summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDun Tan <dun.tan@intel.com>2024-07-30 06:31:59 +0300
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>2024-08-05 09:59:09 +0300
commit47bb9f9a97726d11a11a5658a3917045bd9b0787 (patch)
treecb3273544931e8e14c112118ca8e418311800322
parent68b4c4b481f3129132cd90c45d241990445f4a3a (diff)
downloadedk2-47bb9f9a97726d11a11a5658a3917045bd9b0787.tar.xz
UefiCpuPkg: Revert "UefiCpuPkg/PiSmmCpuDxeSmm: Fix system..."
This reverts commit bef0d333dc "UefiCpuPkg/PiSmmCpuDxeSmm: Fix system hang when SmmProfile enable". The commit bef0d333dc was added to modify the code logic in InitPaging() to fix a code assert issue. Previously, the root cause of this issue is that we try to only set NX attribute for not-present MMIO range above 4G when SMM profile feature is enabled, which is not allowed by CpuPageTableLib. But after we always create full mapping initial SMM page table in the next commit, this code assert issue won't happen anymore since MMIO range above 4g will also be present in SMM page table before InitPaging(). Meanwhile another issue was introduced by commit bef0d333dc: In the entrypoint of PiSmmCpuDxe driver, we will set some pages in stack range as not-present in SMM page table if PcdCpuSmmStackGuard or PcdControlFlowEnforcementPropertyMask is TRUE. But in commit bef0d333dc, all SMRAM range are set to present in InitPaging() if SMM profile is enabled. Then the stack guard and shadow stack features do not work anymore. So let's revert the commit "UefiCpuPkg/PiSmmCpuDxeSmm: Fix system hang when SmmProfile enable" Signed-off-by: Dun Tan <dun.tan@intel.com>
-rw-r--r--UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c40
1 files changed, 10 insertions, 30 deletions
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c
index 9d8a9dc575..d18084b71f 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c
@@ -1,7 +1,7 @@
/** @file
Enable SMM profile.
-Copyright (c) 2012 - 2024, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2012 - 2023, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -610,7 +610,6 @@ InitPaging (
UINT64 Limit;
UINT64 PreviousAddress;
UINT64 MemoryAttrMask;
- BOOLEAN IsSet;
BOOLEAN WriteProtect;
BOOLEAN CetEnabled;
@@ -633,38 +632,19 @@ InitPaging (
DEBUG ((DEBUG_INFO, "Patch page table start ...\n"));
if (FeaturePcdGet (PcdCpuSmmProfileEnable)) {
for (Index = 0; Index < mProtectionMemRangeCount; Index++) {
- Base = mProtectionMemRange[Index].Range.Base;
- Length = mProtectionMemRange[Index].Range.Top - Base;
-
- MemoryAttrMask = EFI_MEMORY_RP;
- if (!mProtectionMemRange[Index].Present) {
- //
- // Config the EFI_MEMORY_RP attribute to make it non-present.
- //
- IsSet = TRUE;
- } else {
- //
- // Clear the EFI_MEMORY_RP attribute to make it present.
- //
- IsSet = FALSE;
-
- //
- // Config the range as writable and executable when mapping a range as present.
- //
- MemoryAttrMask |= EFI_MEMORY_RO;
+ MemoryAttrMask = 0;
+ if (mProtectionMemRange[Index].Nx == TRUE) {
MemoryAttrMask |= EFI_MEMORY_XP;
}
- Status = ConvertMemoryPageAttributes (PageTable, mPagingMode, Base, Length, MemoryAttrMask, IsSet, NULL);
- ASSERT_RETURN_ERROR (Status);
+ if (mProtectionMemRange[Index].Present == FALSE) {
+ MemoryAttrMask = EFI_MEMORY_RP;
+ }
- if (mProtectionMemRange[Index].Present && mProtectionMemRange[Index].Nx) {
- //
- // Since EFI_MEMORY_XP has already been cleared above, only handle the case to disable execution.
- // Config the EFI_MEMORY_XP attribute to disable execution.
- //
- MemoryAttrMask = EFI_MEMORY_XP;
- Status = ConvertMemoryPageAttributes (PageTable, mPagingMode, Base, Length, MemoryAttrMask, TRUE, NULL);
+ Base = mProtectionMemRange[Index].Range.Base;
+ Length = mProtectionMemRange[Index].Range.Top - Base;
+ if (MemoryAttrMask != 0) {
+ Status = ConvertMemoryPageAttributes (PageTable, mPagingMode, Base, Length, MemoryAttrMask, TRUE, NULL);
ASSERT_RETURN_ERROR (Status);
}