4] ; ebx <- CpuIndex\r
+\r
+; enable CET if supported\r
+ mov al, strict byte 1 ; source operand may be patched\r
+ASM_PFX(mPatchCetSupported):\r
+ cmp al, 0\r
+ jz CetDone\r
+\r
+ mov ecx, MSR_IA32_S_CET\r
+ rdmsr\r
+ push edx\r
+ push eax\r
+\r
+ mov ecx, MSR_IA32_PL0_SSP\r
+ rdmsr\r
+ push edx\r
+ push eax\r
+\r
+ mov ecx, MSR_IA32_S_CET\r
+ mov eax, MSR_IA32_CET_SH_STK_EN\r
+ xor edx, edx\r
+ wrmsr\r
+\r
+ mov ecx, MSR_IA32_PL0_SSP\r
+ mov eax, strict dword 0 ; source operand will be patched\r
+ASM_PFX(mPatchCetPl0Ssp):\r
+ xor edx, edx\r
+ wrmsr\r
+ mov ecx, cr0\r
+ btr ecx, 16 ; clear WP\r
+ mov cr0, ecx\r
+ mov [eax], eax ; reload SSP, and clear busyflag.\r
+ xor ecx, ecx\r
+ mov [eax + 4], ecx\r
+\r
+ mov eax, strict dword 0 ; source operand will be patched\r
+ASM_PFX(mPatchCetInterruptSsp):\r
+ cmp eax, 0\r
+ jz CetInterruptDone\r
+ mov [eax], eax ; reload SSP, and clear busyflag.\r
+ xor ecx, ecx\r
+ mov [eax + 4], ecx\r
+CetInterruptDone:\r
+\r
+ mov ecx, cr0\r
+ bts ecx, 16 ; set WP\r
+ mov cr0, ecx\r
+\r
+ mov eax, 0x668 | CR4_CET\r
+ mov cr4, eax\r
+\r
+ setssbsy\r
+\r
+CetDone:\r
\r
-global ASM_PFX(SmiHandler)\r
-ASM_PFX(SmiHandler):\r
- mov ebx, [esp + 4] ; CPU Index\r
push ebx\r
mov eax, ASM_PFX(CpuSmmDebugEntry)\r
call eax\r
call eax\r
add esp, 4\r
\r
+ mov eax, ASM_PFX(mCetSupported)\r
+ mov al, [eax]\r
+ cmp al, 0\r
+ jz CetDone2\r
+\r
+ mov eax, 0x668\r
+ mov cr4, eax ; disable CET\r
+\r
+ mov ecx, MSR_IA32_PL0_SSP\r
+ pop eax\r
+ pop edx\r
+ wrmsr\r
+\r
+ mov ecx, MSR_IA32_S_CET\r
+ pop eax\r
+ pop edx\r
+ wrmsr\r
+CetDone2:\r
+\r
mov eax, ASM_PFX(mXdSupported)\r
mov al, [eax]\r
cmp al, 0\r
wrmsr\r
\r
.7:\r
+\r
+ StuffRsb32\r
rsm\r
\r
ASM_PFX(gcSmiHandlerSize): DW $ - _SmiEntryPoint\r
projects / mirror_edk2.git / blobdiff