2014-01-22 09:41:16 +01:00
|
|
|
## @file UefiCpuPkg.dec
|
|
|
|
|
# This Package provides UEFI compatible CPU modules and libraries.
|
|
|
|
|
#
|
UefiCpuPkg/PiSmmCpu: Add Shadow Stack Support for X86 SMM.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1521
We scan the SMM code with ROPgadget.
http://shell-storm.org/project/ROPgadget/
https://github.com/JonathanSalwan/ROPgadget/tree/master
This tool reports the gadget in SMM driver.
This patch enabled CET ShadowStack for X86 SMM.
If CET is supported, SMM will enable CET ShadowStack.
SMM CET will save the OS CET context at SmmEntry and
restore OS CET context at SmmExit.
Test:
1) test Intel internal platform (x64 only, CET enabled/disabled)
Boot test:
CET supported or not supported CPU
on CET supported platform
CET enabled/disabled
PcdCpuSmmCetEnable enabled/disabled
Single core/Multiple core
PcdCpuSmmStackGuard enabled/disabled
PcdCpuSmmProfileEnable enabled/disabled
PcdCpuSmmStaticPageTable enabled/disabled
CET exception test:
#CF generated with PcdCpuSmmStackGuard enabled/disabled.
Other exception test:
#PF for normal stack overflow
#PF for NX protection
#PF for RO protection
CET env test:
Launch SMM in CET enabled/disabled environment (DXE) - no impact to DXE
The test case can be found at
https://github.com/jyao1/SecurityEx/tree/master/ControlFlowPkg
2) test ovmf (both IA32 and X64 SMM, CET disabled only)
test OvmfIa32/Ovmf3264, with -D SMM_REQUIRE.
qemu-system-x86_64.exe -machine q35,smm=on -smp 4
-serial file:serial.log
-drive if=pflash,format=raw,unit=0,file=OVMF_CODE.fd,readonly=on
-drive if=pflash,format=raw,unit=1,file=OVMF_VARS.fd
QEMU emulator version 3.1.0 (v3.1.0-11736-g7a30e7adb0-dirty)
3) not tested
IA32 CET enabled platform
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
2019-02-22 14:30:36 +01:00
|
|
|
# Copyright (c) 2007 - 2019, Intel Corporation. All rights reserved.<BR>
|
2014-01-22 09:41:16 +01:00
|
|
|
#
|
2019-04-04 01:07:22 +02:00
|
|
|
# SPDX-License-Identifier: BSD-2-Clause-Patent
|
2014-01-22 09:41:16 +01:00
|
|
|
#
|
|
|
|
|
##
|
|
|
|
|
|
|
|
|
|
[Defines]
|
|
|
|
|
DEC_SPECIFICATION = 0x00010005
|
|
|
|
|
PACKAGE_NAME = UefiCpuPkg
|
2014-08-28 07:11:45 +02:00
|
|
|
PACKAGE_UNI_FILE = UefiCpuPkg.uni
|
2014-01-22 09:41:16 +01:00
|
|
|
PACKAGE_GUID = 2171df9b-0d39-45aa-ac37-2de190010d23
|
2018-01-22 03:00:08 +01:00
|
|
|
PACKAGE_VERSION = 0.90
|
2014-01-22 09:41:16 +01:00
|
|
|
|
|
|
|
|
[Includes]
|
|
|
|
|
Include
|
|
|
|
|
|
|
|
|
|
[LibraryClasses]
|
|
|
|
|
## @libraryclass Defines some routines that are generic for IA32 family CPU
|
|
|
|
|
## to be UEFI specification compliant.
|
|
|
|
|
##
|
|
|
|
|
UefiCpuLib|Include/Library/UefiCpuLib.h
|
|
|
|
|
|
2017-03-07 09:35:40 +01:00
|
|
|
## @libraryclass Defines some routines that are used to register/manage/program
|
|
|
|
|
## CPU features.
|
|
|
|
|
##
|
2017-04-05 16:32:16 +02:00
|
|
|
RegisterCpuFeaturesLib|Include/Library/RegisterCpuFeaturesLib.h
|
2017-03-07 09:35:40 +01:00
|
|
|
|
2014-01-22 09:41:16 +01:00
|
|
|
[LibraryClasses.IA32, LibraryClasses.X64]
