Re: [edk2-devel] [Patch 1/3] NetworkPkg: Move Network library and drivers from MdeModulePkg to NetworkPkg

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 



> -Original Message-
> From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of
> Liming Gao
> Sent: Wednesday, May 15, 2019 8:02 PM
> To: devel@edk2.groups.io
> Cc: Fu, Siyuan ; Wu, Jiaxin 
> Subject: [edk2-devel] [Patch 1/3] NetworkPkg: Move Network library and
> drivers from MdeModulePkg to NetworkPkg
> 
> Signed-off-by: Liming Gao 
> Cc: Siyuan Fu 
> Cc: Jiaxin Wu 
> ---
>  .../Network => NetworkPkg}/ArpDxe/ArpDriver.c  |  0
>  .../Universal/Network => NetworkPkg}/ArpDxe/ArpImpl.c  |  0
>  .../Universal/Network => NetworkPkg}/ArpDxe/ArpMain.c  |  0
>  .../Network => NetworkPkg}/ArpDxe/ComponentName.c  |  0
>  .../Network => NetworkPkg}/Dhcp4Dxe/ComponentName.c|  0
>  .../Network => NetworkPkg}/Dhcp4Dxe/Dhcp4Driver.c  |  0
>  .../Network => NetworkPkg}/Dhcp4Dxe/Dhcp4Impl.c|  0
>  .../Network => NetworkPkg}/Dhcp4Dxe/Dhcp4Io.c  |  0
>  .../Network => NetworkPkg}/Dhcp4Dxe/Dhcp4Option.c  |  0
>  .../Universal/Network => NetworkPkg}/DpcDxe/Dpc.c  |  0
>  .../Network => NetworkPkg}/Ip4Dxe/ComponentName.c  |  0
>  .../Network => NetworkPkg}/Ip4Dxe/Ip4Common.c  |  0
>  .../Network => NetworkPkg}/Ip4Dxe/Ip4Config2Impl.c |  0
>  .../Network => NetworkPkg}/Ip4Dxe/Ip4Config2Nv.c   |  0
>  .../Network => NetworkPkg}/Ip4Dxe/Ip4Driver.c  |  0
>  .../Universal/Network => NetworkPkg}/Ip4Dxe/Ip4Icmp.c  |  0
>  .../Universal/Network => NetworkPkg}/Ip4Dxe/Ip4If.c|  0
>  .../Universal/Network => NetworkPkg}/Ip4Dxe/Ip4Igmp.c  |  0
>  .../Universal/Network => NetworkPkg}/Ip4Dxe/Ip4Impl.c  |  0
>  .../Universal/Network => NetworkPkg}/Ip4Dxe/Ip4Input.c |  0
>  .../Network => NetworkPkg}/Ip4Dxe/Ip4Option.c  |  0
>  .../Network => NetworkPkg}/Ip4Dxe/Ip4Output.c  |  0
>  .../Universal/Network => NetworkPkg}/Ip4Dxe/Ip4Route.c |  0
>  .../Library/DxeDpcLib/DpcLib.c |  0
>  .../Library/DxeHttpLib/DxeHttpLib.c|  0
>  .../Library/DxeIpIoLib/DxeIpIoLib.c|  0
>  .../Library/DxeNetLib/DxeNetLib.c  |  0
>  .../Library/DxeNetLib/NetBuffer.c  |  0
>  .../Library/DxeTcpIoLib/DxeTcpIoLib.c  |  0
>  .../Library/DxeUdpIoLib/DxeUdpIoLib.c  |  0
>  .../Network => NetworkPkg}/MnpDxe/ComponentName.c  |  0
>  .../Network => NetworkPkg}/MnpDxe/MnpConfig.c  |  0
>  .../Network => NetworkPkg}/MnpDxe/MnpDriver.c  |  0
>  .../Universal/Network => NetworkPkg}/MnpDxe/MnpIo.c|  0
>  .../Universal/Network => NetworkPkg}/MnpDxe/MnpMain.c  |  0
>  .../Universal/Network => NetworkPkg}/MnpDxe/MnpVlan.c  |  0
>  .../Network => NetworkPkg}/Mtftp4Dxe/ComponentName.c   |  0
>  .../Network => NetworkPkg}/Mtftp4Dxe/Mtftp4Driver.c|  0
>  .../Network => NetworkPkg}/Mtftp4Dxe/Mtftp4Impl.c  |  0
>  .../Network => NetworkPkg}/Mtftp4Dxe/Mtftp4Option.c|  0
>  .../Network => NetworkPkg}/Mtftp4Dxe/Mtftp4Rrq.c   |  0
>  .../Network => NetworkPkg}/Mtftp4Dxe/Mtftp4Support.c   |  0
>  .../Network => NetworkPkg}/Mtftp4Dxe/Mtftp4Wrq.c   |  0
>  .../Universal/Network => NetworkPkg}/SnpDxe/Callback.c |  0
>  .../Network => NetworkPkg}/SnpDxe/ComponentName.c  |  0
>  .../Network => NetworkPkg}/SnpDxe/Get_status.c |  0
>  .../Network => NetworkPkg}/SnpDxe/Initialize.c |  0
>  .../Network => NetworkPkg}/SnpDxe/Mcast_ip_to_mac.c|  0
>  .../Universal/Network => NetworkPkg}/SnpDxe/Nvdata.c   |  0
>  .../Universal/Network => NetworkPkg}/SnpDxe/Receive.c  |  0
>  .../Network => NetworkPkg}/SnpDxe/Receive_filters.c|  0
>  .../Universal/Network => NetworkPkg}/SnpDxe/Reset.c|  0
>  .../Universal/Network => NetworkPkg}/SnpDxe/Shutdown.c |  0
>  .../Universal/Network => NetworkPkg}/SnpDxe/Snp.c  |  0
>  .../Universal/Network => NetworkPkg}/SnpDxe/Start.c|  0
>  .../Network => NetworkPkg}/SnpDxe/Station_address.c|  0
>  .../Network => NetworkPkg}/SnpDxe/Statistics.c |  0
>  .../Universal/Network => NetworkPkg}/SnpDxe/Stop.c |  0
>  .../Universal/Network => NetworkPkg}/SnpDxe/Transmit.c |  0
>  .../Network => NetworkPkg}/SnpDxe/WaitForPacket.c  |  0
>  .../Network => NetworkPkg}/Udp4Dxe/ComponentName.c |  0
>  .../Network => NetworkPkg}/Udp4Dxe/Udp4Driver.c|  0
>  .../Network => NetworkPkg}/Udp4Dxe/Udp4Impl.c  |  0
>  .../Network => NetworkPkg}/Udp4Dxe/Udp4Main.c  |  0
>  .../VlanConfigDxe/ComponentName.c  |  0
>  .../VlanConfigDxe/VlanConfigDriver.c   |  

[edk2-devel] [PATCH v1 3/4] NetworkPkg/TlsDxe: Add the support of host validation to TlsDxe driver(CVE-2019-14553)

[Wu, Jiaxin]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=960
CVE: CVE-2019-14553
The new data type named "EfiTlsVerifyHost" and the
EFI_TLS_VERIFY_HOST_FLAG are supported in TLS protocol.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin 
Reviewed-by: Ye Ting 
Reviewed-by: Long Qin 
Reviewed-by: Fu Siyuan 
Acked-by: Laszlo Ersek 
---
 NetworkPkg/TlsDxe/TlsProtocol.c | 44 ++---
 1 file changed, 41 insertions(+), 3 deletions(-)

diff --git a/NetworkPkg/TlsDxe/TlsProtocol.c b/NetworkPkg/TlsDxe/TlsProtocol.c
index a7a993fc6f..001e5400d0 100644
--- a/NetworkPkg/TlsDxe/TlsProtocol.c
+++ b/NetworkPkg/TlsDxe/TlsProtocol.c
@@ -1,9 +1,9 @@
 /** @file
   Implementation of EFI TLS Protocol Interfaces.
 
-  Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
+  Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
@@ -54,16 +54,20 @@ TlsSetSessionData (
   EFI_STATUSStatus;
   TLS_INSTANCE  *Instance;
   UINT16*CipherId;
   CONST EFI_TLS_CIPHER  *TlsCipherList;
   UINTN CipherCount;
+  CONST EFI_TLS_VERIFY_HOST *TlsVerifyHost;
+  EFI_TLS_VERIFYVerifyMethod;
+  UINTN VerifyMethodSize;
   UINTN Index;
 
   EFI_TPL   OldTpl;
 
-  Status = EFI_SUCCESS;
-  CipherId = NULL;
+  Status   = EFI_SUCCESS;
+  CipherId = NULL;
+  VerifyMethodSize = sizeof (EFI_TLS_VERIFY);
 
   if (This == NULL || Data == NULL || DataSize == 0) {
 return EFI_INVALID_PARAMETER;
   }
 
@@ -146,10 +150,44 @@ TlsSetSessionData (
   Status = EFI_INVALID_PARAMETER;
   goto ON_EXIT;
 }
 
 TlsSetVerify (Instance->TlsConn, *((UINT32 *) Data));
+break;
+  case EfiTlsVerifyHost:
+if (DataSize != sizeof (EFI_TLS_VERIFY_HOST)) {
+  Status = EFI_INVALID_PARAMETER;
+  goto ON_EXIT;
+}
+
+TlsVerifyHost = (CONST EFI_TLS_VERIFY_HOST *) Data;
+
+if ((TlsVerifyHost->Flags & EFI_TLS_VERIFY_FLAG_ALWAYS_CHECK_SUBJECT) != 0 
&&
+(TlsVerifyHost->Flags & EFI_TLS_VERIFY_FLAG_NEVER_CHECK_SUBJECT) != 0) 
{
+  Status = EFI_INVALID_PARAMETER;
+  goto ON_EXIT;
+}
+
+if ((TlsVerifyHost->Flags & EFI_TLS_VERIFY_FLAG_NO_WILDCARDS) != 0 &&
+((TlsVerifyHost->Flags & EFI_TLS_VERIFY_FLAG_NO_PARTIAL_WILDCARDS) != 
0 ||
+ (TlsVerifyHost->Flags & EFI_TLS_VERIFY_FLAG_MULTI_LABEL_WILDCARDS) != 
0)) {
+  Status = EFI_INVALID_PARAMETER;
+  goto ON_EXIT;
+}
+
+Status = This->GetSessionData (This, EfiTlsVerifyMethod, , 
);
+if (EFI_ERROR (Status)) {
+  goto ON_EXIT;
+}
+
+if ((VerifyMethod & EFI_TLS_VERIFY_PEER) == 0) {
+  Status = EFI_INVALID_PARAMETER;
+  goto ON_EXIT;
+}
+
+Status = TlsSetVerifyHost (Instance->TlsConn, TlsVerifyHost->Flags, 
TlsVerifyHost->HostName);
+
 break;
   case EfiTlsSessionID:
 if (DataSize != sizeof (EFI_TLS_SESSION_ID)) {
   Status = EFI_INVALID_PARAMETER;
   goto ON_EXIT;
-- 
2.17.1.windows.2


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#48186): https://edk2.groups.io/g/devel/message/48186
Mute This Topic: https://groups.io/mt/34307581/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 1/4] MdePkg/Include/Protocol/Tls.h: Add the data type of EfiTlsVerifyHost(CVE-2019-14553)

[Wu, Jiaxin]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=960
CVE: CVE-2019-14553
In the patch, we add the new data type named "EfiTlsVerifyHost" and
the EFI_TLS_VERIFY_HOST_FLAG for the TLS protocol consumer (HTTP)
to enable the host name check so as to avoid the potential
Man-In-The-Middle attack.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin 
Reviewed-by: Ye Ting 
Reviewed-by: Long Qin 
Reviewed-by: Fu Siyuan 
Acked-by: Laszlo Ersek 
---
 MdePkg/Include/Protocol/Tls.h | 68 +--
 1 file changed, 57 insertions(+), 11 deletions(-)

diff --git a/MdePkg/Include/Protocol/Tls.h b/MdePkg/Include/Protocol/Tls.h
index bf1b6727a1..af524ae2a6 100644
--- a/MdePkg/Include/Protocol/Tls.h
+++ b/MdePkg/Include/Protocol/Tls.h
@@ -39,14 +39,10 @@ typedef struct _EFI_TLS_PROTOCOL EFI_TLS_PROTOCOL;
 
 ///
 /// EFI_TLS_SESSION_DATA_TYPE
 ///
 typedef enum {
-  ///
-  /// Session Configuration
-  ///
-
   ///
   /// TLS session Version. The corresponding Data is of type EFI_TLS_VERSION.
   ///
   EfiTlsVersion,
   ///
@@ -84,15 +80,10 @@ typedef enum {
   ///
   /// TLS session data session state.
   /// The corresponding Data is of type EFI_TLS_SESSION_STATE.
   ///
   EfiTlsSessionState,
-
-  ///
-  /// Session information
-  ///
-
   ///
   /// TLS session data client random.
   /// The corresponding Data is of type EFI_TLS_RANDOM.
   ///
   EfiTlsClientRandom,
@@ -104,13 +95,19 @@ typedef enum {
   ///
   /// TLS session data key material.
   /// The corresponding Data is of type EFI_TLS_MASTER_SECRET.
   ///
   EfiTlsKeyMaterial,
+  ///
+  /// TLS session hostname for validation which is used to verify whether the 
name
+  /// within the peer certificate matches a given host name.
+  /// This parameter is invalid when EfiTlsVerifyMethod is EFI_TLS_VERIFY_NONE.
+  /// The corresponding Data is of type EFI_TLS_VERIFY_HOST.
+  ///
+  EfiTlsVerifyHost,
 
   EfiTlsSessionDataTypeMaximum
-
 } EFI_TLS_SESSION_DATA_TYPE;
 
 ///
 /// EFI_TLS_VERSION
 /// Note: The TLS version definition is from SSL3.0 to the latest TLS (e.g. 
1.2).
@@ -176,19 +173,68 @@ typedef UINT32  EFI_TLS_VERIFY;
 /// The TLS/SSL handshake is immediately terminated with an alert message 
containing
 /// the reason for the certificate verification failure.
 ///
 #define EFI_TLS_VERIFY_PEER  0x1
 ///
-/// TLS session will fail peer certificate is absent.
+/// EFI_TLS_VERIFY_FAIL_IF_NO_PEER_CERT is only meaningful in the server mode.
+/// TLS session will fail if client certificate is absent.
 ///
 #define EFI_TLS_VERIFY_FAIL_IF_NO_PEER_CERT  0x2
 ///
 /// TLS session only verify client once, and doesn't request certificate during
 /// re-negotiation.
 ///
 #define EFI_TLS_VERIFY_CLIENT_ONCE   0x4
 
+///
+/// EFI_TLS_VERIFY_HOST_FLAG
+///
+typedef UINT32 EFI_TLS_VERIFY_HOST_FLAG;
+///
+/// There is no additional flags set for hostname validation.
+/// Wildcards are supported and they match only in the left-most label.
+///
+#define EFI_TLS_VERIFY_FLAG_NONE0x00
+///
+/// Always check the Subject Distinguished Name (DN) in the peer certificate 
even if the
+/// certificate contains Subject Alternative Name (SAN).
+///
+#define EFI_TLS_VERIFY_FLAG_ALWAYS_CHECK_SUBJECT0x01
+///
+/// Disable the match of all wildcards.
+///
+#define EFI_TLS_VERIFY_FLAG_NO_WILDCARDS0x02
+///
+/// Disable the "*" as wildcard in labels that have a prefix or suffix (e.g. 
"www*" or "*www").
+///
+#define EFI_TLS_VERIFY_FLAG_NO_PARTIAL_WILDCARDS0x04
+///
+/// Allow the "*" to match more than one labels. Otherwise, only matches a 
single label.
+///
+#define EFI_TLS_VERIFY_FLAG_MULTI_LABEL_WILDCARDS   0x08
+///
+/// Restrict to only match direct child sub-domains which start with ".".
+/// For example, a name of ".example.com" would match "www.example.com" with 
this flag,
+/// but would not match "www.sub.example.com".
+///
+#define EFI_TLS_VERIFY_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10
+///
+/// Never check the Subject Distinguished Name (DN) even there is no
+/// Subject Alternative Name (SAN) in the certificate.
+///
+#define EFI_TLS_VERIFY_FLAG_NEVER_CHECK_SUBJECT 0x20
+
+///
+/// EFI_TLS_VERIFY_HOST
+///
+#pragma pack (1)
+typedef struct {
+  EFI_TLS_VERIFY_HOST_FLAG Flags;
+  CHAR8*HostName;
+} EFI_TLS_VERIFY_HOST;
+#pragma pack ()
+
 ///
 /// EFI_TLS_RANDOM
 /// Note: The definition of EFI_TLS_RANDOM is from "RFC 5246 A.4.1.
 ///   Hello Messages".
 ///
-- 
2.17.1.windows.2


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#48184): https://edk2.groups.io/g/devel/message/48184
Mute This Topic: https://groups.io/mt/34307579/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 4/4] NetworkPkg/HttpDxe: Set the HostName for the verification(CVE-2019-14553)

[Wu, Jiaxin]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=960
CVE: CVE-2019-14553
Set the HostName by consuming TLS protocol to enable the host name
check so as to avoid the potential Man-In-The-Middle attack.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin 
Reviewed-by: Ye Ting 
Reviewed-by: Long Qin 
Reviewed-by: Fu Siyuan 
Acked-by: Laszlo Ersek 
---
 NetworkPkg/HttpDxe/HttpProto.h|  1 +
 NetworkPkg/HttpDxe/HttpsSupport.c | 21 +
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/NetworkPkg/HttpDxe/HttpProto.h b/NetworkPkg/HttpDxe/HttpProto.h
index 6e1f51748a..34308e016d 100644
--- a/NetworkPkg/HttpDxe/HttpProto.h
+++ b/NetworkPkg/HttpDxe/HttpProto.h
@@ -80,10 +80,11 @@ typedef struct {
 
 typedef struct {
   EFI_TLS_VERSION   Version;
   EFI_TLS_CONNECTION_ENDConnectionEnd;
   EFI_TLS_VERIFYVerifyMethod;
+  EFI_TLS_VERIFY_HOST   VerifyHost;
   EFI_TLS_SESSION_STATE SessionState;
 } TLS_CONFIG_DATA;
 
 //
 // Callback data for HTTP_PARSER_CALLBACK()
diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c 
b/NetworkPkg/HttpDxe/HttpsSupport.c
index 988bbcbce7..5dfb13bd60 100644
--- a/NetworkPkg/HttpDxe/HttpsSupport.c
+++ b/NetworkPkg/HttpDxe/HttpsSupport.c
@@ -621,17 +621,20 @@ TlsConfigureSession (
   EFI_STATUS Status;
 
   //
   // TlsConfigData initialization
   //
-  HttpInstance->TlsConfigData.ConnectionEnd = EfiTlsClient;
-  HttpInstance->TlsConfigData.VerifyMethod = EFI_TLS_VERIFY_PEER;
-  HttpInstance->TlsConfigData.SessionState = EfiTlsSessionNotStarted;
+  HttpInstance->TlsConfigData.ConnectionEnd   = EfiTlsClient;
+  HttpInstance->TlsConfigData.VerifyMethod= EFI_TLS_VERIFY_PEER;
+  HttpInstance->TlsConfigData.VerifyHost.Flags= 
EFI_TLS_VERIFY_FLAG_NO_WILDCARDS;
+  HttpInstance->TlsConfigData.VerifyHost.HostName = HttpInstance->RemoteHost;
+  HttpInstance->TlsConfigData.SessionState= EfiTlsSessionNotStarted;
 
   //
   // EfiTlsConnectionEnd,
-  // EfiTlsVerifyMethod
+  // EfiTlsVerifyMethod,
+  // EfiTlsVerifyHost,
   // EfiTlsSessionState
   //
   Status = HttpInstance->Tls->SetSessionData (
 HttpInstance->Tls,
 EfiTlsConnectionEnd,
@@ -650,10 +653,20 @@ TlsConfigureSession (
 );
   if (EFI_ERROR (Status)) {
 return Status;
   }
 
+  Status = HttpInstance->Tls->SetSessionData (
+HttpInstance->Tls,
+EfiTlsVerifyHost,
+>TlsConfigData.VerifyHost,
+sizeof (EFI_TLS_VERIFY_HOST)
+);
+  if (EFI_ERROR (Status)) {
+return Status;
+  }
+
   Status = HttpInstance->Tls->SetSessionData (
 HttpInstance->Tls,
 EfiTlsSessionState,
 &(HttpInstance->TlsConfigData.SessionState),
 sizeof (EFI_TLS_SESSION_STATE)
-- 
2.17.1.windows.2


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#48187): https://edk2.groups.io/g/devel/message/48187
Mute This Topic: https://groups.io/mt/34307582/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

[Wu, Jiaxin]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=960
CVE: CVE-2019-14553
The series patches are to support HTTPS hostname validation feature. 
It fixes the issue exposed @ 
https://bugzilla.tianocore.org/show_bug.cgi?id=960.
In the patches, we add the new data type named "EfiTlsVerifyHost" and
the EFI_TLS_VERIFY_HOST_FLAG for the TLS protocol consumer (HTTP) to 
enable the host name check so as to avoid the potential 
Man-In-The-Middle attack.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin 
Reviewed-by: Ye Ting 
Reviewed-by: Long Qin 
Reviewed-by: Fu Siyuan 
Acked-by: Laszlo Ersek 

Jiaxin Wu (4):
  MdePkg/Include/Protocol/Tls.h: Add the data type of 
EfiTlsVerifyHost(CVE-2019-14553)
  CryptoPkg/TlsLib: Add the new API "TlsSetVerifyHost"(CVE-2019-14553)
  NetworkPkg/TlsDxe: Add the support of host validation to TlsDxe 
driver(CVE-2019-14553)
  NetworkPkg/HttpDxe: Set the HostName for the verification(CVE-2019-14553)

 CryptoPkg/Include/Library/TlsLib.h   | 20 
 CryptoPkg/Library/TlsLib/TlsConfig.c | 38 +++-
 MdePkg/Include/Protocol/Tls.h| 68 +++-
 NetworkPkg/HttpDxe/HttpProto.h   |  1 +
 NetworkPkg/HttpDxe/HttpsSupport.c| 21 +++--
 NetworkPkg/TlsDxe/TlsProtocol.c  | 44 --
 6 files changed, 173 insertions(+), 19 deletions(-)

-- 
2.17.1.windows.2


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#48183): https://edk2.groups.io/g/devel/message/48183
Mute This Topic: https://groups.io/mt/34307578/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 2/4] CryptoPkg/TlsLib: Add the new API "TlsSetVerifyHost"(CVE-2019-14553)

[Wu, Jiaxin]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=960
CVE: CVE-2019-14553
In the patch, we add the new API "TlsSetVerifyHost" for the TLS
protocol to set the specified host name that need to be verified.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin 
Reviewed-by: Ye Ting 
Reviewed-by: Long Qin 
Reviewed-by: Fu Siyuan 
Acked-by: Laszlo Ersek 
---
 CryptoPkg/Include/Library/TlsLib.h   | 20 +++
 CryptoPkg/Library/TlsLib/TlsConfig.c | 38 +++-
 2 files changed, 57 insertions(+), 1 deletion(-)

diff --git a/CryptoPkg/Include/Library/TlsLib.h 
b/CryptoPkg/Include/Library/TlsLib.h
index 9875cb6e74..3af7d4bc09 100644
--- a/CryptoPkg/Include/Library/TlsLib.h
+++ b/CryptoPkg/Include/Library/TlsLib.h
@@ -394,10 +394,30 @@ EFIAPI
 TlsSetVerify (
   IN VOID *Tls,
   IN UINT32   VerifyMode
   );
 
+/**
+  Set the specified host name to be verified.
+
+  @param[in]  Tls   Pointer to the TLS object.
+  @param[in]  Flags The setting flags during the validation.
+  @param[in]  HostName  The specified host name to be verified.
+
+  @retval  EFI_SUCCESS   The HostName setting was set successfully.
+  @retval  EFI_INVALID_PARAMETER The parameter is invalid.
+  @retval  EFI_ABORTED   Invalid HostName setting.
+
+**/
+EFI_STATUS
+EFIAPI
+TlsSetVerifyHost (
+  IN VOID *Tls,
+  IN UINT32   Flags,
+  IN CHAR8*HostName
+  );
+
 /**
   Sets a TLS/SSL session ID to be used during TLS/SSL connect.
 
   This function sets a session ID to be used when the TLS/SSL connection is
   to be established.
diff --git a/CryptoPkg/Library/TlsLib/TlsConfig.c 
b/CryptoPkg/Library/TlsLib/TlsConfig.c
index 74b577d60e..2bf5aee7c0 100644
--- a/CryptoPkg/Library/TlsLib/TlsConfig.c
+++ b/CryptoPkg/Library/TlsLib/TlsConfig.c
@@ -1,9 +1,9 @@
 /** @file
   SSL/TLS Configuration Library Wrapper Implementation over OpenSSL.
 
-Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.
 (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
@@ -495,10 +495,46 @@ TlsSetVerify (
   // Set peer certificate verification parameters with NULL callback.
   //
   SSL_set_verify (TlsConn->Ssl, VerifyMode, NULL);
 }
 
+/**
+  Set the specified host name to be verified.
+
+  @param[in]  Tls   Pointer to the TLS object.
+  @param[in]  Flags The setting flags during the validation.
+  @param[in]  HostName  The specified host name to be verified.
+
+  @retval  EFI_SUCCESS   The HostName setting was set successfully.
+  @retval  EFI_INVALID_PARAMETER The parameter is invalid.
+  @retval  EFI_ABORTED   Invalid HostName setting.
+
+**/
+EFI_STATUS
+EFIAPI
+TlsSetVerifyHost (
+  IN VOID *Tls,
+  IN UINT32   Flags,
+  IN CHAR8*HostName
+  )
+{
+  TLS_CONNECTION  *TlsConn;
+
+  TlsConn = (TLS_CONNECTION *) Tls;
+  if (TlsConn == NULL || TlsConn->Ssl == NULL || HostName == NULL) {
+ return EFI_INVALID_PARAMETER;
+  }
+
+  SSL_set_hostflags(TlsConn->Ssl, Flags);
+
+  if (SSL_set1_host(TlsConn->Ssl, HostName) == 0) {
+return EFI_ABORTED;
+  }
+
+  return EFI_SUCCESS;
+}
+
 /**
   Sets a TLS/SSL session ID to be used during TLS/SSL connect.
 
   This function sets a session ID to be used when the TLS/SSL connection is
   to be established.
-- 
2.17.1.windows.2


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#48185): https://edk2.groups.io/g/devel/message/48185
Mute This Topic: https://groups.io/mt/34307580/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 1/1] Maintainers.txt: Adding new NetworkPkg reviewer.

