diff options
| -rw-r--r-- | UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuCommon.c | 40 | ||||
| -rw-r--r-- | UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuCommon.h | 13 | ||||
| -rw-r--r-- | UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 17 | ||||
| -rw-r--r-- | UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.h | 3 |
4 files changed, 50 insertions, 23 deletions
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuCommon.c b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuCommon.c index ba559afae6..cd43619d17 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuCommon.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuCommon.c @@ -362,7 +362,20 @@ InitializeSmm ( //
// Check XD and BTS features on each processor on normal boot
//
- CheckFeatureSupported ();
+ CheckFeatureSupported (Index);
+
+ if (mIsStandaloneMm) {
+ AcquireSpinLock (mConfigSmmCodeAccessCheckLock);
+
+ //
+ // Standalone MM does not allow call out to DXE at anytime.
+ // Code Access check can be enabled in the first SMI.
+ // While SMM needs to defer the enabling to EndOfDxe.
+ //
+ // Enable SMM Code Access Check feature.
+ //
+ ConfigSmmCodeAccessCheckOnCurrentProcessor (&Index);
+ }
} else if (IsBsp) {
//
// BSP rebase is already done above.
@@ -411,6 +424,11 @@ ExecuteFirstSmiInit ( ZeroMem ((VOID *)mSmmInitialized, sizeof (BOOLEAN) * mMaxNumberOfCpus);
//
+ // Initialize the lock used to serialize the MSR programming in BSP and all APs
+ //
+ InitializeSpinLock (mConfigSmmCodeAccessCheckLock);
+
+ //
// Get the BSP ApicId.
//
mBspApicId = GetApicId ();
@@ -1427,26 +1445,6 @@ ConfigSmmCodeAccessCheck ( // Check to see if the Feature Control MSR is supported on this CPU
//
Index = gSmmCpuPrivate->SmmCoreEntryContext.CurrentlyExecutingCpu;
- if (!SmmCpuFeaturesIsSmmRegisterSupported (Index, SmmRegFeatureControl)) {
- mSmmCodeAccessCheckEnable = FALSE;
- PERF_FUNCTION_END ();
- return;
- }
-
- //
- // Check to see if the CPU supports the SMM Code Access Check feature
- // Do not access this MSR unless the CPU supports the SmmRegFeatureControl
- //
- if ((AsmReadMsr64 (EFI_MSR_SMM_MCA_CAP) & SMM_CODE_ACCESS_CHK_BIT) == 0) {
- mSmmCodeAccessCheckEnable = FALSE;
- PERF_FUNCTION_END ();
- return;
- }
-
- //
- // Initialize the lock used to serialize the MSR programming in BSP and all APs
- //
- InitializeSpinLock (mConfigSmmCodeAccessCheckLock);
//
// Acquire Config SMM Code Access Check spin lock. The BSP will release the
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuCommon.h b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuCommon.h index 5b2202490e..a0b5e6fafb 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuCommon.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuCommon.h @@ -474,6 +474,7 @@ extern EFI_SMRAM_DESCRIPTOR *mSmmCpuSmramRanges; extern UINTN mSmmCpuSmramRangeCount;
extern UINT8 mPhysicalAddressBits;
extern BOOLEAN mSmmDebugAgentSupport;
+extern BOOLEAN mSmmCodeAccessCheckEnable;
//
// Copy of the PcdPteMemoryEncryptionAddressOrMask
@@ -848,6 +849,18 @@ InitMsrSpinLockByIndex ( );
/**
+Configure SMM Code Access Check feature on an AP.
+SMM Feature Control MSR will be locked after configuration.
+
+@param[in,out] Buffer Pointer to private data buffer.
+**/
+VOID
+EFIAPI
+ConfigSmmCodeAccessCheckOnCurrentProcessor (
+ IN OUT VOID *Buffer
+ );
+
+/**
Configure SMM Code Access Check feature for all processors.
SMM Feature Control MSR will be locked after configuration.
**/
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c index ba83c37cbf..bbac6064e2 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c @@ -859,10 +859,11 @@ InitSmmProfileInternal ( /**
Check if feature is supported by a processor.
+ @param CpuIndex The index of the CPU.
**/
VOID
CheckFeatureSupported (
- VOID
+ IN UINTN CpuIndex
)
{
UINT32 RegEax;
@@ -904,6 +905,20 @@ CheckFeatureSupported ( }
}
}
+
+ if (mSmmCodeAccessCheckEnable) {
+ if (!SmmCpuFeaturesIsSmmRegisterSupported (CpuIndex, SmmRegFeatureControl)) {
+ mSmmCodeAccessCheckEnable = FALSE;
+ }
+
+ //
+ // Check to see if the CPU supports the SMM Code Access Check feature
+ // Do not access this MSR unless the CPU supports the SmmRegFeatureControl
+ //
+ if ((AsmReadMsr64 (EFI_MSR_SMM_MCA_CAP) & SMM_CODE_ACCESS_CHK_BIT) == 0) {
+ mSmmCodeAccessCheckEnable = FALSE;
+ }
+ }
}
/**
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.h b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.h index 7a0f006d77..b34aab41ef 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.h @@ -83,10 +83,11 @@ PageFaultIdtHandlerSmmProfile ( /**
Check if feature is supported by a processor.
+ @param CpuIndex The index of the CPU.
**/
VOID
CheckFeatureSupported (
- VOID
+ IN UINTN CpuIndex
);
/**
|