Commit Graph

958 Commits

Author SHA1 Message Date
Eric Dong d28daaddb3 UefiCpuPkg/CpuCommonFeaturesLib: Register MSR base on scope Info.
Because MSR has scope attribute, driver has no needs to set
MSR for all APs if MSR scope is core or package type. This patch
updates code to base on the MSR scope value to add MSR to the register
table.

Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
2018-10-22 11:19:49 +08:00
Eric Dong 38381e18bf UefiCpuPkg/CpuS3DataDxe: Keep old data if value already existed.
AcpiCpuData add new fields, keep these fields if old data already existed.

Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
2018-10-22 11:19:48 +08:00
Eric Dong 9332439058 UefiCpuPkg/PiSmmCpuDxeSmm: Add logic to support semaphore type.
V4 changes:
1. Serial console log for different threads when program register table.
2. Check the AcpiCpuData before use it to avoid potential ASSERT.

V3 changes:
1. Use global variable instead of internal function to return string for register type
   and dependence type.
2. Add comments for some complicated logic.

V1 changes:
Because this driver needs to set MSRs saved in normal boot phase, sync
semaphore logic from RegisterCpuFeaturesLib code which used for normal boot phase.

Detail see below change for RegisterCpuFeaturesLib:
  UefiCpuPkg/RegisterCpuFeaturesLib: Add logic to support semaphore type.

Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
2018-10-22 11:19:48 +08:00
Eric Dong b3c71b472d UefiCpuPkg/RegisterCpuFeaturesLib: Add logic to support semaphore type.
V4 changes include:
1. Serial debug message for different threads when program the register table.

V3 changes include:
1. Use global variable instead of internal function to return string for register type
   and dependence type.
2. Add comments for some complicated logic.

V2 changes include:
1. Add more description for the code part which need easy to understand.
2. Refine some code base on feedback for V1 changes.

V1 changes include:
In a system which has multiple cores, current set register value task costs huge times.
After investigation, current set MSR task costs most of the times. Current logic uses
SpinLock to let set MSR task as an single thread task for all cores. Because MSR has
scope attribute which may cause GP fault if multiple APs set MSR at the same time,
current logic use an easiest solution (use SpinLock) to avoid this issue, but it will
cost huge times.

In order to fix this performance issue, new solution will set MSRs base on their scope
attribute. After this, the SpinLock will not needed. Without SpinLock, new issue raised
which is caused by MSR dependence. For example, MSR A depends on MSR B which means MSR A
must been set after MSR B has been set. Also MSR B is package scope level and MSR A is
thread scope level. If system has multiple threads, Thread 1 needs to set the thread level
MSRs and thread 2 needs to set thread and package level MSRs. Set MSRs task for thread 1
and thread 2 like below:

            Thread 1                 Thread 2
MSR B          N                        Y
MSR A          Y                        Y

If driver don't control execute MSR order, for thread 1, it will execute MSR A first, but
at this time, MSR B not been executed yet by thread 2. system may trig exception at this
time.

In order to fix the above issue, driver introduces semaphore logic to control the MSR
execute sequence. For the above case, a semaphore will be add between MSR A and B for
all threads. Semaphore has scope info for it. The possible scope value is core or package.
For each thread, when it meets a semaphore during it set registers, it will 1) release
semaphore (+1) for each threads in this core or package(based on the scope info for this
semaphore) 2) acquire semaphore (-1) for all the threads in this core or package(based
on the scope info for this semaphore). With these two steps, driver can control MSR
sequence. Sample code logic like below:

  //
  // First increase semaphore count by 1 for processors in this package.
  //
  for (ProcessorIndex = 0; ProcessorIndex < PackageThreadsCount ; ProcessorIndex ++) {
    LibReleaseSemaphore ((UINT32 *) &SemaphorePtr[PackageOffset + ProcessorIndex]);
  }
  //
  // Second, check whether the count has reach the check number.
  //
  for (ProcessorIndex = 0; ProcessorIndex < ValidApCount; ProcessorIndex ++) {
    LibWaitForSemaphore (&SemaphorePtr[ApOffset]);
  }

Platform Requirement:
1. This change requires register MSR setting base on MSR scope info. If still register MSR
   for all threads, exception may raised.

Known limitation:
1. Current CpuFeatures driver supports DXE instance and PEI instance. But semaphore logic
   requires Aps execute in async mode which is not supported by PEI driver. So CpuFeature
   PEI instance not works after this change. We plan to support async mode for PEI in phase
   2 for this task.

Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
2018-10-22 11:19:48 +08:00
Eric Dong 87e9395109 UefiCpuPkg/RegisterCpuFeaturesLib.h: Add new dependence types.
V4 changes:
  1. Update comments.

v3 changes:
  1. Move CPU_FEATURE_DEPENDENCE_TYPE definition to AcpiCpuData.h.
  2. Add comments for CPU_FEATURE_BEFORE/CPU_FEATURE_AFTER.

v1 changes:
Add new core/package dependence types which consumed by different MSRs.

Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
2018-10-22 11:19:47 +08:00
Eric Dong d5aa2078f7 UefiCpuPkg/Include/AcpiCpuData.h: Add Semaphore related Information.
v3 changes:
1. Move CPU_FEATURE_DEPENDENCE_TYPE definition here from RegisterCpuFeaturesLib.h file.
2. Add Invalid type for REGISTER_TYPE which will be used in code.

v2 changes:
1. Add more description about why we do this change.
2. Change structure field type from pointer to EFI_PHYSICAL_ADDRESS because it will
   be share between PEI and DXE.

v1 Changes:
In order to support semaphore related logic, add new definition for it.

In a system which has multiple cores, current set register value task costs huge times.
After investigation, current set MSR task costs most of the times. Current logic uses
SpinLock to let set MSR task as an single thread task for all cores. Because MSR has
scope attribute which may cause GP fault if multiple APs set MSR at the same time,
current logic use an easiest solution (use SpinLock) to avoid this issue, but it will
cost huge times.

In order to fix this performance issue, new solution will set MSRs base on their scope
attribute. After this, the SpinLock will not needed. Without SpinLock, new issue raised
which is caused by MSR dependence. For example, MSR A depends on MSR B which means MSR A
must been set after MSR B has been set. Also MSR B is package scope level and MSR A is
thread scope level. If system has multiple threads, Thread 1 needs to set the thread level
MSRs and thread 2 needs to set thread and package level MSRs. Set MSRs task for thread 1
and thread 2 like below:

            Thread 1                 Thread 2
MSR B          N                        Y
MSR A          Y                        Y

If driver don't control execute MSR order, for thread 1, it will execute MSR A first, but
at this time, MSR B not been executed yet by thread 2. system may trig exception at this
time.

In order to fix the above issue, driver introduces semaphore logic to control the MSR
execute sequence. For the above case, a semaphore will be add between MSR A and B for
all threads. Semaphore has scope info for it. The possible scope value is core or package.
For each thread, when it meets a semaphore during it set registers, it will 1) release
semaphore (+1) for each threads in this core or package(based on the scope info for this
semaphore) 2) acquire semaphore (-1) for all the threads in this core or package(based
on the scope info for this semaphore). With these two steps, driver can control MSR
sequence. Sample code logic like below:

  //
  // First increase semaphore count by 1 for processors in this package.
  //
  for (ProcessorIndex = 0; ProcessorIndex < PackageThreadsCount ; ProcessorIndex ++) {
    LibReleaseSemaphore ((UINT32 *) &SemaphorePtr[PackageOffset + ProcessorIndex]);
  }
  //
  // Second, check whether the count has reach the check number.
  //
  for (ProcessorIndex = 0; ProcessorIndex < ValidApCount; ProcessorIndex ++) {
    LibWaitForSemaphore (&SemaphorePtr[ApOffset]);
  }

Platform Requirement:
1. This change requires register MSR setting base on MSR scope info. If still register MSR
   for all threads, exception may raised.

Known limitation:
1. Current CpuFeatures driver supports DXE instance and PEI instance. But semaphore logic
   requires Aps execute in async mode which is not supported by PEI driver. So CpuFeature
   PEI instance not works after this change. We plan to support async mode for PEI in phase
   2 for this task.

Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
2018-10-22 11:19:47 +08:00
Jian J Wang eae7b476c2 UefiCpuPkg/CpuExceptionHandlerLib: always clear descriptor data in advance
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1237

Sometimes the memory will be contaminated by random data left in last
boot (warm reset). The code should not assume the allocated memory is
always filled with zero. This patch add code to clear data structure
used for stack switch to prevent such problem from happening.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
2018-10-18 13:19:14 +08:00
Eric Dong 55e8ff01af UefiCpuPkg/S3Resume2Pei: disable paging before creating new page table.
V5:
1. Add ASSERT to indicate this assumption that environment is 32 bit mode.
2. Add description in INF about this driver's expected result
   in different environment.