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 

Thanks,
Jiaxin

> -Original Message-
> From: Rabeda, Maciej 
> Sent: Wednesday, November 6, 2019 1:07 AM
> To: devel@edk2.groups.io
> Cc: Wu, Jiaxin ; Fu, Siyuan 
> Subject: [PATCH v1 1/1] Maintainers.txt: Adding new NetworkPkg reviewer.
> 
> Add Maciej Rabeda as reviewer of NetworkPkg.
> 
> Cc: Jiaxin Wu 
> Cc: Siyuan Fu 
> Signed-off-by: Maciej Rabeda 
> ---
>  Maintainers.txt | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/Maintainers.txt b/Maintainers.txt
> index 71a34a284567..922cc664ddc3 100644
> --- a/Maintainers.txt
> +++ b/Maintainers.txt
> @@ -356,6 +356,7 @@ F: NetworkPkg/
>  W: https://github.com/tianocore/tianocore.github.io/wiki/NetworkPkg
>  M: Jiaxin Wu 
>  R: Siyuan Fu 
> +R: Maciej Rabeda 
> 
>  OvmfPkg
>  F: OvmfPkg/
> --
> 2.17.0.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#50013): https://edk2.groups.io/g/devel/message/50013
Mute This Topic: https://groups.io/mt/42268272/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2] Maintainers.txt: Update email address and role

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 

Thanks,
Jiaxin

> -Original Message-
> From: Maciej Rabeda 
> Sent: Wednesday, December 11, 2019 5:54 PM
> To: devel@edk2.groups.io
> Cc: Wu, Jiaxin ; Fu, Siyuan 
> Subject: [PATCH v2] Maintainers.txt: Update email address and role
> 
> Created new email account that will not append legal disclaimers to
> my responses/patches.
> 
> Switching to NetworkPkg maintainer.
> 
> Cc: Jiaxin Wu 
> Cc: Siyuan Fu 
> Signed-off-by: Maciej Rabeda 
> ---
>  Maintainers.txt | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/Maintainers.txt b/Maintainers.txt
> index d6e8d5d5c797..146d8aca93f0 100644
> --- a/Maintainers.txt
> +++ b/Maintainers.txt
> @@ -378,8 +378,8 @@ NetworkPkg
>  F: NetworkPkg/
> 
>  W: https://github.com/tianocore/tianocore.github.io/wiki/NetworkPkg
> 
>  M: Jiaxin Wu 
> 
> +M: Maciej Rabeda 
> 
>  R: Siyuan Fu 
> 
> -R: Maciej Rabeda 
> 
> 
> 
>  OvmfPkg
> 
>  F: OvmfPkg/
> 
> --
> 2.24.0.windows.2


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#52195): https://edk2.groups.io/g/devel/message/52195
Mute This Topic: https://groups.io/mt/68146042/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2] Maintainers.txt: Update email address and role

[Wu, Jiaxin]

Sure, already create the new PR & push label to edk2 master. 

Thanks,
Jiaxin


> -Original Message-
> From: Rabeda, Maciej 
> Sent: Tuesday, December 17, 2019 6:07 AM
> To: devel@edk2.groups.io; Wu, Jiaxin 
> Subject: Re: [edk2-devel] [PATCH v2] Maintainers.txt: Update email address
> and role
> 
> Hi Jiaxin,
> 
> I have sent the PR to your edk2 fork. Any chance to get that to
> tianocore/edk2? :)
> 
> Thanks,
> 
> Maciej
> 
> On 13-Dec-19 03:58, Wu, Jiaxin wrote:
> > Reviewed-by: Jiaxin Wu 
> >
> > Thanks,
> > Jiaxin
> >
> >> -Original Message-
> >> From: Maciej Rabeda 
> >> Sent: Wednesday, December 11, 2019 5:54 PM
> >> To: devel@edk2.groups.io
> >> Cc: Wu, Jiaxin ; Fu, Siyuan 
> >> Subject: [PATCH v2] Maintainers.txt: Update email address and role
> >>
> >> Created new email account that will not append legal disclaimers to
> >> my responses/patches.
> >>
> >> Switching to NetworkPkg maintainer.
> >>
> >> Cc: Jiaxin Wu 
> >> Cc: Siyuan Fu 
> >> Signed-off-by: Maciej Rabeda 
> >> ---
> >>   Maintainers.txt | 2 +-
> >>   1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/Maintainers.txt b/Maintainers.txt
> >> index d6e8d5d5c797..146d8aca93f0 100644
> >> --- a/Maintainers.txt
> >> +++ b/Maintainers.txt
> >> @@ -378,8 +378,8 @@ NetworkPkg
> >>   F: NetworkPkg/
> >>
> >>   W: https://github.com/tianocore/tianocore.github.io/wiki/NetworkPkg
> >>
> >>   M: Jiaxin Wu 
> >>
> >> +M: Maciej Rabeda 
> >>
> >>   R: Siyuan Fu 
> >>
> >> -R: Maciej Rabeda 
> >>
> >>
> >>
> >>   OvmfPkg
> >>
> >>   F: OvmfPkg/
> >>
> >> --
> >> 2.24.0.windows.2
> >
> > 
> >

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#52283): https://edk2.groups.io/g/devel/message/52283
Mute This Topic: https://groups.io/mt/68146042/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [RFC v1 5/4] CryptoPkg/TlsLib: accept peer certs via both DNS names and IP addresses

[Wu, Jiaxin]

 To: edk2-devel-groups-io 
> Cc: Bret Barkelew ; David Woodhouse
> ; Wang, Jian J ; Wu, Jiaxin
> ; Richard Levitte ; Sivaraman
> Nainar 
> Subject: [edk2-devel] [RFC v1 5/4] CryptoPkg/TlsLib: accept peer certs via
> both DNS names and IP addresses
> 
> SSL_set1_host() in TlsSetVerifyHost() ignores GEN_IP entries in the peer
> certificate's Subject Alternative Name (SAN) extension. This leads to the
> rejection of any valid peer certificate that matches the dot-decimal IPv4,
> or colon-hexadecimal IPv6, host part of an URL *only* through SAN/GEN_IP,
> and not through the Common Name.
> 
> Based on David's guidance, replace SSL_set1_host() in TlsSetVerifyHost()
> with application specific data ("ExData") that is associated with the SSL
> object. Namely, pass the host part of the URL as "application specific
> data" into a new peer certificate verification callback. In the callback,
> first try to parse the host part of the URL as a numeric IP address, for
> certificate subject verification. If that parsing fails, fall back to
> interpreting the host part as a DNS hostname.
> 
> Cc: Bret Barkelew 
> Cc: David Woodhouse 
> Cc: Jian J Wang 
> Cc: Jiaxin Wu 
> Cc: Richard Levitte 
> Cc: Sivaraman Nainar 
> Ref: http://mid.mail-
> archive.com/B4DE137BDB63634BAC03BD9DE765F197028B24CA23@VENUS1.i
> n.megatrends.com
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=960
> Ref: https://edk2.groups.io/g/devel/message/42022
> Suggested-by: David Woodhouse 
> Signed-off-by: Laszlo Ersek 
> ---
> 
> Notes:
> Unfortunately, there are two problems with this patch:
> 
> (1) X509_VERIFY_PARAM_set1_ip_asc() does not accept IPv4 addresses in
> dot-decimal notation (unless I messed up the code). My log file
> contains:
> 
> > TlsDxe:TlsCertVerify: verifying peer certificate with DNS hostname
> "192.168.124.2"
> > TlsDxe:TlsCertVerify: peer certificate accepted
> 
> (2) X509_VERIFY_PARAM_set1_ip_asc() does accept IPv6 addresses.
> However,
> in that case, the server certificate that I had generated with
> "genkey" (where I entered the IPv6 address in the Common Name field)
> is rejected:
> 
> > TlsDxe:TlsCertVerify: verifying peer certificate with numerical IP 
> address
> "fd33:eb1b:9b36::2"
> > TlsDxe:TlsCertVerify: peer certificate rejected
> > TlsDoHandshake SSL_HANDSHAKE_ERROR State=0x4 SSL_ERROR_SSL
> > TlsDoHandshake ERROR 0x1416F086=L14:F16F:R86
> 
> If I do not apply the present patch on top of Jiaxin's v1 4/4 (at
> <http://mid.mail-archive.com/20190927034441.3096-5-
> jiaxin...@intel.com>),
> then the certificate is accepted fine.
> 
> Not sure how to address these.
> 
>  CryptoPkg/Library/TlsLib/TlsLib.inf   |   1 +
>  CryptoPkg/Library/TlsLib/InternalTlsLib.h |  33 +++
>  CryptoPkg/Library/TlsLib/TlsConfig.c  |  17 +-
>  CryptoPkg/Library/TlsLib/TlsExData.c  | 301 
>  CryptoPkg/Library/TlsLib/TlsInit.c|  35 ++-
>  5 files changed, 385 insertions(+), 2 deletions(-)
> 
> diff --git a/CryptoPkg/Library/TlsLib/TlsLib.inf
> b/CryptoPkg/Library/TlsLib/TlsLib.inf
> index 2f3ce695c33e..1f65eea516d4 100644
> --- a/CryptoPkg/Library/TlsLib/TlsLib.inf
> +++ b/CryptoPkg/Library/TlsLib/TlsLib.inf
> @@ -24,12 +24,13 @@ [Defines]
> 
>  [Sources]
>InternalTlsLib.h
>TlsInit.c
>TlsConfig.c
>TlsProcess.c
> +  TlsExData.c
> 
>  [Packages]
>MdePkg/MdePkg.dec
>CryptoPkg/CryptoPkg.dec
> 
>  [LibraryClasses]
> diff --git a/CryptoPkg/Library/TlsLib/InternalTlsLib.h
> b/CryptoPkg/Library/TlsLib/InternalTlsLib.h
> index ce7f4ced4a30..c8762befd31c 100644
> --- a/CryptoPkg/Library/TlsLib/InternalTlsLib.h
> +++ b/CryptoPkg/Library/TlsLib/InternalTlsLib.h
> @@ -34,8 +34,41 @@ typedef struct {
>//
>// Memory BIO for the TLS/SSL Writing operations.
>//
>BIO *OutBio;
>  } TLS_CONNECTION;
> 
> +//
> +// See the documentation for "mPeerSubjectNameKey",
> +// TlsPeerSubjectNameDuplicate(), TlsPeerSubjectNameFree(), and
> TlsCertVerify()
> +// in "TlsExData.c".
> +//
> +extern INT32 mPeerSubjectNameKey;
> +
> +INT32
> +TlsPeerSubjectNameDuplicate (
> +  OUTCRYPTO_EX_DATA   *DestinationExData,
> +  IN CONST CRYPTO_EX_DATA *SourceExData,
> +  IN OUT VOID *PeerSubjectNameAddress,
> +  IN INT32ExDataType,
> +  IN long ArgLong,
> +  IN VOID *ArgPtr
> +  );
> +
> +VOID
> +TlsPeerSubjectNameFree (
> +  

Re: [edk2-devel] [Patch] NetworkPkg/SnpDxe: Use PcdGetBool() instead of FixedPcdGetBool in Snp.c

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 



> -Original Message-
> From: Fu, Siyuan 
> Sent: Tuesday, October 29, 2019 9:41 AM
> To: devel@edk2.groups.io
> Cc: Wu, Jiaxin 
> Subject: [Patch] NetworkPkg/SnpDxe: Use PcdGetBool() instead of
> FixedPcdGetBool in Snp.c
> 
> This patch fixes a problem introduced by commit
>   61bb6eeb4d93c0a34c1995d87914ab41398f9550.
> 
> The PcdSnpCreateExitBootServicesEvent is not guaranteed to be
> FixedAtBuild,
> so use PcdGetBool() to supports both fixed and patchable PCD.
> 
> Change-Id: Ic1791bb598306e9251792113797c3bad317d0dda
> Cc: Jiaxin Wu 
> Signed-off-by: Siyuan Fu 
> ---
>  NetworkPkg/SnpDxe/Snp.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/NetworkPkg/SnpDxe/Snp.c b/NetworkPkg/SnpDxe/Snp.c
> index 9fb007f7ae..1099dbfa6a 100644
> --- a/NetworkPkg/SnpDxe/Snp.c
> +++ b/NetworkPkg/SnpDxe/Snp.c
> @@ -647,7 +647,7 @@ SimpleNetworkDriverStart (
>PxeShutdown (Snp);
>PxeStop (Snp);
> 
> -  if (FixedPcdGetBool (PcdSnpCreateExitBootServicesEvent)) {
> +  if (PcdGetBool (PcdSnpCreateExitBootServicesEvent)) {
>  //
>  // Create EXIT_BOOT_SERIVES Event
>  //
> @@ -780,7 +780,7 @@ SimpleNetworkDriverStop (
>  return Status;
>}
> 
> -  if (FixedPcdGetBool (PcdSnpCreateExitBootServicesEvent)) {
> +  if (PcdGetBool (PcdSnpCreateExitBootServicesEvent)) {
>  //
>  // Close EXIT_BOOT_SERIVES Event
>  //
> --
> 2.19.1.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#49573): https://edk2.groups.io/g/devel/message/49573
Mute This Topic: https://groups.io/mt/39177854/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 0/8] support server identity validation in HTTPS Boot (CVE-2019-14553)

[Wu, Jiaxin]

Test matrix - that's a great summary! The result is also good to me.

Thanks Laszlo's patches to fix the gap.

Series Reviewed-by: Jiaxin Wu 



> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Laszlo
> Ersek
> Sent: Saturday, October 26, 2019 1:37 PM
> To: edk2-devel-groups-io 
> Cc: David Woodhouse ; Wang, Jian J
> ; Wu, Jiaxin ; Sivaraman
> Nainar ; Lu, XiaoyuX 
> Subject: [edk2-devel] [PATCH v2 0/8] support server identity validation in
> HTTPS Boot (CVE-2019-14553)
> 
> Repo:   https://github.com/lersek/edk2.git
> Branch: bz960_with_inet_pton_v2
> Ref:https://bugzilla.tianocore.org/show_bug.cgi?id=960
> 
> Previous posting from Jiaxin:
> 
>   [edk2-devel] [PATCH v1 0/4]
>   Support HTTPS HostName validation feature(CVE-2019-14553)
> 
>   https://edk2.groups.io/g/devel/message/48183
>   20190927034441.3096-1-Jiaxin.wu@intel.com">http://mid.mail-archive.com/20190927034441.3096-1-Jiaxin.wu@intel.com
> 
> In v2, I have inserted 4 new patches in the middle, to satisfy two
> additional requirements raised by Siva and David:
> 
> - If the Subject Alternative Name in the server certificate contains an
>   IP address in binary representation, and the URL specifies an IP
>   address in literal form for "hostname", then both of those things
>   should be compared against each other, after converting the literal
>   from the URL to binary representation. In other words, a server
>   certificate with an IP address SAN should be recognized.
> 
> - If the URL specifies an IP address literal, then, according to
>   RFC-2818, "the iPAddress subjectAltName must be present in the
>   certificate and must exactly match the IP in the URI". In other words,
>   if a certificate matches the IP address literal from the URL via
>   Common Name only, then the certificate must be rejected.
> 
> I've also fixed two commit message warts in Jiaxin's patches (see the
> Notes sections on the patches).
> 
> I've tested the series painstakingly. Here's the script I wrote for
> certificate generation:
> 
> > ## @file
> > # Bash shell script for generating test certificates, for
> > # <https://bugzilla.tianocore.org/show_bug.cgi?id=960>.
> > #
> > # Copyright (C) 2019, Red Hat, Inc.
> > #
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > #
> > # Customize te variables in section "Configuration", then run the script 
> > with
> > # "bash gencerts.sh".
> > #
> > # The script creates 17 files in the current working directory:
> > # - one CA certificate (note: key is discarded);
> > #
> > # - for the (IPv4 domain name, IPv4 address) pair, one keypair (that is, a
> > #   CA-issued certificate, plus the private key) for each case below:
> > #   - Common Name = IPv4 domain name, no subjectAltName,
> > #   - Common Name = IPv4 domain name, IPv4 address in
> subjectAltName,
> > #   - Common Name = IPv4 address literal, no subjectAltName,
> > #   - Common Name = IPv4 address literal, IPv4 address in subjectAltName;
> > #
> > # - for the (IPv6 domain name, IPv6 address) pair, a similar set of files.
> > #
> > # Finally, the script prints some commands for the root user that are
> related
> > # to the following OVMF feature: OVMF can HTTPS boot while trusting the
> same
> > # set of CA certificates that the virt host trusts. The commands install the
> > # new CA certificate on the host (note: this should never be done in
> > # production, in spite of the CA key being discarded), and also extract all 
> > CA
> > # certs in the format that OVMF expects. (This edk2-specific extraction is
> > # normally performed by the "update-ca-trust" command, but if yours isn't
> > # up-to-date enough for that, build and install p11-kit from source, and set
> > # MY_P11_KIT_PREFIX, before invoking this script.) See
> "OvmfPkg/README" for
> > # passing the extracted CA certs to OVMF on the QEMU cmdline.
> > ##
> > set -e -u -C
> >
> > # Configuration.
> > CA_NAME=TianoCore_BZ_960_CA
> > IPV4_NAME=ipv4-server
> > IPV4_ADDR=192.168.124.2
> > IPV6_NAME=ipv6-server
> > IPV6_ADDR=fd33:eb1b:9b36::2
> >
> > # Create a temporary directory for transient files.
> > TMP_D=$(mktemp -d)
> > trap 'rm -f -r -- "$TMP_D"' EXIT
> >
> > # Set some helper variables.
> > TMP_EXT=$TMP_D/ext   # OpenSSL extensions
> > TMP_CSR=$TMP_D/csr   # certificate request
> > TMP_CA_KEY=$TMP_D/ca.key # CA key
> > TMP_CA_SRL=$TMP_D/ca.srl # CA serial number
> >
> > # Generate the CA certific

Re: [edk2-devel] [PATCH v2 4/8] CryptoPkg/Crt: satisfy "inet_pton.c" dependencies (CVE-2019-14553)

[Wu, Jiaxin]

> > Hm.
> >
> > If you're porting a whole standard C library to EDK2 then I suppose it
> > makes sense to build up all this infrastructure for it.
> >
> > But in this case when it's only the single inet_pton() function that
> > you need, perhaps it makes more sense to 'port' that one function to
> > UEFI (or just reimplement it looking like EDK2 code), instead of
> > bringing all this stuff along with it?
> 
> I didn't want to take responsibility for touching any of that code -- I
> wanted it to be a piece of the puzzle that we'd just drop in. Its coding
> style is very foreign to edk2 norms, so once we started, we wouldn't
> stop before rewriting it more or less completely. (For example it quite
> frequently consumes the values that assignment expressions evaluate to,
> which is a huge no-no in edk2, as far as I understand.) I have no
> capacity for such a rework (or additional ownership / responsibility),
> sorry.
> 
> I worked from Friday evening to Saturday ~6-7AM as my "second sprint" on
> this code and its testing, until I was satisfied with the test coverage.
> I apologize but I simply cannot repeat that. This is all I can
> contribute code-wise (and testing-wise) to fixing this issue.


Jian, 

do you think it makes sense to keep the exiting coding style of inet_pton() in 
edk2\CryptoPkg\Library\BaseCryptLib\SysCall? (Personally, I can accept that).

> 
> Thanks
> Laszlo
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#49576): https://edk2.groups.io/g/devel/message/49576
Mute This Topic: https://groups.io/mt/37952588/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 2/3] NetworkPkg/NetworkPkg.uni: Add missing strings for PCD

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 



> -Original Message-
> From: Zhang, Shenglei 
> Sent: Thursday, November 14, 2019 7:47 PM
> To: devel@edk2.groups.io
> Cc: Zhang, Shenglei ; Wu, Jiaxin
> ; Fu, Siyuan ; Rabeda, Maciej
> 
> Subject: [PATCH 2/3] NetworkPkg/NetworkPkg.uni: Add missing strings for
> PCD
> 
> From: Shenglei Zhang 
> 
> Cc: Jiaxin Wu 
> Cc: Siyuan Fu 
> Cc: Maciej Rabeda 
> Signed-off-by: Shenglei Zhang 
> ---
>  NetworkPkg/NetworkPkg.uni | 7 +++
>  1 file changed, 7 insertions(+)
> 
> diff --git a/NetworkPkg/NetworkPkg.uni b/NetworkPkg/NetworkPkg.uni
> index 19e57a4a60de..328d8cb54a6e 100644
> --- a/NetworkPkg/NetworkPkg.uni
> +++ b/NetworkPkg/NetworkPkg.uni
> @@ -61,6 +61,13 @@
>   
>  "TRUE  - Certificate
> Authentication feature is enabled.\n"
>   
>  "FALSE - Does not support
> Certificate Authentication."
> 
> +#string
> STR_gEfiNetworkPkgTokenSpaceGuid_PcdSnpCreateExitBootServicesEvent_
> PROMPT  #language en-US "Indicates whether SnpDxe creates event for
> ExitBootServices() call."
> +
> +#string
> STR_gEfiNetworkPkgTokenSpaceGuid_PcdSnpCreateExitBootServicesEvent_
> HELP  #language en-US "Indicates whether SnpDxe driver will create an
> event that will be notified\n"
> + 
> "upon gBS-
> >ExitBootServices() call.\n"
> + 
> "TRUE - Event being
> triggered upon ExitBootServices call will be created\n"
> + 
> "FALSE - Event being
> triggered upon ExitBootServices call will NOT be created"
> +
>  #string STR_gEfiNetworkPkgTokenSpaceGuid_PcdDhcp6UidType_PROMPT
> #language en-US "Type Value of Dhcp6 Unique Identifier (DUID)."
> 
>  #string STR_gEfiNetworkPkgTokenSpaceGuid_PcdDhcp6UidType_HELP
> #language en-US "IPv6 DHCP Unique Identifier (DUID) Type configuration
> (From RFCs 3315 and 6355).\n"
> --
> 2.18.0.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#50869): https://edk2.groups.io/g/devel/message/50869
Mute This Topic: https://groups.io/mt/57476157/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] Which is the proper edk2 package the EFI REST Structure DXE driver should stay with?

[Wu, Jiaxin]

Hi Abner,

I just prefer put it with REST(EX) driver. So, how about keep it under 
RedfishPkg since the REST driver will still under RedfishPkg (currently)? I 
know it's a generic and centralized driver to do the converting, but the fact 
of the matter is no other consumer except for UEFI Redfish feature, or do you 
have the real other usage cases?

In the future, based on the real usage case in UEFI, we can consider whether 
need to move that driver with the REST(EX) driver to NetworkPkg or not. What do 
you think?

Thanks,
Jiaxin




From: devel@edk2.groups.io  On Behalf Of Abner Chang
Sent: Tuesday, November 19, 2019 12:02 PM
To: Rabeda, Maciej ; devel@edk2.groups.io; Wu, Jiaxin 

Subject: Re: [edk2-devel] Which is the proper edk2 package the EFI REST 
Structure DXE driver should stay with?

Hi Maciej,
EFI REST Structure driver is designed as a generic and centralized driver for 
REST JSON payload to C structure convertors. Redfish payload in JSON format is 
one of the REST services which consumes EFI REST Structure driver for 
registering the convertor, others services could be AWS or Openstack. This 
driver is not really designed for Redfish only, although I believe Redfish is 
the only one to use this protocol. Actually, this driver mainly deals with the 
payload, less relationship to the specific REST service or underlying 
transports although HTTP is used for carrying REST payload in the most of cases.

In responding to your questions,
>>>Is REST in UEFI going to be HTTP-based or is it planned to be tied to 
>>>drivers outside of NetworkPkg?
This driver doesn't depends on transport layer.

>>>Is REST currently consumed only by Redfish or is going to be extensively 
>>>used outside that package?
Yes, this driver is current consumed by Redfish JSON to C structure drivers. 
But as mentioned above, this driver is not only for Redfish, could be 
extensively used by other REST services.

>>> I believe that, by default, REST driver build will be controlled by a 
>>> separate flag and disabled by default...
Yes, this driver is not necessary to be built as default. this driver could be 
pulled into build with the convertors according to the demand of platform.

Actually, neither RedfishPkg nor NetworkPkg are ideal packages to own EFI REST 
Structure driver IMO. My thought to put this driver in NetworkPkg is just 
because "REST" related driver is mentioned in Network Protocols in UEFI spec. 
Which I feel more comfortable than put this driver in RedfishPkg.
However, I don't have preference on this. We can keep this driver in RedfishPkg 
if one or more people think we should let this driver goes to RedfishPkg :).

Yep, what's your opinion Jiaxin?

Thanks
Abner


From: Rabeda, Maciej [mailto:maciej.rab...@intel.com]
Sent: Monday, November 18, 2019 5:52 PM
To: devel@edk2.groups.io<mailto:devel@edk2.groups.io>; Chang, Abner (HPS SW/FW 
Technologist) mailto:abner.ch...@hpe.com>>; Wu, Jiaxin 
mailto:jiaxin...@intel.com>>
Subject: RE: Which is the proper edk2 package the EFI REST Structure DXE driver 
should stay with?

Hi Abner,

REST as a more generic network API and could possibly be placed in NetworkPkg.
My concerns are:
Is REST in UEFI going to be HTTP-based or is it planned to be tied to drivers 
outside of NetworkPkg?
If it is going to be more generic, I do not think that it is a 
good idea to tie it with other network drivers within NetworkPkg

Is REST currently consumed only by Redfish or is going to be extensively used 
outside that package?
Even if it is HTTP-based, question of maintenance arises. If Redfish is the 
only consumer of REST API, I would leave it within RedfishPkg so that 
Redfish+REST could be treated as a whole solution by the package maintainer.

In case REST is planned to be used outside of RedfishPkg, it could be added to 
NetworkPkg with some extra work.
I believe that, by default, REST driver build will be controlled by a separate 
flag and disabled by default (no need for it in regular network stack use cases 
like PXE/iSCSI/HTTP boot).
Additionally, if REST DXE build is requested, one would have to ensure that 
dependant drivers like HttpDxe will be included and built within NetworkPkg and 
outside of it (by consumers like OvmfPkg).
For example: there is a preprocessor mechanism used in 
NetworkPkg/NetworkDefines.dsc.inc to throw a compiler error in case TLS is not 
included if HTTPS support is requested.

Jiaxin,

What do you think?

Thanks,
Maciej



From: devel@edk2.groups.io<mailto:devel@edk2.groups.io> 
mailto:devel@edk2.groups.io>> On Behalf Of Abner Chang
Sent: Thursday, November 14, 2019 17:10
To: devel@edk2.groups.io<mailto:devel@edk2.groups.io>
Subject: [edk2-devel] Which is the proper edk2 package the EFI REST Structure 
DXE driver should stay with?

Hi all,
I would like to get your suggestion with regard to the suitable edk2 package 
for EFI RE

Re: [edk2-devel] [PATCH v1 1/1] NetworkPkg: Fixes to static code analysis hits

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 


> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Maciej
> Rabeda
> Sent: Thursday, November 28, 2019 10:46 PM
> To: devel@edk2.groups.io
> Cc: Wu, Jiaxin ; Fu, Siyuan 
> Subject: [edk2-devel] [PATCH v1 1/1] NetworkPkg: Fixes to static code
> analysis hits
> 
> Introducing fixes to memory leak issues identified by static code analysis
> tool.
> 
> Cc: Jiaxin Wu 
> Cc: Siyuan Fu 
> Signed-off-by: Maciej Rabeda 
> ---
>  NetworkPkg/Dhcp6Dxe/Dhcp6Io.c | 1 +
>  NetworkPkg/Ip4Dxe/Ip4If.c | 6 +-
>  NetworkPkg/TcpDxe/TcpDispatcher.c | 1 +
>  3 files changed, 7 insertions(+), 1 deletion(-)
> 
> diff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
> b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
> index 4f8393cb36ce..613b42149cc1 100644
> --- a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
> +++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
> @@ -203,6 +203,7 @@ Dhcp6EnqueueRetry (
>  //
> 
>  // Unexpected message type.
> 
>  //
> 
> +FreePool(TxCb);
> 
>  return EFI_DEVICE_ERROR;
> 
>}
> 
> 
> 
> diff --git a/NetworkPkg/Ip4Dxe/Ip4If.c b/NetworkPkg/Ip4Dxe/Ip4If.c
> index 53a333037f94..348f2e076aed 100644
> --- a/NetworkPkg/Ip4Dxe/Ip4If.c
> +++ b/NetworkPkg/Ip4Dxe/Ip4If.c
> @@ -491,9 +491,13 @@ Ip4CreateInterface (
>IP4_INTERFACE *Interface;
> 
>EFI_SIMPLE_NETWORK_MODE   SnpMode;
> 
> 
> 
> +  if (Mnp == NULL) {
> 
> +return NULL;
> 
> +  }
> 
> +
> 
>Interface = AllocatePool (sizeof (IP4_INTERFACE));
> 
> 
> 
> -  if ((Interface == NULL) || (Mnp == NULL)) {
> 
> +  if (Interface == NULL) {
> 
>  return NULL;
> 
>}
> 
> 
> 
> diff --git a/NetworkPkg/TcpDxe/TcpDispatcher.c
> b/NetworkPkg/TcpDxe/TcpDispatcher.c
> index 86beaf8cc513..9ae08ccc1c56 100644
> --- a/NetworkPkg/TcpDxe/TcpDispatcher.c
> +++ b/NetworkPkg/TcpDxe/TcpDispatcher.c
> @@ -390,6 +390,7 @@ TcpAttachPcb (
>);
> 
>if (EFI_ERROR (Status)) {
> 
>  IpIoRemoveIp (IpIo, Tcb->IpInfo);
> 
> +FreePool (Tcb);
> 
>  return Status;
> 
>}
> 
> 
> 
> --
> 2.24.0.windows.2
> 
> 
> -=-=-=-=-=-=
> Groups.io Links: You receive all messages sent to this group.
> 
> View/Reply Online (#51464): https://edk2.groups.io/g/devel/message/51464
> Mute This Topic: https://groups.io/mt/64137254/1787330
> Group Owner: devel+ow...@edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub  [jiaxin...@intel.com]
> -=-=-=-=-=-=


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#51480): https://edk2.groups.io/g/devel/message/51480
Mute This Topic: https://groups.io/mt/64137254/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

[Wu, Jiaxin]

Hi David,

I just realized you have the comments on Bugzilla 960: 

>"...given that testing is failing and code inspection shows it would never 
>have been expected to work."

