If PcdDxeNxMemoryProtectionPolicy is set to enable protection for memory of EfiReservedMemoryType, the BIOS will hang at a page fault exception during starting SMM driver.
The root cause is that SMM RAM is type of EfiReservedMemoryType and marked as non-executable. The fix is simply removing NX attribute for those memory. Cc: Jiewen Yao <jiewen....@intel.com> Cc: Ruiyu Ni <ruiyu...@intel.com> Cc: Eric Dong <eric.d...@intel.com> Cc: Star Zeng <star.z...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang <jian.j.w...@intel.com> --- MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c index a7663ca291..94d671bd74 100644 --- a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c +++ b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c @@ -1550,6 +1550,7 @@ SmmIplEntry ( EFI_CPU_ARCH_PROTOCOL *CpuArch; EFI_STATUS SetAttrStatus; EFI_SMRAM_DESCRIPTOR *SmramRangeSmmDriver; + EFI_GCD_MEMORY_SPACE_DESCRIPTOR MemDesc; // // Fill in the image handle of the SMM IPL so the SMM Core can use this as the @@ -1616,7 +1617,8 @@ SmmIplEntry ( GetSmramCacheRange (mCurrentSmramRange, &mSmramCacheBase, &mSmramCacheSize); // - // If CPU AP is present, attempt to set SMRAM cacheability to WB + // If CPU AP is present, attempt to set SMRAM cacheability to WB and clear + // XP if it's set. // Note that it is expected that cacheability of SMRAM has been set to WB if CPU AP // is not available here. // @@ -1630,7 +1632,19 @@ SmmIplEntry ( ); if (EFI_ERROR (Status)) { DEBUG ((DEBUG_WARN, "SMM IPL failed to set SMRAM window to EFI_MEMORY_WB\n")); - } + } + + Status = gDS->GetMemorySpaceDescriptor( + mCurrentSmramRange->PhysicalStart, + &MemDesc + ); + if (!EFI_ERROR (Status) && (MemDesc.Attributes & EFI_MEMORY_XP) != 0) { + gDS->SetMemorySpaceAttributes ( + mCurrentSmramRange->PhysicalStart, + mCurrentSmramRange->PhysicalSize, + MemDesc.Attributes & (~EFI_MEMORY_XP) + ); + } } // // if Loading module at Fixed Address feature is enabled, save the SMRAM base to Load -- 2.15.1.windows.2 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel