Felix, I agree the obfuscation may not really be helpful. I've got a couple of thoughts.
1) I agree that I don't think the DebugLib is inherently safe on APs. I wonder if we could make a library class that was DebugLibMpSafe and have the same API as DebugLib. That way the library class matches how the module was coded. 2) If we want to enforce the rules we should add code to the PEI or DXE Core to CpuBreakpoint() etc. if an AP calls a core service. Adding detection code is possible, but it is not trivial. For example if you have remembered the BSP and if the WhoAmI returns something different you need to check to see if some one changed the BSP. I guess for PEI the other option could be to have a fake PEI Services Table that stubs out all the functions with CpuBreakpoint() or some such? Thanks, Andrew Fish > On Nov 30, 2018, at 6:33 AM, Felix Polyudov <[email protected]> wrote: > > Ray, > > I agree with the premise that calling PEI services from AP should generally > be avoided. > However, the PEI services can be used on AP under certain special > circumstances. > A couple of examples: > 1. For debugging purposes. The MpInitLib contains 12 DEBUG calls and 19 > ASSERT calls. Depending on the DebugLib instance used in the project, these > calls may lead to PEI services invocation. > 2. MpInitLib provides ability to call AP in a serialized manner (only one AP > is running, other APs and BSP are waiting), when it is safe to call PEI > services. > > Additionally, I think even if PEI services should not be used on AP, there is > still a reason to keep PEI services table pointer initialized. > On one hand, given the complexity of modern firmware projects comprised of > modules coming from multiple vendors, making sure PEI services are not used > on AP can be a challenge. > For example, in my case the call was coming from the chipset reference code. > On the other hand, with the current implementation, when somebody does try to > use PEI services on AP the behavior is unpredictable. > Depending on the content of the uninitialized PEI service table pointer, the > system may either crash with one of the handful of different exceptions, > or it may start executing code from a random location. It's very difficult to > debug such issues. One can spend weeks chasing a problem like this. > > > -----Original Message----- > From: edk2-devel [mailto:[email protected] > <mailto:[email protected]>] On Behalf Of Ni, Ruiyu > Sent: Thursday, November 29, 2018 10:43 PM > To: Felix Polyudov; [email protected] <mailto:[email protected]> > Cc: [email protected] <mailto:[email protected]>; Dong, Eric > Subject: Re: [edk2] [Patch] UefiCpuPkg/MpLib: Fix PEI Services Table pointer > on AP > > Felix, > I disagree:) Sorry about that. :) > > The commit you mentioned might be made by me (didn't checked). > Because I aimed to avoid calling PEI services from AP. That's a violation of > PI spec and not safe by design. > > The AP calling standard services concern was raised by Andrew initially. > > Thanks, > Ray > >> -----Original Message----- >> From: Felix Polyudov [mailto:[email protected]] >> Sent: Friday, November 30, 2018 8:36 AM >> To: [email protected] >> Cc: Dong, Eric <[email protected]>; Ni, Ruiyu <[email protected]>; >> [email protected] >> Subject: [Patch] UefiCpuPkg/MpLib: Fix PEI Services Table pointer on AP >> >> According to PI specification PEI Services table pointer is stored right >> before ITD >> base. Starting from commit c563077a380437c1 BSP and AP have different IDT >> instances. >> PEI Services table pointer was not initialized in the AP IDT instance. >> As a result, any attempt to use functions from PeiServicesTablePointerLib or >> PeiServicesLib on AP caused CPU exception. >> >> Contributed-under: TianoCore Contribution Agreement 1.1 >> Signed-off-by: Felix Polyudov <[email