Do you mean you didn't pass the verification if URLs with IPv6 literals 
(https://[2001:8b0:10b:1236::1]/)?  Can you also show me where the code 
inspection indicated it would never have been expected to work? We do pass the 
testing for the URLs with IPv6 if the CN or SAN in certificate has the 
corresponding IPv6 address (at least working with openssl 1.1.0). 

For the series patches here, we are intending to support the host name 
validation, I think we can commit the series patches since we pass the 
verification of IPV6 URL, what do you think?

Thanks,
Jiaxin

> -Original Message-
> From: David Woodhouse 
> Sent: Tuesday, October 1, 2019 5:02 PM
> To: Laszlo Ersek ; devel@edk2.groups.io; Wang, Jian J
> ; Wu, Jiaxin ; Bret Barkelew
> 
> Subject: Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName
> validation feature(CVE-2019-14553)
> 
> On Tue, 2019-10-01 at 01:21 +0200, Laszlo Ersek wrote:
> > On 09/29/19 08:09, Wang, Jian J wrote:
> > > For this patch series,
> > > 1. " Contributed-under: TianoCore Contribution Agreement 1.1" is not
> needed any more.
> > >   Remove it at push time and no need to send a v2.
> > > 2. Since it's security patch which had been reviewed separately, I see no
> reason for new r-b
> > >   required. Please raise it asap if any objections.
> > > 3. Acked-by: Jian J Wang 
> >
> >
> > * Can you please confirm that these patches match those that we
> > discussed here:
> >
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c18
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c19
> >
> >
> > * In the BZ, David and Bret raised some questions:
> >
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c31
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c32
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c35
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c36
> >
> > and
> >
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c40
> >
> > The latest comment in the bug is c#41. I'm not under the impression that
> > all concerns raised by David and Bret have been addressed (or
> > abandoned). I'd like David and Bret to ACK the patches.
> 
> I do not believe my comment #35 has been addressed, nor the requested
> testing performed.

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#48547): https://edk2.groups.io/g/devel/message/48547
Mute This Topic: https://groups.io/mt/34307578/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

[Wu, Jiaxin]

Hi  Laszlo,

Thanks the comments.

Best Regards!
Jiaxin  

> -Original Message-
> From: Laszlo Ersek 
> Sent: Wednesday, October 9, 2019 11:55 PM
> To: devel@edk2.groups.io; Wang, Jian J ; Wu, Jiaxin
> ; David Woodhouse ; Bret
> Barkelew 
> Subject: Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName
> validation feature(CVE-2019-14553)
> 
> On 10/01/19 01:21, Laszlo Ersek wrote:
> > On 09/29/19 08:09, Wang, Jian J wrote:
> >> For this patch series,
> >> 1. " Contributed-under: TianoCore Contribution Agreement 1.1" is not
> needed any more.
> >>   Remove it at push time and no need to send a v2.
> >> 2. Since it's security patch which had been reviewed separately, I see no
> reason for new r-b
> >>   required. Please raise it asap if any objections.
> >> 3. Acked-by: Jian J Wang 
> >
> >
> > * Can you please confirm that these patches match those that we
> > discussed here:
> >
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c18
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c19
> 
> To answer my own question, I've now compared the patches from those BZ
> comments linked above, with the present series. Here's a list of
> differences.
> 
> (1) The subject lines now include the reference "(CVE-2019-14553)".
> 
> This is great, *but* please be sure to insert a space character before
> the opening parenthesis! (In every patch.)
> 
> (2) The commit messages reference both the BZ and the CVE number.
> 
> Good.
> 
> (3) In the commit messages, the line
> 
>   Contributed-under: TianoCore Contribution Agreement 1.0
> 
> has been upgraded to
> 
>   Contributed-under: TianoCore Contribution Agreement 1.1
> 
> I think this is wrong. The lines should have been removed, due to the
> SPDX adoption. Please update all the commit messages.
> 
> (4) Copyright notice updates are gone from the patches.
> 
> That's fine: the reason is that the underlying files have seen their
> copyright notices updated, meanwhile.
> 
> 
> Otherwise, the patches (code, commit messages, and feedback tags) are
> identical.
> 
> Before you push the patches (or post a v2), please fix issues (1) and (3).
> 
> Now, regarding the other set of questions:
> 
> > * In the BZ, David and Bret raised some questions:
> >
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c31
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c32
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c35
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c36
> >
> > and
> >
> > https://bugzilla.tianocore.org/show_bug.cgi?id=960#c40
> >
> > The latest comment in the bug is c#41. I'm not under the impression that
> > all concerns raised by David and Bret have been addressed (or
> > abandoned). I'd like David and Bret to ACK the patches.
> 
> I'll first have to process the new comments down-thread.
> 
> Thanks
> Laszlo

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#48684): https://edk2.groups.io/g/devel/message/48684
Mute This Topic: https://groups.io/mt/34307578/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

[Wu, Jiaxin]

> 
> I have not tested this, but I started looking when there was a message
> on the edk2 list from someone who was reporting that it didn't work for
> IPv6 URIs, IIRC.
> 
> You are using SSL_set1_host(), and I believe you're just passing in the
> bare hostname part of the URI, be it "1.2.3.4" or "[2001:8b0:10b::5]".

Here, I want to highlight is that UEFI TLS only provides the *HostName* 
verification interface to upper driver (HttpDxe), not the IP/email verification 
capability. Please refer to UEFI Spec2.8 section 28.10.2: 
"...TLS session hostname for validation which is used to verify whether the 
name within the peer certificate matches a given host name..." 
In upper UEFI HTTP driver, we get the hostname from URI directly no matter it's 
the real FQDN (www.xxx.com) or IP address format string (1.2.3.4 or 
2001:8b0:10b::5 (not "[2001:8b0:10b::5])), and set it to the TLS hostname filed 
via the interface -- EFI_TLS_VERIFY_HOST. That's implementation choice for 
HttpDxe to achieve the HTTPS HostName validation feature by following the 
standard TLS HostName verification capability.
  
> 
> That just adds it to the 'hosts' list in the X509_VERIFY_PARAM for the
> SSL connection.

Yes.

> 
> In the check_hosts() function in openssl/crypto/x509/v509_vfy.c, the
> code simply iterates over the members of that list, calling
> X509_check_host() for each one. It never calls X509_check_ip().

Yes.

> 
> If you look in openssl/crypto/x509/v3_utl.c you can see the
> X509_check_host() really does only check hostnames. 

Yes.

> You'd need to call X509_check_ip_asc() to check hostnames. And something 
> would need to
> have stripped the [] which surround an IPv6 literal.
> 

Disagree, why need check the IP here since we only focus on the hostname 
verification? For HttpDxe driver, it's the implementation choice to treat the 
IP in URI as hostname string format. As I said before in the email, if the CN 
or SAN (Seems only in X509 V3) in the certificate are set correctly, it should 
be OK to pass the verification. Laszlo and I already have verified that.

> I can't see how this can work. Have you tested it since the report on
> the list that it wasn't working?
> 

Sorry, I can't remember there is any failure of Ipv6 URI reported from edk2. If 
you can find it, that will be better.

> cf. https://github.com/openssl/openssl/pull/9201 which is being ignored
> by the OpenSSL developers — OpenSSL really doesn't make life easy for
> you here, which is a shame.
> 
> 
> > For the series patches here, we are intending to support the host
> > name validation, I think we can commit the series patches since we
> > pass the verification of IPV6 URL, what do you think?
> 
> If it passes the verification of IPv6 literals, then all my analysis is
> broken and so was the report on the list that prompted me to start
> looking (or I'm misremembering that report). In that case, sure, go
> ahead and commit.
> 
> > Thanks,
> > Jiaxin


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#48683): https://edk2.groups.io/g/devel/message/48683
Mute This Topic: https://groups.io/mt/34307578/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

[Wu, Jiaxin]

Hi Laszlo & David,

I think I have *repeated* several times that we are targeting to fix the 
HostName validation issue, not the IP or email address. *But* even so,  the 
series patches for UEFI TLS is also allowable to specify IP as host name for CN 
or dNSName of SAN in the certificate. That's why I said "if the CN or SAN in 
the certificate are set correctly, it should be OK to pass the verification". 
The failure you mentioned here is to set the IP in iPAddress of SAN, I agree 
it's the routine and suggested setting, *but* obviously, it's not the target we 
are supported according the implementation/description of TlsSetVerifyHost. We 
are targeting to the hostname verification, and meanwhile compatible with the 
IP in the URI (But need the *correct* certificate setting).

IP addresses stored in the DNS names and CN are of cause ignored by 
X509_check_ip & X509_check_ip_asc().

Post my explain again: 
> UEFI TLS only provides the *HostName* verification interface to upper driver 
> (HttpDxe), 
> not the IP/email verification capability. Please refer to UEFI Spec2.8 
> section 28.10.2: 
>"...TLS session hostname for validation which is used to verify whether 
> the name 
> within the peer certificate matches a given host name..." 
> In upper UEFI HTTP driver, we get the hostname from URI directly no matter 
> it's the real 
> FQDN (www.xxx.com) or IP address format string (1.2.3.4 or 2001:8b0:10b::5 
> (not "[2001:8b0:10b::5])), 
> and set it to the TLS hostname filed via the interface -- 
> EFI_TLS_VERIFY_HOST. 
> That's implementation choice for HttpDxe to achieve the HTTPS HostName 
> validation feature 
> by following the standard TLS HostName verification capability.

Now, let's talking the iPAddress setting in SAN (same as email address),  if 
you do need such feature that verify the IP in X509_check_ip & 
X509_check_ip_asc , please report new Bugzilla (need TLS Spec update the expose 
the setting interface), don't mix up the HTTPS hostname verification here.

Thanks,
Jiaxin 





> -Original Message-
> From: Laszlo Ersek 
> Sent: Friday, October 11, 2019 2:04 AM
> To: David Woodhouse ; Wu, Jiaxin
> ; devel@edk2.groups.io; Wang, Jian J
> ; Bret Barkelew 
> Cc: Richard Levitte 
> Subject: Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName
> validation feature(CVE-2019-14553)
> 
> On 10/10/19 17:45, David Woodhouse wrote:
> > On Thu, 2019-10-10 at 10:00 +0200, Laszlo Ersek wrote:
> >>>  Subject: C=HU, ST=Pest, L=Budapest, O=Laszlo Ersek Home Office,
> OU=IPv6 cert, CN=fd33:eb1b:9b36::2
> >
> > Yeah, you're not actually testing the case I'm talking about. You want
> > a GEN_IP in the x509v3 Subject Alternative Name.
> >
> > Compare with...
> >
> > $ openssl s_client  -connect vpn-i-ha01.intel.com:443 2>/dev/null | openssl
> x509 -noout -text  | grep -A1 Alternative
> > X509v3 Subject Alternative Name:
> > DNS:vpn-int.intel.com, DNS:scsidcint01-a.intel.com, IP
> Address:134.191.232.101
> >
> > $ curl https://134.191.232.101/
> >
> 
> OK, thank you.
> 
> I can imagine two failure modes, with the patches applied.
> 
> (1) Edk2 ignores the GEN_IP in the SAN, and rejects a matching server
> certificate.
> 
> (2) Edk2 is confused by the GEN_IP in the SAN, and accepts an invalid
> (mismatched) server certificate.
> 
> Can we tell which failure mode applies?
> 
> (I can't test it easily myself, as I don't even know how to create a
> server certificate with a SAN -- any kind of SAN, let alone GEN_IP.)
> 
> Case (2) is clearly bad, and it would be a sign that the patch series
> does not fully fix the issue.
> 
> Case (1) would be tolerable, in my opinion. I assume a GEN_IP SAN is
> pretty rare in practice. Thus regressing it (perhaps temporarily) should
> be an acceptable trade-off for fixing the current gaping hole (= subject
> name not checked at all).
> 
> Thanks
> Laszlo

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#48777): https://edk2.groups.io/g/devel/message/48777
Mute This Topic: https://groups.io/mt/34307578/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] reg: HTTPS Certificate Update

[Wu, Jiaxin]

Hi Siva,

I agree we should continue the next certificates configuration even the current 
one is invalid (since we already have the sanity check before the setting).

Please report one Bugzilla for the issue.

Maciej, can you help fix on that?

Thanks,
Jiaxin

From: Sivaraman Nainar 
Sent: Friday, December 20, 2019 12:16 PM
To: devel@edk2.groups.io; Wu, Jiaxin ; Fu, Siyuan 

Cc: Madhan B. Santharam ; Arun Subramanian B 
; Arun Sura Soundara Pandian 
; Bhuvaneshwari M R 
Subject: RE: reg: HTTPS Certificate Update

Hello Jiaxin / Siyuan:

Would you please feedback on this.

-Siva
From: Sivaraman Nainar
Sent: Monday, December 16, 2019 4:42 PM
To: 'devel@edk2.groups.io'; 'Wu, Jiaxin'; 'Fu, Siyuan'
Cc: Madhan B. Santharam; Arun Subramanian B; Arun Sura Soundara Pandian; 
Bhuvaneshwari M R
Subject: reg: HTTPS Certificate Update

Hello All:

Need clarification on the Certificate Validation Procedure used in HTTP Boot.

The certificate parsing done at HttpDxe in file HttpsSupport.c in the function 
TlsConfigCertificate().

The below code snippet is TlsSetSessionData call for each certificate data.

  while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof 
(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
CertCount  = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - 
CertList->SignatureHeaderSize) / CertList->SignatureSize;
for (Index = 0; Index < CertCount; Index++) {
  //
  // EfiTlsConfigDataTypeCACertificate
  //
  Status = HttpInstance->TlsConfiguration->SetData (
 HttpInstance->TlsConfiguration,
 
EfiTlsConfigDataTypeCACertificate,
 Cert->SignatureData,
 CertList->SignatureSize - 
sizeof (Cert->SignatureOwner)
 );
  if (EFI_ERROR (Status)) {
goto FreeCACert;
  }
  Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);
}
ItemDataSize -= CertList->SignatureListSize;
CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + 
CertList->SignatureListSize);
  }

In the attached code, once an invalid certificate of available certificates Set 
via TLS, if its failed the code does not post further certificates even those 
could be valid certificates.

Is the code is purposefully done? May we know the expected behavior of the code.

-Siva

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#52458): https://edk2.groups.io/g/devel/message/52458
Mute This Topic: https://groups.io/mt/68724546/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] Maintainers.txt: Update reviewer email address

[Wu, Jiaxin]

Hi Maciej,

I think now you can update you as one of NetworkPkg maintainers, if so, you can 
get the edk2 repo write privilege, which can facility your future contribution. 
I will still keep the maintainer role until next month. After that, both Siyuan 
and I will be reviewer, so, we can still help the technical review/support. 

If no objection, just do that:).

Thanks,
Jiaxin

> -Original Message-
> From: Maciej Rabeda 
> Sent: Saturday, December 7, 2019 12:29 AM
> To: devel@edk2.groups.io
> Cc: Wu, Jiaxin ; Fu, Siyuan 
> Subject: [PATCH] Maintainers.txt: Update reviewer email address
> 
> Created new email account that will not append legal disclaimers to
> my responses/patches.
> 
> Cc: Jiaxin Wu 
> Cc: Siyuan Fu 
> Signed-off-by: Maciej Rabeda 
> ---
>  Maintainers.txt | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/Maintainers.txt b/Maintainers.txt
> index 180ad35d0976..246583204139 100644
> --- a/Maintainers.txt
> +++ b/Maintainers.txt
> @@ -379,7 +379,7 @@ F: NetworkPkg/
>  W: https://github.com/tianocore/tianocore.github.io/wiki/NetworkPkg
> 
>  M: Jiaxin Wu 
> 
>  R: Siyuan Fu 
> 
> -R: Maciej Rabeda 
> 
> +R: Maciej Rabeda 
> 
> 
> 
>  OvmfPkg
> 
>  F: OvmfPkg/
> 
> --
> 2.24.0.windows.2


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#52068): https://edk2.groups.io/g/devel/message/52068
Mute This Topic: https://groups.io/mt/67501831/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1] Maintainers.txt: Change NetworkPkg maintainer role.

[Wu, Jiaxin]

Change Jiaxin Wu from Maintainer to Reviewer.

Cc: Maciej Rabeda 
Cc: Siyuan Fu 
Signed-off-by: Jiaxin Wu 
---
 Maintainers.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Maintainers.txt b/Maintainers.txt
index ca9da28925..00b46a4884 100644
--- a/Maintainers.txt
+++ b/Maintainers.txt
@@ -375,12 +375,12 @@ M: Michael D Kinney 
 M: Liming Gao 
 
 NetworkPkg
 F: NetworkPkg/
 W: https://github.com/tianocore/tianocore.github.io/wiki/NetworkPkg
-M: Jiaxin Wu 
 M: Maciej Rabeda 
+R: Jiaxin Wu 
 R: Siyuan Fu 
 
 OvmfPkg
 F: OvmfPkg/
 W: http://www.tianocore.org/ovmf/
-- 
2.16.2.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53842): https://edk2.groups.io/g/devel/message/53842
Mute This Topic: https://groups.io/mt/71016468/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1] MdeModulePkg/Ip4Dxe: Check the received package length (CVE-2019-14559).

[Wu, Jiaxin]

Thanks liming, already corrected in V2.

> -Original Message-
> From: Gao, Liming 
> Sent: Monday, February 17, 2020 10:27 PM
> To: devel@edk2.groups.io; ler...@redhat.com; Wu, Jiaxin
> 
> Cc: Fu, Siyuan ; Maciej Rabeda
> ; Armour, Nicholas
> 
> Subject: RE: [edk2-devel] [PATCH v1] MdeModulePkg/Ip4Dxe: Check the
> received package length (CVE-2019-14559).
> 
> Another minor comment. Ip4Dxe is moved into NetworkPkg. So, the patch
> title should be NetworkPkg/Ip4Dxe.
> 
> Thanks
> Liming
> > -Original Message-
> > From: devel@edk2.groups.io  On Behalf Of Laszlo
> Ersek
> > Sent: Monday, February 17, 2020 6:40 PM
> > To: devel@edk2.groups.io; Wu, Jiaxin 
> > Cc: Fu, Siyuan ; Maciej Rabeda
> ; Armour, Nicholas
> 
> > Subject: Re: [edk2-devel] [PATCH v1] MdeModulePkg/Ip4Dxe: Check the
> received package length (CVE-2019-14559).
> >
> > On 02/17/20 08:43, Wu, Jiaxin wrote:
> > > This patch is to check the received package length to make sure the
> package
> > > has a valid length field.
> > >
> > > Cc: Fu Siyuan 
> > > Cc: Maciej Rabeda 
> > > Signed-off-by: Wu Jiaxin 
> > > Reviewed-by: Siyuan Fu 
> > > ---
> > >  NetworkPkg/Ip4Dxe/Ip4Input.c | 46
> +++-
> > >  1 file changed, 37 insertions(+), 9 deletions(-)
> >
> > There are two patches on the list for CVE-2019-14559:
> >
> > - [edk2-devel] [PATCH v1] MdeModulePkg/Ip4Dxe: Check the received
> package length (CVE-2019-14559).
> > - [edk2-devel] [PATCH 1/1] NetworkPkg/ArpDxe: Recycle invalid ARP
> packets(CVE-2019-14559).
> >
> > sent by different submitters.
> >
> > How do they relate to each other?
> >
> > Also, while Nick's patch mentions TianoCore#2031, the current patch
> doesn't include a BZ link. Is the current patch for TianoCore#2032?
> > (Per <https://bugzilla.tianocore.org/show_bug.cgi?id=2032#c8>, both BZs
> share the same CVE ID.)
> >
> > Also, I remain confused (with comment 11 being the latest one, as of this
> time, in TianoCore#2032), whether the issue affects IPv4 only,
> > IPv6 only, or both. This patch is only for IPv4, apparently.
> >
> > If the present patch is related to TianoCore#2032, then please add a mailing
> list archive link to the BZ, and move the BZ to IN_PROGRESS
> > status.
> >
> > Laszlo
> >
> > >
> > > diff --git a/NetworkPkg/Ip4Dxe/Ip4Input.c
> b/NetworkPkg/Ip4Dxe/Ip4Input.c
> > > index fec242c71f..95fbd01d05 100644
> > > --- a/NetworkPkg/Ip4Dxe/Ip4Input.c
> > > +++ b/NetworkPkg/Ip4Dxe/Ip4Input.c
> > > @@ -1,9 +1,9 @@
> > >  /** @file
> > >IP4 input process.
> > >
> > > -Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.
> > > +Copyright (c) 2005 - 2020, Intel Corporation. All rights reserved.
> > >  (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
> > >
> > >  SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > >  **/
> > > @@ -709,14 +709,10 @@ Ip4PreProcessPacket (
> > >UINT16Checksum;
> > >
> > >//
> > >// Check if the IP4 header is correctly formatted.
> > >//
> > > -  if ((*Packet)->TotalSize < IP4_MIN_HEADLEN) {
> > > -return EFI_INVALID_PARAMETER;
> > > -  }
> > > -
> > >HeadLen  = (Head->HeadLen << 2);
> > >TotalLen = NTOHS (Head->TotalLen);
> > >
> > >//
> > >// Mnp may deliver frame trailer sequence up, trim it off.
> > > @@ -806,10 +802,34 @@ Ip4PreProcessPacket (
> > >}
> > >
> > >return EFI_SUCCESS;
> > >  }
> > >
> > > +/**
> > > +  This function checks the IPv4 packet length.
> > > +
> > > +  @param[in]   Packet  Pointer to the IPv4 Packet to be 
> > > checked.
> > > +
> > > +  @retval TRUE   The input IPv4 packet length is valid.
> > > +  @retval FALSE  The input IPv4 packet length is invalid.
> > > +
> > > +**/
> > > +BOOLEAN
> > > +Ip4IsValidPacketLength (
> > > +  IN NET_BUF*Packet
> > > +  )
> > > +{
> > > +  //
> > > +  // Check the IP4 packet length.
> > > +  //
> > > +  if (Packet->TotalSize < IP4_MIN_HEADLEN) {
> > > +return FALSE;
> > > +  }
> > > +
> > > +  return TRUE;
> > > 

Re: [edk2-devel] [PATCH v1] MdeModulePkg/Ip4Dxe: Check the received package length (CVE-2019-14559).

[Wu, Jiaxin]

Hi Laszlo,

Thanks the comments. I have updated the patch to v2.

BZ link is https://bugzilla.tianocore.org/show_bug.cgi?id=1610. According 
comment 7, the CVE number is CVE-2019-14559 (share with BZ2031).

I guess they are produced by the same test environment. So, they are sharing 
the same CVE number. It's the same case for BZ2032.

Jian, please correct me if not right.

Thanks,
Jiaxin

> 
> There are two patches on the list for CVE-2019-14559:
> 
> - [edk2-devel] [PATCH v1] MdeModulePkg/Ip4Dxe: Check the received
> package length (CVE-2019-14559).
> - [edk2-devel] [PATCH 1/1] NetworkPkg/ArpDxe: Recycle invalid ARP
> packets(CVE-2019-14559).
> 
> sent by different submitters.
> 
> How do they relate to each other?
> 
> Also, while Nick's patch mentions TianoCore#2031, the current patch doesn't
> include a BZ link. Is the current patch for TianoCore#2032? (Per
> , both BZs share
> the same CVE ID.)
> 
> Also, I remain confused (with comment 11 being the latest one, as of this
> time, in TianoCore#2032), whether the issue affects IPv4 only, IPv6 only, or
> both. This patch is only for IPv4, apparently.
> 
> If the present patch is related to TianoCore#2032, then please add a mailing
> list archive link to the BZ, and move the BZ to IN_PROGRESS status.
> 
> Laszlo
> 
> >
> > diff --git a/NetworkPkg/Ip4Dxe/Ip4Input.c
> b/NetworkPkg/Ip4Dxe/Ip4Input.c
> > index fec242c71f..95fbd01d05 100644
> > --- a/NetworkPkg/Ip4Dxe/Ip4Input.c
> > +++ b/NetworkPkg/Ip4Dxe/Ip4Input.c
> > @@ -1,9 +1,9 @@
> >  /** @file
> >IP4 input process.
> >
> > -Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.
> > +Copyright (c) 2005 - 2020, Intel Corporation. All rights reserved.
> >  (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
> >
> >  SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> >  **/
> > @@ -709,14 +709,10 @@ Ip4PreProcessPacket (
> >UINT16Checksum;
> >
> >//
> >// Check if the IP4 header is correctly formatted.
> >//
> > -  if ((*Packet)->TotalSize < IP4_MIN_HEADLEN) {
> > -return EFI_INVALID_PARAMETER;
> > -  }
> > -
> >HeadLen  = (Head->HeadLen << 2);
> >TotalLen = NTOHS (Head->TotalLen);
> >
> >//
> >// Mnp may deliver frame trailer sequence up, trim it off.
> > @@ -806,10 +802,34 @@ Ip4PreProcessPacket (
> >}
> >
> >return EFI_SUCCESS;
> >  }
> >
> > +/**
> > +  This function checks the IPv4 packet length.
> > +
> > +  @param[in]   Packet  Pointer to the IPv4 Packet to be 
> > checked.
> > +
> > +  @retval TRUE   The input IPv4 packet length is valid.
> > +  @retval FALSE  The input IPv4 packet length is invalid.
> > +
> > +**/
> > +BOOLEAN
> > +Ip4IsValidPacketLength (
> > +  IN NET_BUF*Packet
> > +  )
> > +{
> > +  //
> > +  // Check the IP4 packet length.
> > +  //
> > +  if (Packet->TotalSize < IP4_MIN_HEADLEN) {
> > +return FALSE;
> > +  }
> > +
> > +  return TRUE;
> > +}
> > +
> >  /**
> >The IP4 input routine. It is called by the IP4_INTERFACE when a
> >IP4 fragment is received from MNP.
> >
> >@param[in]  Ip4InstanceThe IP4 child that request the receive, 
> > most
> like
> > @@ -842,10 +862,14 @@ Ip4AccpetFrame (
> >
> >if (EFI_ERROR (IoStatus) || (IpSb->State == IP4_SERVICE_DESTROY)) {
> >  goto DROP;
> >}
> >
> > +  if (!Ip4IsValidPacketLength (Packet)) {
> > +goto RESTART;
> > +  }
> > +
> >Head  = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);
> >ASSERT (Head != NULL);
> >OptionLen = (Head->HeadLen << 2) - IP4_MIN_HEADLEN;
> >if (OptionLen > 0) {
> >  Option = (UINT8 *) (Head + 1);
> > @@ -888,14 +912,18 @@ Ip4AccpetFrame (
> >//
> >// If the packet is protected by tunnel mode, parse the inner Ip Packet.
> >//
> >ZeroMem (, sizeof (IP4_HEAD));
> >if (0 == CompareMem (Head, , sizeof (IP4_HEAD))) {
> > -  // Packet may have been changed. Head, HeadLen, TotalLen, and
> > -  // info must be reloaded before use. The ownership of the packet
> > -  // is transferred to the packet process logic.
> > -  //
> > +// Packet may have been changed. Head, HeadLen, TotalLen, and
> > +// info must be reloaded before use. The ownership of the packet
> > +// is transferred to the packet process logic.
> > +//
> > +if (!Ip4IsValidPacketLength (Packet)) {
> > +  goto RESTART;
> > +}
> > +
> >  Head = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);
> >  ASSERT (Head != NULL);
> >  Status = Ip4PreProcessPacket (
> > IpSb,
> > ,
> >


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#54563): https://edk2.groups.io/g/devel/message/54563
Mute This Topic: https://groups.io/mt/71345472/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]

[edk2-devel] [PATCH v2] NetworkPkg/Ip4Dxe: Check the received package length (CVE-2019-14559).

