diff options
author | Dun Tan <dun.tan@intel.com> | 2024-07-30 06:31:59 +0300 |
---|---|---|
committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2024-08-05 09:59:09 +0300 |
commit | 47bb9f9a97726d11a11a5658a3917045bd9b0787 (patch) | |
tree | cb3273544931e8e14c112118ca8e418311800322 | |
parent | 68b4c4b481f3129132cd90c45d241990445f4a3a (diff) | |
download | edk2-47bb9f9a97726d11a11a5658a3917045bd9b0787.tar.xz |
UefiCpuPkg: Revert "UefiCpuPkg/PiSmmCpuDxeSmm: Fix system..."
This reverts commit bef0d333dc "UefiCpuPkg/PiSmmCpuDxeSmm:
Fix system hang when SmmProfile enable".
The commit bef0d333dc was added to modify the code logic in
InitPaging() to fix a code assert issue. Previously, the root
cause of this issue is that we try to only set NX attribute
for not-present MMIO range above 4G when SMM profile feature
is enabled, which is not allowed by CpuPageTableLib.
But after we always create full mapping initial SMM page
table in the next commit, this code assert issue won't happen
anymore since MMIO range above 4g will also be present in SMM
page table before InitPaging().
Meanwhile another issue was introduced by commit bef0d333dc:
In the entrypoint of PiSmmCpuDxe driver, we will set some
pages in stack range as not-present in SMM page table if
PcdCpuSmmStackGuard or PcdControlFlowEnforcementPropertyMask
is TRUE. But in commit bef0d333dc, all SMRAM range are set
to present in InitPaging() if SMM profile is enabled. Then
the stack guard and shadow stack features do not work anymore.
So let's revert the commit "UefiCpuPkg/PiSmmCpuDxeSmm: Fix
system hang when SmmProfile enable"
Signed-off-by: Dun Tan <dun.tan@intel.com>
-rw-r--r-- | UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 40 |
1 files changed, 10 insertions, 30 deletions
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c index 9d8a9dc575..d18084b71f 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c @@ -1,7 +1,7 @@ /** @file
Enable SMM profile.
-Copyright (c) 2012 - 2024, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2012 - 2023, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -610,7 +610,6 @@ InitPaging ( UINT64 Limit;
UINT64 PreviousAddress;
UINT64 MemoryAttrMask;
- BOOLEAN IsSet;
BOOLEAN WriteProtect;
BOOLEAN CetEnabled;
@@ -633,38 +632,19 @@ InitPaging ( DEBUG ((DEBUG_INFO, "Patch page table start ...\n"));
if (FeaturePcdGet (PcdCpuSmmProfileEnable)) {
for (Index = 0; Index < mProtectionMemRangeCount; Index++) {
- Base = mProtectionMemRange[Index].Range.Base;
- Length = mProtectionMemRange[Index].Range.Top - Base;
-
- MemoryAttrMask = EFI_MEMORY_RP;
- if (!mProtectionMemRange[Index].Present) {
- //
- // Config the EFI_MEMORY_RP attribute to make it non-present.
- //
- IsSet = TRUE;
- } else {
- //
- // Clear the EFI_MEMORY_RP attribute to make it present.
- //
- IsSet = FALSE;
-
- //
- // Config the range as writable and executable when mapping a range as present.
- //
- MemoryAttrMask |= EFI_MEMORY_RO;
+ MemoryAttrMask = 0;
+ if (mProtectionMemRange[Index].Nx == TRUE) {
MemoryAttrMask |= EFI_MEMORY_XP;
}
- Status = ConvertMemoryPageAttributes (PageTable, mPagingMode, Base, Length, MemoryAttrMask, IsSet, NULL);
- ASSERT_RETURN_ERROR (Status);
+ if (mProtectionMemRange[Index].Present == FALSE) {
+ MemoryAttrMask = EFI_MEMORY_RP;
+ }
- if (mProtectionMemRange[Index].Present && mProtectionMemRange[Index].Nx) {
- //
- // Since EFI_MEMORY_XP has already been cleared above, only handle the case to disable execution.
- // Config the EFI_MEMORY_XP attribute to disable execution.
- //
- MemoryAttrMask = EFI_MEMORY_XP;
- Status = ConvertMemoryPageAttributes (PageTable, mPagingMode, Base, Length, MemoryAttrMask, TRUE, NULL);
+ Base = mProtectionMemRange[Index].Range.Base;
+ Length = mProtectionMemRange[Index].Range.Top - Base;
+ if (MemoryAttrMask != 0) {
+ Status = ConvertMemoryPageAttributes (PageTable, mPagingMode, Base, Length, MemoryAttrMask, TRUE, NULL);
ASSERT_RETURN_ERROR (Status);
}
|