diff options
author | Sheng Wei <w.sheng@intel.com> | 2021-02-26 12:00:34 +0800 |
---|---|---|
committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2021-03-02 05:11:55 +0000 |
commit | ef91b07388e1c0a50c604e5350eeda98428ccea6 (patch) | |
tree | 9e48a1b4e564d2cff9b55f35244e0011c06aab6c /UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | |
parent | 0930e7ff64281017762c8c055bab38925944c724 (diff) | |
download | edk2-ef91b07388e1c0a50c604e5350eeda98428ccea6.tar.gz edk2-ef91b07388e1c0a50c604e5350eeda98428ccea6.tar.bz2 edk2-ef91b07388e1c0a50c604e5350eeda98428ccea6.zip |
UefiCpuPkg/PiSmmCpuDxeSmm: Fix SMM stack offset is not correctedk2-stable202102
In function InitGdt(), SmiPFHandler() and Gen4GPageTable(), it uses
CpuIndex * mSmmStackSize to get the SMM stack address offset for
multi processor. It misses the SMM Shadow Stack Size. Each processor
will use mSmmStackSize + mSmmShadowStackSize in the memory.
It should use CpuIndex * (mSmmStackSize + mSmmShadowStackSize) to get
this SMM stack address offset. If mSmmShadowStackSize > 0 and multi
processor enabled, it will get the wrong offset value.
CET shadow stack feature will set the value of mSmmShadowStackSize.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3237
Signed-off-by: Sheng Wei <w.sheng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Roger Feng <roger.feng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Diffstat (limited to 'UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c')
-rw-r--r-- | UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c index 4bcd217917..6227b2428a 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c @@ -23,6 +23,8 @@ SPIN_LOCK *mPFLock = NULL; SMM_CPU_SYNC_MODE mCpuSmmSyncMode;
BOOLEAN mMachineCheckSupported = FALSE;
+extern UINTN mSmmShadowStackSize;
+
/**
Performs an atomic compare exchange operation to get semaphore.
The compare exchange operation must be performed using
@@ -920,7 +922,7 @@ Gen4GPageTable ( // Add two more pages for known good stack and stack guard page,
// then find the lower 2MB aligned address.
//
- High2MBoundary = (mSmmStackArrayEnd - mSmmStackSize + EFI_PAGE_SIZE * 2) & ~(SIZE_2MB-1);
+ High2MBoundary = (mSmmStackArrayEnd - mSmmStackSize - mSmmShadowStackSize + EFI_PAGE_SIZE * 2) & ~(SIZE_2MB-1);
PagesNeeded = ((High2MBoundary - Low2MBoundary) / SIZE_2MB) + 1;
}
//
@@ -971,7 +973,7 @@ Gen4GPageTable ( // Mark the guard page as non-present
//
Pte[Index] = PageAddress | mAddressEncMask;
- GuardPage += mSmmStackSize;
+ GuardPage += (mSmmStackSize + mSmmShadowStackSize);
if (GuardPage > mSmmStackArrayEnd) {
GuardPage = 0;
}
|