V4:
Only disable paging when it is enabled.

V3 changes:
No need to change inf file.

V2 changes:
Only disable paging in 32 bit mode, no matter it is enable or not.

V1 changes:
PEI Stack Guard needs to enable paging. This might cause #GP if code
trying to write CR3 register with PML4 page table while the processor
is enabled with PAE paging.

Simply disabling paging before updating CR3 can solve this conflict.

It's an regression caused by change: 0a0d5296e4

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1232

Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
2018-10-15 08:36:40 +08:00
Hao Wu 5b02be4d9a UefiCpuPkg/PiSmmCpuDxeSmm: [CVE-2017-5753] Fix bounds check bypass
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1194

Speculative execution is used by processor to avoid having to wait for
data to arrive from memory, or for previous operations to finish, the
processor may speculate as to what will be executed.

If the speculation is incorrect, the speculatively executed instructions
might leave hints such as which memory locations have been brought into
cache. Malicious actors can use the bounds check bypass method (code
gadgets with controlled external inputs) to infer data values that have
been used in speculative operations to reveal secrets which should not
otherwise be accessed.

It is possible for SMI handler(s) to call EFI_SMM_CPU_PROTOCOL service
ReadSaveState() and use the content in the 'CommBuffer' (controlled
external inputs) as the 'CpuIndex'. So this commit will insert AsmLfence
API to mitigate the bounds check bypass issue within SmmReadSaveState().

For SmmReadSaveState():

The 'CpuIndex' will be passed into function ReadSaveStateRegister(). And
then in to ReadSaveStateRegisterByIndex().

With the call:
ReadSaveStateRegisterByIndex (
  CpuIndex,
  SMM_SAVE_STATE_REGISTER_IOMISC_INDEX,
  sizeof(IoMisc.Uint32),
  &IoMisc.Uint32
  );

The 'IoMisc' can be a cross boundary access during speculative execution.
Later, 'IoMisc' is used as the index to access buffers 'mSmmCpuIoWidth'
and 'mSmmCpuIoType'. One can observe which part of the content within
those buffers was brought into cache to possibly reveal the value of
'IoMisc'.

Hence, this commit adds a AsmLfence() after the check of 'CpuIndex'
within function SmmReadSaveState() to prevent the speculative execution.

A more detailed explanation of the purpose of commit is under the
'Bounds check bypass mitigation' section of the below link:
https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation

And the document at:
https://software.intel.com/security-software-guidance/api-app/sites/default/files/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
2018-09-30 13:06:42 +08:00
Eric Dong cc73a7ec00 UefiCpuPkg/Include/Register/Msr/GoldmontPlusMsr.h: Change to DOS format file.
Follow EDKII coding style, change file format to dos style.

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1213

Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-30 08:01:56 +08:00
shenglei f6e68d3cda UefiCpuPkg/CpuCommonFeaturesLib: Remove an unused PCD
The PCD below is unused, so it has been removed from inf.
gUefiCpuPkgTokenSpaceGuid.PcdCpuFeaturesSupport

Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: shenglei <shenglei.zhang@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-09-29 16:00:39 +08:00
Star Zeng 4c214f8229 UefiCpuPkg PiSmmCpuDxeSmm: Use new EfiLocateFirstAcpiTable()
https://bugzilla.tianocore.org/show_bug.cgi?id=967
Request to add a library function for GetAcpiTable() in order
to get ACPI table using signature as input.

After evaluation, we found there are many duplicated code to
find ACPI table by signature in different modules.

This patch updates PiSmmCpuDxeSmm to use new
EfiLocateFirstAcpiTable() and remove the duplicated code.

Cc: Younas khan <pmdyounaskhan786@gmail.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2018-09-27 14:25:36 +08:00
Eric Dong 53002b7ecf UefiCpuPkg/Include/Register/Msr/XeonPhiMsr.h: Change structure definition.
V3 changes include:
  1. Keep the ReservedX not change if bit info not changed for this field.

V2 changes include:
  1. Use X in ReservedX fields from totally new value if MSR structure definition changed.
     For example, if in current structure, the max reserved variable is Reserved2, in new
     definition, reserved variable is begin with Reserved3.