|
|
|
|
|
## @libraryclass Provides functions to manage MTRR settings on IA32 and X64 CPUs.
|
|
|
|
|
##
|
|
|
|
|
MtrrLib|Include/Library/MtrrLib.h
|
|
|
|
|
|
|
|
|
|
## @libraryclass Provides functions to manage the Local APIC on IA32 and X64 CPUs.
|
|
|
|
|
##
|
|
|
|
|
LocalApicLib|Include/Library/LocalApicLib.h
|
2015-10-19 21:10:32 +02:00
|
|
|
|
|
|
|
|
## @libraryclass Provides platform specific initialization functions in the SEC phase.
|
|
|
|
|
##
|
|
|
|
|
PlatformSecLib|Include/Library/PlatformSecLib.h
|
2015-10-19 21:12:53 +02:00
|
|
|
|
2015-10-19 21:12:32 +02:00
|
|
|
## @libraryclass Public include file for the SMM CPU Platform Hook Library.
|
|
|
|
|
##
|
|
|
|
|
SmmCpuPlatformHookLib|Include/Library/SmmCpuPlatformHookLib.h
|
2015-10-19 21:12:53 +02:00
|
|
|
|
2015-10-19 21:12:32 +02:00
|
|
|
## @libraryclass Provides the CPU specific programming for PiSmmCpuDxeSmm module.
|
|
|
|
|
##
|
|
|
|
|
SmmCpuFeaturesLib|Include/Library/SmmCpuFeaturesLib.h
|
|
|
|
|
|
2016-07-19 03:39:45 +02:00
|
|
|
## @libraryclass Provides functions to support MP services on CpuMpPei and CpuDxe module.
|
|
|
|
|
##
|
|
|
|
|
MpInitLib|Include/Library/MpInitLib.h
|
|
|
|
|
|
2014-01-22 09:41:16 +01:00
|
|
|
[Guids]
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid = { 0xac05bf33, 0x995a, 0x4ed4, { 0xaa, 0xb8, 0xef, 0x7a, 0xe8, 0xf, 0x5c, 0xb0 }}
|
2016-11-28 22:52:57 +01:00
|
|
|
gMsegSmramGuid = { 0x5802bce4, 0xeeee, 0x4e33, { 0xa1, 0x30, 0xeb, 0xad, 0x27, 0xf0, 0xe4, 0x39 }}
|
2014-01-22 09:41:16 +01:00
|
|
|
|
2017-03-07 08:59:22 +01:00
|
|
|
## Include/Guid/CpuFeaturesSetDone.h
|
|
|
|
|
gEdkiiCpuFeaturesSetDoneGuid = { 0xa82485ce, 0xad6b, 0x4101, { 0x99, 0xd3, 0xe1, 0x35, 0x8c, 0x9e, 0x7e, 0x37 }}
|
|
|
|
|
|
2017-03-07 09:30:05 +01:00
|
|
|
## Include/Guid/CpuFeaturesInitDone.h
|
|
|
|
|
gEdkiiCpuFeaturesInitDoneGuid = { 0xc77c3a41, 0x61ab, 0x4143, { 0x98, 0x3e, 0x33, 0x39, 0x28, 0x6, 0x28, 0xe5 }}
|
|
|
|
|
|
2019-12-23 03:52:14 +01:00
|
|
|
## Include/Guid/MicrocodePatchHob.h
|
|
|
|
|
gEdkiiMicrocodePatchHobGuid = { 0xd178f11d, 0x8716, 0x418e, { 0xa1, 0x31, 0x96, 0x7d, 0x2a, 0xc4, 0x28, 0x43 }}
|
|
|
|
|
|
2015-10-19 21:12:32 +02:00
|
|
|
[Protocols]
|
|
|
|
|
## Include/Protocol/SmmCpuService.h
|
|
|
|
|
gEfiSmmCpuServiceProtocolGuid = { 0x1d202cab, 0xc8ab, 0x4d5c, { 0x94, 0xf7, 0x3c, 0xfc, 0xc0, 0xd3, 0xd3, 0x35 }}
|
2015-10-19 21:12:53 +02:00
|
|
|
|
2016-11-28 22:52:57 +01:00
|
|
|
## Include/Protocol/SmMonitorInit.h
|
|
|
|
|
gEfiSmMonitorInitProtocolGuid = { 0x228f344d, 0xb3de, 0x43bb, { 0xa4, 0xd7, 0xea, 0x20, 0xb, 0x1b, 0x14, 0x82 }}
|
|
|
|
|
|
2014-08-28 07:11:45 +02:00
|
|
|
#
|
|
|
|
|
# [Error.gUefiCpuPkgTokenSpaceGuid]
|
|
|
|
|
# 0x80000001 | Invalid value provided.
|
|
|
|
|
#
|
|
|
|
|
|
2019-07-29 02:52:57 +02:00
|
|
|
[Ppis]
|
|
|
|
|
gEdkiiPeiMpServices2PpiGuid = { 0x5cb9cb3d, 0x31a4, 0x480c, { 0x94, 0x98, 0x29, 0xd2, 0x69, 0xba, 0xcf, 0xba}}
|
|
|
|
|
|
2015-10-19 21:12:53 +02:00
|
|
|
[PcdsFeatureFlag]