[Wu, Jiaxin]

V2: correct the commit message & add BZ number.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1610

This patch is to check the received package length to make sure the package
has a valid length field.

Cc: Fu Siyuan 
Cc: Maciej Rabeda 
Signed-off-by: Wu Jiaxin 
---
 NetworkPkg/Ip4Dxe/Ip4Input.c | 46 +++-
 1 file changed, 37 insertions(+), 9 deletions(-)

diff --git a/NetworkPkg/Ip4Dxe/Ip4Input.c b/NetworkPkg/Ip4Dxe/Ip4Input.c
index fec242c71f..95fbd01d05 100644
--- a/NetworkPkg/Ip4Dxe/Ip4Input.c
+++ b/NetworkPkg/Ip4Dxe/Ip4Input.c
@@ -1,9 +1,9 @@
 /** @file
   IP4 input process.
 
-Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2020, Intel Corporation. All rights reserved.
 (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
 
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -709,14 +709,10 @@ Ip4PreProcessPacket (
   UINT16Checksum;
 
   //
   // Check if the IP4 header is correctly formatted.
   //
-  if ((*Packet)->TotalSize < IP4_MIN_HEADLEN) {
-return EFI_INVALID_PARAMETER;
-  }
-
   HeadLen  = (Head->HeadLen << 2);
   TotalLen = NTOHS (Head->TotalLen);
 
   //
   // Mnp may deliver frame trailer sequence up, trim it off.
@@ -806,10 +802,34 @@ Ip4PreProcessPacket (
   }
 
   return EFI_SUCCESS;
 }
 
+/**
+  This function checks the IPv4 packet length.
+
+  @param[in]   Packet  Pointer to the IPv4 Packet to be checked.
+
+  @retval TRUE   The input IPv4 packet length is valid.
+  @retval FALSE  The input IPv4 packet length is invalid.
+
+**/
+BOOLEAN
+Ip4IsValidPacketLength (
+  IN NET_BUF*Packet
+  )
+{
+  //
+  // Check the IP4 packet length.
+  //
+  if (Packet->TotalSize < IP4_MIN_HEADLEN) {
+return FALSE;
+  }
+
+  return TRUE;
+}
+
 /**
   The IP4 input routine. It is called by the IP4_INTERFACE when a
   IP4 fragment is received from MNP.
 
   @param[in]  Ip4InstanceThe IP4 child that request the receive, most 
like
@@ -842,10 +862,14 @@ Ip4AccpetFrame (
 
   if (EFI_ERROR (IoStatus) || (IpSb->State == IP4_SERVICE_DESTROY)) {
 goto DROP;
   }
 
+  if (!Ip4IsValidPacketLength (Packet)) {
+goto RESTART;
+  }
+
   Head  = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);
   ASSERT (Head != NULL);
   OptionLen = (Head->HeadLen << 2) - IP4_MIN_HEADLEN;
   if (OptionLen > 0) {
 Option = (UINT8 *) (Head + 1);
@@ -888,14 +912,18 @@ Ip4AccpetFrame (
   //
   // If the packet is protected by tunnel mode, parse the inner Ip Packet.
   //
   ZeroMem (, sizeof (IP4_HEAD));
   if (0 == CompareMem (Head, , sizeof (IP4_HEAD))) {
-  // Packet may have been changed. Head, HeadLen, TotalLen, and
-  // info must be reloaded before use. The ownership of the packet
-  // is transferred to the packet process logic.
-  //
+// Packet may have been changed. Head, HeadLen, TotalLen, and
+// info must be reloaded before use. The ownership of the packet
+// is transferred to the packet process logic.
+//
+if (!Ip4IsValidPacketLength (Packet)) {
+  goto RESTART;
+}
+
 Head = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);
 ASSERT (Head != NULL);
 Status = Ip4PreProcessPacket (
IpSb,
,
-- 
2.16.2.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#54562): https://edk2.groups.io/g/devel/message/54562
Mute This Topic: https://groups.io/mt/71359594/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v3] NetworkPkg/Ip4Dxe: Check the received package length (CVE-2019-14559).

[Wu, Jiaxin]

v3: correct the coding style.
v2: correct the commit message & add BZ number.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1610

This patch is to check the received package length to make sure the package
has a valid length field.

Cc: Fu Siyuan 
Cc: Maciej Rabeda 
Signed-off-by: Wu Jiaxin 
---
 NetworkPkg/Ip4Dxe/Ip4Input.c | 46 +++-
 1 file changed, 37 insertions(+), 9 deletions(-)

diff --git a/NetworkPkg/Ip4Dxe/Ip4Input.c b/NetworkPkg/Ip4Dxe/Ip4Input.c
index fec242c71f..868f04812c 100644
--- a/NetworkPkg/Ip4Dxe/Ip4Input.c
+++ b/NetworkPkg/Ip4Dxe/Ip4Input.c
@@ -1,9 +1,9 @@
 /** @file
   IP4 input process.
 
-Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2020, Intel Corporation. All rights reserved.
 (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
 
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -709,14 +709,10 @@ Ip4PreProcessPacket (
   UINT16Checksum;
 
   //
   // Check if the IP4 header is correctly formatted.
   //
-  if ((*Packet)->TotalSize < IP4_MIN_HEADLEN) {
-return EFI_INVALID_PARAMETER;
-  }
-
   HeadLen  = (Head->HeadLen << 2);
   TotalLen = NTOHS (Head->TotalLen);
 
   //
   // Mnp may deliver frame trailer sequence up, trim it off.
@@ -806,10 +802,34 @@ Ip4PreProcessPacket (
   }
 
   return EFI_SUCCESS;
 }
 
+/**
+  This function checks the IPv4 packet length.
+
+  @param[in]   Packet  Pointer to the IPv4 Packet to be checked.
+
+  @retval TRUE   The input IPv4 packet length is valid.
+  @retval FALSE  The input IPv4 packet length is invalid.
+
+**/
+BOOLEAN
+Ip4IsValidPacketLength (
+  IN NET_BUF*Packet
+  )
+{
+  //
+  // Check the IP4 packet length.
+  //
+  if (Packet->TotalSize < IP4_MIN_HEADLEN) {
+return FALSE;
+  }
+
+  return TRUE;
+}
+
 /**
   The IP4 input routine. It is called by the IP4_INTERFACE when a
   IP4 fragment is received from MNP.
 
   @param[in]  Ip4InstanceThe IP4 child that request the receive, most 
like
@@ -842,10 +862,14 @@ Ip4AccpetFrame (
 
   if (EFI_ERROR (IoStatus) || (IpSb->State == IP4_SERVICE_DESTROY)) {
 goto DROP;
   }
 
+  if (!Ip4IsValidPacketLength (Packet)) {
+goto RESTART;
+  }
+
   Head  = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);
   ASSERT (Head != NULL);
   OptionLen = (Head->HeadLen << 2) - IP4_MIN_HEADLEN;
   if (OptionLen > 0) {
 Option = (UINT8 *) (Head + 1);
@@ -888,14 +912,18 @@ Ip4AccpetFrame (
   //
   // If the packet is protected by tunnel mode, parse the inner Ip Packet.
   //
   ZeroMem (, sizeof (IP4_HEAD));
   if (0 == CompareMem (Head, , sizeof (IP4_HEAD))) {
-  // Packet may have been changed. Head, HeadLen, TotalLen, and
-  // info must be reloaded before use. The ownership of the packet
-  // is transferred to the packet process logic.
-  //
+// Packet may have been changed. Head, HeadLen, TotalLen, and
+// info must be reloaded before use. The ownership of the packet
+// is transferred to the packet process logic.
+//
+if (!Ip4IsValidPacketLength (Packet)) {
+  goto RESTART;
+}
+
 Head = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);
 ASSERT (Head != NULL);
 Status = Ip4PreProcessPacket (
IpSb,
,
-- 
2.16.2.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#54569): https://edk2.groups.io/g/devel/message/54569
Mute This Topic: https://groups.io/mt/71366594/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1] Maintainers.txt: Change NetworkPkg maintainer role.

[Wu, Jiaxin]

Siyuan & Maciej,

Could you give me Reviewed-by tag for this patch?

Thanks in advance.
Jiaxin 

> -Original Message-
> From: Wu, Jiaxin 
> Sent: Thursday, February 6, 2020 1:56 PM
> To: devel@edk2.groups.io
> Cc: Maciej Rabeda ; Fu, Siyuan
> ; Wu, Jiaxin 
> Subject: [PATCH v1] Maintainers.txt: Change NetworkPkg maintainer role.
> 
> Change Jiaxin Wu from Maintainer to Reviewer.
> 
> Cc: Maciej Rabeda 
> Cc: Siyuan Fu 
> Signed-off-by: Jiaxin Wu 
> ---
>  Maintainers.txt | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/Maintainers.txt b/Maintainers.txt
> index ca9da28925..00b46a4884 100644
> --- a/Maintainers.txt
> +++ b/Maintainers.txt
> @@ -375,12 +375,12 @@ M: Michael D Kinney 
>  M: Liming Gao 
> 
>  NetworkPkg
>  F: NetworkPkg/
>  W: https://github.com/tianocore/tianocore.github.io/wiki/NetworkPkg
> -M: Jiaxin Wu 
>  M: Maciej Rabeda 
> +R: Jiaxin Wu 
>  R: Siyuan Fu 
> 
>  OvmfPkg
>  F: OvmfPkg/
>  W: http://www.tianocore.org/ovmf/
> --
> 2.16.2.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#54574): https://edk2.groups.io/g/devel/message/54574
Mute This Topic: https://groups.io/mt/71016468/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1] MdeModulePkg/Ip4Dxe: Check the received package length (CVE-2019-14559).

[Wu, Jiaxin]

Sorry, please ignore this patch, I will correct the commit log later.

Thanks,
Jiaxin

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Wu,
> Jiaxin
> Sent: Monday, February 17, 2020 3:36 PM
> To: devel@edk2.groups.io
> Cc: Fu, Siyuan ; Wu, Jiaxin 
> Subject: [edk2-devel] [PATCH v1] MdeModulePkg/Ip4Dxe: Check the
> received package length (CVE-2019-14559).
> 
> This patch is to check the received package length to make sure the package
> has a valid length field.
> 
> Cc: Fu Siyuan 
> Cc：Maciej Rabeda 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Wu Jiaxin 
> Reviewed-by: Siyuan Fu 
> ---
>  NetworkPkg/Ip4Dxe/Ip4Input.c | 46
> +++-
>  1 file changed, 37 insertions(+), 9 deletions(-)
> 
> diff --git a/NetworkPkg/Ip4Dxe/Ip4Input.c b/NetworkPkg/Ip4Dxe/Ip4Input.c
> index fec242c71f..3fd08a5231 100644
> --- a/NetworkPkg/Ip4Dxe/Ip4Input.c
> +++ b/NetworkPkg/Ip4Dxe/Ip4Input.c
> @@ -1,9 +1,9 @@
>  /** @file
>IP4 input process.
> 
> -Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.
> +Copyright (c) 2005 - 2019, Intel Corporation. All rights reserved.
>  (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
> 
>  SPDX-License-Identifier: BSD-2-Clause-Patent
> 
>  **/
> @@ -709,14 +709,10 @@ Ip4PreProcessPacket (
>UINT16Checksum;
> 
>//
>// Check if the IP4 header is correctly formatted.
>//
> -  if ((*Packet)->TotalSize < IP4_MIN_HEADLEN) {
> -return EFI_INVALID_PARAMETER;
> -  }
> -
>HeadLen  = (Head->HeadLen << 2);
>TotalLen = NTOHS (Head->TotalLen);
> 
>//
>// Mnp may deliver frame trailer sequence up, trim it off.
> @@ -806,10 +802,34 @@ Ip4PreProcessPacket (
>}
> 
>return EFI_SUCCESS;
>  }
> 
> +/**
> +  This function checks the IPv4 packet length.
> +
> +  @param[in]   Packet  Pointer to the IPv4 Packet to be checked.
> +
> +  @retval TRUE   The input IPv4 packet length is valid.
> +  @retval FALSE  The input IPv4 packet length is invalid.
> +
> +**/
> +BOOLEAN
> +Ip4IsValidPacketLength (
> +  IN NET_BUF*Packet
> +  )
> +{
> +  //
> +  // Check the IP4 packet length.
> +  //
> +  if (Packet->TotalSize < IP4_MIN_HEADLEN) {
> +return FALSE;
> +  }
> +
> +  return TRUE;
> +}
> +
>  /**
>The IP4 input routine. It is called by the IP4_INTERFACE when a
>IP4 fragment is received from MNP.
> 
>@param[in]  Ip4InstanceThe IP4 child that request the receive, most
> like
> @@ -842,10 +862,14 @@ Ip4AccpetFrame (
> 
>if (EFI_ERROR (IoStatus) || (IpSb->State == IP4_SERVICE_DESTROY)) {
>  goto DROP;
>}
> 
> +  if (!Ip4IsValidPacketLength (Packet)) {
> +goto RESTART;
> +  }
> +
>Head  = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);
>ASSERT (Head != NULL);
>OptionLen = (Head->HeadLen << 2) - IP4_MIN_HEADLEN;
>if (OptionLen > 0) {
>  Option = (UINT8 *) (Head + 1);
> @@ -888,14 +912,18 @@ Ip4AccpetFrame (
>//
>// If the packet is protected by tunnel mode, parse the inner Ip Packet.
>//
>ZeroMem (, sizeof (IP4_HEAD));
>if (0 == CompareMem (Head, , sizeof (IP4_HEAD))) {
> -  // Packet may have been changed. Head, HeadLen, TotalLen, and
> -  // info must be reloaded before use. The ownership of the packet
> -  // is transferred to the packet process logic.
> -  //
> +// Packet may have been changed. Head, HeadLen, TotalLen, and
> +// info must be reloaded before use. The ownership of the packet
> +// is transferred to the packet process logic.
> +//
> +if (!Ip4IsValidPacketLength (Packet)) {
> +  goto RESTART;
> +}
> +
>  Head = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);
>  ASSERT (Head != NULL);
>  Status = Ip4PreProcessPacket (
> IpSb,
> ,
> --
> 2.16.2.windows.1
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#54537): https://edk2.groups.io/g/devel/message/54537
Mute This Topic: https://groups.io/mt/71345472/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1] MdeModulePkg/Ip4Dxe: Check the received package length (CVE-2019-14559).

[Wu, Jiaxin]

This patch is to check the received package length to make sure the package
has a valid length field.

Cc: Fu Siyuan 
Cc：Maciej Rabeda 
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin 
Reviewed-by: Siyuan Fu 
---
 NetworkPkg/Ip4Dxe/Ip4Input.c | 46 +++-
 1 file changed, 37 insertions(+), 9 deletions(-)

diff --git a/NetworkPkg/Ip4Dxe/Ip4Input.c b/NetworkPkg/Ip4Dxe/Ip4Input.c
index fec242c71f..3fd08a5231 100644
--- a/NetworkPkg/Ip4Dxe/Ip4Input.c
+++ b/NetworkPkg/Ip4Dxe/Ip4Input.c
@@ -1,9 +1,9 @@
 /** @file
   IP4 input process.
 
-Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2019, Intel Corporation. All rights reserved.
 (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
 
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -709,14 +709,10 @@ Ip4PreProcessPacket (
   UINT16Checksum;
 
   //
   // Check if the IP4 header is correctly formatted.
   //
-  if ((*Packet)->TotalSize < IP4_MIN_HEADLEN) {
-return EFI_INVALID_PARAMETER;
-  }
-
   HeadLen  = (Head->HeadLen << 2);
   TotalLen = NTOHS (Head->TotalLen);
 
   //
   // Mnp may deliver frame trailer sequence up, trim it off.
@@ -806,10 +802,34 @@ Ip4PreProcessPacket (
   }
 
   return EFI_SUCCESS;
 }
 
+/**
+  This function checks the IPv4 packet length.
+
+  @param[in]   Packet  Pointer to the IPv4 Packet to be checked.
+
+  @retval TRUE   The input IPv4 packet length is valid.
+  @retval FALSE  The input IPv4 packet length is invalid.
+
+**/
+BOOLEAN
+Ip4IsValidPacketLength (
+  IN NET_BUF*Packet
+  )
+{
+  //
+  // Check the IP4 packet length.
+  //
+  if (Packet->TotalSize < IP4_MIN_HEADLEN) {
+return FALSE;
+  }
+
+  return TRUE;
+}
+
 /**
   The IP4 input routine. It is called by the IP4_INTERFACE when a
   IP4 fragment is received from MNP.
 
   @param[in]  Ip4InstanceThe IP4 child that request the receive, most 
like
@@ -842,10 +862,14 @@ Ip4AccpetFrame (
 
   if (EFI_ERROR (IoStatus) || (IpSb->State == IP4_SERVICE_DESTROY)) {
 goto DROP;
   }
 
+  if (!Ip4IsValidPacketLength (Packet)) {
+goto RESTART;
+  }
+
   Head  = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);
   ASSERT (Head != NULL);
   OptionLen = (Head->HeadLen << 2) - IP4_MIN_HEADLEN;
   if (OptionLen > 0) {
 Option = (UINT8 *) (Head + 1);
@@ -888,14 +912,18 @@ Ip4AccpetFrame (
   //
   // If the packet is protected by tunnel mode, parse the inner Ip Packet.
   //
   ZeroMem (, sizeof (IP4_HEAD));
   if (0 == CompareMem (Head, , sizeof (IP4_HEAD))) {
-  // Packet may have been changed. Head, HeadLen, TotalLen, and
-  // info must be reloaded before use. The ownership of the packet
-  // is transferred to the packet process logic.
-  //
+// Packet may have been changed. Head, HeadLen, TotalLen, and
+// info must be reloaded before use. The ownership of the packet
+// is transferred to the packet process logic.
+//
+if (!Ip4IsValidPacketLength (Packet)) {
+  goto RESTART;
+}
+
 Head = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);
 ASSERT (Head != NULL);
 Status = Ip4PreProcessPacket (
IpSb,
,
-- 
2.16.2.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#54536): https://edk2.groups.io/g/devel/message/54536
Mute This Topic: https://groups.io/mt/71345472/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1] MdeModulePkg/Ip4Dxe: Check the received package length (CVE-2019-14559).

[Wu, Jiaxin]

This patch is to check the received package length to make sure the package
has a valid length field.

Cc: Fu Siyuan 
Cc: Maciej Rabeda 
Signed-off-by: Wu Jiaxin 
Reviewed-by: Siyuan Fu 
---
 NetworkPkg/Ip4Dxe/Ip4Input.c | 46 +++-
 1 file changed, 37 insertions(+), 9 deletions(-)

diff --git a/NetworkPkg/Ip4Dxe/Ip4Input.c b/NetworkPkg/Ip4Dxe/Ip4Input.c
index fec242c71f..95fbd01d05 100644
--- a/NetworkPkg/Ip4Dxe/Ip4Input.c
+++ b/NetworkPkg/Ip4Dxe/Ip4Input.c
@@ -1,9 +1,9 @@
 /** @file
   IP4 input process.
 
-Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2020, Intel Corporation. All rights reserved.
 (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
 
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -709,14 +709,10 @@ Ip4PreProcessPacket (
   UINT16Checksum;
 
   //
   // Check if the IP4 header is correctly formatted.
   //
-  if ((*Packet)->TotalSize < IP4_MIN_HEADLEN) {
-return EFI_INVALID_PARAMETER;
-  }
-
   HeadLen  = (Head->HeadLen << 2);
   TotalLen = NTOHS (Head->TotalLen);
 
   //
   // Mnp may deliver frame trailer sequence up, trim it off.
@@ -806,10 +802,34 @@ Ip4PreProcessPacket (
   }
 
   return EFI_SUCCESS;
 }
 
+/**
+  This function checks the IPv4 packet length.
+
+  @param[in]   Packet  Pointer to the IPv4 Packet to be checked.
+
+  @retval TRUE   The input IPv4 packet length is valid.
+  @retval FALSE  The input IPv4 packet length is invalid.
+
+**/
+BOOLEAN
+Ip4IsValidPacketLength (
+  IN NET_BUF*Packet
+  )
+{
+  //
+  // Check the IP4 packet length.
+  //
+  if (Packet->TotalSize < IP4_MIN_HEADLEN) {
+return FALSE;
+  }
+
+  return TRUE;
+}
+
 /**
   The IP4 input routine. It is called by the IP4_INTERFACE when a
   IP4 fragment is received from MNP.
 
   @param[in]  Ip4InstanceThe IP4 child that request the receive, most 
like
@@ -842,10 +862,14 @@ Ip4AccpetFrame (
 
   if (EFI_ERROR (IoStatus) || (IpSb->State == IP4_SERVICE_DESTROY)) {
 goto DROP;
   }
 
+  if (!Ip4IsValidPacketLength (Packet)) {
+goto RESTART;
+  }
+
   Head  = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);
   ASSERT (Head != NULL);
   OptionLen = (Head->HeadLen << 2) - IP4_MIN_HEADLEN;
   if (OptionLen > 0) {
 Option = (UINT8 *) (Head + 1);
@@ -888,14 +912,18 @@ Ip4AccpetFrame (
   //
   // If the packet is protected by tunnel mode, parse the inner Ip Packet.
   //
   ZeroMem (, sizeof (IP4_HEAD));
   if (0 == CompareMem (Head, , sizeof (IP4_HEAD))) {
-  // Packet may have been changed. Head, HeadLen, TotalLen, and
-  // info must be reloaded before use. The ownership of the packet
-  // is transferred to the packet process logic.
-  //
+// Packet may have been changed. Head, HeadLen, TotalLen, and
+// info must be reloaded before use. The ownership of the packet
+// is transferred to the packet process logic.
+//
+if (!Ip4IsValidPacketLength (Packet)) {
+  goto RESTART;
+}
+
 Head = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);
 ASSERT (Head != NULL);
 Status = Ip4PreProcessPacket (
IpSb,
,
-- 
2.16.2.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#54538): https://edk2.groups.io/g/devel/message/54538
Mute This Topic: https://groups.io/mt/71345472/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] reg: Host Name Validation with Wild Card Certificate

[Wu, Jiaxin]

Hi Siva,

That's just my implementation to restrict the wildcards support, if you have 
the real usage case, please report Bugzilla to support the wildcards, it will 
be better to provide the usage case in the bugzilla.

Thanks,
Jiaxin



From: Sivaraman Nainar 
Sent: Tuesday, March 10, 2020 5:04 PM
To: devel@edk2.groups.io; Wu, Jiaxin ; ler...@redhat.com
Cc: Madhan B. Santharam ; Arun Subramanian B 
; Bhuvaneshwari M R ; 
Ramesh R. ; Srini Narayana ; Sivaraman Nainar 
; Fu, Siyuan 
Subject: RE: reg: Host Name Validation with Wild Card Certificate

Hello Jiaxin:

Would you please provide your comments on the below Query.

-Siva
From: devel@edk2.groups.io<mailto:devel@edk2.groups.io> 
[mailto:devel@edk2.groups.io] On Behalf Of Sivaraman Nainar
Sent: Friday, March 6, 2020 11:37 AM
To: To:; Wu, Jiaxin; Fu, Siyuan
Cc: Madhan B. Santharam; Arun Subramanian B; Bhuvaneshwari M R; Ramesh R.; 
Srini Narayana
Subject: [edk2-devel] reg: Host Name Validation with Wild Card Certificate

Hello all:

Need a clarification on the Host Name support added in the HTTP Boot.

When certificates are generated with the Wild Card in the SAN  the host name 
validation is getting failed with the below error codes.
Ex: DNS Name=*.ami.internal-test.com

TlsDoHandshake SSL_HANDSHAKE_ERROR State=0x4 SSL_ERROR_SSL
TlsDoHandshake ERROR 0x1416F086=L14:F16F:R86
Http Request failed. Code=Aborted

If the Host verify flag is changed from
HttpInstance->TlsConfigData.VerifyHost.Flags= 
EFI_TLS_VERIFY_FLAG_NO_WILDCARDS;
To
HttpInstance->TlsConfigData.VerifyHost.Flags=  EFI_TLS_VERIFY_FLAG_NONE;

Then the Http request can pass.

Is the host Name support strictly not allowing Wild card support? In this case 
do we need to have multiple Certiricate to have each URL with exact Host Name?

Thanks
Siva

This e-mail is intended for the use of the addressee only and may contain 
privileged, confidential, or proprietary information that is exempt from 
disclosure under law. If you have received this message in error, please inform 
us promptly by reply e-mail, then delete the e-mail and destroy any printed 
copy. Thank you.