V1 Changes:
Changes includes:
  1. Update MSR structure definition, change some reserved fields to useful fields:
     1. MSR_XEON_PHI_PKG_CST_CONFIG_CONTROL_REGISTER
     2. MSR_XEON_PHI_SMM_MCA_CAP_REGISTER
  2. For MSR_XEON_PHI_PMG_IO_CAPTURE_BASE_REGISTER structure, it expand the field range.
     Old definition like below:
       typedef union {
         ///
         /// Individual bit fields
         ///
         struct {
           ///
           /// [Bits 15:0] LVL_2 Base Address (R/W).
           ///
           UINT32  Lvl2Base:16;
           ///
           /// [Bits 18:16] C-state Range (R/W)  Specifies the encoding value of the
           /// maximum C-State code name to be included when IO read to MWAIT
           /// redirection is enabled by MSR_PKG_CST_CONFIG_CONTROL[bit10]: 100b - C4
           /// is the max C-State to include 110b - C6 is the max C-State to include.
           ///
           UINT32  CStateRange:3;
           UINT32  Reserved1:13;
           UINT32  Reserved2:32;
         } Bits;
         ///
         /// All bit fields as a 32-bit value
         ///
         UINT32  Uint32;
         ///
         /// All bit fields as a 64-bit value
         ///
         UINT64  Uint64;
       } MSR_XEON_PHI_PMG_IO_CAPTURE_BASE_REGISTER;
    This patch make below changes for this data structure, it expand "CStateRange" field width.
      old one:
        UINT32  CStateRange:3;
        UINT32  Reserved1:13;
      new one:
        UINT32  CStateRange:7;
        UINT32  Reserved1:9;

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:15 +08:00
Eric Dong 4382394aa9 UefiCpuPkg/Include/Register/ArchitecturalMsr.h: Change structure definition.
V3 changes include:
  1. Keep ReservedX not change if bit info not changed for this field.

V2 changes include:
  1. Use X in ReservedX fields from totally new value if MSR structure definition changed.
     For example, if in current structure, the max reserved variable is Reserved2, in new
     definition, reserved variable is begin with Reserved3.

V1 Changes includes:
  1. Change fields which is reserved in old version: MSR_IA32_RTIT_CTL_REGISTER

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:15 +08:00
Eric Dong 140d713175 UefiCpuPkg/Include/Register/Msr/GoldmontMsr.h: Add new MSR name and keep old one.
Changes includes:
  1. Change MSR name:
    1. MSR_GOLDMONT_SGXOWNER0 => MSR_GOLDMONT_SGXOWNEREPOCH0
    2. MSR_GOLDMONT_SGXOWNER1 => MSR_GOLDMONT_SGXOWNEREPOCH1
  2. Keep old MSR definition (MSR_GOLDMONT_SGXOWNER0/1) for compatibility.
    1. Define old MSR like below style:
           #define MSR_GOLDMONT_SGXOWNER0   MSR_GOLDMONT_SGXOWNEREPOCH0

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:15 +08:00
Eric Dong 8b344785a3 UefiCpuPkg/Include/Register/Msr/SkylakeMsr.h: Add new MSR name and keep old one.
Changes includes:
  1. Change MSR name:
    1. MSR_SKYLAKE_SGXOWNER0 => MSR_SKYLAKE_SGXOWNEREPOCH0
    2. MSR_SKYLAKE_SGXOWNER1 => MSR_SKYLAKE_SGXOWNEREPOCH1
  2. Keep old MSR definition(MSR_SKYLAKE_SGXOWNER0/1) for compatibility
    1. Use below coding style to define old MSR
         #define MSR_SKYLAKE_SGXOWNER0  MSR_SKYLAKE_SGXOWNEREPOCH0

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:14 +08:00
Eric Dong f49bbeda3e UefiCpuPkg/Include/Register/Msr/CoreMsr.h: Remove old MSR.
Changes includes:
  1. Remove old MSR which not existed in 2018-05 version spec:
     1. MSR_CORE_ROB_CR_BKUPTMPDR6

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:14 +08:00
Eric Dong 7ce15b89bb UefiCpuPkg/Include/Register/Msr/P6Msr.h: Remove old MSR.
Changes includes:
  1. Remove MSR which not existed in 2018-05 version spec: MSR_P6_ROB_CR_BKUPTMPDR6.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:14 +08:00
Eric Dong a71920ae14 UefiCpuPkg/Include/Register/Msr/Core2Msr.h: Remove old MSR.
Changes includes:
  1. Remove old MSR which not existed in 2018-05 version spec:
     1. MSR_CORE2_BBL_CR_CTL3