|
|
|
|
|
## Indicates if SMM Profile will be enabled.
|
|
|
|
|
# If enabled, instruction executions in and data accesses to memory outside of SMRAM will be logged.
|
2019-08-26 00:27:13 +02:00
|
|
|
# In X64 build, it could not be enabled when PcdCpuSmmRestrictedMemoryAccess is TRUE.
|
|
|
|
|
# In IA32 build, the page table memory is not marked as read-only when it is enabled.
|
2015-10-19 21:12:53 +02:00
|
|
|
# This PCD is only for validation purpose. It should be set to false in production.<BR><BR>
|
|
|
|
|
# TRUE - SMM Profile will be enabled.<BR>
|
|
|
|
|
# FALSE - SMM Profile will be disabled.<BR>
|
|
|
|
|
# @Prompt Enable SMM Profile.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmProfileEnable|FALSE|BOOLEAN|0x32132109
|
|
|
|
|
|
|
|
|
|
## Indicates if the SMM profile log buffer is a ring buffer.
|
|
|
|
|
# If disabled, no additional log can be done when the buffer is full.<BR><BR>
|
|
|
|
|
# TRUE - the SMM profile log buffer is a ring buffer.<BR>
|
|
|
|
|
# FALSE - the SMM profile log buffer is a normal buffer.<BR>
|
|
|
|
|
# @Prompt The SMM profile log buffer is a ring buffer.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmProfileRingBuffer|FALSE|BOOLEAN|0x3213210a
|
|
|
|
|
|
|
|
|
|
## Indicates if SMM Startup AP in a blocking fashion.
|
|
|
|
|
# TRUE - SMM Startup AP in a blocking fashion.<BR>
|
|
|
|
|
# FALSE - SMM Startup AP in a non-blocking fashion.<BR>
|
|
|
|
|
# @Prompt SMM Startup AP in a blocking fashion.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmBlockStartupThisAp|FALSE|BOOLEAN|0x32132108
|
|
|
|
|
|
|
|
|
|
## Indicates if SMM Stack Guard will be enabled.
|
2016-06-01 19:23:20 +02:00
|
|
|
# If enabled, stack overflow in SMM can be caught, preventing chaotic consequences.<BR><BR>
|
2015-10-19 21:12:53 +02:00
|
|
|
# TRUE - SMM Stack Guard will be enabled.<BR>
|
|
|
|
|
# FALSE - SMM Stack Guard will be disabled.<BR>
|
|
|
|
|
# @Prompt Enable SMM Stack Guard.
|
2016-06-01 19:23:20 +02:00
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackGuard|TRUE|BOOLEAN|0x1000001C
|
2015-10-19 21:12:53 +02:00
|
|
|
|
|
|
|
|
## Indicates if BSP election in SMM will be enabled.
|
|
|
|
|
# If enabled, a BSP will be dynamically elected among all processors in each SMI.
|
|
|
|
|
# Otherwise, processor 0 is always as BSP in each SMI.<BR><BR>
|
|
|
|
|
# TRUE - BSP election in SMM will be enabled.<BR>
|
|
|
|
|
# FALSE - BSP election in SMM will be disabled.<BR>
|
|
|
|
|
# @Prompt Enable BSP election in SMM.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmEnableBspElection|TRUE|BOOLEAN|0x32132106
|
|
|
|
|
|
|
|
|
|
## Indicates if CPU SMM hot-plug will be enabled.<BR><BR>
|
|
|
|
|
# TRUE - SMM CPU hot-plug will be enabled.<BR>
|
|
|
|
|
# FALSE - SMM CPU hot-plug will be disabled.<BR>
|
|
|
|
|
# @Prompt SMM CPU hot-plug.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuHotPlugSupport|FALSE|BOOLEAN|0x3213210C
|
|
|
|
|
|
|
|
|
|
## Indicates if SMM Debug will be enabled.
|
|
|
|
|
# If enabled, hardware breakpoints in SMRAM can be set outside of SMM mode and take effect in SMM.<BR><BR>
|
|
|
|
|
# TRUE - SMM Debug will be enabled.<BR>
|
|
|
|
|
# FALSE - SMM Debug will be disabled.<BR>
|
|
|
|
|
# @Prompt Enable SMM Debug.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmDebug|FALSE|BOOLEAN|0x1000001B
|
|
|
|
|
|
|
|
|
|
## Indicates if lock SMM Feature Control MSR.<BR><BR>
|
|
|
|
|
# TRUE - SMM Feature Control MSR will be locked.<BR>
|
|
|
|
|
# FALSE - SMM Feature Control MSR will not be locked.<BR>
|
|
|
|
|
# @Prompt Lock SMM Feature Control MSR.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmFeatureControlMsrLock|TRUE|BOOLEAN|0x3213210B
|
|
|
|
|
|
2020-01-08 04:22:30 +01:00
|
|
|
## Indicates if FIT based microcode shadowing will be enabled.<BR><BR>
|
|
|
|
|
# TRUE - FIT base microcode shadowing will be enabled.<BR>
|
|
|
|
|
# FALSE - FIT base microcode shadowing will be disabled.<BR>
|
|
|
|
|
# @Prompt FIT based microcode shadowing.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuShadowMicrocodeByFit|FALSE|BOOLEAN|0x3213210D
|
|
|
|
|
|
2017-12-07 13:13:30 +01:00
|
|
|
[PcdsFixedAtBuild]
