Thanks. A question: Do we also need change the https://github.com/tianocore/edk2/blob/master/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiException.nasm#L174
Thank you Yao Jiewen > -----Original Message----- > From: Sheng, W <w.sh...@intel.com> > Sent: Friday, January 29, 2021 4:33 PM > To: Yao, Jiewen <jiewen....@intel.com>; devel@edk2.groups.io; Dong, Eric > <eric.d...@intel.com>; Ni, Ray <ray...@intel.com>; Laszlo Ersek > <ler...@redhat.com>; Kumar, Rahul1 <rahul1.ku...@intel.com>; Kinney, > Michael D <michael.d.kin...@intel.com>; Liming Gao > <gaolim...@byosoft.com.cn>; Liu, Zhiguang <zhiguang....@intel.com> > Subject: RE: [PATCH] MdePkg/Include: Add CET instructions to Nasm.inc > > Hi Jiewen, all, > The 2 patches are for fix #DF exception when enable CET shadow stack > feature. > The file 0002-UefiCpuPkg-CpuExceptionHandlerLib-Clear-CET-shadow- > s.patch is used to fix the #DF exception issue. > The file 0001-MdePkg-Include-Add-CET-instructions-to-Nasm.inc.patch is > used to add the CET instruction which is used in patch 0002. > > Some description about the issue and the fix: > If CET shadows stack feature enabled in SMM and stack switch is enabled. > When code execute from SMM handler to SMM exception, CPU will check > SMM > exception shadow stack token busy bit if it is cleared or not. > If it is set, it will trigger #DF exception. > If it is not set, CPU will set the busy bit when enter SMM exception. > The busy bit should be cleared when return back form SMM exception to > SMM > handler. Otherwise, keeping busy bit in set state will cause to trigger > #DF exception when enter SMM exception next time. > So, we use instruction SAVEPREVSSP, CLRSSBSY and RSTORSSP to clear the > shadow stack token busy bit before RETF instruction in SMM exception. > > Could you help to review and merge the patch? > Thank you > BR > Sheng Wei > > > -----Original Message----- > > From: Yao, Jiewen <jiewen....@intel.com> > > Sent: 2021年1月29日 14:36 > > To: Sheng, W <w.sh...@intel.com>; devel@edk2.groups.io > > Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Liming Gao > > <gaolim...@byosoft.com.cn>; Liu, Zhiguang <zhiguang....@intel.com> > > Subject: RE: [PATCH] MdePkg/Include: Add CET instructions to Nasm.inc > > > > Hi Wei > > Would you please send out the second patch to consume these > instruction? > > > > As such people can have a full picture on what the issue is and what the > > solution is. > > > > Thank you > > Yao Jiewen > > > > > -----Original Message----- > > > From: Sheng, W <w.sh...@intel.com> > > > Sent: Friday, January 29, 2021 10:35 AM > > > To: devel@edk2.groups.io > > > Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Liming Gao > > > <gaolim...@byosoft.com.cn>; Liu, Zhiguang <zhiguang....@intel.com>; > > > Yao, Jiewen <jiewen....@intel.com> > > > Subject: [PATCH] MdePkg/Include: Add CET instructions to Nasm.inc > > > > > > This is to add instruction SAVEPREVSSP, CLRSSBSY and RSTORSSP_RAX > in > > > Nasm, because these instructions are not supported yet. > > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3192 > > > > > > Signed-off-by: Sheng Wei <w.sh...@intel.com> > > > Cc: Michael D Kinney <michael.d.kin...@intel.com> > > > Cc: Liming Gao <gaolim...@byosoft.com.cn> > > > Cc: Zhiguang Liu <zhiguang....@intel.com> > > > Cc: Jiewen Yao <jiewen....@intel.com> > > > --- > > > MdePkg/Include/Ia32/Nasm.inc | 14 +++++++++++++- > > > MdePkg/Include/X64/Nasm.inc | 14 +++++++++++++- > > > 2 files changed, 26 insertions(+), 2 deletions(-) > > > > > > diff --git a/MdePkg/Include/Ia32/Nasm.inc > > > b/MdePkg/Include/Ia32/Nasm.inc index 31ce861f1e..9c1b7796ea > 100644 > > > --- a/MdePkg/Include/Ia32/Nasm.inc > > > +++ b/MdePkg/Include/Ia32/Nasm.inc > > > @@ -1,6 +1,6 @@ > > > > > > ;--------------------------------------------------------------------- > > > --------- > > > ; > > > -; Copyright (c) 2019, Intel Corporation. All rights reserved.<BR> > > > +; Copyright (c) 2019 - 2021, Intel Corporation. All rights > > > +reserved.<BR> > > > ; SPDX-License-Identifier: BSD-2-Clause-Patent ; ; Abstract: > > > @@ -20,3 +20,15 @@ > > > %macro INCSSP_EAX 0 > > > DB 0xF3, 0x0F, 0xAE, 0xE8 > > > %endmacro > > > + > > > +%macro SAVEPREVSSP 0 > > > + DB 0xF3, 0x0F, 0x01, 0xEA > > > +%endmacro > > > + > > > +%macro CLRSSBSY_EAX 0 > > > + DB 0x67, 0xF3, 0x0F, 0xAE, 0x30 > > > +%endmacro > > > + > > > +%macro RSTORSSP_EAX 0 > > > + DB 0x67, 0xF3, 0x0F, 0x01, 0x28 > > > +%endmacro > > > diff --git a/MdePkg/Include/X64/Nasm.inc > > b/MdePkg/Include/X64/Nasm.inc > > > index 42412735ea..c5189982bb 100644 > > > --- a/MdePkg/Include/X64/Nasm.inc > > > +++ b/MdePkg/Include/X64/Nasm.inc > > > @@ -1,6 +1,6 @@ > > > > > > ;--------------------------------------------------------------------- > > > --------- > > > ; > > > -; Copyright (c) 2019, Intel Corporation. All rights reserved.<BR> > > > +; Copyright (c) 2019 - 2021, Intel Corporation. All rights > > > +reserved.<BR> > > > ; SPDX-License-Identifier: BSD-2-Clause-Patent ; ; Abstract: > > > @@ -20,3 +20,15 @@ > > > %macro INCSSP_RAX 0 > > > DB 0xF3, 0x48, 0x0F, 0xAE, 0xE8 > > > %endmacro > > > + > > > +%macro SAVEPREVSSP 0 > > > + DB 0xF3, 0x0F, 0x01, 0xEA > > > +%endmacro > > > + > > > +%macro CLRSSBSY_RAX 0 > > > + DB 0xF3, 0x0F, 0xAE, 0x30 > > > +%endmacro > > > + > > > +%macro RSTORSSP_RAX 0 > > > + DB 0xF3, 0x0F, 0x01, 0x28 > > > +%endmacro > > > -- > > > 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#70904): https://edk2.groups.io/g/devel/message/70904 Mute This Topic: https://groups.io/mt/80201572/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