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:13 +08:00
Eric Dong d05b288ae9 UefiCpuPkg/Include/Register/ArchitecturalMsr.h: Add new MSR.
Changes includes:
  1. Add new MSRs: MSR_IA32_L2_QOS_CFG/MSR_IA32_CSTAR.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:13 +08:00
Eric Dong 3add020579 UefiCpuPkg/Include/Register/Msr/SkylakeMsr.h: Add new MSRs.
Changes includes:
  1. Add new MSR definitions.
  2. Add support platform info.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:12 +08:00
Eric Dong dfb208511e UefiCpuPkg/Include/Register/Msr/XeonPhiMsr.h: Add new MSR.
Changes includes:
  1. Add new MSR definition:
     1. MSR_XEON_PHI_PPIN_CTL
     2. MSR_XEON_PHI_PPIN
     3. MSR_XEON_PHI_MISC_FEATURE_ENABLES
     4. MSR_XEON_PHI_MSRUNCORE_RATIO_LIMIT
  2. Add DisplayModule == 0x85 supports.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:12 +08:00
Eric Dong c4b073632d UefiCpuPkg/Include/Register/Msr/*.h: Add new MSR.
Changes includes:
  1. Add new MSR: MSR_*_MSRUNCORE_RATIO_LIMIT

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:12 +08:00
Eric Dong 47f75d2169 UefiCpuPkg/Include/Register/Msr/SilvermontMsr.h: Add new MSR.
Changes includes:
  1. Add new MSR: MSR_SILVERMONT_PLATFORM_INFO

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:11 +08:00
Eric Dong b715c37eaa UefiCpuPkg/Include/Register/Msr/GoldmontPlusMsr.h: Add new MSR file for goldmont plus microarchitecture.
Changes includes:
  1. Add new MSR file which used for goldmont plus microarchitecture.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:11 +08:00
Eric Dong ba1a2d1102 UefiCpuPkg/Include/Register/Msr: Update reference spec info.
Latest SDM has moved MSR related content from volume 3 chapter 35 to volume 4
chapter 2. Current MSR's comments need to be updated to reference the new
chapter info.

Changes includes:
  1. Update referenced chapter info from some MSRs.
  2. Update referenced SDM version info.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-09-26 15:17:10 +08:00
Ruiyu Ni 447b08b3d2 UefiCpuPkg/MtrrLib: Revert "Skip MSR access when the pair is invalid"
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1187

The patch reverts 9c8c4478cf
"UefiCpuPkg/MtrrLib: Skip Base MSR access when the pair is invalid".

Microsoft Windows will report an error in event manager if MTRR
usage is different across hibernate even when the difference is
in an non valid MTRR pair. This seems like a bug in Windows but
for compatibility and servicing reasons we think a change in UEFI
would wise.
A Windows change has already been submitted for the next iteration
(2019 time frame).

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
2018-09-26 13:09:15 +08:00
Jian J Wang 2939283f2d UefiCpuPkg/CpuMpPei: fix vs2012 build error
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1166

Visual Studio 2012 will complain uninitialized variable, StackBase,
in the CpuPaging.c. This patch adds code to init it to zero and
ASSERT check against 0. This is enough since uninit case will only
happen during retrieving stack memory via gEfiHobMemoryAllocStackGuid.
But this HOB will always be created in advance.

Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-09-26 10:20:33 +08:00
Zhang, Shenglei 67998a547e UefiCpuPkg SecCore:Add a GUID removed previously
The Guid gPeiSecPerformancePpiGuid removed previously
is added into SecCore.inf.
https://bugzilla.tianocore.org/show_bug.cgi?id=1203

Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: shenglei <shenglei.zhang@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-09-26 08:39:22 +08:00
Liming Gao a364928195 UefiCpuPkg PiSmmCpuDxeSmm: Update SmiEntry function run the same position
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1191

Before commit e21e355e2c, jmp _SmiHandler
is commented. And below code, ASM_PFX(CpuSmmDebugEntry) is moved into rax,
then call it. But, this code doesn't work in XCODE5 tool chain. Because XCODE5
doesn't generated the absolute address in the EFI image. So, rax stores the
relative address. Once this logic is moved to another place, it will not work.
;   jmp     _SmiHandler                 ; instruction is not needed
...
    mov     rax, ASM_PFX(CpuSmmDebugEntry)
    call    rax