|
|
|
|
|
## List of exception vectors which need switching stack.
|
|
|
|
|
# This PCD will only take into effect if PcdCpuStackGuard is enabled.
|
|
|
|
|
# By default exception #DD(8), #PF(14) are supported.
|
|
|
|
|
# @Prompt Specify exception vectors which need switching stack.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList|{0x08, 0x0E}|VOID*|0x30002000
|
|
|
|
|
|
|
|
|
|
## Size of good stack for an exception.
|
|
|
|
|
# This PCD will only take into effect if PcdCpuStackGuard is enabled.
|
|
|
|
|
# @Prompt Specify size of good stack of exception which need switching stack.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize|2048|UINT32|0x30002001
|
|
|
|
|
|
2019-12-06 04:36:35 +01:00
|
|
|
## Count of pre allocated SMM MP tokens per chunk.
|
|
|
|
|
# @Prompt Specify the count of pre allocated SMM MP tokens per chunk.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmMpTokenCountPerChunk|64|UINT32|0x30002002
|
|
|
|
|
|
2014-01-22 09:41:16 +01:00
|
|
|
[PcdsFixedAtBuild, PcdsPatchableInModule]
|
2015-10-19 21:12:53 +02:00
|
|
|
## This value is the CPU Local APIC base address, which aligns the address on a 4-KByte boundary.
|
|
|
|
|
# @Prompt Configure base address of CPU Local APIC
|
2014-08-28 07:11:45 +02:00
|
|
|
# @Expression 0x80000001 | (gUefiCpuPkgTokenSpaceGuid.PcdCpuLocalApicBaseAddress & 0xfff) == 0
|
2014-01-22 09:41:16 +01:00
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuLocalApicBaseAddress|0xfee00000|UINT32|0x00000001
|
2015-10-19 21:12:53 +02:00
|
|
|
|
2014-08-28 07:11:45 +02:00
|
|
|
## Specifies delay value in microseconds after sending out an INIT IPI.
|
|
|
|
|
# @Prompt Configure delay value after send an INIT IPI
|
2014-07-10 04:12:27 +02:00
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuInitIpiDelayInMicroSeconds|10000|UINT32|0x30000002
|
2015-10-19 21:12:53 +02:00
|
|
|
|
2014-11-13 19:25:48 +01:00
|
|
|
## This value specifies the Application Processor (AP) stack size, used for Mp Service, which must
|
|
|
|
|
## aligns the address on a 4-KByte boundary.
|
|
|
|
|
# @Prompt Configure stack size for Application Processor (AP)
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize|0x8000|UINT32|0x00000003
|
2014-01-22 09:41:16 +01:00
|
|
|
|
2015-10-19 21:10:32 +02:00
|
|
|
## Specifies stack size in the temporary RAM. 0 means half of TemporaryRamSize.
|
|
|
|
|
# @Prompt Stack size in the temporary RAM.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdPeiTemporaryRamStackSize|0|UINT32|0x10001003
|
|
|
|
|
|
2015-10-19 21:12:53 +02:00
|
|
|
## Specifies buffer size in bytes to save SMM profile data. The value should be a multiple of 4KB.
|
|
|
|
|
# @Prompt SMM profile data buffer size.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmProfileSize|0x200000|UINT32|0x32132107
|
|
|
|
|
|
|
|
|
|
## Specifies stack size in bytes for each processor in SMM.
|
|
|
|
|
# @Prompt Processor stack size in SMM.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackSize|0x2000|UINT32|0x32132105
|
|
|
|
|
|
UefiCpuPkg/PiSmmCpu: Add Shadow Stack Support for X86 SMM.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1521
We scan the SMM code with ROPgadget.
http://shell-storm.org/project/ROPgadget/
https://github.com/JonathanSalwan/ROPgadget/tree/master
This tool reports the gadget in SMM driver.
This patch enabled CET ShadowStack for X86 SMM.
If CET is supported, SMM will enable CET ShadowStack.
SMM CET will save the OS CET context at SmmEntry and
restore OS CET context at SmmExit.
Test:
1) test Intel internal platform (x64 only, CET enabled/disabled)
Boot test:
CET supported or not supported CPU
on CET supported platform
CET enabled/disabled
PcdCpuSmmCetEnable enabled/disabled
Single core/Multiple core
PcdCpuSmmStackGuard enabled/disabled
PcdCpuSmmProfileEnable enabled/disabled
PcdCpuSmmStaticPageTable enabled/disabled
CET exception test:
#CF generated with PcdCpuSmmStackGuard enabled/disabled.