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#55774): https://edk2.groups.io/g/devel/message/55774
Mute This Topic: https://groups.io/mt/71767263/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2] NetworkPkg/Ip6Dxe: Fix ASSERT logic in Ip6ProcessRouterAdvertise()

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 


> -Original Message-
> From: Maciej Rabeda 
> Sent: Thursday, April 2, 2020 5:15 PM
> To: devel@edk2.groups.io
> Cc: Wu, Jiaxin ; Fu, Siyuan ;
> Laszlo Ersek 
> Subject: [PATCH v2] NetworkPkg/Ip6Dxe: Fix ASSERT logic in
> Ip6ProcessRouterAdvertise()
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2655
> 
> This patch fixes reversed logic of recently added ASSERTs which should
> ensure that Ip6IsNDOptionValid() implementation properly reacts to invalid
> packets.
> 
> Cc: Jiaxin Wu 
> Cc: Siyuan Fu 
> Signed-off-by: Maciej Rabeda 
> Reviewed-by: Siyuan Fu 
> Tested-by: Laszlo Ersek 
> Fixes: 9c20342eed70ec99ec50cd73cb81804299f05403
> ---
>  NetworkPkg/Ip6Dxe/Ip6Nd.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/NetworkPkg/Ip6Dxe/Ip6Nd.c b/NetworkPkg/Ip6Dxe/Ip6Nd.c
> index fd7f60b2f92c..0780a98cb325 100644
> --- a/NetworkPkg/Ip6Dxe/Ip6Nd.c
> +++ b/NetworkPkg/Ip6Dxe/Ip6Nd.c
> @@ -2111,7 +2111,7 @@ Ip6ProcessRouterAdvertise (
>// Option size validity ensured by Ip6IsNDOptionValid().
> 
>//
> 
>ASSERT (LinkLayerOption.Length != 0);
> 
> -  ASSERT (Offset + (UINT32) LinkLayerOption.Length * 8 >= (UINT32) Head-
> >PayloadLength);
> 
> +  ASSERT (Offset + (UINT32) LinkLayerOption.Length * 8 <= (UINT32)
> Head->PayloadLength);
> 
> 
> 
>ZeroMem (, sizeof (EFI_MAC_ADDRESS));
> 
>CopyMem (, LinkLayerOption.EtherAddr, 6);
> 
> @@ -2164,7 +2164,7 @@ Ip6ProcessRouterAdvertise (
>// Option size validity ensured by Ip6IsNDOptionValid().
> 
>//
> 
>ASSERT (PrefixOption.Length == 4);
> 
> -  ASSERT (Offset + (UINT32) PrefixOption.Length * 8 >= (UINT32) Head-
> >PayloadLength);
> 
> +  ASSERT (Offset + (UINT32) PrefixOption.Length * 8 <= (UINT32) Head-
> >PayloadLength);
> 
> 
> 
>PrefixOption.ValidLifetime = NTOHL (PrefixOption.ValidLifetime);
> 
>PrefixOption.PreferredLifetime = NTOHL
> (PrefixOption.PreferredLifetime);
> 
> @@ -2334,7 +2334,7 @@ Ip6ProcessRouterAdvertise (
>// Option size validity ensured by Ip6IsNDOptionValid().
> 
>//
> 
>ASSERT (MTUOption.Length == 1);
> 
> -  ASSERT (Offset + (UINT32) MTUOption.Length * 8 >= (UINT32) Head-
> >PayloadLength);
> 
> +  ASSERT (Offset + (UINT32) MTUOption.Length * 8 <= (UINT32) Head-
> >PayloadLength);
> 
> 
> 
>//
> 
>// Use IPv6 minimum link MTU 1280 bytes as the maximum packet size in
> order
> 
> --
> 2.24.0.windows.2


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#56933): https://edk2.groups.io/g/devel/message/56933
Mute This Topic: https://groups.io/mt/72720827/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v3 3/3] Revert "NetworkPkg/TlsAuthConfigDxe: fix TlsCaCertificate attributes retrieval"

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 


> -Original Message-
> From: michael.kuba...@outlook.com 
> Sent: Saturday, March 28, 2020 5:56 AM
> To: devel@edk2.groups.io
> Cc: Laszlo Ersek ; Fu, Siyuan ;
> Maciej Rabeda ; Wu, Jiaxin
> 
> Subject: [PATCH v3 3/3] Revert "NetworkPkg/TlsAuthConfigDxe: fix
> TlsCaCertificate attributes retrieval"
> 
> From: Michael Kubacki 
> 
> This reverts commit 6896efdec2709e530b23c688cf0f31706709a0c5.
> 
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2062
> 
> GetVariable() now returns attributes when it fails with
> EFI_BUFFER_TOO_SMALL. Therefore, commit 6896efdec270 is
> reverted since it is no longer relevant.
> 
> Cc: Laszlo Ersek 
> Cc: Siyuan Fu 
> Cc: Maciej Rabeda 
> Cc: Jiaxin Wu 
> Signed-off-by: Michael Kubacki 
> Reviewed-by: Bret Barkelew 
> Reviewed-by: Laszlo Ersek 
> ---
>  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c | 27 +---
>  1 file changed, 1 insertion(+), 26 deletions(-)
> 
> diff --git a/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c
> b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c
> index 715bc3a0a941..2481d1098fa3 100644
> --- a/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c
> +++ b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c
> @@ -657,7 +657,6 @@ EnrollX509toVariable (
>EFI_SIGNATURE_LIST*CACert;
>EFI_SIGNATURE_DATA*CACertData;
>VOID  *Data;
> -  VOID  *CurrentData;
>UINTN DataSize;
>UINTN SigDataSize;
>UINT32Attr;
> @@ -669,7 +668,6 @@ EnrollX509toVariable (
>CACert= NULL;
>CACertData= NULL;
>Data  = NULL;
> -  CurrentData   = NULL;
>Attr  = 0;
> 
>Status = ReadFileContent (
> @@ -712,30 +710,11 @@ EnrollX509toVariable (
>Status = gRT->GetVariable(
>VariableName,
>,
> -  NULL,
> +  ,
>,
>NULL
>);
>if (Status == EFI_BUFFER_TOO_SMALL) {
> -//
> -// Per spec, we have to fetch the variable's contents, even though we're
> -// only interested in the variable's attributes.
> -//
> -CurrentData = AllocatePool (DataSize);
> -if (CurrentData == NULL) {
> -  Status = EFI_OUT_OF_RESOURCES;
> -  goto ON_EXIT;
> -}
> -Status = gRT->GetVariable(
> -VariableName,
> -,
> -,
> -,
> -CurrentData
> -);
> -if (EFI_ERROR (Status)) {
> -  goto ON_EXIT;
> -}
>  Attr |= EFI_VARIABLE_APPEND_WRITE;
>} else if (Status == EFI_NOT_FOUND) {
>  Attr = TLS_AUTH_CONFIG_VAR_BASE_ATTR;
> @@ -766,10 +745,6 @@ ON_EXIT:
>  FreePool (Data);
>}
> 
> -  if (CurrentData != NULL) {
> -FreePool (CurrentData);
> -  }
> -
>if (X509Data != NULL) {
>  FreePool (X509Data);
>}
> --
> 2.16.3.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#56801): https://edk2.groups.io/g/devel/message/56801
Mute This Topic: https://groups.io/mt/7259/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] NetworkPkg/HttpDxe: TlsChildHandle is not cleared when reset

[Wu, Jiaxin]

Reviewed-by: Wu Jiaxin 

Thanks,
Jiaxin

> -Original Message-
> From: Abner Chang 
> Sent: Monday, September 28, 2020 2:30 PM
> To: devel@edk2.groups.io
> Cc: abner.ch...@hpe.com; Maciej Rabeda ;
> Wu, Jiaxin ; Fu, Siyuan ; Nickle
> Wang 
> Subject: [PATCH] NetworkPkg/HttpDxe: TlsChildHandle is not cleared when
> reset
> 
> BZ #2909,
> https://bugzilla.tianocore.org/show_bug.cgi?id=2909
> 
> When Http->Configure() is invoked with HttpConfigData set to
> NULL to reset the EFI HTTP instance, TLS child instance is
> destroyed but HttpInstance->TlsChildHandle is not set to
> NULL. After reconfiguring HTTP through Http->Configure()
> and sending the HTTP request to HTTPS URL, TLS child
> instance is not recreated because
> HttpInstance->TlsChildHandle is not NULL.
> 
> Signed-off-by: Abner Chang 
> 
> Cc: Maciej Rabeda 
> Cc: Wu Jiaxin 
> Cc: Fu Siyuan 
> Cc: Nickle Wang 
> ---
>  NetworkPkg/HttpDxe/HttpProto.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/NetworkPkg/HttpDxe/HttpProto.c
> b/NetworkPkg/HttpDxe/HttpProto.c
> index 3c7c6ff9f0c..afc7db5a726 100644
> --- a/NetworkPkg/HttpDxe/HttpProto.c
> +++ b/NetworkPkg/HttpDxe/HttpProto.c
> @@ -873,6 +873,7 @@ HttpCleanProtocol (
>  // Destroy the TLS instance.
>  //
>  HttpInstance->TlsSb->DestroyChild (HttpInstance->TlsSb, HttpInstance-
> >TlsChildHandle);
> +HttpInstance->TlsChildHandle = NULL;
>}
> 
>if (HttpInstance->Tcp4ChildHandle != NULL) {
> --
> 2.21.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#65677): https://edk2.groups.io/g/devel/message/65677
Mute This Topic: https://groups.io/mt/77169386/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 00/16] OvmfPkg: support VCPU hotplug with -D SMM_REQUIRE

[Wu, Jiaxin]

Hi Laszlo,

Appreciate your feedback! Thank you very much.

Jiaxin

> -Original Message-
> From: Laszlo Ersek 
> Sent: Saturday, July 25, 2020 12:02 AM
> To: Wu, Jiaxin 
> Cc: devel@edk2.groups.io
> Subject: Re: [edk2-devel] [PATCH 00/16] OvmfPkg: support VCPU hotplug
> with -D SMM_REQUIRE
> 
> On 07/24/20 08:26, Wu, Jiaxin wrote:
> > Hi Laszlo,
> >
> > Looks OVMF supports the CPU hotplug with those series patches.
> >
> > Could you provide some guide how to enable the OVMF CPU hotplug
> > verification? Is there any general work flow introduction how it
> > works? For example, how to do the hot add CPU initialization (e.g.
> > Register setting / Microcode update, etc.)? I'm very interested in
> > this feature on OVMF.
> 
> Long version:
> -
> 
> (1) There are three pieces missing:
> 
> (1a) The QEMU side changes for the ACPI (DSDT) content that QEMU
> generates for the OS.
> 
> The ACPI GPE handler for CPU hotplug is being modified by my colleague
> Igor Mammedov to raise the SMI (command value 4) on CPU hotplug.
> 
> For developing the OVMF series for TianoCore#1512 (which is now merged),
> I used a prototype QEMU patch, from Igor. But that patch is not suitable
> for upstreaming to QEMU. SO Igor is now developing the real patches for
> QEMU's ACPI generator.
> 
> (1b) The related feature negotiation patches in QEMU.
> 
> In order for "CPU hotplug with SMM" to work, both OVMF and QEMU need
> to
> perform specific things. In order to deal with cross-version
> compatibility problems, the "CPU hotplug with SMI" feature is
> dynamically negotiated between OVMF and QEMU. For this negotiation,
> both
> QEMU and OVMF need additional patches. These patches are not related to
> the actual plugging activities; instead they control whether plugging is
> permitted at all, or not.
> 
> Igor's QEMU series covers both purposes (1a) and (1b). It's work in
> progress. The first posting was an RFC series:
> 
> (1b1) [RFC 0/3] x86: fix cpu hotplug with secure boot
>   https://lists.gnu.org/archive/html/qemu-devel/2020-07/msg03746.html
>   http://mid.mail-archive.com/20200710161704.309824-1-
> imamm...@redhat.com
> 
> The latest posting has been a PATCH series:
> 
> (1b2) [qemu-devel] [PATCH 0/6] x86: fix cpu hotplug with secure boot
>   https://lists.gnu.org/archive/html/qemu-devel/2020-07/msg05850.html
>   http://mid.mail-archive.com/20200720141610.574308-1-
> imamm...@redhat.com
> 
> (1c) The feature negotiation patch for OVMF is here:
> 
> * [edk2-devel] [PATCH] OvmfPkg/SmmControl2Dxe: negotiate
> ICH9_LPC_SMI_F_CPU_HOTPLUG
>   https://edk2.groups.io/g/devel/message/62561
>   20200714184305.9814-1-lersek@redhat.com">http://mid.mail-archive.com/20200714184305.9814-1-lersek@redhat.com
> 
> 
> (2) Special register setting and microcode stuff are not needed.
> 
> 
> (3) As I mentioned before, I strongly suggest using QEMU and OVMF with
> libvirt. I had written an article about that here:
> 
>   https://github.com/tianocore/tianocore.github.io/wiki/Testing-SMM-with-
> QEMU,-KVM-and-libvirt
> 
> I wrote this article specifically for "Windows-based" developers. The
> article is written from such a perspective that you don't need a
> personal Linux workstation, only a single Linux workstation *per team*.
> So you can continue using a Windows workstation, just set up one Linux
> box for your team (if you don't yet have one).
> 
> This article remains relevant.
> 
> (3a) In order to set up a guest for VCPU hotplug, simply go through the
> article, initially.
> 
> (3b) Once you're done with that, power down the guest, and modify the
> domain XML as follows:
> 
>   virsh edit 
> 
> (3b1) replace the "pc-q35-2.9" machine type with "pc-q35-5.1"
> 
> (3b2) replace the following stanza:
> 
>   4
> 
> with:
> 
>   4
>   
> 
> 
> 
> 
>   
> 
> This will create a VCPU topology where:
> 
> - CPU#0 is present up-front, and is not hot-pluggable (this is a QEMU
> requirement),
> 
> - CPU#1, CPU#2, and CPU#3 are hot-pluggable,
> 
> - CPU#2 is present up-front ("cold-plugged"), while CPU#1 and CPU#3 are
> absent initially.
> 
> 
> (4) Boot the guest. Once you have a root prompt in the guest, you can
> use one of two libvirt commands for hot-plugging a CPU:
> 
> (4a) the singular "virsh setvcpu" command:
> 
>   virsh setvcpu   --enable --live
> 
> where you can pass in 1 or 3 for .
> 
> This command lets you specify the precise ID of the processor to be
> hot-plugged; IOW, the command lets you contr

Re: [edk2-devel] [PATCH 00/16] OvmfPkg: support VCPU hotplug with -D SMM_REQUIRE

[Wu, Jiaxin]

Hi Laszlo,

Looks OVMF supports the CPU hotplug with those series patches. 

Could you provide some guide how to enable the OVMF CPU hotplug verification? 
Is there any general work flow introduction how it works? For example, how to 
do the hot add CPU initialization (e.g. Register setting / Microcode update, 
etc.)? I'm very interested in this feature on OVMF.

Thank you very much.
Jiaxin






> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Laszlo
> Ersek
> Sent: Monday, February 24, 2020 1:25 AM
> To: edk2-devel-groups-io 
> Cc: Ard Biesheuvel ; Dong, Eric
> ; Wu, Hao A ; Igor Mammedov
> ; Wang, Jian J ; Yao,
> Jiewen ; Justen, Jordan L
> ; Kinney, Michael D
> ; Philippe Mathieu-Daudé
> ; Ni, Ray 
> Subject: [edk2-devel] [PATCH 00/16] OvmfPkg: support VCPU hotplug with -
> D SMM_REQUIRE
> 
> Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1512
> Repo: https://github.com/lersek/edk2.git
> Branch:   vcpu_hotplug_smm_bz_1512
> 
> This series implements VCPU hotplug with SMM for OVMF, i.e., when OVMF
> is built with "-D SMM_REQUIRE".
> 
> SEV support and hot-unplug support are out of scope for now.
> 
> Patch#13 ("OvmfPkg/CpuHotplugSmm: complete root MMI handler for CPU
> hotplug") describes tests and results in the Notes section.
> 
> Obviously this is not being proposed for the edk2-stable202002 tag
> (which is in hard feature freeze).
> 
> QEMU needs patches for this feature, too. I've done the development
> against a QEMU patch that Igor hacked up quickly at my request. It was
> never posted (it needs some polish for upstreaming), but it has allowed
> me to write and test this feature.
> 
> The key parts of the QEMU commit message are:
> 
> > x68:acpi: trigger SMI before scanning for added/removed CPUs
> >
> > Firmware should only scan for new CPUs and not modify events in CPU
> > hotplug registers.
> 
> Igor's patch is based on upstream QEMU commit 418fa86dd465. Until he
> decides to post or otherwise share the patch, its effect can be
> expressed with a diff, taken in the Linux guest, between decompiled
> before/after versions of the QEMU-generated DSDT:
> 
> > @@ -81,6 +81,27 @@
> >  Return (Arg3)
> >  }
> >  }
> > +
> > +Device (SMI0)
> > +{
> > +Name (_HID, "PNP0A06" /* Generic Container Device */)  // _HID:
> Hardware ID
> > +Name (_UID, "SMI resources")  // _UID: Unique ID
> > +Name (_STA, 0x0B)  // _STA: Status
> > +Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource
> Settings
> > +{
> > +IO (Decode16,
> > +0x00B2, // Range Minimum
> > +0x00B2, // Range Maximum
> > +0x01,   // Alignment
> > +0x01,   // Length
> > +)
> > +})
> > +OperationRegion (SMIR, SystemIO, 0xB2, One)
> > +Field (SMIR, ByteAcc, NoLock, WriteAsZeros)
> > +{
> > +SMIC,   8
> > +}
> > +}
> >  }
> >
> >  Scope (_SB)
> > @@ -3016,6 +3037,7 @@
> >  Method (CSCN, 0, Serialized)
> >  {
> >  Acquire (\_SB.PCI0.PRES.CPLK, 0x)
> > +\_SB.SMI0.SMIC = 0x04
> >  Local0 = One
> >  While ((Local0 == One))
> >  {
> 
> where the CSCN ("CPU scan") method is the _E02 GPE ("CPU hotplug") event
> handler:
> 
> >  Method (\_GPE._E02, 0, NotSerialized)  // _Exx: Edge-Triggered GPE,
> xx=0x00-0xFF
> >  {
> >  \_SB.CPUS.CSCN ()
> >  }
> 
> If you'd like to test this series, please ask Igor for the QEMU patch.
> :)
> 
> The series has been formatted for review with the following options:
> 
>   --stat=1000 --stat-graph-width=20 \
>   --unified=22 \
>   --find-copies=43 --find-copies-harder \
>   --base=master \
> 
> At every stage in the series:
> - the tree builds,
> - "PatchCheck.py" is happy,
> - and OVMF works without regressions.
> 
> (Hotplug is made functional at patch#13, and "S3 after hotplug" is
> completed at patch#16. So those actions should not be attempted before
> said respective patches.)
> 
> Thanks,
> Laszlo
> 
> Cc: Ard Biesheuvel 
> Cc: Eric Dong 
> Cc: Hao A Wu 
> Cc: Igor Mammedov 
> Cc: Jian J Wang 
> Cc: Jiewen Yao 
> Cc: Jordan Justen 
> Cc: Michael Kinney 
> Cc: Philippe Mathieu-Daudé 
> Cc: Ray Ni 
> 
> Thanks
> Laszlo
> 
> Laszlo Ersek (16):
>   MdeModulePkg/PiSmmCore: log SMM image start failure
>   UefiCpuPkg/PiSmmCpuDxeSmm: fix S3 Resume for CPU hotplug
>   OvmfPkg: clone SmmCpuPlatformHookLib from UefiCpuPkg
>   OvmfPkg: enable SMM Monarch Election in PiSmmCpuDxeSmm
>   OvmfPkg: enable CPU hotplug support in PiSmmCpuDxeSmm
>   OvmfPkg/CpuHotplugSmm: introduce skeleton for CPU Hotplug SMM driver
>   OvmfPkg/CpuHotplugSmm: add hotplug register block helper functions
>   

Re: [edk2-devel] [patch V4 16/29] NetworkPkg: Consume MdeLibs.dsc.inc for RegisterFilterLib

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 



> -Original Message-
> From: Bi, Dandan 
> Sent: Sunday, March 28, 2021 8:02 PM
> To: devel@edk2.groups.io
> Cc: Maciej Rabeda ; Wu, Jiaxin
> ; Fu, Siyuan 
> Subject: [patch V4 16/29] NetworkPkg: Consume MdeLibs.dsc.inc for
> RegisterFilterLib
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3246
> 
> MdeLibs.dsc.inc was added for some basic/default library
> instances provided by MdePkg and RegisterFilterLibNull Library
> was also added into it as the first version of MdeLibs.dsc.inc.
> 
> So update platform dsc to consume MdeLibs.dsc.inc for
> RegisterFilterLibNull which will be consumed by IoLib and BaseLib.
> 
> Cc: Maciej Rabeda 
> Cc: Jiaxin Wu 
> Cc: Siyuan Fu 
> Signed-off-by: Dandan Bi 
> Acked-by: Ard Biesheuvel 
> ---
>  NetworkPkg/NetworkPkg.dsc | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/NetworkPkg/NetworkPkg.dsc b/NetworkPkg/NetworkPkg.dsc
> index 531da841e9..5e6619ad85 100644
> --- a/NetworkPkg/NetworkPkg.dsc
> +++ b/NetworkPkg/NetworkPkg.dsc
> @@ -1,10 +1,10 @@
>  ## @file
>  # UEFI 2.4 Network Module Package for All Architectures
>  #
>  # (C) Copyright 2014 Hewlett-Packard Development Company, L.P.
> -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.
> +# Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.
>  # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> reserved.
>  #SPDX-License-Identifier: BSD-2-Clause-Patent
>  #
>  ##
> 
> @@ -18,10 +18,12 @@ [Defines]
>BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
>SKUID_IDENTIFIER   = DEFAULT
> 
>DEFINE NETWORK_ISCSI_ENABLE= TRUE
> 
> +!include MdePkg/MdeLibs.dsc.inc
> +
>  [LibraryClasses]
>DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf
>BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
>BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
>DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
> --
> 2.18.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#73513): https://edk2.groups.io/g/devel/message/73513
Mute This Topic: https://groups.io/mt/81670695/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1] MdePkg: Support Extended Control Register(XCR) Read and Write.

[Wu, Jiaxin]

https://bugzilla.tianocore.org/show_bug.cgi?id=3284

This patch is to support Extended Control Register(XCR) Read
and Write.

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Signed-off-by: Jiaxin Wu 
---
 MdePkg/Include/Library/BaseLib.h  | 46 ++-
 MdePkg/Library/BaseLib/BaseLib.inf|  4 ++-
 MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm  | 31 +
 MdePkg/Library/BaseLib/Ia32/WriteXcr.nasm | 34 +++
 4 files changed, 113 insertions(+), 2 deletions(-)
 create mode 100644 MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm
 create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteXcr.nasm

diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/BaseLib.h
index 1171a0ffb5..c51633ad73 100644
--- a/MdePkg/Include/Library/BaseLib.h
+++ b/MdePkg/Include/Library/BaseLib.h
@@ -1,10 +1,10 @@
 /** @file
   Provides string functions, linked list functions, math functions, 
synchronization
   functions, file path functions, and CPU architecture-specific functions.
 
-Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
 Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
 Copyright (c) Microsoft Corporation.
 Portions Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All 
rights reserved.
 
 SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -7493,7 +7493,51 @@ PatchInstructionX86 (
   OUT X86_ASSEMBLY_PATCH_LABEL *InstructionEnd,
   IN  UINT64   PatchValue,
   IN  UINTNValueSize
   );
 
+/**
+  Returns a 64-bit Extended Control Register(XCR).
+
+  Reads and returns the 64-bit XCR specified by Index. No parameter checking is
+  performed on Index, and some Index values may cause CPU exceptions. The
+  caller must either guarantee that Index is valid, or the caller must set up
+  exception handlers to catch the exceptions. This function is only available
+  on IA-32 and x64.
+
+  @param  Index The 32-bit XCR index to read.
+
+  @return The value of the XCR identified by Index.
+
+**/
+UINT64
+EFIAPI
+AsmReadXcr (
+  IN UINT32  Index
+  );
+
+/**
+  Writes a 64-bit value to a Extended Control Register(XCR), and returns the
+  value.
+
+  Writes the 64-bit value specified by Value to the XCR specified by Index. The
+  64-bit value written to the XCR is returned. No parameter checking is
+  performed on Index or Value, and some of these may cause CPU exceptions. The
+  caller must either guarantee that Index and Value are valid, or the caller
+  must establish proper exception handlers. This function is only available on
+  IA-32 and x64.
+
+  @param  Index The 32-bit XCR index to write.
+  @param  Value The 64-bit value to write to the XCR.
+
+  @return Value
+
+**/
+UINT64
+EFIAPI
+AsmWriteXcr (
+  IN UINT32  Index,
+  IN UINT64  Value
+  );
+
 #endif // defined (MDE_CPU_IA32) || defined (MDE_CPU_X64)
 #endif // !defined (__BASE_LIB__)
diff --git a/MdePkg/Library/BaseLib/BaseLib.inf 
b/MdePkg/Library/BaseLib/BaseLib.inf
index 3b85c56c3c..e62031ea11 100644
--- a/MdePkg/Library/BaseLib/BaseLib.inf
+++ b/MdePkg/Library/BaseLib/BaseLib.inf
@@ -1,9 +1,9 @@
 ## @file
 #  Base Library implementation.
 #
-#  Copyright (c) 2007 - 2020, Intel Corporation. All rights reserved.
+#  Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.
 #  Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
 #  Portions copyright (c) 2011 - 2013, ARM Ltd. All rights reserved.
 #  Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights 
reserved.
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -63,10 +63,12 @@
   BaseLibInternals.h
 
 [Sources.Ia32]
   Ia32/WriteTr.nasm
   Ia32/Lfence.nasm
+  Ia32/ReadXcr.nasm
+  Ia32/WriteXcr.nasm
 
   Ia32/Wbinvd.c | MSFT
   Ia32/WriteMm7.c | MSFT
   Ia32/WriteMm6.c | MSFT
   Ia32/WriteMm5.c | MSFT
diff --git a/MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm 
b/MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm
new file mode 100644
index 00..5d50d8ba01
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm
@@ -0,0 +1,31 @@
+;--
+;
+; Copyright (c) 2021, Intel Corporation. All rights reserved.
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+; Module Name:
+;
+;   ReadXcr.Asm
+;
+; Abstract:
+;
+;   AsmReadXcr function
+;
+; Notes:
+;
+;--
+
+SECTION .text
+
+;--
+; UINT64
+; EFIAPI
+; AsmReadXcr (
+;   IN UINT32  Index
+;   );
+;--
+global ASM_PFX(AsmReadXcr)
+ASM_PFX(AsmReadXcr):
+mov ecx, [esp + 4]
+xgetbv
+ret
\ No newline at end of file
diff --git a/MdePkg/Library/BaseLib/Ia32/WriteXcr.nasm 

[edk2-devel] [PATCH v1] MdePkg/BaseLib: Add support for the XSETBV instruction

[Wu, Jiaxin]

https://bugzilla.tianocore.org/show_bug.cgi?id=3284

This patch is to support XSETBV instruction so as to support
Extended Control Register(XCR) write.

Extended Control Register(XCR) read has already been supported
by below commit to support XGETBV instruction:
9b3ca509abd4e45439bbdfe2c2fa8780c950320a

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Yao Jiewen 
Signed-off-by: Jiaxin Wu 
Signed-off-by: Zhang Hongbin1 
---
 MdePkg/Include/Library/BaseLib.h| 25 +++-
 MdePkg/Library/BaseLib/BaseLib.inf  |  4 +++-
 MdePkg/Library/BaseLib/Ia32/XSetBv.nasm | 34 +
 MdePkg/Library/BaseLib/X64/XSetBv.nasm  | 34 +
 4 files changed, 95 insertions(+), 2 deletions(-)
 create mode 100644 MdePkg/Library/BaseLib/Ia32/XSetBv.nasm
 create mode 100644 MdePkg/Library/BaseLib/X64/XSetBv.nasm

diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/BaseLib.h
index 1171a0ffb5..035d6b655d 100644
--- a/MdePkg/Include/Library/BaseLib.h
+++ b/MdePkg/Include/Library/BaseLib.h
@@ -1,10 +1,10 @@
 /** @file
   Provides string functions, linked list functions, math functions, 
synchronization
   functions, file path functions, and CPU architecture-specific functions.
 
-Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
 Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
 Copyright (c) Microsoft Corporation.
 Portions Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All 
rights reserved.
 
 SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -7436,10 +7436,33 @@ UINT64
 EFIAPI
 AsmXGetBv (
   IN UINT32  Index
   );
 
+/**
+  Executes a XSETBV instruction to write a 64-bit value to a Extended Control 
Register(XCR),
+  and returns the value.
+
+  Writes the 64-bit value specified by Value to the XCR specified by Index. The
+  64-bit value written to the XCR is returned. No parameter checking is
+  performed on Index or Value, and some of these may cause CPU exceptions. The
+  caller must either guarantee that Index and Value are valid, or the caller
+  must establish proper exception handlers. This function is only available on
+  IA-32 and x64.
+
+  @param  Index The 32-bit XCR index to write.
+  @param  Value The 64-bit value to write to the XCR.
+
+  @return Value
+
+**/
+UINT64
+EFIAPI
+AsmXSetBv (
+  IN UINT32  Index,
+  IN UINT64  Value
+  );
 
 /**
   Executes a VMGEXIT instruction (VMMCALL with a REP prefix)
 
   Executes a VMGEXIT instruction. This function is only available on IA-32 and
diff --git a/MdePkg/Library/BaseLib/BaseLib.inf 
b/MdePkg/Library/BaseLib/BaseLib.inf
index 3b85c56c3c..fe8f68bbcf 100644
--- a/MdePkg/Library/BaseLib/BaseLib.inf
+++ b/MdePkg/Library/BaseLib/BaseLib.inf
@@ -1,9 +1,9 @@
 ## @file
 #  Base Library implementation.
 #
-#  Copyright (c) 2007 - 2020, Intel Corporation. All rights reserved.
+#  Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.
 #  Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
 #  Portions copyright (c) 2011 - 2013, ARM Ltd. All rights reserved.
 #  Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights 
reserved.
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -182,10 +182,11 @@
   Ia32/LShiftU64.nasm| GCC
   Ia32/EnableCache.nasm| GCC
   Ia32/DisableCache.nasm| GCC
   Ia32/RdRand.nasm
   Ia32/XGetBv.nasm
+  Ia32/XSetBv.nasm
   Ia32/VmgExit.nasm
 
   Ia32/DivS64x64Remainder.c
   Ia32/InternalSwitchStack.c | MSFT
   Ia32/InternalSwitchStack.nasm | GCC
@@ -316,10 +317,11 @@
   X64/GccInlinePriv.c | GCC
   X64/EnableDisableInterrupts.nasm
   X64/DisablePaging64.nasm
   X64/RdRand.nasm
   X64/XGetBv.nasm
+  X64/XSetBv.nasm
   X64/VmgExit.nasm
   ChkStkGcc.c  | GCC
 
 [Sources.EBC]
   Ebc/CpuBreakpoint.c
diff --git a/MdePkg/Library/BaseLib/Ia32/XSetBv.nasm 
b/MdePkg/Library/BaseLib/Ia32/XSetBv.nasm
new file mode 100644
index 00..9fa2f761cd
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Ia32/XSetBv.nasm
@@ -0,0 +1,34 @@
+;--
+;
+; Copyright (c) 2021, Intel Corporation. All rights reserved.
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+; Module Name:
+;
+;   XSetBv.nasm
+;
+; Abstract:
+;
+;   AsmXSetBv function
+;
+; Notes:
+;
+;--
+
+SECTION .text
+
+;--
+; UINT64
+; EFIAPI
+; AsmXSetBv (
+;   IN UINT32  Index,
+;   IN UINT64  Value
+;   );
+;--
+global ASM_PFX(AsmXSetBv)
+ASM_PFX(AsmXSetBv):
+mov edx, [esp + 12]
+mov eax, [esp + 8]
+mov ecx, [esp + 4]
+xsetbv
+ret
\ No newline at end of file
diff --git a/MdePkg/Library/BaseLib/X64/XSetBv.nasm 

Re: [edk2-devel] [PATCH v1] MdePkg: Support Extended Control Register(XCR) Read and Write.

[Wu, Jiaxin]

Please ignore this one because I just found already have the XGETBV instruction 
Support.


So, I create another patch to support XSETBV instruction for XCR write.

See email thread:
[edk2-devel] [PATCH v1] MdePkg/BaseLib: Add support for the XSETBV instruction

So, let's review above one.



Thanks,
Jiaxin 




> -Original Message-
> From: Wu, Jiaxin
> Sent: Wednesday, March 31, 2021 12:21 PM
> To: Yao, Jiewen ; devel@edk2.groups.io;
> gaolim...@byosoft.com.cn
> Cc: Kinney, Michael D ; Liu, Zhiguang
> ; Zhang, Hongbin1 
> Subject: RE: [edk2-devel] [PATCH v1] MdePkg: Support Extended Control
> Register(XCR) Read and Write.
> 
> Thanks the comments, I will refine the patch according the feedback.
> 
> 
> 
> > -Original Message-
> > From: Yao, Jiewen 
> > Sent: Wednesday, March 31, 2021 10:20 AM
> > To: devel@edk2.groups.io; gaolim...@byosoft.com.cn; Wu, Jiaxin
> > 
> > Cc: Kinney, Michael D ; Liu, Zhiguang
> > ; Zhang, Hongbin1 
> > Subject: RE: [edk2-devel] [PATCH v1] MdePkg: Support Extended Control
> > Register(XCR) Read and Write.
> >
> > Agree with Liming.
> >
> > For IA32, you get parameter from stack -
> > mov edx, [esp + 12]
> > mov eax, [esp + 8]
> > mov ecx, [esp + 4]
> >
> > For X64, you get parameter from GP register - RCX, RDX, R8, R9 for the first
> 4
> > parameter. They are on the stack since the 5th parameter.
> >
> > The code may be sharable only if they do not have any input parameter.
> But
> > not in this case.
> >
> > Even though, I still recommend we have two copy - like AsmReadCs() in 2
> > ReadCs.nasm, because we need different context definition, such as
> "DEFAULT
> > REL"
> >
> > Thank you
> > Yao Jiewen
> >
> >
> > > -Original Message-
> > > From: devel@edk2.groups.io  On Behalf Of
> > gaoliming
> > > Sent: Wednesday, March 31, 2021 10:05 AM
> > > To: devel@edk2.groups.io; Wu, Jiaxin 
> > > Cc: Kinney, Michael D ; Liu, Zhiguang
> > > ; Zhang, Hongbin1 
> > > Subject: 回复: [edk2-devel] [PATCH v1] MdePkg: Support Extended
> Control
> > > Register(XCR) Read and Write.
> > >
> > > Jiaxin:
> > >   32bit function and 64bit function have the different calling convention.
> > > Their assembly function can't be shared.
> > >
> > >   This new API interface is same to AsmWriteMsr64(). You can refer
> > > AsmWriteMsr64() implementation in BaseLib.
> > >
> > > Thanks
> > > Liming
> > > > -邮件原件-
> > > > 发件人: devel@edk2.groups.io  代表 Wu,
> Jiaxin
> > > > 发送时间: 2021年3月31日 9:56
> > > > 收件人: devel@edk2.groups.io; gaolim...@byosoft.com.cn
> > > > 抄送: Kinney, Michael D ; Liu, Zhiguang
> > > > ; Zhang, Hongbin1
> 
> > > > 主题: Re: [edk2-devel] [PATCH v1] MdePkg: Support Extended Control
> > > > Register(XCR) Read and Write.
> > > >
> > > > Actually, the implementation under ia32 should be also workable for
> X64, I
> > > > just put it under ia32.
> > > >
> > > > Liming, do you have suggestion where can we place the code?
> > > >
> > > > Thanks,
> > > > Jiaxin
> > > >
> > > > > -Original Message-
> > > > > From: devel@edk2.groups.io  On Behalf Of
> > > > gaoliming
> > > > > Sent: Wednesday, March 31, 2021 9:51 AM
> > > > > To: devel@edk2.groups.io; Wu, Jiaxin 
> > > > > Cc: Kinney, Michael D ; Liu, Zhiguang
> > > > > ; Zhang, Hongbin1
> 
> > > > > Subject: 回复: [edk2-devel] [PATCH v1] MdePkg: Support Extended
> > Control
> > > > > Register(XCR) Read and Write.
> > > > >
> > > > > Where is X64 implementation for this new API?
> > > > >
> > > > > > -邮件原件-
> > > > > > 发件人: devel@edk2.groups.io  代表 Wu,
> > > > Jiaxin
> > > > > > 发送时间: 2021年3月31日 9:20
> > > > > > 收件人: devel@edk2.groups.io
> > > > > > 抄送: Michael D Kinney ; Liming Gao
> > > > > > ; Zhiguang Liu
> ;
> > > > Zhang
> > > > > > Hongbin1 
> > > > > > 主题: [edk2-devel] [PATCH v1] MdePkg: Support Extended Control
> > > > > > Register(XCR) Read and Write.
> > > > > >
> > > > > > https://bugzilla.tianocore.org/show_bug.cgi?id=3284
> > > > > 

Re: [edk2-devel] [PATCH v1] MdePkg/BaseLib: Add support for the XSETBV instruction

[Wu, Jiaxin]

Hi Liming and Jiewen,

Could you help review the patch?

Thanks,
Jiaxin



> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Wu,
> Jiaxin
> Sent: Wednesday, March 31, 2021 3:54 PM
> To: devel@edk2.groups.io
> Cc: Kinney, Michael D ; Liming Gao
> ; Liu, Zhiguang ; Yao,
> Jiewen ; Zhang, Hongbin1
> 
> Subject: [edk2-devel] [PATCH v1] MdePkg/BaseLib: Add support for the
> XSETBV instruction
> 
> https://bugzilla.tianocore.org/show_bug.cgi?id=3284
> 
> This patch is to support XSETBV instruction so as to support
> Extended Control Register(XCR) write.
> 
> Extended Control Register(XCR) read has already been supported
> by below commit to support XGETBV instruction:
> 9b3ca509abd4e45439bbdfe2c2fa8780c950320a
> 
> Cc: Michael D Kinney 
> Cc: Liming Gao 
> Cc: Zhiguang Liu 
> Cc: Yao Jiewen 
> Signed-off-by: Jiaxin Wu 
> Signed-off-by: Zhang Hongbin1 
> ---
>  MdePkg/Include/Library/BaseLib.h| 25 +++-
>  MdePkg/Library/BaseLib/BaseLib.inf  |  4 +++-
>  MdePkg/Library/BaseLib/Ia32/XSetBv.nasm | 34
> +
>  MdePkg/Library/BaseLib/X64/XSetBv.nasm  | 34
> +
>  4 files changed, 95 insertions(+), 2 deletions(-)
>  create mode 100644 MdePkg/Library/BaseLib/Ia32/XSetBv.nasm
>  create mode 100644 MdePkg/Library/BaseLib/X64/XSetBv.nasm
> 
> diff --git a/MdePkg/Include/Library/BaseLib.h
> b/MdePkg/Include/Library/BaseLib.h
> index 1171a0ffb5..035d6b655d 100644
> --- a/MdePkg/Include/Library/BaseLib.h
> +++ b/MdePkg/Include/Library/BaseLib.h
> @@ -1,10 +1,10 @@
>  /** @file
>Provides string functions, linked list functions, math functions,
> synchronization
>functions, file path functions, and CPU architecture-specific functions.
> 
> -Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
> +Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
>  Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
>  Copyright (c) Microsoft Corporation.
>  Portions Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All
> rights reserved.
> 
>  SPDX-License-Identifier: BSD-2-Clause-Patent
> @@ -7436,10 +7436,33 @@ UINT64
>  EFIAPI
>  AsmXGetBv (
>IN UINT32  Index
>);
> 
> +/**
> +  Executes a XSETBV instruction to write a 64-bit value to a Extended Control
> Register(XCR),
> +  and returns the value.
> +
> +  Writes the 64-bit value specified by Value to the XCR specified by Index.
> The
> +  64-bit value written to the XCR is returned. No parameter checking is
> +  performed on Index or Value, and some of these may cause CPU
> exceptions. The
> +  caller must either guarantee that Index and Value are valid, or the caller
> +  must establish proper exception handlers. This function is only available 
> on
> +  IA-32 and x64.
> +
> +  @param  Index The 32-bit XCR index to write.
> +  @param  Value The 64-bit value to write to the XCR.
> +
> +  @return Value
> +
> +**/
> +UINT64
> +EFIAPI
> +AsmXSetBv (
> +  IN UINT32  Index,
> +  IN UINT64  Value
> +  );
> 
>  /**
>Executes a VMGEXIT instruction (VMMCALL with a REP prefix)
> 
>Executes a VMGEXIT instruction. This function is only available on IA-32 
> and
> diff --git a/MdePkg/Library/BaseLib/BaseLib.inf
> b/MdePkg/Library/BaseLib/BaseLib.inf
> index 3b85c56c3c..fe8f68bbcf 100644
> --- a/MdePkg/Library/BaseLib/BaseLib.inf
> +++ b/MdePkg/Library/BaseLib/BaseLib.inf
> @@ -1,9 +1,9 @@
>  ## @file
>  #  Base Library implementation.
>  #
> -#  Copyright (c) 2007 - 2020, Intel Corporation. All rights reserved.
> +#  Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.
>  #  Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
>  #  Portions copyright (c) 2011 - 2013, ARM Ltd. All rights reserved.
>  #  Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> reserved.
>  #
>  #  SPDX-License-Identifier: BSD-2-Clause-Patent
> @@ -182,10 +182,11 @@
>Ia32/LShiftU64.nasm| GCC
>Ia32/EnableCache.nasm| GCC
>Ia32/DisableCache.nasm| GCC
>Ia32/RdRand.nasm
>Ia32/XGetBv.nasm
> +  Ia32/XSetBv.nasm
>Ia32/VmgExit.nasm
> 
>Ia32/DivS64x64Remainder.c
>Ia32/InternalSwitchStack.c | MSFT
>Ia32/InternalSwitchStack.nasm | GCC
> @@ -316,10 +317,11 @@
>X64/GccInlinePriv.c | GCC
>X64/EnableDisableInterrupts.nasm
>X64/DisablePaging64.nasm
>X64/RdRand.nasm
>X64/XGetBv.nasm
> +  X64/XSetBv.nasm
>X64/VmgExit.nasm
>ChkStkGcc.c  | GCC
> 
>  [Sources.EBC]
>Ebc/CpuBreakpoint.c
> diff --git a/MdePkg/Library/BaseLib/Ia3

[edk2-devel] [PATCH v2] MdePkg/BaseLib: Add support for the XSETBV instruction

[Wu, Jiaxin]

*v2: refine the coding format.

https://bugzilla.tianocore.org/show_bug.cgi?id=3284

This patch is to support XSETBV instruction so as to support
Extended Control Register(XCR) write.

Extended Control Register(XCR) read has already been supported
by below commit to support XGETBV instruction:
9b3ca509abd4e45439bbdfe2c2fa8780c950320a

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Ni Ray 
Cc: Yao Jiewen 
Signed-off-by: Jiaxin Wu 
Signed-off-by: Zhang Hongbin1 
---
 MdePkg/Include/Library/BaseLib.h| 25 +++-
 MdePkg/Library/BaseLib/BaseLib.inf  |  4 +++-
 MdePkg/Library/BaseLib/Ia32/XSetBv.nasm | 34 +
 MdePkg/Library/BaseLib/X64/XSetBv.nasm  | 34 +
 4 files changed, 95 insertions(+), 2 deletions(-)
 create mode 100644 MdePkg/Library/BaseLib/Ia32/XSetBv.nasm
 create mode 100644 MdePkg/Library/BaseLib/X64/XSetBv.nasm

diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/BaseLib.h
index 1171a0ffb5..7253997a6f 100644
--- a/MdePkg/Include/Library/BaseLib.h
+++ b/MdePkg/Include/Library/BaseLib.h
@@ -1,10 +1,10 @@
 /** @file
   Provides string functions, linked list functions, math functions, 
synchronization
   functions, file path functions, and CPU architecture-specific functions.
 
-Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
 Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
 Copyright (c) Microsoft Corporation.
 Portions Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All 
rights reserved.
 
 SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -7436,10 +7436,33 @@ UINT64
 EFIAPI
 AsmXGetBv (
   IN UINT32  Index
   );
 
+/**
+  Executes a XSETBV instruction to write a 64-bit value to a Extended Control
+  Register(XCR), and returns the value.
+
+  Writes the 64-bit value specified by Value to the XCR specified by Index. The
+  64-bit value written to the XCR is returned. No parameter checking is
+  performed on Index or Value, and some of these may cause CPU exceptions. The
+  caller must either guarantee that Index and Value are valid, or the caller
+  must establish proper exception handlers. This function is only available on
+  IA-32 and x64.
+
+  @param  Index The 32-bit XCR index to write.
+  @param  Value The 64-bit value to write to the XCR.
+
+  @return Value
+
+**/
+UINT64
+EFIAPI
+AsmXSetBv (
+  IN UINT32  Index,
+  IN UINT64  Value
+  );
 
 /**
   Executes a VMGEXIT instruction (VMMCALL with a REP prefix)
 
   Executes a VMGEXIT instruction. This function is only available on IA-32 and
diff --git a/MdePkg/Library/BaseLib/BaseLib.inf 
b/MdePkg/Library/BaseLib/BaseLib.inf
index 3b85c56c3c..fe8f68bbcf 100644
--- a/MdePkg/Library/BaseLib/BaseLib.inf
+++ b/MdePkg/Library/BaseLib/BaseLib.inf
@@ -1,9 +1,9 @@
 ## @file
 #  Base Library implementation.
 #
-#  Copyright (c) 2007 - 2020, Intel Corporation. All rights reserved.
+#  Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.
 #  Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
 #  Portions copyright (c) 2011 - 2013, ARM Ltd. All rights reserved.
 #  Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights 
reserved.
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -182,10 +182,11 @@
   Ia32/LShiftU64.nasm| GCC
   Ia32/EnableCache.nasm| GCC
   Ia32/DisableCache.nasm| GCC
   Ia32/RdRand.nasm
   Ia32/XGetBv.nasm
+  Ia32/XSetBv.nasm
   Ia32/VmgExit.nasm
 
   Ia32/DivS64x64Remainder.c
   Ia32/InternalSwitchStack.c | MSFT
   Ia32/InternalSwitchStack.nasm | GCC
@@ -316,10 +317,11 @@
   X64/GccInlinePriv.c | GCC
   X64/EnableDisableInterrupts.nasm
   X64/DisablePaging64.nasm
   X64/RdRand.nasm
   X64/XGetBv.nasm
+  X64/XSetBv.nasm
   X64/VmgExit.nasm
   ChkStkGcc.c  | GCC
 
 [Sources.EBC]
   Ebc/CpuBreakpoint.c
diff --git a/MdePkg/Library/BaseLib/Ia32/XSetBv.nasm 
b/MdePkg/Library/BaseLib/Ia32/XSetBv.nasm
new file mode 100644
index 00..cf638d9a4d
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Ia32/XSetBv.nasm
@@ -0,0 +1,34 @@
+;--
+;
+; Copyright (c) 2021, Intel Corporation. All rights reserved.
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+; Module Name:
+;
+;   XSetBv.nasm
+;
+; Abstract:
+;
+;   AsmXSetBv function
+;
+; Notes:
+;
+;--
+
+SECTION .text
+
+;--
+; UINT64
+; EFIAPI
+; AsmXSetBv (
+;   IN UINT32  Index,
+;   IN UINT64  Value
+;   );
+;--
+global ASM_PFX(AsmXSetBv)
+ASM_PFX(AsmXSetBv):
+mov edx, [esp + 12]
+mov eax, [esp + 8]
+mov ecx, [esp + 4]
+xsetbv
+ret
diff --git 

Re: [edk2-devel] 回复: [PATCH v2] MdePkg/BaseLib: Add support for the XSETBV instruction

[Wu, Jiaxin]

Hi liming,

Could you help push the patch since I don't have the privilege to set the push 
label?

Thanks,
Jiaxin  

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of
> gaoliming
> Sent: Friday, April 2, 2021 2:24 PM
> To: Wu, Jiaxin ; devel@edk2.groups.io
> Cc: Kinney, Michael D ; Liu, Zhiguang
> ; Ni, Ray ; Yao, Jiewen
> ; Zhang, Hongbin1 
> Subject: [edk2-devel] 回复: [PATCH v2] MdePkg/BaseLib: Add support for
> the XSETBV instruction
> 
> Reviewed-by: Liming Gao 
> 
> > -邮件原件-
> > 发件人: Jiaxin Wu 
> > 发送时间: 2021年4月2日 9:51
> > 收件人: devel@edk2.groups.io
> > 抄送: Michael D Kinney ; Liming Gao
> > ; Zhiguang Liu ; Ni
> Ray
> > ; Yao Jiewen ; Zhang Hongbin1
> > 
> > 主题: [PATCH v2] MdePkg/BaseLib: Add support for the XSETBV instruction
> >
> > *v2: refine the coding format.
> >
> > https://bugzilla.tianocore.org/show_bug.cgi?id=3284
> >
> > This patch is to support XSETBV instruction so as to support
> > Extended Control Register(XCR) write.
> >
> > Extended Control Register(XCR) read has already been supported
> > by below commit to support XGETBV instruction:
> > 9b3ca509abd4e45439bbdfe2c2fa8780c950320a
> >
> > Cc: Michael D Kinney 
> > Cc: Liming Gao 
> > Cc: Zhiguang Liu 
> > Cc: Ni Ray 
> > Cc: Yao Jiewen 
> > Signed-off-by: Jiaxin Wu 
> > Signed-off-by: Zhang Hongbin1 
> > ---
> >  MdePkg/Include/Library/BaseLib.h| 25
> > +++-
> >  MdePkg/Library/BaseLib/BaseLib.inf  |  4 +++-
> >  MdePkg/Library/BaseLib/Ia32/XSetBv.nasm | 34
> > +
> >  MdePkg/Library/BaseLib/X64/XSetBv.nasm  | 34
> > +
> >  4 files changed, 95 insertions(+), 2 deletions(-)
> >  create mode 100644 MdePkg/Library/BaseLib/Ia32/XSetBv.nasm
> >  create mode 100644 MdePkg/Library/BaseLib/X64/XSetBv.nasm
> >
> > diff --git a/MdePkg/Include/Library/BaseLib.h
> > b/MdePkg/Include/Library/BaseLib.h
> > index 1171a0ffb5..7253997a6f 100644
> > --- a/MdePkg/Include/Library/BaseLib.h
> > +++ b/MdePkg/Include/Library/BaseLib.h
> > @@ -1,10 +1,10 @@
> >  /** @file
> >Provides string functions, linked list functions, math functions,
> > synchronization
> >functions, file path functions, and CPU architecture-specific
> functions.
> >
> > -Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
> > +Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
> >  Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
> >  Copyright (c) Microsoft Corporation.
> >  Portions Copyright (c) 2020, Hewlett Packard Enterprise Development LP.
> All
> > rights reserved.
> >
> >  SPDX-License-Identifier: BSD-2-Clause-Patent
> > @@ -7436,10 +7436,33 @@ UINT64
> >  EFIAPI
> >  AsmXGetBv (
> >IN UINT32  Index
> >);
> >
> > +/**
> > +  Executes a XSETBV instruction to write a 64-bit value to a Extended
> > Control
> > +  Register(XCR), and returns the value.
> > +
> > +  Writes the 64-bit value specified by Value to the XCR specified by
> Index.
> > The
> > +  64-bit value written to the XCR is returned. No parameter checking is
> > +  performed on Index or Value, and some of these may cause CPU
> > exceptions. The
> > +  caller must either guarantee that Index and Value are valid, or the
> caller
> > +  must establish proper exception handlers. This function is only
> available
> > on
> > +  IA-32 and x64.
> > +
> > +  @param  Index The 32-bit XCR index to write.
> > +  @param  Value The 64-bit value to write to the XCR.
> > +
> > +  @return Value
> > +
> > +**/
> > +UINT64
> > +EFIAPI
> > +AsmXSetBv (
> > +  IN UINT32  Index,
> > +  IN UINT64  Value
> > +  );
> >
> >  /**
> >Executes a VMGEXIT instruction (VMMCALL with a REP prefix)
> >
> >Executes a VMGEXIT instruction. This function is only available on
> IA-32
> > and
> > diff --git a/MdePkg/Library/BaseLib/BaseLib.inf
> > b/MdePkg/Library/BaseLib/BaseLib.inf
> > index 3b85c56c3c..fe8f68bbcf 100644
> > --- a/MdePkg/Library/BaseLib/BaseLib.inf
> > +++ b/MdePkg/Library/BaseLib/BaseLib.inf
> > @@ -1,9 +1,9 @@
> >  ## @file
> >  #  Base Library implementation.
> >  #
> > -#  Copyright (c) 2007 - 2020, Intel Corporation. All rights reserved.
> > +#  Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.
> >

Re: [edk2-devel] 回复: [PATCH v2] MdePkg/BaseLib: Add support for the XSETBV instruction

[Wu, Jiaxin]

Got it! Thanks Mike. /Jiaxin

> -Original Message-
> From: Kinney, Michael D 
> Sent: Tuesday, April 6, 2021 10:11 AM
> To: Wu, Jiaxin ; devel@edk2.groups.io;
> gaolim...@byosoft.com.cn; Kinney, Michael D 
> Cc: Liu, Zhiguang ; Ni, Ray ; Yao,
> Jiewen ; Zhang, Hongbin1
> 
> Subject: RE: [edk2-devel] 回复: [PATCH v2] MdePkg/BaseLib: Add support
> for the XSETBV instruction
> 
> Committed:
> 
> https://github.com/tianocore/edk2/commit/4ac02962017c77bf38b462f970c8
> 84c2dc7931cf
> 
> GitHub PR:
> 
> https://github.com/tianocore/edk2/pull/1534
> 
> Mike
> 
> 
> > -Original Message-
> > From: Wu, Jiaxin 
> > Sent: Monday, April 5, 2021 6:24 PM
> > To: Kinney, Michael D ;
> devel@edk2.groups.io; gaolim...@byosoft.com.cn
> > Cc: Liu, Zhiguang ; Ni, Ray ;
> Yao, Jiewen ; Zhang,
> > Hongbin1 
> > Subject: RE: [edk2-devel] 回复: [PATCH v2] MdePkg/BaseLib: Add support
> for the XSETBV instruction
> >
> > No problem, thanks Mike, let's wait your feedback.
> >
> > Thanks,
> > Jiaxin
> >
> > > -Original Message-
> > > From: Kinney, Michael D 
> > > Sent: Tuesday, April 6, 2021 6:47 AM
> > > To: Wu, Jiaxin ; devel@edk2.groups.io;
> > > gaolim...@byosoft.com.cn; Kinney, Michael D
> 
> > > Cc: Liu, Zhiguang ; Ni, Ray ;
> Yao,
> > > Jiewen ; Zhang, Hongbin1
> > > 
> > > Subject: RE: [edk2-devel] 回复: [PATCH v2] MdePkg/BaseLib: Add
> support
> > > for the XSETBV instruction
> > >
> > > Hi Jiaxin,
> > >
> > > I will take care of this.
> > >
> > > Thanks,
> > >
> > > Mike
> > >
> > > > -Original Message-
> > > > From: Wu, Jiaxin 
> > > > Sent: Friday, April 2, 2021 12:14 AM
> > > > To: devel@edk2.groups.io; gaolim...@byosoft.com.cn
> > > > Cc: Kinney, Michael D ; Liu, Zhiguang
> > > ; Ni, Ray ;
> > > > Yao, Jiewen ; Zhang, Hongbin1
> > > 
> > > > Subject: RE: [edk2-devel] 回复: [PATCH v2] MdePkg/BaseLib: Add
> support
> > > for the XSETBV instruction
> > > >
> > > > Hi liming,
> > > >
> > > > Could you help push the patch since I don't have the privilege to set 
> > > > the
> > > push label?
> > > >
> > > > Thanks,
> > > > Jiaxin
> > > >
> > > > > -Original Message-
> > > > > From: devel@edk2.groups.io  On Behalf Of
> > > > > gaoliming
> > > > > Sent: Friday, April 2, 2021 2:24 PM
> > > > > To: Wu, Jiaxin ; devel@edk2.groups.io
> > > > > Cc: Kinney, Michael D ; Liu, Zhiguang
> > > > > ; Ni, Ray ; Yao, Jiewen
> > > > > ; Zhang, Hongbin1
> 
> > > > > Subject: [edk2-devel] 回复: [PATCH v2] MdePkg/BaseLib: Add
> support
> > > for
> > > > > the XSETBV instruction
> > > > >
> > > > > Reviewed-by: Liming Gao 
> > > > >
> > > > > > -邮件原件-
> > > > > > 发件人: Jiaxin Wu 
> > > > > > 发送时间: 2021年4月2日 9:51
> > > > > > 收件人: devel@edk2.groups.io
> > > > > > 抄送: Michael D Kinney ; Liming Gao
> > > > > > ; Zhiguang Liu
> ;
> > > Ni
> > > > > Ray
> > > > > > ; Yao Jiewen ; Zhang
> > > Hongbin1
> > > > > > 
> > > > > > 主题: [PATCH v2] MdePkg/BaseLib: Add support for the XSETBV
> > > instruction
> > > > > >
> > > > > > *v2: refine the coding format.
> > > > > >
> > > > > > https://bugzilla.tianocore.org/show_bug.cgi?id=3284
> > > > > >
> > > > > > This patch is to support XSETBV instruction so as to support
> > > > > > Extended Control Register(XCR) write.
> > > > > >
> > > > > > Extended Control Register(XCR) read has already been supported
> > > > > > by below commit to support XGETBV instruction:
> > > > > > 9b3ca509abd4e45439bbdfe2c2fa8780c950320a
> > > > > >
> > > > > > Cc: Michael D Kinney 
> > > > > > Cc: Liming Gao 
> > > > > > Cc: Zhiguang Liu 
> > > > > > Cc: Ni Ray 
> > > > > > Cc: Yao Jiewen 
> > > > > > Signed-off-by: Jiaxin Wu 
> > > > > > Signed-off-by: Zhang Hongbin1 
> > > > > &g

Re: [edk2-devel] 回复: [PATCH v2] MdePkg/BaseLib: Add support for the XSETBV instruction

[Wu, Jiaxin]

No problem, thanks Mike, let's wait your feedback.