Commit e21e355e2c is to support XCODE5.
One tricky way is selected to fix it. Although SmiEntry logic is copied to
another place and run, but here jmp _SmiHandler is enabled to jmp the original
code place, then call ASM_PFX(CpuSmmDebugEntry) with the relative address.
    mov     rax, strict qword 0         ;   mov     rax, _SmiHandler
_SmiHandlerAbsAddr:
    jmp     rax
...
    call    ASM_PFX(CpuSmmDebugEntry)

Now, BZ 1191 raises the issue that SmiHandler should run in the copied address,
can't run in the common address. So, jmp _SmiHandler is required to be removed,
the code is kept to run in copied address. And, the relative address is
requried to be fixed up to the absolute address. The necessary changes should
not affect the behavior of platforms that already consume PiSmmCpuDxeSmm.
OVMF SMM boot to shell with VS2017, GCC5 and XCODE5 tool chain has been verified.
...
    mov     rax, strict qword 0         ;   call    ASM_PFX(CpuSmmDebugEntry)
CpuSmmDebugEntryAbsAddr:
    call    rax

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2018-09-25 08:25:41 +08:00
shenglei 997731e796 UefiCpuPkg: Remove redundant library classes, Ppis and GUIDs
Some redundant library classes Ppis and GUIDs
have been removed in inf, .c and .h files.

v2:
1.Remove ReadOnlyVariable2.h in S3Resume.c which should be
  deleted in last version in which gEfiPeiReadOnlyVariable2PpiGuid
  was removed.
2.Remove the library class BaseLib in CpuPageTable.c
  which is included elsewhere.
3.Add library classes in SecCore.inf which are removed
  at last version.
  They are DebugAgentLib and CpuExceptionHandlerLib.
4.Add two Ppis in SecCore.inf which are removed
  at last version.
  They are gEfiSecPlatformInformationPpiGuid and
  gEfiSecPlatformInformation2PpiGuid.

https://bugzilla.tianocore.org/show_bug.cgi?id=1043
https://bugzilla.tianocore.org/show_bug.cgi?id=1013
https://bugzilla.tianocore.org/show_bug.cgi?id=1032
https://bugzilla.tianocore.org/show_bug.cgi?id=1016

Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: shenglei <shenglei.zhang@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-09-21 14:42:53 +08:00
Jian J Wang 16d8465756 UefiCpuPkg/PiSmmCpuDxeSmm: move InitSmmS3Cr3() into else block
BZ#: https://bugzilla.tianocore.org/show_bug.cgi?id=1165

InitSmmS3Cr3 () will update SmmS3ResumeState so moving the calling of
it into else block to keep the logic consistency.

Cc: Star Zeng <star.zeng@intel.com>
Cc: Benjamin You <benjamin.you@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2018-09-17 10:45:53 +08:00
Jian J Wang a95c9cfd18 UefiCpuPkg/PiSmmCpuDxeSmm: add message for S3 config error
BZ#: https://bugzilla.tianocore.org/show_bug.cgi?id=1165

HOB gEfiAcpiVariableGuid is a must have data for S3 resume if
PcdAcpiS3Enable is set to TRUE. Current code in CpuS3.c doesn't
embody this strong binding between them. An error message and
CpuDeadLoop are added in this patch to warn platform developer
about it.

Cc: Star Zeng <star.zeng@intel.com>
Cc: Benjamin You <benjamin.you@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2018-09-17 10:45:52 +08:00
Jian J Wang 8e2018f944 UefiCpuPkg/CpuDxe: fix an incorrect bit-wise operation
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1164

The left operand is 64-bit but right operand could be 32-bit.
A typecast is a must because of '~' op before it.

Cc: Hao A Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
2018-09-10 17:08:22 +08:00
Jian J Wang 51d0100b3c UefiCpuPkg/CpuDxe: fix ECC reported issues
BZ#: https://bugzilla.tianocore.org/show_bug.cgi?id=1160

There're two parameters which have different name in comment and prototype.