Other exception test:
#PF for normal stack overflow
#PF for NX protection
#PF for RO protection
CET env test:
Launch SMM in CET enabled/disabled environment (DXE) - no impact to DXE
The test case can be found at
https://github.com/jyao1/SecurityEx/tree/master/ControlFlowPkg
2) test ovmf (both IA32 and X64 SMM, CET disabled only)
test OvmfIa32/Ovmf3264, with -D SMM_REQUIRE.
qemu-system-x86_64.exe -machine q35,smm=on -smp 4
-serial file:serial.log
-drive if=pflash,format=raw,unit=0,file=OVMF_CODE.fd,readonly=on
-drive if=pflash,format=raw,unit=1,file=OVMF_VARS.fd
QEMU emulator version 3.1.0 (v3.1.0-11736-g7a30e7adb0-dirty)
3) not tested
IA32 CET enabled platform
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
2019-02-22 14:30:36 +01:00
|
|
|
## Specifies shadow stack size in bytes for each processor in SMM.
|
|
|
|
|
# @Prompt Processor shadow stack size in SMM.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmShadowStackSize|0x2000|UINT32|0x3213210E
|
|
|
|
|
|
2015-10-19 21:12:53 +02:00
|
|
|
## Indicates if SMM Code Access Check is enabled.
|
|
|
|
|
# If enabled, the SMM handler cannot execute the code outside SMM regions.
|
|
|
|
|
# This PCD is suggested to TRUE in production image.<BR><BR>
|
|
|
|
|
# TRUE - SMM Code Access Check will be enabled.<BR>
|
|
|
|
|
# FALSE - SMM Code Access Check will be disabled.<BR>
|
|
|
|
|
# @Prompt SMM Code Access Check.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmCodeAccessCheckEnable|TRUE|BOOLEAN|0x60000013
|
|
|
|
|
|
2015-12-08 06:19:34 +01:00
|
|
|
## Specifies the number of variable MTRRs reserved for OS use. The default number of
|
|
|
|
|
# MTRRs reserved for OS use is 2.
|
|
|
|
|
# @Prompt Number of reserved variable MTRRs.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuNumberOfReservedVariableMtrrs|0x2|UINT32|0x00000015
|
|
|
|
|
|
2016-11-28 22:52:57 +01:00
|
|
|
## Specifies buffer size in bytes for STM exception stack. The value should be a multiple of 4KB.
|
|
|
|
|
# @Prompt STM exception stack size.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStmExceptionStackSize|0x1000|UINT32|0x32132111
|
|
|
|
|
|
|
|
|
|
## Specifies buffer size in bytes of MSEG. The value should be a multiple of 4KB.
|
|
|
|
|
# @Prompt MSEG size.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuMsegSize|0x200000|UINT32|0x32132112
|
|
|
|
|
|
2017-03-27 04:42:22 +02:00
|
|
|
## Specifies the supported CPU features bit in array.
|
|
|
|
|
# @Prompt Supported CPU features.
|
2017-03-07 08:54:23 +01:00
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuFeaturesSupport|{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}|VOID*|0x00000016
|
|
|
|
|
|
2017-03-27 04:42:22 +02:00
|
|
|
## Specifies if CPU features will be initialized after SMM relocation.
|
|
|
|
|
# @Prompt If CPU features will be initialized after SMM relocation.
|
2017-03-07 12:23:12 +01:00
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuFeaturesInitAfterSmmRelocation|FALSE|BOOLEAN|0x0000001C
|
|
|
|
|
|
2017-03-27 04:42:22 +02:00
|
|
|
## Specifies if CPU features will be initialized during S3 resume.
|
|
|
|
|
# @Prompt If CPU features will be initialized during S3 resume.
|
2017-03-07 12:23:12 +01:00
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuFeaturesInitOnS3Resume|FALSE|BOOLEAN|0x0000001D
|
|
|
|
|
|
2019-08-12 06:34:39 +02:00
|
|
|
## Specifies CPUID Leaf 0x15 Time Stamp Counter and Nominal Core Crystal Clock Frequency.
|
|
|
|
|
# TSC Frequency = ECX (core crystal clock frequency) * EBX/EAX.
|
|
|
|
|
# Intel Xeon Processor Scalable Family with CPUID signature 06_55H = 25000000 (25MHz)
|
|
|
|
|
# 6th and 7th generation Intel Core processors and Intel Xeon W Processor Family = 24000000 (24MHz)
|
|
|
|
|
# Intel Atom processors based on Goldmont Microarchitecture with CPUID signature 06_5CH = 19200000 (19.2MHz)
|
|
|
|
|
# @Prompt This PCD is the nominal frequency of the core crystal clock in Hz as is CPUID Leaf 0x15:ECX
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuCoreCrystalClockFrequency|24000000|UINT64|0x32132113
|
|
|
|
|
|
2015-07-15 05:38:10 +02:00
|
|
|
[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
|
2016-03-03 08:25:26 +01:00
|
|
|
## Specifies max supported number of Logical Processors.
|
|
|
|
|
# @Prompt Configure max supported number of Logical Processors
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64|UINT32|0x00000002
|
2015-07-15 05:38:10 +02:00
|
|
|
## Specifies timeout value in microseconds for the BSP to detect all APs for the first time.
|
|
|
|
|
# @Prompt Timeout for the BSP to detect all APs for the first time.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds|50000|UINT32|0x00000004
|
UefiCpuPkg/MpInitLib: honor the platform's boot CPU count in AP detection
- If a platform boots such that the boot CPU count is smaller than
PcdCpuMaxLogicalProcessorNumber, then the platform cannot use the "fast
AP detection" logic added in commit 6e1987f19af7. (Which has been
documented as a subset of use case (2) in the previous patch.)