Thanks,
Jiaxin

> -Original Message-
> From: Kinney, Michael D 
> Sent: Tuesday, April 6, 2021 6:47 AM
> To: Wu, Jiaxin ; devel@edk2.groups.io;
> gaolim...@byosoft.com.cn; Kinney, Michael D 
> Cc: Liu, Zhiguang ; Ni, Ray ; Yao,
> Jiewen ; Zhang, Hongbin1
> 
> Subject: RE: [edk2-devel] 回复: [PATCH v2] MdePkg/BaseLib: Add support
> for the XSETBV instruction
> 
> Hi Jiaxin,
> 
> I will take care of this.
> 
> Thanks,
> 
> Mike
> 
> > -Original Message-
> > From: Wu, Jiaxin 
> > Sent: Friday, April 2, 2021 12:14 AM
> > To: devel@edk2.groups.io; gaolim...@byosoft.com.cn
> > Cc: Kinney, Michael D ; Liu, Zhiguang
> ; Ni, Ray ;
> > Yao, Jiewen ; Zhang, Hongbin1
> 
> > Subject: RE: [edk2-devel] 回复: [PATCH v2] MdePkg/BaseLib: Add support
> for the XSETBV instruction
> >
> > Hi liming,
> >
> > Could you help push the patch since I don't have the privilege to set the
> push label?
> >
> > Thanks,
> > Jiaxin
> >
> > > -Original Message-
> > > From: devel@edk2.groups.io  On Behalf Of
> > > gaoliming
> > > Sent: Friday, April 2, 2021 2:24 PM
> > > To: Wu, Jiaxin ; devel@edk2.groups.io
> > > Cc: Kinney, Michael D ; Liu, Zhiguang
> > > ; Ni, Ray ; Yao, Jiewen
> > > ; Zhang, Hongbin1 
> > > Subject: [edk2-devel] 回复: [PATCH v2] MdePkg/BaseLib: Add support
> for
> > > the XSETBV instruction
> > >
> > > Reviewed-by: Liming Gao 
> > >
> > > > -邮件原件-
> > > > 发件人: Jiaxin Wu 
> > > > 发送时间: 2021年4月2日 9:51
> > > > 收件人: devel@edk2.groups.io
> > > > 抄送: Michael D Kinney ; Liming Gao
> > > > ; Zhiguang Liu ;
> Ni
> > > Ray
> > > > ; Yao Jiewen ; Zhang
> Hongbin1
> > > > 
> > > > 主题: [PATCH v2] MdePkg/BaseLib: Add support for the XSETBV
> instruction
> > > >
> > > > *v2: refine the coding format.
> > > >
> > > > https://bugzilla.tianocore.org/show_bug.cgi?id=3284
> > > >
> > > > This patch is to support XSETBV instruction so as to support
> > > > Extended Control Register(XCR) write.
> > > >
> > > > Extended Control Register(XCR) read has already been supported
> > > > by below commit to support XGETBV instruction:
> > > > 9b3ca509abd4e45439bbdfe2c2fa8780c950320a
> > > >
> > > > Cc: Michael D Kinney 
> > > > Cc: Liming Gao 
> > > > Cc: Zhiguang Liu 
> > > > Cc: Ni Ray 
> > > > Cc: Yao Jiewen 
> > > > Signed-off-by: Jiaxin Wu 
> > > > Signed-off-by: Zhang Hongbin1 
> > > > ---
> > > >  MdePkg/Include/Library/BaseLib.h| 25
> > > > +++-
> > > >  MdePkg/Library/BaseLib/BaseLib.inf  |  4 +++-
> > > >  MdePkg/Library/BaseLib/Ia32/XSetBv.nasm | 34
> > > > +
> > > >  MdePkg/Library/BaseLib/X64/XSetBv.nasm  | 34
> > > > +
> > > >  4 files changed, 95 insertions(+), 2 deletions(-)
> > > >  create mode 100644 MdePkg/Library/BaseLib/Ia32/XSetBv.nasm
> > > >  create mode 100644 MdePkg/Library/BaseLib/X64/XSetBv.nasm
> > > >
> > > > diff --git a/MdePkg/Include/Library/BaseLib.h
> > > > b/MdePkg/Include/Library/BaseLib.h
> > > > index 1171a0ffb5..7253997a6f 100644
> > > > --- a/MdePkg/Include/Library/BaseLib.h
> > > > +++ b/MdePkg/Include/Library/BaseLib.h
> > > > @@ -1,10 +1,10 @@
> > > >  /** @file
> > > >Provides string functions, linked list functions, math functions,
> > > > synchronization
> > > >functions, file path functions, and CPU architecture-specific
> > > functions.
> > > >
> > > > -Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
> > > > +Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
> > > >  Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
> > > >  Copyright (c) Microsoft Corporation.
> > > >  Portions Copyright (c) 2020, Hewlett Packard Enterprise Development
> LP.
> > > All
> > > > rights reserved.
> > > >
> > > >  SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > @@ -7436,10 +7436,33 @@ UINT64
> > > >  EFIAPI
> > > >  AsmXGetBv (
> > > &

Re: [edk2-devel] [PATCH v1] MdePkg: Support Extended Control Register(XCR) Read and Write.

[Wu, Jiaxin]

Thanks the comments, I will refine the patch according the feedback.



> -Original Message-
> From: Yao, Jiewen 
> Sent: Wednesday, March 31, 2021 10:20 AM
> To: devel@edk2.groups.io; gaolim...@byosoft.com.cn; Wu, Jiaxin
> 
> Cc: Kinney, Michael D ; Liu, Zhiguang
> ; Zhang, Hongbin1 
> Subject: RE: [edk2-devel] [PATCH v1] MdePkg: Support Extended Control
> Register(XCR) Read and Write.
> 
> Agree with Liming.
> 
> For IA32, you get parameter from stack -
> mov edx, [esp + 12]
> mov eax, [esp + 8]
> mov ecx, [esp + 4]
> 
> For X64, you get parameter from GP register - RCX, RDX, R8, R9 for the first 4
> parameter. They are on the stack since the 5th parameter.
> 
> The code may be sharable only if they do not have any input parameter. But
> not in this case.
> 
> Even though, I still recommend we have two copy - like AsmReadCs() in 2
> ReadCs.nasm, because we need different context definition, such as "DEFAULT
> REL"
> 
> Thank you
> Yao Jiewen
> 
> 
> > -Original Message-
> > From: devel@edk2.groups.io  On Behalf Of
> gaoliming
> > Sent: Wednesday, March 31, 2021 10:05 AM
> > To: devel@edk2.groups.io; Wu, Jiaxin 
> > Cc: Kinney, Michael D ; Liu, Zhiguang
> > ; Zhang, Hongbin1 
> > Subject: 回复: [edk2-devel] [PATCH v1] MdePkg: Support Extended Control
> > Register(XCR) Read and Write.
> >
> > Jiaxin:
> >   32bit function and 64bit function have the different calling convention.
> > Their assembly function can't be shared.
> >
> >   This new API interface is same to AsmWriteMsr64(). You can refer
> > AsmWriteMsr64() implementation in BaseLib.
> >
> > Thanks
> > Liming
> > > -邮件原件-
> > > 发件人: devel@edk2.groups.io  代表 Wu, Jiaxin
> > > 发送时间: 2021年3月31日 9:56
> > > 收件人: devel@edk2.groups.io; gaolim...@byosoft.com.cn
> > > 抄送: Kinney, Michael D ; Liu, Zhiguang
> > > ; Zhang, Hongbin1 
> > > 主题: Re: [edk2-devel] [PATCH v1] MdePkg: Support Extended Control
> > > Register(XCR) Read and Write.
> > >
> > > Actually, the implementation under ia32 should be also workable for X64, I
> > > just put it under ia32.
> > >
> > > Liming, do you have suggestion where can we place the code?
> > >
> > > Thanks,
> > > Jiaxin
> > >
> > > > -Original Message-
> > > > From: devel@edk2.groups.io  On Behalf Of
> > > gaoliming
> > > > Sent: Wednesday, March 31, 2021 9:51 AM
> > > > To: devel@edk2.groups.io; Wu, Jiaxin 
> > > > Cc: Kinney, Michael D ; Liu, Zhiguang
> > > > ; Zhang, Hongbin1 
> > > > Subject: 回复: [edk2-devel] [PATCH v1] MdePkg: Support Extended
> Control
> > > > Register(XCR) Read and Write.
> > > >
> > > > Where is X64 implementation for this new API?
> > > >
> > > > > -邮件原件-
> > > > > 发件人: devel@edk2.groups.io  代表 Wu,
> > > Jiaxin
> > > > > 发送时间: 2021年3月31日 9:20
> > > > > 收件人: devel@edk2.groups.io
> > > > > 抄送: Michael D Kinney ; Liming Gao
> > > > > ; Zhiguang Liu ;
> > > Zhang
> > > > > Hongbin1 
> > > > > 主题: [edk2-devel] [PATCH v1] MdePkg: Support Extended Control
> > > > > Register(XCR) Read and Write.
> > > > >
> > > > > https://bugzilla.tianocore.org/show_bug.cgi?id=3284
> > > > >
> > > > > This patch is to support Extended Control Register(XCR) Read
> > > > > and Write.
> > > > >
> > > > > Cc: Michael D Kinney 
> > > > > Cc: Liming Gao 
> > > > > Cc: Zhiguang Liu 
> > > > > Signed-off-by: Zhang Hongbin1 
> > > > > Signed-off-by: Jiaxin Wu 
> > > > > ---
> > > > >  MdePkg/Include/Library/BaseLib.h  | 46
> > > > > ++-
> > > > >  MdePkg/Library/BaseLib/BaseLib.inf|  4 ++-
> > > > >  MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm  | 31
> > > > > +
> > > > >  MdePkg/Library/BaseLib/Ia32/WriteXcr.nasm | 34
> > > > > +++
> > > > >  4 files changed, 113 insertions(+), 2 deletions(-)
> > > > >  create mode 100644 MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm
> > > > >  create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteXcr.nasm
> > > > >
> > > > > diff --git a/MdePkg/Include/L

Re: [edk2-devel] [PATCH v1] MdePkg: Support Extended Control Register(XCR) Read and Write.

[Wu, Jiaxin]

Actually, the implementation under ia32 should be also workable for X64, I just 
put it under ia32.

Liming, do you have suggestion where can we place the code?

Thanks,
Jiaxin

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of gaoliming
> Sent: Wednesday, March 31, 2021 9:51 AM
> To: devel@edk2.groups.io; Wu, Jiaxin 
> Cc: Kinney, Michael D ; Liu, Zhiguang
> ; Zhang, Hongbin1 
> Subject: 回复: [edk2-devel] [PATCH v1] MdePkg: Support Extended Control
> Register(XCR) Read and Write.
> 
> Where is X64 implementation for this new API?
> 
> > -邮件原件-----
> > 发件人: devel@edk2.groups.io  代表 Wu, Jiaxin
> > 发送时间: 2021年3月31日 9:20
> > 收件人: devel@edk2.groups.io
> > 抄送: Michael D Kinney ; Liming Gao
> > ; Zhiguang Liu ; Zhang
> > Hongbin1 
> > 主题: [edk2-devel] [PATCH v1] MdePkg: Support Extended Control
> > Register(XCR) Read and Write.
> >
> > https://bugzilla.tianocore.org/show_bug.cgi?id=3284
> >
> > This patch is to support Extended Control Register(XCR) Read
> > and Write.
> >
> > Cc: Michael D Kinney 
> > Cc: Liming Gao 
> > Cc: Zhiguang Liu 
> > Signed-off-by: Zhang Hongbin1 
> > Signed-off-by: Jiaxin Wu 
> > ---
> >  MdePkg/Include/Library/BaseLib.h  | 46
> > ++-
> >  MdePkg/Library/BaseLib/BaseLib.inf|  4 ++-
> >  MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm  | 31
> > +
> >  MdePkg/Library/BaseLib/Ia32/WriteXcr.nasm | 34
> > +++
> >  4 files changed, 113 insertions(+), 2 deletions(-)
> >  create mode 100644 MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm
> >  create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteXcr.nasm
> >
> > diff --git a/MdePkg/Include/Library/BaseLib.h
> > b/MdePkg/Include/Library/BaseLib.h
> > index 1171a0ffb5..c51633ad73 100644
> > --- a/MdePkg/Include/Library/BaseLib.h
> > +++ b/MdePkg/Include/Library/BaseLib.h
> > @@ -1,10 +1,10 @@
> >  /** @file
> >Provides string functions, linked list functions, math functions,
> > synchronization
> >functions, file path functions, and CPU architecture-specific
> functions.
> >
> > -Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
> > +Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
> >  Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
> >  Copyright (c) Microsoft Corporation.
> >  Portions Copyright (c) 2020, Hewlett Packard Enterprise Development LP.
> All
> > rights reserved.
> >
> >  SPDX-License-Identifier: BSD-2-Clause-Patent
> > @@ -7493,7 +7493,51 @@ PatchInstructionX86 (
> >OUT X86_ASSEMBLY_PATCH_LABEL *InstructionEnd,
> >IN  UINT64   PatchValue,
> >IN  UINTNValueSize
> >);
> >
> > +/**
> > +  Returns a 64-bit Extended Control Register(XCR).
> > +
> > +  Reads and returns the 64-bit XCR specified by Index. No parameter
> > checking is
> > +  performed on Index, and some Index values may cause CPU exceptions.
> > The
> > +  caller must either guarantee that Index is valid, or the caller must
> set up
> > +  exception handlers to catch the exceptions. This function is only
> available
> > +  on IA-32 and x64.
> > +
> > +  @param  Index The 32-bit XCR index to read.
> > +
> > +  @return The value of the XCR identified by Index.
> > +
> > +**/
> > +UINT64
> > +EFIAPI
> > +AsmReadXcr (
> > +  IN UINT32  Index
> > +  );
> > +
> > +/**
> > +  Writes a 64-bit value to a Extended Control Register(XCR), and returns
> the
> > +  value.
> > +
> > +  Writes the 64-bit value specified by Value to the XCR specified by
> Index.
> > The
> > +  64-bit value written to the XCR is returned. No parameter checking is
> > +  performed on Index or Value, and some of these may cause CPU
> > exceptions. The
> > +  caller must either guarantee that Index and Value are valid, or the
> caller
> > +  must establish proper exception handlers. This function is only
> available
> > on
> > +  IA-32 and x64.
> > +
> > +  @param  Index The 32-bit XCR index to write.
> > +  @param  Value The 64-bit value to write to the XCR.
> > +
> > +  @return Value
> > +
> > +**/
> > +UINT64
> > +EFIAPI
> > +AsmWriteXcr (
> > +  IN UINT32  Index,
> > +  IN UINT64  Value
> > +  );
> > +
> >  #endif // defined (MDE_CPU_IA32) || defined (MDE_CPU_X64)
> >  #endif // !defined (__BASE

[edk2-devel] [PATCH v1] MdePkg: Support Extended Control Register(XCR) Read and Write.

[Wu, Jiaxin]

https://bugzilla.tianocore.org/show_bug.cgi?id=3284

This patch is to support Extended Control Register(XCR) Read
and Write.

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Signed-off-by: Zhang Hongbin1 
Signed-off-by: Jiaxin Wu 
---
 MdePkg/Include/Library/BaseLib.h  | 46 ++-
 MdePkg/Library/BaseLib/BaseLib.inf|  4 ++-
 MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm  | 31 +
 MdePkg/Library/BaseLib/Ia32/WriteXcr.nasm | 34 +++
 4 files changed, 113 insertions(+), 2 deletions(-)
 create mode 100644 MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm
 create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteXcr.nasm

diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/BaseLib.h
index 1171a0ffb5..c51633ad73 100644
--- a/MdePkg/Include/Library/BaseLib.h
+++ b/MdePkg/Include/Library/BaseLib.h
@@ -1,10 +1,10 @@
 /** @file
   Provides string functions, linked list functions, math functions, 
synchronization
   functions, file path functions, and CPU architecture-specific functions.
 
-Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
 Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
 Copyright (c) Microsoft Corporation.
 Portions Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All 
rights reserved.
 
 SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -7493,7 +7493,51 @@ PatchInstructionX86 (
   OUT X86_ASSEMBLY_PATCH_LABEL *InstructionEnd,
   IN  UINT64   PatchValue,
   IN  UINTNValueSize
   );
 
+/**
+  Returns a 64-bit Extended Control Register(XCR).
+
+  Reads and returns the 64-bit XCR specified by Index. No parameter checking is
+  performed on Index, and some Index values may cause CPU exceptions. The
+  caller must either guarantee that Index is valid, or the caller must set up
+  exception handlers to catch the exceptions. This function is only available
+  on IA-32 and x64.
+
+  @param  Index The 32-bit XCR index to read.
+
+  @return The value of the XCR identified by Index.
+
+**/
+UINT64
+EFIAPI
+AsmReadXcr (
+  IN UINT32  Index
+  );
+
+/**
+  Writes a 64-bit value to a Extended Control Register(XCR), and returns the
+  value.
+
+  Writes the 64-bit value specified by Value to the XCR specified by Index. The
+  64-bit value written to the XCR is returned. No parameter checking is
+  performed on Index or Value, and some of these may cause CPU exceptions. The
+  caller must either guarantee that Index and Value are valid, or the caller
+  must establish proper exception handlers. This function is only available on
+  IA-32 and x64.
+
+  @param  Index The 32-bit XCR index to write.
+  @param  Value The 64-bit value to write to the XCR.
+
+  @return Value
+
+**/
+UINT64
+EFIAPI
+AsmWriteXcr (
+  IN UINT32  Index,
+  IN UINT64  Value
+  );
+
 #endif // defined (MDE_CPU_IA32) || defined (MDE_CPU_X64)
 #endif // !defined (__BASE_LIB__)
diff --git a/MdePkg/Library/BaseLib/BaseLib.inf 
b/MdePkg/Library/BaseLib/BaseLib.inf
index 3b85c56c3c..e62031ea11 100644
--- a/MdePkg/Library/BaseLib/BaseLib.inf
+++ b/MdePkg/Library/BaseLib/BaseLib.inf
@@ -1,9 +1,9 @@
 ## @file
 #  Base Library implementation.
 #
-#  Copyright (c) 2007 - 2020, Intel Corporation. All rights reserved.
+#  Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.
 #  Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
 #  Portions copyright (c) 2011 - 2013, ARM Ltd. All rights reserved.
 #  Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights 
reserved.
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -63,10 +63,12 @@
   BaseLibInternals.h
 
 [Sources.Ia32]
   Ia32/WriteTr.nasm
   Ia32/Lfence.nasm
+  Ia32/ReadXcr.nasm
+  Ia32/WriteXcr.nasm
 
   Ia32/Wbinvd.c | MSFT
   Ia32/WriteMm7.c | MSFT
   Ia32/WriteMm6.c | MSFT
   Ia32/WriteMm5.c | MSFT
diff --git a/MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm 
b/MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm
new file mode 100644
index 00..5d50d8ba01
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Ia32/ReadXcr.nasm
@@ -0,0 +1,31 @@
+;--
+;
+; Copyright (c) 2021, Intel Corporation. All rights reserved.
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+; Module Name:
+;
+;   ReadXcr.Asm
+;
+; Abstract:
+;
+;   AsmReadXcr function
+;
+; Notes:
+;
+;--
+
+SECTION .text
+
+;--
+; UINT64
+; EFIAPI
+; AsmReadXcr (
+;   IN UINT32  Index
+;   );
+;--
+global ASM_PFX(AsmReadXcr)
+ASM_PFX(AsmReadXcr):
+mov ecx, [esp + 4]
+xgetbv
+ret
\ No newline at end of file
diff --git 

[edk2-devel] [PATCH v1] MdePkg: Support standalone MM Driver Unload capability

[Wu, Jiaxin]

https://bugzilla.tianocore.org/show_bug.cgi?id=3240

This patch is to support standalone MM Driver Unload capability
by providing _DriverUnloadHandler() function.

Change-Id: I26cdbfccb7052685c464d6394e472c7579b7b67e
Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Siyuan Fu 
Signed-off-by: Jiaxin Wu 
---
 .../Include/Library/StandaloneMmDriverEntryPoint.h | 25 ++
 .../StandaloneMmDriverEntryPoint.c | 56 +-
 .../StandaloneMmDriverEntryPoint.inf   |  5 +-
 3 files changed, 84 insertions(+), 2 deletions(-)

diff --git a/MdePkg/Include/Library/StandaloneMmDriverEntryPoint.h 
b/MdePkg/Include/Library/StandaloneMmDriverEntryPoint.h
index 25b2d8d68d..12f7886640 100644
--- a/MdePkg/Include/Library/StandaloneMmDriverEntryPoint.h
+++ b/MdePkg/Include/Library/StandaloneMmDriverEntryPoint.h
@@ -16,10 +16,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 /// Declare the PI Specification Revision that this driver requires to execute
 /// correctly.
 ///
 extern CONST UINT32   _gMmRevision;
 
+///
+/// Declare the number of unload handler in the image.
+///
+extern CONST UINT8_gDriverUnloadImageCount;
+
 /**
   The entry point of PE/COFF Image for a Standalone MM Driver.
 
   This function is the entry point for a Standalone MM Driver.
   This function must call ProcessLibraryConstructorList() and
@@ -120,6 +125,26 @@ EFIAPI
 ProcessModuleEntryPointList (
   IN EFI_HANDLE ImageHandle,
   IN EFI_MM_SYSTEM_TABLE*MmSystemTable
   );
 
+/**
+  Autogenerated function that calls a set of module unload handlers.
+
+  This function must be called from the unload handler registered by 
_ModuleEntryPoint().
+  This function calls the set of module unload handlers.
+  This function is autogenerated by build tools and those build tools are 
responsible
+  for collecting the module unload handlers and calling them in a specified 
order.
+
+  @param  ImageHandle  The image handle of the DXE Driver, DXE Runtime Driver, 
DXE SMM Driver, or UEFI Driver.
+
+  @retval  EFI_SUCCESS  The unload handlers executed normally.
+  @retval  !EFI_SUCCESS The unload handlers failed to execute normally.
+
+**/
+EFI_STATUS
+EFIAPI
+ProcessModuleUnloadList (
+  IN EFI_HANDLE  ImageHandle
+  );
+
 #endif
diff --git 
a/MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.c 
b/MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.c
index 2c41e23a03..d74c9bdfed 100644
--- a/MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.c
+++ b/MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.c
@@ -1,23 +1,63 @@
 /** @file
   Entry point to a Standalone MM driver.
 
-Copyright (c) 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.
 Copyright (c) 2016 - 2018, ARM Ltd. All rights reserved.
 Copyright (c) 2018, Linaro, Limited. All rights reserved.
 
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
 #include 
 
+#include 
 #include 
 #include 
 #include 
 #include 
 
+/**
+  Unloads an image from memory.
+
+  This function is a callback that a driver registers to do cleanup
+  when the UnloadImage boot service function is called.
+
+  @param  ImageHandle The handle to the image to unload.
+
+  @return Status returned by all unload().
+
+**/
+EFI_STATUS
+EFIAPI
+_DriverUnloadHandler (
+  EFI_HANDLE ImageHandle
+  )
+{
+  EFI_STATUS  Status;
+
+  //
+  // If an UnloadImage() handler is specified, then call it
+  //
+  Status = ProcessModuleUnloadList (ImageHandle);
+
+  //
+  // If the driver specific unload handler does not return an error, then call 
all of the
+  // library destructors.  If the unload handler returned an error, then the 
driver can not be
+  // unloaded, and the library destructors should not be called
+  //
+  if (!EFI_ERROR (Status)) {
+ProcessLibraryDestructorList (ImageHandle, gMmst);
+  }
+
+  //
+  // Return the status from the driver specific unload handler
+  //
+  return Status;
+}
+
 /**
   The entry point of PE/COFF Image for a Standalone MM Driver.
 
   This function is the entry point for a Standalone MM Driver.
   This function must call ProcessLibraryConstructorList() and
@@ -44,10 +84,11 @@ _ModuleEntryPoint (
   IN EFI_HANDLE   ImageHandle,
   IN IN EFI_MM_SYSTEM_TABLE   *MmSystemTable
   )
 {
   EFI_STATUS Status;
+  EFI_LOADED_IMAGE_PROTOCOL  *LoadedImage;
 
   if (_gMmRevision != 0) {
 //
 // Make sure that the MM spec revision of the platform
 // is >= MM spec revision of the driver
@@ -60,10 +101,23 @@ _ModuleEntryPoint (
   //
   // Call constructor for all libraries
   //
   ProcessLibraryConstructorList (ImageHandle, MmSystemTable);
 
+  //
+  //  Install unload handler...
+  //
+  if (_gDriverUnloadImageCount != 0) {
+Status = gMmst->MmHandleProtocol (
+  ImageHandle,
+  

Re: [edk2-devel] [PATCH v1] MdePkg: Support standalone MM Driver Unload capability

[Wu, Jiaxin]

Hi Liming, 

We internal verified the new added unload logic, works well.

