tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

UefiCpuPkg/PiSmmCpuDxeSmm: Put AP into safe hlt-loop code on S3 path 

On S3 path, we will wake up APs to restore CPU context in PiSmmCpuDxeSmm
driver. However, we place AP in hlt-loop under 1MB space borrowed after CPU
restoring CPU contexts.
In case, one NMI or SMI happens, APs may exit from hlt state and execute the
instruction after HLT instruction. But the code under 1MB is no longer safe at
that time.

This fix is to allocate one ACPI NVS range to place the AP hlt-loop code. When
CPU finished restoration CPU contexts, AP will execute in this ACPI NVS range.

https://bugzilla.tianocore.org/show_bug.cgi?id=216

v2:
  1. Make stack alignment per Laszlo's comment.
  2. Trim whitespace at end of end.
  3. Update year mark in file header.

Reported-by: Laszlo Ersek <lersek@redhat.com>
Analyzed-by: Paolo Bonzini <pbonzini@redhat.com>
Analyzed-by: Laszlo Ersek <lersek@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
This commit is contained in:
Jeff Fan 2016-11-10 13:40:12 +08:00
parent c37dcee6d8
commit 4a0f88dd64
4 changed files with 100 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
View File

@ -77,6 +77,13 @@ SMM_S3_RESUME_STATE *mSmmS3ResumeState = NULL;
BOOLEAN mAcpiS3Enable = TRUE; BOOLEAN mAcpiS3Enable = TRUE;
UINT8 *mApHltLoopCode = NULL;
UINT8 mApHltLoopCodeTemplate[] = {
0xFA, // cli
0xF4, // hlt
0xEB, 0xFC // jmp $-2
};
/** /**
Get MSR spin lock by MSR index. Get MSR spin lock by MSR index.
@ -376,6 +383,8 @@ MPRendezvousProcedure (
CPU_REGISTER_TABLE *RegisterTableList; CPU_REGISTER_TABLE *RegisterTableList;
UINT32 InitApicId; UINT32 InitApicId;
UINTN Index; UINTN Index;
UINT32 TopOfStack;
UINT8 Stack[128];
ProgramVirtualWireMode (); ProgramVirtualWireMode ();
DisableLvtInterrupts (); DisableLvtInterrupts ();
@ -393,6 +402,14 @@ MPRendezvousProcedure (
// Count down the number with lock mechanism. // Count down the number with lock mechanism.
// //
InterlockedDecrement (&mNumberToFinish); InterlockedDecrement (&mNumberToFinish);
//
// Place AP into the safe code
//
TopOfStack = (UINT32) (UINTN) Stack + sizeof (Stack);
TopOfStack &= ~(UINT32) (CPU_STACK_ALIGNMENT - 1);
CopyMem ((VOID *) (UINTN) mApHltLoopCode, mApHltLoopCodeTemplate, sizeof (mApHltLoopCodeTemplate));
TransferApToSafeState ((UINT32) (UINTN) mApHltLoopCode, TopOfStack);
} }
/** /**
@ -731,6 +748,8 @@ InitSmmS3ResumeState (
VOID *GuidHob; VOID *GuidHob;
EFI_SMRAM_DESCRIPTOR *SmramDescriptor; EFI_SMRAM_DESCRIPTOR *SmramDescriptor;
SMM_S3_RESUME_STATE *SmmS3ResumeState; SMM_S3_RESUME_STATE *SmmS3ResumeState;
EFI_PHYSICAL_ADDRESS Address;
EFI_STATUS Status;
if (!mAcpiS3Enable) { if (!mAcpiS3Enable) {
return; return;
@ -773,6 +792,20 @@ InitSmmS3ResumeState (
// Patch SmmS3ResumeState->SmmS3Cr3 // Patch SmmS3ResumeState->SmmS3Cr3
// //
InitSmmS3Cr3 (); InitSmmS3Cr3 ();
//
// Allocate safe memory in ACPI NVS for AP to execute hlt loop in
// protected mode on S3 path
//
Address = BASE_4GB - 1;
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiACPIMemoryNVS,
EFI_SIZE_TO_PAGES (sizeof (mApHltLoopCodeTemplate)),
&Address
);
ASSERT_EFI_ERROR (Status);
mApHltLoopCode = (UINT8 *) (UINTN) Address;
} }
/** /**

27
UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c
View File

@ -1,7 +1,7 @@
/** @file /** @file
SMM CPU misc functions for Ia32 arch specific. SMM CPU misc functions for Ia32 arch specific.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR> Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -94,3 +94,28 @@ InitGdt (
*GdtStepSize = GdtTableStepSize; *GdtStepSize = GdtTableStepSize;
return GdtTssTables; return GdtTssTables;
} }
/**
Transfer AP to safe hlt-loop after it finished restore CPU features on S3 patch.
@param[in] ApHltLoopCode The 32-bit address of the safe hlt-loop function.
@param[in] TopOfStack A pointer to the new stack to use for the ApHltLoopCode.
**/
VOID
TransferApToSafeState (
IN UINT32 ApHltLoopCode,
IN UINT32 TopOfStack
)
{
SwitchStack (
(SWITCH_STACK_ENTRY_POINT) (UINTN) ApHltLoopCode,
NULL,
NULL,
(VOID *) (UINTN) TopOfStack
);
//
// It should never reach here
//
ASSERT (FALSE);
}

13
UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
View File

@ -825,4 +825,17 @@ GetAcpiS3EnableFlag (
VOID VOID
); );
/**
Transfer AP to safe hlt-loop after it finished restore CPU features on S3 patch.
@param[in] ApHltLoopCode The 32-bit address of the safe hlt-loop function.
@param[in] TopOfStack A pointer to the new stack to use for the ApHltLoopCode.
**/
VOID
TransferApToSafeState (
IN UINT32 ApHltLoopCode,
IN UINT32 TopOfStack
);
#endif #endif

29
UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c
View File

@ -1,7 +1,7 @@
/** @file /** @file
SMM CPU misc functions for x64 arch specific. SMM CPU misc functions for x64 arch specific.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR> Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -68,3 +68,30 @@ InitGdt (
*GdtStepSize = GdtTableStepSize; *GdtStepSize = GdtTableStepSize;
return GdtTssTables; return GdtTssTables;
} }
/**
Transfer AP to safe hlt-loop after it finished restore CPU features on S3 patch.
@param[in] ApHltLoopCode The 32-bit address of the safe hlt-loop function.
@param[in] TopOfStack A pointer to the new stack to use for the ApHltLoopCode.
**/
VOID
TransferApToSafeState (
IN UINT32 ApHltLoopCode,
IN UINT32 TopOfStack
)
{
SwitchStack (
(SWITCH_STACK_ENTRY_POINT) (UINTN) ApHltLoopCode,
NULL,
NULL,
(VOID *) (UINTN) TopOfStack
);
//
// It should never reach here
//
ASSERT (FALSE);
}