protected]> >> --- >> UefiCpuPkg/Library/MpInitLib/MpLib.c | 10 +++++++++- >> 1 file changed, 9 insertions(+), 1 deletion(-) >> >> diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c >> b/UefiCpuPkg/Library/MpInitLib/MpLib.c >> index 7f4d6e6..0e3e362 100644 >> --- a/UefiCpuPkg/Library/MpInitLib/MpLib.c >> +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c >> @@ -1567,6 +1567,7 @@ MpInitLibInitialize ( >> BufferSize = ApStackSize * MaxLogicalProcessorNumber; >> BufferSize += MonitorFilterSize * MaxLogicalProcessorNumber; >> BufferSize += ApResetVectorSize; >> + BufferSize += sizeof(UINTN); >> BufferSize = ALIGN_VALUE (BufferSize, 8); >> BufferSize += VolatileRegisters.Idtr.Limit + 1; >> BufferSize += sizeof (CPU_MP_DATA); >> @@ -1587,6 +1588,8 @@ MpInitLibInitialize ( >> // Backup Buffer >> // +--------------------+ >> // Padding >> + // +--------------------+ >> + // PEI Services Table Pointer >> // +--------------------+ <-- ApIdtBase (8-byte boundary) >> // AP IDT All APs share one separate IDT. So AP can get >> address of >> CPU_MP_DATA from IDT Base. >> // +--------------------+ <-- CpuMpData >> @@ -1599,7 +1602,7 @@ MpInitLibInitialize ( >> // >> MonitorBuffer = (UINT8 *) (Buffer + ApStackSize * >> MaxLogicalProcessorNumber); >> BackupBufferAddr = (UINTN) MonitorBuffer + MonitorFilterSize * >> MaxLogicalProcessorNumber; >> - ApIdtBase = ALIGN_VALUE (BackupBufferAddr + ApResetVectorSize, 8); >> + ApIdtBase = ALIGN_VALUE (BackupBufferAddr + ApResetVectorSize + >> sizeof(UINTN), 8); >> CpuMpData = (CPU_MP_DATA *) (ApIdtBase + >> VolatileRegisters.Idtr.Limit + >> 1); >> CpuMpData->Buffer = Buffer; >> CpuMpData->CpuApStackSize = ApStackSize; >> @@ -1653,6 +1656,11 @@ MpInitLibInitialize ( >> Buffer + BufferSize); >> >> // >> + // Initialize PEI Services table pointer. Copy the address from BSP. >> + // >> + *(UINTN*)(ApIdtBase - sizeof(UINTN)) = >> + *(UINTN*)(VolatileRegisters.Idtr.Base - sizeof (UINTN)); >> + >> + // >> // Duplicate BSP's IDT to APs. >> // All APs share one separate IDT. So AP can get the address of CpuMpData >> by >> using IDTR.BASE + IDTR.LIMIT + 1 >> // >> -- >> 2.10.0.windows.1 >> >> >> >> Please consider the environment before printing this email. >> >> The information contained in this message may be confidential and proprietary >> to American Megatrends, Inc. This communication is intended to be read only >> by the individual or entity to whom it is addressed or by their designee. If >> the >> reader of this message is not the intended recipient, you are on notice that >> any >> distribution of this message, in any form, is strictly prohibited. Please >> promptly >> notify the sender by reply e-mail or by telephone at 770-246-8600, and then >> delete or destroy all copies of the transmission. > _______________________________________________ > edk2-devel mailing list > [email protected] <mailto:[email protected]> > https://lists.01.org/mailman/listinfo/edk2-devel > <https://lists.01.org/mailman/listinfo/edk2-devel> > > Please consider the environment before printing this email. > > The information contained in this message may be confidential and proprietary > to American Megatrends, Inc. This communication is intended to be read only > by the individual or entity to whom it is addressed or by their designee. If > the reader of this message is not the intended recipient, you are on notice > that any distribution of this message, in any form, is strictly prohibited. > Please promptly notify the sender by reply e-mail or by telephone at > 770-246-8600, and then delete or destroy all copies of the transmission. > _______________________________________________ > edk2-devel mailing list > [email protected] <mailto:[email protected]> > https://lists.01.org/mailman/listinfo/edk2-devel > <https://lists.01.org/mailman/listinfo/edk2-devel> _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