Cc: Dandan Bi <dandan.bi@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
2018-09-10 17:08:21 +08:00
Ruiyu Ni 34c3405cb7 UefiCpuPkg/PeiCpuException: Fix coding style issue
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
2018-09-10 10:22:27 +08:00
Jian J Wang 0a0d5296e4 UefiCpuPkg/CpuMpPei: support stack guard feature
This feature is the same as Stack Guard enabled in driver CpuDxe but
applies to PEI phase. Due to the specialty in PEI module dispatching,
this driver is changed to do the actual initialization in notify
callback of event gEfiPeiMemoryDiscoveredPpiGuid. This can let the
stack guard apply to as most PEI drivers as possible.

To let Stack Guard work, some simple page table management code are
introduced to setup Guard page at base of stack for each processor.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: "Ware, Ryan R" <ryan.r.ware@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-09-10 09:28:28 +08:00
Jian J Wang e09b6b5953 UefiCpuPkg/MpInitLib: fix register restore issue in AP wakeup
The conflict issues are introduced by Stack Guard feature enabled for
PEI.

The first is CR0 which should be restored after CR3 and CR4.
Another is TR which should not be passed from BSP to AP during init
phase.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: "Ware, Ryan R" <ryan.r.ware@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-09-10 09:28:27 +08:00
Jian J Wang fc0e7fd5e8 UefiCpuPkg/CpuExceptionHandlerLib: support stack switch for PEI exceptions
Stack Guard needs to setup stack switch capability to allow exception
handler to be called with good stack if stack overflow is detected.
This patch update InitializeCpuExceptionHandlersEx() to allow pass
extra initialization data used to setup exception stack switch for
specified exceptions.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: "Ware, Ryan R" <ryan.r.ware@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-09-10 09:28:26 +08:00
Eric Dong e23d9c3ed8 UefiCpuPkg/MpInitLib: Fix ECC issues.
Fix trailing white spaces and invalid line ending issue.

Cc: Dandan Bi <dandan.bi@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
2018-09-06 08:04:29 +08:00
Ruiyu Ni 374168ae65 UefiCpuPkg/CpuExceptionHandlerLib: Avoid calling PEI services from AP
When an exception happens in AP, system hangs at
GetPeiServicesTablePointer(), complaining the PeiServices retrieved
from memory before IDT is NULL.

Due to the following commit:
c563077a38
* UefiCpuPkg/MpInitLib: Avoid calling PEI services from AP
the IDT used by AP no longer preserve PeiServices pointer in the
very beginning.
But the implementation of PeiExceptionHandlerLib still assumes
the PeiServices pointer is there, so the assertion happens.

The patch fixes the exception handler library to not call
PEI services from AP.

The patch duplicates the #0 exception stub header in an allocated
pool but with extra 4-byte/8-byte to store the exception handler
data which was originally stored in HOB.
When AP exception happens, the code gets the exception handler data
from the exception handler for #0.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Fan Jeff <vanjeff_919@hotmail.com>
2018-09-03 14:02:26 +08:00
Ruiyu Ni 87a9dd0d15 CpuExceptionHandlerLib: Add comments to make code more readable
Today's implementation of handling HOOK_BEFORE and HOOK_AFTER is
a bit complex. More comments is better.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Fan Jeff <vanjeff_919@hotmail.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
2018-09-03 14:02:24 +08:00
Jian J Wang 7c7c8190d3 UefiCpuPkg/CpuDxe: change level of DEBUG message
BZ#1127: https://bugzilla.tianocore.org/show_bug.cgi?id=1127

It's reported the debug message in CpuDxe driver is quite annoying in
boot and shell, and slow down the boot process. To solve this issue,
this patch changes the DEBUG_INFO to DEBUG_VERBOSE. On a typical Intel
real platform, at least 16s boot time can be saved.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2018-08-30 07:43:56 +08:00
Jian J Wang 09afd9a42a UefiCpuPkg/PiSmmCpuDxeSmm: implement non-stop mode for SMM
Since SMM profile feature has already implemented non-stop mode if #PF
occurred, this patch just makes use of the existing implementation to
accommodate heap guard and NULL pointer detection feature.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-08-30 07:22:30 +08:00
Jian J Wang dcc026217f UefiCpuPkg/CpuDxe: implement non-stop mode for uefi
Same as SMM profile feature, a special #PF is used to set page attribute
to 'present' and a special #DB handler to reset it back to 'not-present',
right after the instruction causing #PF got executed.

Since the new #PF handler won't enter into dead-loop, the instruction
which caused the #PF will get chance to re-execute with accessible pages.