Said logic depends on the boot CPU count being equal to
PcdCpuMaxLogicalProcessorNumber. If the equality does not hold, the
platform either has to wait too long, or risk missing APs due to an
early timeout.
- The platform may not be able to use the variant added in commit
0594ec417c89 either. (Which has been documented as use case (1) in the
previous patch.)
See commit 861218740d6d. When OVMF runs on QEMU/KVM, APs may check in
with the BSP in arbitrary order, plus the individual AP may take
arbitrarily long to check-in. If "NumApsExecuting" falls to zero
mid-enumeration, APs will be missed.
Allow platforms to specify the exact boot CPU count, independently of
PcdCpuMaxLogicalProcessorNumber. In this mode, the BSP waits for all APs
to check-in regardless of timeout. If at least one AP fails to check-in,
then the AP enumeration hangs forever. That is the desired behavior when
the exact boot CPU count is known in advance. (A hung boot is better than
an AP checking-in after timeout, and executing code from released
storage.)
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1515
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
2019-10-07 14:05:28 +02:00
|
|
|
## Specifies the number of Logical Processors that are available in the
|
|
|
|
|
# preboot environment after platform reset, including BSP and APs. Possible
|
|
|
|
|
# values:<BR><BR>
|
|
|
|
|
# zero (default) - PcdCpuBootLogicalProcessorNumber is ignored, and
|
|
|
|
|
# PcdCpuApInitTimeOutInMicroSeconds limits the initial AP
|
|
|
|
|
# detection by the BSP.<BR>
|
|
|
|
|
# nonzero - PcdCpuApInitTimeOutInMicroSeconds is ignored. The initial
|
|
|
|
|
# AP detection finishes only when the detected CPU count
|
|
|
|
|
# (BSP plus APs) reaches the value of
|
|
|
|
|
# PcdCpuBootLogicalProcessorNumber, regardless of how long
|
|
|
|
|
# that takes.<BR>
|
|
|
|
|
# @Prompt Number of Logical Processors available after platform reset.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber|0|UINT32|0x00000008
|
2015-07-15 05:39:46 +02:00
|
|
|
## Specifies the base address of the first microcode Patch in the microcode Region.
|
|
|
|
|
# @Prompt Microcode Region base address.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuMicrocodePatchAddress|0x0|UINT64|0x00000005
|
|
|
|
|
## Specifies the size of the microcode Region.
|
|
|
|
|
# @Prompt Microcode Region size.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuMicrocodePatchRegionSize|0x0|UINT64|0x00000006
|
2015-12-18 04:23:27 +01:00
|
|
|
## Specifies the AP wait loop state during POST phase.
|
|
|
|
|
# The value is defined as below.<BR><BR>
|
|
|
|
|
# 1: Place AP in the Hlt-Loop state.<BR>
|
|
|
|
|
# 2: Place AP in the Mwait-Loop state.<BR>
|
|
|
|
|
# 3: Place AP in the Run-Loop state.<BR>
|
|
|
|
|
# @Prompt The AP wait loop state.
|
|
|
|
|
# @ValidRange 0x80000001 | 1 - 3
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuApLoopMode|1|UINT8|0x60008006
|
2015-12-18 04:23:53 +01:00
|
|
|
## Specifies the AP target C-state for Mwait during POST phase.
|
|
|
|
|
# The default value 0 means C1 state.
|
|
|
|
|
# The value is defined as below.<BR><BR>
|
|
|
|
|
# @Prompt The specified AP target C-state for Mwait.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate|0|UINT8|0x00000007
|
2015-07-15 05:38:10 +02:00
|
|
|
|
UefiCpuPkg/PiSmmCpuDxeSmm: dynamic PcdCpuSmmApSyncTimeout, PcdCpuSmmSyncMode
Move the declaration of these PCDs from the
[PcdsFixedAtBuild, PcdsPatchableInModule]
section of "UefiCpuPkg/UefiCpuPkg.dec" to the
[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
section. Their types, default values, and token values remain unchanged.
Only UefiCpuPkg/PiSmmCpuDxeSmm consumes these PCDs, specifically on the
call stack of its entry point function, and it turns them into static or
dynamically allocated data in SMRAM:
PiCpuSmmEntry() [PiSmmCpuDxeSmm.c]
InitializeSmmTimer() [SyncTimer.c]
PcdCpuSmmApSyncTimeout
-> mTimeoutTicker
InitializeMpServiceData() [MpService.c]
InitializeMpSyncData() [MpService.c]
PcdCpuSmmSyncMode
-> mSmmMpSyncData->EffectiveSyncMode
However, there's another call path to fetching "PcdCpuSmmSyncMode", namely
SmmInitHandler() [PiSmmCpuDxeSmm.c]
InitializeMpSyncData() [MpService.c]
PcdCpuSmmSyncMode
-> mSmmMpSyncData->EffectiveSyncMode
and this path is exercised during S3 resume (as stated by the comment in
SmmInitHandler() too, "Initialize private data during S3 resume").
While we can call the PCD protocol (via PcdLib) for fetching dynamic PCDs
in the entry point function, we cannot do that at S3 resume. Therefore
pre-fetch PcdCpuSmmSyncMode into a new global variable (which lives in
SMRAM) in InitializeMpServiceData(), just before calling
InitializeMpSyncData(). This way InitializeMpSyncData() can retrieve the
stashed PCD value from SMRAM, regardless of the boot mode.
Cc: Jeff Fan <jeff.fan@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=230
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
2016-11-17 21:13:29 +01:00
|
|
|
## Specifies timeout value in microseconds for the BSP in SMM to wait for all APs to come into SMM.
|
|
|
|
|
# @Prompt AP synchronization timeout value in SMM.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmApSyncTimeout|1000000|UINT64|0x32132104
|
|
|
|
|
|
|
|
|
|
## Indicates the CPU synchronization method used when processing an SMI.
|
|
|
|
|
# 0x00 - Traditional CPU synchronization method.<BR>
|
|
|
|
|
# 0x01 - Relaxed CPU synchronization method.<BR>
|
|
|
|
|
# @Prompt SMM CPU Synchronization Method.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x00|UINT8|0x60000014
|
|
|
|
|
|
2017-03-07 09:56:15 +01:00
|
|
|
## Specifies the On-demand clock modulation duty cycle when ACPI feature is enabled.
|
|
|
|
|
# @Prompt The encoded values for target duty cycle modulation.
|
|
|
|
|
# @ValidRange 0x80000001 | 0 - 15
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuClockModulationDutyCycle|0x0|UINT8|0x0000001A
|
|
|
|
|
|
|
|
|
|
## Indicates if the current boot is a power-on reset.<BR><BR>
|
|
|
|
|
# TRUE - Current boot is a power-on reset.<BR>
|
|
|
|
|
# FALSE - Current boot is not a power-on reset.<BR>
|
|
|
|
|
# @Prompt Current boot is a power-on reset.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdIsPowerOnReset|FALSE|BOOLEAN|0x0000001B
|
|
|
|
|
|
2019-08-24 00:45:31 +02:00
|
|
|
[PcdsFixedAtBuild.X64, PcdsPatchableInModule.X64, PcdsDynamic.X64, PcdsDynamicEx.X64]
|
|
|
|
|
## Indicate access to non-SMRAM memory is restricted to reserved, runtime and ACPI NVS type after SmmReadyToLock.
|
|
|
|
|
# MMIO access is always allowed regardless of the value of this PCD.
|
|
|
|
|
# Loose of such restriction is only required by RAS components in X64 platforms.
|
|
|
|
|
# The PCD value is considered as constantly TRUE in IA32 platforms.
|
|
|
|
|
# When the PCD value is TRUE, page table is initialized to cover all memory spaces
|
|
|
|
|
# and the memory occupied by page table is protected by page table itself as read-only.
|
2019-08-26 00:27:13 +02:00
|
|
|
# In X64 build, it cannot be enabled at the same time with SMM profile feature (PcdCpuSmmProfileEnable).
|
|
|
|
|
# In X64 build, it could not be enabled also at the same time with heap guard feature for SMM
|
|
|
|
|
# (PcdHeapGuardPropertyMask in MdeModulePkg).
|
|
|
|
|
# In IA32 build, page table memory is not marked as read-only when either SMM profile feature (PcdCpuSmmProfileEnable)
|
|
|
|
|
# or heap guard feature for SMM (PcdHeapGuardPropertyMask in MdeModulePkg) is enabled.
|
2019-08-24 00:45:31 +02:00
|
|
|
# TRUE - Access to non-SMRAM memory is restricted to reserved, runtime and ACPI NVS type after SmmReadyToLock.<BR>
|
|
|
|
|
# FALSE - Access to any type of non-SMRAM memory after SmmReadyToLock is allowed.<BR>
|
|
|
|
|
# @Prompt Access to non-SMRAM memory is restricted to reserved, runtime and ACPI NVS type after SmmReadyToLock.
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmRestrictedMemoryAccess|TRUE|BOOLEAN|0x3213210F
|
|
|
|
|
|
2015-10-19 21:12:53 +02:00
|
|
|
[PcdsDynamic, PcdsDynamicEx]
|
|
|
|
|
## Contains the pointer to a CPU S3 data buffer of structure ACPI_CPU_DATA.
|
|
|
|
|
# @Prompt The pointer to a CPU S3 data buffer.
|
|
|
|
|
# @ValidList 0x80000001 | 0
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuS3DataAddress|0x0|UINT64|0x60000010
|
|
|
|
|
|
|
|
|
|
## Contains the pointer to a CPU Hot Plug Data structure if CPU hot-plug is supported.
|
|
|
|
|
# @Prompt The pointer to CPU Hot Plug Data.
|
|
|
|
|
# @ValidList 0x80000001 | 0
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuHotPlugDataAddress|0x0|UINT64|0x60000011
|
|
|
|
|
|
2017-03-07 08:54:23 +01:00
|
|
|
## Indicates processor feature capabilities, each bit corresponding to a specific feature.
|
|
|
|
|
# @Prompt Processor feature capabilities.
|
|
|
|
|
# @ValidList 0x80000001 | 0
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuFeaturesCapability|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}|VOID*|0x00000018
|
|
|
|
|
|
2019-02-12 08:22:48 +01:00
|
|
|
## As input, specifies user's desired settings for enabling/disabling processor features.
|
|
|
|
|
## As output, specifies actual settings for processor features, each bit corresponding to a specific feature.
|
|
|
|
|
# @Prompt As input, specifies user's desired processor feature settings. As output, specifies actual processor feature settings.
|
2017-03-07 08:54:23 +01:00
|
|
|
# @ValidList 0x80000001 | 0
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuFeaturesSetting|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}|VOID*|0x00000019
|
|
|
|
|
|
2017-08-14 09:18:23 +02:00
|
|
|
## Contains the size of memory required when CPU processor trace is enabled.<BR><BR>
|
2017-08-23 04:28:55 +02:00
|
|
|
# Processor trace is enabled through set BIT44(CPU_FEATURE_PROC_TRACE) in PcdCpuFeaturesSetting.<BR><BR>
|
|
|
|
|
# This PCD is ignored if CPU processor trace is disabled.<BR><BR>
|
|
|
|
|
# Default value is 0x00 which means 4KB of memory is allocated if CPU processor trace is enabled.<BR>
|
2017-08-14 09:18:23 +02:00
|
|
|
# 0x0 - 4K.<BR>
|
|
|
|
|
# 0x1 - 8K.<BR>
|
|
|
|
|
# 0x2 - 16K.<BR>
|
|
|
|
|
# 0x3 - 32K.<BR>
|
|
|
|
|
# 0x4 - 64K.<BR>
|
|
|
|
|
# 0x5 - 128K.<BR>
|
|
|
|
|
# 0x6 - 256K.<BR>
|
|
|
|
|
# 0x7 - 512K.<BR>
|
|
|
|
|
# 0x8 - 1M.<BR>
|
|
|
|
|
# 0x9 - 2M.<BR>
|
|
|
|
|
# 0xA - 4M.<BR>
|
|
|
|
|
# 0xB - 8M.<BR>
|
|
|
|
|
# 0xC - 16M.<BR>
|
|
|
|
|
# 0xD - 32M.<BR>
|
|
|
|
|
# 0xE - 64M.<BR>
|
|
|
|
|
# 0xF - 128M.<BR>
|
2017-08-23 04:28:55 +02:00
|
|
|
# @Prompt The memory size used for processor trace if processor trace is enabled.
|
|
|
|
|
# @ValidRange 0x80000001 | 0 - 0xF
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuProcTraceMemSize|0x0|UINT32|0x60000012
|
2017-07-19 03:00:30 +02:00
|
|
|
|
2017-08-14 09:18:23 +02:00
|
|
|
## Contains the processor trace output scheme when CPU processor trace is enabled.<BR><BR>
|
2017-08-23 04:28:55 +02:00
|
|
|
# Processor trace is enabled through set BIT44(CPU_FEATURE_PROC_TRACE) in PcdCpuFeaturesSetting.<BR><BR>
|
|
|
|
|
# This PCD is ignored if CPU processor trace is disabled.<BR><BR>
|
|
|
|
|
# Default value is 0 which means single range output scheme will be used if CPU processor trace is enabled.<BR>
|
2017-08-14 09:18:23 +02:00
|
|
|
# 0 - Single Range output scheme.<BR>
|
|
|
|
|
# 1 - ToPA(Table of physical address) scheme.<BR>
|
2017-08-23 04:28:55 +02:00
|
|
|
# @Prompt The processor trace output scheme used when processor trace is enabled.
|
|
|
|
|
# @ValidRange 0x80000001 | 0 - 1
|
|
|
|
|
gUefiCpuPkgTokenSpaceGuid.PcdCpuProcTraceOutputScheme|0x0|UINT8|0x60000015
|
2017-07-19 03:00:30 +02:00
|
|
|
|
2014-08-28 07:11:45 +02:00
|
|
|
[UserExtensions.TianoCore."ExtraFiles"]
|
|
|
|
|
UefiCpuPkgExtra.uni
|