The exception message will still be printed out on debug console so that
the developer/QA can find that there's potential heap overflow or null
pointer access occurred.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-08-30 07:22:30 +08:00
Jian J Wang 16b918bbaf UefiCpuPkg/CpuExceptionHandlerLib: Setup single step in #PF handler
Once the #PF handler has set the page to be 'present', there should
be a way to reset it to 'not-present'. 'TF' bit in EFLAGS can be used
for this purpose. 'TF' bit will be set in interrupted function context
so that it can be triggered once the cpu control returns back to the
instruction causing #PF and re-execute it.

This is an necessary step to implement non-stop mode for Heap Guard
and NULL Pointer Detection feature.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2018-08-30 07:22:29 +08:00
Laszlo Ersek 0442a9a9f4 UefiCpuPkg/PiSmmCpuDxeSmm: clear exec file mode bits on "PiSmmCpuDxeSmm.c"
Commit 241f914975 ("UefiCpuPkg/PiSmmCpuDxeSmm: Add support for PCD
PcdPteMemoryEncryptionAddressOrMask", 2017-03-01) unintentionally set the
executable file mode bits on "PiSmmCpuDxeSmm.c"; clear them now.

Cc: Eric Dong <eric.dong@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1092
Fixes: 241f914975
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
2018-08-22 10:33:49 +02:00
Hao Wu 0df5056012 UefiCpuPkg/SmmCpuFeaturesLib: [CVE-2017-5715] Stuff RSB before RSM
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1093

Return Stack Buffer (RSB) is used to predict the target of RET
instructions. When the RSB underflows, some processors may fall back to
using branch predictors. This might impact software using the retpoline
mitigation strategy on those processors.

This commit will add RSB stuffing logic before returning from SMM (the RSM
instruction) to avoid interfering with non-SMM usage of the retpoline
technique.

After the stuffing, RSB entries will contain a trap like:

@SpecTrap:
    pause
    lfence
    jmp     @SpecTrap

A more detailed explanation of the purpose of commit is under the
'Branch target injection mitigation' section of the below link:
https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation

Please note that this commit requires further actions (BZ 1091) to remove
the duplicated 'StuffRsb.inc' files and merge them into one under a
UefiCpuPkg package-level directory (such as UefiCpuPkg/Include/).

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1091

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-08-21 16:11:15 +08:00
Hao Wu 02f7fd158e UefiCpuPkg/PiSmmCpuDxeSmm: [CVE-2017-5715] Stuff RSB before RSM
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1093

Return Stack Buffer (RSB) is used to predict the target of RET
instructions. When the RSB underflows, some processors may fall back to
using branch predictors. This might impact software using the retpoline
mitigation strategy on those processors.

This commit will add RSB stuffing logic before returning from SMM (the RSM
instruction) to avoid interfering with non-SMM usage of the retpoline
technique.

After the stuffing, RSB entries will contain a trap like:

@SpecTrap:
    pause
    lfence
    jmp     @SpecTrap

A more detailed explanation of the purpose of commit is under the
'Branch target injection mitigation' section of the below link:
https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation

Please note that this commit requires further actions (BZ 1091) to remove
the duplicated 'StuffRsb.inc' files and merge them into one under a
UefiCpuPkg package-level directory (such as UefiCpuPkg/Include/).

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1091

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-08-21 16:10:42 +08:00
Eric Dong a6daab1f6c UefiCpuPkg/RegisterCpuFeaturesLib: Combine implementation.
V1 changes:
> Current code logic can't confirm CpuS3DataDxe driver start before
> CpuFeaturesDxe driver. So the assumption in CpuFeaturesDxe not valid.
> Add implementation for AllocateAcpiCpuData function to remove this
> assumption.

V2 changes:
> Because CpuS3Data memory will be copy to smram at SmmReadToLock point,
> so the memory type no need to be ACPI NVS type, also the address not
> limit to below 4G.
> This change remove the limit of ACPI NVS memory type and below 4G.

V3 changes:
> Remove function definition in header file.
> Add STATIC in function implementation.

Pass OS boot and resume from S3 test.

Bugz: https://bugzilla.tianocore.org/show_bug.cgi?id=959

Reported-by: Marvin Häuser <Marvin.Haeuser@outlook.com>
Suggested-by: Fan Jeff <vanjeff_919@hotmail.com>
Cc: Marvin Häuser <Marvin.Haeuser@outlook.com>
Cc: Fan Jeff <vanjeff_919@hotmail.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
2018-08-16 08:42:01 +08:00