Thanks,
Jiaxin

> -Original Message-
> From: gaoliming 
> Sent: Thursday, March 4, 2021 10:21 AM
> To: devel@edk2.groups.io; Wu, Jiaxin 
> Cc: Kinney, Michael D ; Liu, Zhiguang
> ; Fu, Siyuan 
> Subject: 回复: [edk2-devel] [PATCH v1] MdePkg: Support standalone MM
> Driver Unload capability
> 
> Jiaxin:
>   Have you created the test case to verify the new added unload logic?
> 
> Thanks
> Liming
> > -----邮件原件-----
> > 发件人: devel@edk2.groups.io  代表 Wu, Jiaxin
> > 发送时间: 2021年3月3日 16:49
> > 收件人: devel@edk2.groups.io; Wu, Jiaxin 
> > 抄送: Kinney, Michael D ; Liming Gao
> > ; Liu, Zhiguang ; Fu,
> > Siyuan 
> > 主题: Re: [edk2-devel] [PATCH v1] MdePkg: Support standalone MM
> Driver
> > Unload capability
> >
> > Hi Mike  & Zhiguang & Liming,
> >
> > Could you help review this patch?
> >
> > Thanks,
> > Jiaxin
> >
> >
> >
> > > -Original Message-
> > > From: devel@edk2.groups.io  On Behalf Of Wu,
> > > Jiaxin
> > > Sent: Monday, March 1, 2021 3:44 PM
> > > To: devel@edk2.groups.io
> > > Cc: Kinney, Michael D ; Liming Gao
> > > ; Liu, Zhiguang ;
> Fu,
> > > Siyuan 
> > > Subject: [edk2-devel] [PATCH v1] MdePkg: Support standalone MM
> Driver
> > > Unload capability
> > >
> > > https://bugzilla.tianocore.org/show_bug.cgi?id=3240
> > >
> > > This patch is to support standalone MM Driver Unload capability
> > > by providing _DriverUnloadHandler() function.
> > >
> > > Change-Id: I26cdbfccb7052685c464d6394e472c7579b7b67e
> > > Cc: Michael D Kinney 
> > > Cc: Liming Gao 
> > > Cc: Zhiguang Liu 
> > > Cc: Siyuan Fu 
> > > Signed-off-by: Jiaxin Wu 
> > > ---
> > >  .../Include/Library/StandaloneMmDriverEntryPoint.h | 25 ++
> > >  .../StandaloneMmDriverEntryPoint.c | 56
> > > +-
> > >  .../StandaloneMmDriverEntryPoint.inf   |  5 +-
> > >  3 files changed, 84 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/MdePkg/Include/Library/StandaloneMmDriverEntryPoint.h
> > > b/MdePkg/Include/Library/StandaloneMmDriverEntryPoint.h
> > > index 25b2d8d68d..12f7886640 100644
> > > --- a/MdePkg/Include/Library/StandaloneMmDriverEntryPoint.h
> > > +++ b/MdePkg/Include/Library/StandaloneMmDriverEntryPoint.h
> > > @@ -16,10 +16,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> > >  /// Declare the PI Specification Revision that this driver requires to
> > execute
> > >  /// correctly.
> > >  ///
> > >  extern CONST UINT32   _gMmRevision;
> > >
> > > +///
> > > +/// Declare the number of unload handler in the image.
> > > +///
> > > +extern CONST UINT8_gDriverUnloadImageCount;
> > > +
> > >  /**
> > >The entry point of PE/COFF Image for a Standalone MM Driver.
> > >
> > >This function is the entry point for a Standalone MM Driver.
> > >This function must call ProcessLibraryConstructorList() and
> > > @@ -120,6 +125,26 @@ EFIAPI
> > >  ProcessModuleEntryPointList (
> > >IN EFI_HANDLE ImageHandle,
> > >IN EFI_MM_SYSTEM_TABLE*MmSystemTable
> > >);
> > >
> > > +/**
> > > +  Autogenerated function that calls a set of module unload handlers.
> > > +
> > > +  This function must be called from the unload handler registered by
> > > _ModuleEntryPoint().
> > > +  This function calls the set of module unload handlers.
> > > +  This function is autogenerated by build tools and those build tools
> are
> > > responsible
> > > +  for collecting the module unload handlers and calling them in a
> specified
> > > order.
> > > +
> > > +  @param  ImageHandle  The image handle of the DXE Driver, DXE
> > Runtime
> > > Driver, DXE SMM Driver, or UEFI Driver.
> > > +
> > > +  @retval  EFI_SUCCESS  The unload handlers executed normally.
> > > +  @retval  !EFI_SUCCESS The unload handlers failed to execute
> > normally.
> > > +
> > > +**/
> > > +EFI_STATUS
> > > +EFIAPI
> > > +ProcessModuleUnloadList (
> > > +  IN EFI_HANDLE  ImageHandle
> > > +  );
> > > +
> > >  #endif
> > > diff --git
> > >
> >
>

Re: [edk2-devel] [PATCH v1] MdePkg: Support standalone MM Driver Unload capability

[Wu, Jiaxin]

Hi Mike  & Zhiguang & Liming,

Could you help review this patch?

Thanks,
Jiaxin 



> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Wu,
> Jiaxin
> Sent: Monday, March 1, 2021 3:44 PM
> To: devel@edk2.groups.io
> Cc: Kinney, Michael D ; Liming Gao
> ; Liu, Zhiguang ; Fu,
> Siyuan 
> Subject: [edk2-devel] [PATCH v1] MdePkg: Support standalone MM Driver
> Unload capability
> 
> https://bugzilla.tianocore.org/show_bug.cgi?id=3240
> 
> This patch is to support standalone MM Driver Unload capability
> by providing _DriverUnloadHandler() function.
> 
> Change-Id: I26cdbfccb7052685c464d6394e472c7579b7b67e
> Cc: Michael D Kinney 
> Cc: Liming Gao 
> Cc: Zhiguang Liu 
> Cc: Siyuan Fu 
> Signed-off-by: Jiaxin Wu 
> ---
>  .../Include/Library/StandaloneMmDriverEntryPoint.h | 25 ++
>  .../StandaloneMmDriverEntryPoint.c | 56
> +-
>  .../StandaloneMmDriverEntryPoint.inf   |  5 +-
>  3 files changed, 84 insertions(+), 2 deletions(-)
> 
> diff --git a/MdePkg/Include/Library/StandaloneMmDriverEntryPoint.h
> b/MdePkg/Include/Library/StandaloneMmDriverEntryPoint.h
> index 25b2d8d68d..12f7886640 100644
> --- a/MdePkg/Include/Library/StandaloneMmDriverEntryPoint.h
> +++ b/MdePkg/Include/Library/StandaloneMmDriverEntryPoint.h
> @@ -16,10 +16,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>  /// Declare the PI Specification Revision that this driver requires to 
> execute
>  /// correctly.
>  ///
>  extern CONST UINT32   _gMmRevision;
> 
> +///
> +/// Declare the number of unload handler in the image.
> +///
> +extern CONST UINT8_gDriverUnloadImageCount;
> +
>  /**
>The entry point of PE/COFF Image for a Standalone MM Driver.
> 
>This function is the entry point for a Standalone MM Driver.
>This function must call ProcessLibraryConstructorList() and
> @@ -120,6 +125,26 @@ EFIAPI
>  ProcessModuleEntryPointList (
>IN EFI_HANDLE ImageHandle,
>IN EFI_MM_SYSTEM_TABLE*MmSystemTable
>);
> 
> +/**
> +  Autogenerated function that calls a set of module unload handlers.
> +
> +  This function must be called from the unload handler registered by
> _ModuleEntryPoint().
> +  This function calls the set of module unload handlers.
> +  This function is autogenerated by build tools and those build tools are
> responsible
> +  for collecting the module unload handlers and calling them in a specified
> order.
> +
> +  @param  ImageHandle  The image handle of the DXE Driver, DXE Runtime
> Driver, DXE SMM Driver, or UEFI Driver.
> +
> +  @retval  EFI_SUCCESS  The unload handlers executed normally.
> +  @retval  !EFI_SUCCESS The unload handlers failed to execute normally.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +ProcessModuleUnloadList (
> +  IN EFI_HANDLE  ImageHandle
> +  );
> +
>  #endif
> diff --git
> a/MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEnt
> ryPoint.c
> b/MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEnt
> ryPoint.c
> index 2c41e23a03..d74c9bdfed 100644
> ---
> a/MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEnt
> ryPoint.c
> +++
> b/MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEnt
> ryPoint.c
> @@ -1,23 +1,63 @@
>  /** @file
>Entry point to a Standalone MM driver.
> 
> -Copyright (c) 2015, Intel Corporation. All rights reserved.
> +Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.
>  Copyright (c) 2016 - 2018, ARM Ltd. All rights reserved.
>  Copyright (c) 2018, Linaro, Limited. All rights reserved.
> 
>  SPDX-License-Identifier: BSD-2-Clause-Patent
> 
>  **/
> 
>  #include 
> 
> +#include 
>  #include 
>  #include 
>  #include 
>  #include 
> 
> +/**
> +  Unloads an image from memory.
> +
> +  This function is a callback that a driver registers to do cleanup
> +  when the UnloadImage boot service function is called.
> +
> +  @param  ImageHandle The handle to the image to unload.
> +
> +  @return Status returned by all unload().
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +_DriverUnloadHandler (
> +  EFI_HANDLE ImageHandle
> +  )
> +{
> +  EFI_STATUS  Status;
> +
> +  //
> +  // If an UnloadImage() handler is specified, then call it
> +  //
> +  Status = ProcessModuleUnloadList (ImageHandle);
> +
> +  //
> +  // If the driver specific unload handler does not return an error, then 
> call all
> of the
> +  // library destructors.  If the unload handler returned an error, then the
> driver can not be
> +  // unloaded, and the library destructors should not be

Re: [edk2-devel] NetworkPkg: Fix invalid pointer for DNS response token on error

[Wu, Jiaxin]

Reviewed-by: Wu Jiaxin 



From: Anbazhagan, Baraneedharan 
Sent: Thursday, November 25, 2021 9:28 AM
To: devel@edk2.groups.io
Cc: maciej.rab...@linux.intel.com; Wu, Jiaxin ; Fu, Siyuan 

Subject: RE: NetworkPkg: Fix invalid pointer for DNS response token on error

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3719

Token->RspData.H2AData is de-allocated on error but it is not
set to NULL. HTTP module attempts to free again and cause assert.

Signed-off-by: Baraneedharan Anbazhagan 
anbazha...@hp.com<mailto:anbazha...@hp.com>
---
NetworkPkg/DnsDxe/DnsImpl.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/NetworkPkg/DnsDxe/DnsImpl.c b/NetworkPkg/DnsDxe/DnsImpl.c
index 2edcb280ac..78a56f2b56 100644
--- a/NetworkPkg/DnsDxe/DnsImpl.c
+++ b/NetworkPkg/DnsDxe/DnsImpl.c
@@ -1700,6 +1700,7 @@ ON_EXIT:
   }

   FreePool (Dns4TokenEntry->Token->RspData.H2AData);
+  Dns4TokenEntry->Token->RspData.H2AData = NULL;
 }
   }
 }
@@ -1731,6 +1732,7 @@ ON_EXIT:
   }

   FreePool (Dns6TokenEntry->Token->RspData.H2AData);
+  Dns6TokenEntry->Token->RspData.H2AData = NULL;
 }
   }
 }
--
2.33.0.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#84071): https://edk2.groups.io/g/devel/message/84071
Mute This Topic: https://groups.io/mt/87294561/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] Enable wildcard host name matching in EDK2 HTTPS/TLS implementation

[Wu, Jiaxin]

It's good to me change the default the verify flag.

Reviewed-by: Jiaxin Wu 

Thanks,
Jiaxin

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Vineel
> Kovvuri
> Sent: Friday, October 15, 2021 8:55 AM
> To: Rabeda, Maciej ; Yao, Jiewen
> ; jp...@microsoft.com;
> michael.tur...@microsoft.com; sean.bro...@microsoft.com;
> bret.barke...@microsoft.com; devel@edk2.groups.io
> Cc: Vineel Kovvuri 
> Subject: [edk2-devel] [PATCH] Enable wildcard host name matching in EDK2
> HTTPS/TLS implementation
> 
> The current UEFI implementation of HTTPS during its TLS configuration uses
> EFI_TLS_VERIFY_FLAG_NO_WILDCARDS for host name verification. As per
> the spec
> this flag does is "to disable the match of any wildcards in the host name". 
> So,
> certificates which are issued with wildcards(*.dm.corp.net etc) in it will 
> fail
> the TLS host name matching. On the other hand,
> EFI_TLS_VERIFY_FLAG_NONE(misnomer) means "no additional flags set for
> hostname
> validation. Wildcards are supported and they match only in the left-most
> label."
> this behavior/definition is coming from openssl's X509_check_host() api
> https://www.openssl.org/docs/man1.1.0/man3/X509_check_host.html
> 
> Without EFI_TLS_VERIFY_FLAG_NONE any UEFI application using certificates
> issued
> with wildcards in them would fail to match while trying to communicate with
> HTTPS endpoint.
> 
> BugZilla: https://bugzilla.tianocore.org/show_bug.cgi?id=3691
> 
> Signed-off-by: Vineel Kovvuri 
> ---
>  NetworkPkg/HttpDxe/HttpsSupport.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c
> b/NetworkPkg/HttpDxe/HttpsSupport.c
> index 7e0bf85c3c..0f28ae9447 100644
> --- a/NetworkPkg/HttpDxe/HttpsSupport.c
> +++ b/NetworkPkg/HttpDxe/HttpsSupport.c
> @@ -625,7 +625,7 @@ TlsConfigureSession (
>//
>HttpInstance->TlsConfigData.ConnectionEnd   = EfiTlsClient;
>HttpInstance->TlsConfigData.VerifyMethod= EFI_TLS_VERIFY_PEER;
> -  HttpInstance->TlsConfigData.VerifyHost.Flags=
> EFI_TLS_VERIFY_FLAG_NO_WILDCARDS;
> +  HttpInstance->TlsConfigData.VerifyHost.Flags=
> EFI_TLS_VERIFY_FLAG_NONE;
>HttpInstance->TlsConfigData.VerifyHost.HostName = HttpInstance-
> >RemoteHost;
>HttpInstance->TlsConfigData.SessionState= EfiTlsSessionNotStarted;
> 
> --
> 2.17.1
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83071): https://edk2.groups.io/g/devel/message/83071
Mute This Topic: https://groups.io/mt/86329439/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [Patch V2] NetworkPkg: Add HTTP Additional Event Notifications

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 



Thanks,
Jiaxin

> -Original Message-
> From: Luo, Heng 
> Sent: Tuesday, July 20, 2021 10:18 AM
> To: devel@edk2.groups.io
> Cc: Maciej Rabeda ; Wu, Jiaxin
> ; Fu, Siyuan 
> Subject: [Patch V2] NetworkPkg: Add HTTP Additional Event Notifications
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3496
> 
> Add new EDKII_HTTP_CALLBACK_PROTOCOL in NetworkPkg,
> Send HTTP Events via EDKII_HTTP_CALLBACK_PROTOCOL
> when Dns/ConnectTcp/TlsConnectSession/InitSession
> occurs.
> 
> Signed-off-by: Heng Luo 
> Cc: Maciej Rabeda 
> Cc: Jiaxin Wu 
> Cc: Siyuan Fu 
> ---
>  NetworkPkg/HttpDxe/HttpDriver.h|  3 ++-
>  NetworkPkg/HttpDxe/HttpDxe.inf |  3 ++-
>  NetworkPkg/HttpDxe/HttpImpl.c  |  4 +++-
>  NetworkPkg/HttpDxe/HttpProto.c | 58
> +-
>  NetworkPkg/HttpDxe/HttpProto.h | 15 ++-
>  NetworkPkg/Include/Protocol/HttpCallback.h | 85
> ++
> +++
>  NetworkPkg/NetworkPkg.dec  |  3 +++
>  7 files changed, 166 insertions(+), 5 deletions(-)
> 
> diff --git a/NetworkPkg/HttpDxe/HttpDriver.h
> b/NetworkPkg/HttpDxe/HttpDriver.h
> index 5fe8c5b5e9..b701b80858 100644
> --- a/NetworkPkg/HttpDxe/HttpDriver.h
> +++ b/NetworkPkg/HttpDxe/HttpDriver.h
> @@ -1,7 +1,7 @@
>  /** @file
> 
>The header files of the driver binding and service binding protocol for
> HttpDxe driver.
> 
> 
> 
> -  Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
> 
> +  Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.
> 
>(C) Copyright 2016 Hewlett Packard Enterprise Development LP
> 
> 
> 
>SPDX-License-Identifier: BSD-2-Clause-Patent
> 
> @@ -47,6 +47,7 @@
>  #include 
> 
>  #include 
> 
>  #include 
> 
> +#include 
> 
> 
> 
>  #include 
> 
>  //
> 
> diff --git a/NetworkPkg/HttpDxe/HttpDxe.inf
> b/NetworkPkg/HttpDxe/HttpDxe.inf
> index 35fe31af18..23fb9ec394 100644
> --- a/NetworkPkg/HttpDxe/HttpDxe.inf
> +++ b/NetworkPkg/HttpDxe/HttpDxe.inf
> @@ -1,7 +1,7 @@
>  ## @file
> 
>  #  Implementation of EFI HTTP protocol interfaces.
> 
>  #
> 
> -#  Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
> 
> +#  Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.
> 
>  #
> 
>  #  SPDX-License-Identifier: BSD-2-Clause-Patent
> 
>  #
> 
> @@ -65,6 +65,7 @@
>gEfiTlsServiceBindingProtocolGuid## SOMETIMES_CONSUMES
> 
>gEfiTlsProtocolGuid  ## SOMETIMES_CONSUMES
> 
>gEfiTlsConfigurationProtocolGuid ## SOMETIMES_CONSUMES
> 
> +  gEdkiiHttpCallbackProtocolGuid   ## SOMETIMES_CONSUMES
> 
> 
> 
>  [Guids]
> 
>gEfiTlsCaCertificateGuid ## SOMETIMES_CONSUMES  ##
> Variable:L"TlsCaCertificate"
> 
> diff --git a/NetworkPkg/HttpDxe/HttpImpl.c
> b/NetworkPkg/HttpDxe/HttpImpl.c
> index 5a6ecbc9d9..97f15d229f 100644
> --- a/NetworkPkg/HttpDxe/HttpImpl.c
> +++ b/NetworkPkg/HttpDxe/HttpImpl.c
> @@ -1,7 +1,7 @@
>  /** @file
> 
>Implementation of EFI_HTTP_PROTOCOL protocol interfaces.
> 
> 
> 
> -  Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
> 
> +  Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.
> 
>(C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
> 
> 
> 
>SPDX-License-Identifier: BSD-2-Clause-Patent
> 
> @@ -527,6 +527,7 @@ EfiHttpRequest (
>} else {
> 
>  Status = HttpDns6 (HttpInstance, HostNameStr, 
> >RemoteIpv6Addr);
> 
>}
> 
> +  HttpNotify (HttpEventDns, Status);
> 
> 
> 
>FreePool (HostNameStr);
> 
>if (EFI_ERROR (Status)) {
> 
> @@ -588,6 +589,7 @@ EfiHttpRequest (
>   Configure || ReConfigure,
> 
>   TlsConfigure
> 
>   );
> 
> +  HttpNotify (HttpEventInitSession, Status);
> 
>if (EFI_ERROR (Status)) {
> 
>  goto Error2;
> 
>}
> 
> diff --git a/NetworkPkg/HttpDxe/HttpProto.c
> b/NetworkPkg/HttpDxe/HttpProto.c
> index afc7db5a72..affa916bd6 100644
> --- a/NetworkPkg/HttpDxe/HttpProto.c
> +++ b/NetworkPkg/HttpDxe/HttpProto.c
> @@ -1,7 +1,7 @@
>  /** @file
> 
>Miscellaneous routines for HttpDxe driver.
> 
> 
> 
> -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
> 
> +Copyright (c) 2015 - 2021, In

Re: [edk2-devel] [PATCH] NetworkPkg: Add HTTP Additional Event Notifications

[Wu, Jiaxin]

For the below EDKII_HTTP_CALLBACK_EVENT definition:

All event is to retrieve the event Status, so the comments should be made 
clearly and align with code returned status, for example, 

> +  /// Retrieve the host address, EventStatus:

There might be the misunderstanding you want the host address, but actually, 
you only want the status. It's better to be:

> +  /// The Status of DNS Event to retrieve the host address.

The same to all event.


With above changes, the patch is good to me.



Thanks,
Jiaxin 




> 
> +///
> 
> +/// EDKII_HTTP_CALLBACK_EVENT
> 
> +///
> 
> +typedef enum {
> 
> +  ///
> 
> +  /// Retrieve the host address, EventStatus:
> 
> +  /// EFI_SUCCESS Operation succeeded.
> 
> +  /// EFI_OUT_OF_RESOURCESFailed to allocate needed resources.
> 
> +  /// EFI_DEVICE_ERRORAn unexpected network error occurred.
> 
> +  /// Others  Other errors as indicated.
> 
> +  ///
> 
> +  HttpEventDns,
> 
> +
> 
> +  ///
> 
> +  /// Initiate a nonblocking TCP connection request, EventStatus:
> 
> +  /// EFI_SUCCESSThe connection request is successfully 
> initiated.
> 
> +  /// EFI_NOT_STARTEDThis EFI TCP Protocol instance has not been
> configured.
> 
> +  /// EFI_DEVICE_ERROR   An unexpected system or network error
> occurred.
> 
> +  /// Others Other errors as indicated.
> 
> +  ///
> 
> +  HttpEventConnectTcp,
> 
> +
> 
> +  ///
> 
> +  /// Connect one TLS session by finishing the TLS handshake process,
> EventStatus:
> 
> +  /// EFI_SUCCESSThe TLS session is established.
> 
> +  /// EFI_OUT_OF_RESOURCES   Can't allocate memory resources.
> 
> +  /// EFI_ABORTEDTLS session state is incorrect.
> 
> +  /// Others Other error as indicated.
> 
> +  ///
> 
> +  HttpEventTlsConnectSession,
> 
> +
> 
> +  ///
> 
> +  /// Initialize Http session
> 
> +  /// EFI_SUCCESSThe initialization of session is done.
> 
> +  /// Others Other error as indicated.
> 
> +  ///
> 
> +  HttpEventInitSession
> 
> +} EDKII_HTTP_CALLBACK_EVENT;
> 
> +



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#77932): https://edk2.groups.io/g/devel/message/77932
Mute This Topic: https://groups.io/mt/84306172/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 2/2] NetworkPkg: Add the missing VariablePolicyHelperLib in NetworkPkg.dsc

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 



> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of
> gaoliming
> Sent: Friday, January 28, 2022 5:14 PM
> To: devel@edk2.groups.io
> Cc: Maciej Rabeda ; Wu, Jiaxin
> ; Fu, Siyuan 
> Subject: [edk2-devel] [PATCH 2/2] NetworkPkg: Add the missing
> VariablePolicyHelperLib in NetworkPkg.dsc
> 
> This change is required by f4b7b473b4afd0093768905529bfae09a2061d41.
> 
> Signed-off-by: Liming Gao 
> Cc: Maciej Rabeda 
> Cc: Jiaxin Wu 
> Cc: Siyuan Fu 
> ---
>  NetworkPkg/NetworkPkg.dsc | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/NetworkPkg/NetworkPkg.dsc b/NetworkPkg/NetworkPkg.dsc
> index 8691a0f5d0..762134023d 100644
> --- a/NetworkPkg/NetworkPkg.dsc
> +++ b/NetworkPkg/NetworkPkg.dsc
> @@ -45,6 +45,7 @@
> 
> DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTabl
> eLib.inf
>SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
>RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
> +
> VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Va
> riablePolicyHelperLib.inf
> 
>  !ifdef CONTINUOUS_INTEGRATION
>BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> --
> 2.27.0.windows.1
> 
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#86222): https://edk2.groups.io/g/devel/message/86222
Mute This Topic: https://groups.io/mt/88741467/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 7/7] UefiCpuPkg/PiSmmCpuDxeSmm: Consume SmmCpuSyncLib

[Wu, Jiaxin]

There is the SmmCpuSyncLib Library class define the SMM CPU sync
flow, which is aligned with existing SMM CPU driver sync behavior.
This patch is to consume SmmCpuSyncLib instance directly.

With this change, SMM CPU Sync flow/logic can be customized
with different implementation no matter for any purpose, e.g.
performance tuning, handle specific register, etc.

Change-Id: Id034de47b85743c125f0d76420947e0dd9e69518
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Gerd Hoffmann 
Cc: Rahul Kumar 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c| 256 +--
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h   |   6 +-
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf |   1 +
 3 files changed, 49 insertions(+), 214 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
index 5a42a5dd12..a30b2aa234 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
@@ -27,122 +27,10 @@ MM_COMPLETIONmSmmStartupThisApToken;
 //
 // Processor specified by mPackageFirstThreadIndex[PackageIndex] will do the 
package-scope register check.
 //
 UINT32  *mPackageFirstThreadIndex = NULL;
 
-/**
-  Performs an atomic compare exchange operation to get semaphore.
-  The compare exchange operation must be performed using
-  MP safe mechanisms.
-
-  @param  SemIN:  32-bit unsigned integer
- OUT: original integer - 1
-  @return Original integer - 1
-
-**/
-UINT32
-WaitForSemaphore (
-  IN OUT  volatile UINT32  *Sem
-  )
-{
-  UINT32  Value;
-
-  for ( ; ;) {
-Value = *Sem;
-if ((Value != 0) &&
-(InterlockedCompareExchange32 (
-   (UINT32 *)Sem,
-   Value,
-   Value - 1
-   ) == Value))
-{
-  break;
-}
-
-CpuPause ();
-  }
-
-  return Value - 1;
-}
-
-/**
-  Performs an atomic compare exchange operation to release semaphore.
-  The compare exchange operation must be performed using
-  MP safe mechanisms.
-
-  @param  SemIN:  32-bit unsigned integer
- OUT: original integer + 1
-  @return Original integer + 1
-
-**/
-UINT32
-ReleaseSemaphore (
-  IN OUT  volatile UINT32  *Sem
-  )
-{
-  UINT32  Value;
-
-  do {
-Value = *Sem;
-  } while (Value + 1 != 0 &&
-   InterlockedCompareExchange32 (
- (UINT32 *)Sem,
- Value,
- Value + 1
- ) != Value);
-
-  return Value + 1;
-}
-
-/**
-  Performs an atomic compare exchange operation to lock semaphore.
-  The compare exchange operation must be performed using
-  MP safe mechanisms.
-
-  @param  SemIN:  32-bit unsigned integer
- OUT: -1
-  @return Original integer
-
-**/
-UINT32
-LockdownSemaphore (
-  IN OUT  volatile UINT32  *Sem
-  )
-{
-  UINT32  Value;
-
-  do {
-Value = *Sem;
-  } while (InterlockedCompareExchange32 (
- (UINT32 *)Sem,
- Value,
- (UINT32)-1
- ) != Value);
-
-  return Value;
-}
-
-/**
-  Used for BSP to wait all APs.
-  Wait all APs to performs an atomic compare exchange operation to release 
semaphore.
-
-  @param   NumberOfAPs  AP number
-
-**/
-VOID
-WaitForAllAPs (
-  IN  UINTN  NumberOfAPs
-  )
-{
-  UINTN  BspIndex;
-
-  BspIndex = mSmmMpSyncData->BspIndex;
-  while (NumberOfAPs-- > 0) {
-WaitForSemaphore (mSmmMpSyncData->CpuData[BspIndex].Run);
-  }
-}
-
 /**
   Used for BSP to release all APs.
   Performs an atomic compare exchange operation to release semaphore
   for each AP.
 
@@ -154,57 +42,15 @@ ReleaseAllAPs (
 {
   UINTN  Index;
 
   for (Index = 0; Index < mMaxNumberOfCpus; Index++) {
 if (IsPresentAp (Index)) {
-  ReleaseSemaphore (mSmmMpSyncData->CpuData[Index].Run);
+  SmmCpuSyncReleaseOneAp (mSmmMpSyncData->SmmCpuSyncCtx, Index, 
gSmmCpuPrivate->SmmCoreEntryContext.CurrentlyExecutingCpu);
 }
   }
 }
 
-/**
-  Used for BSP to release one AP.
-
-  @param  ApSem IN:  32-bit unsigned integer
-OUT: original integer + 1
-**/
-VOID
-ReleaseOneAp   (
-  IN OUT  volatile UINT32  *ApSem
-  )
-{
-  ReleaseSemaphore (ApSem);
-}
-
-/**
-  Used for AP to wait BSP.
-
-  @param  ApSem  IN:  32-bit unsigned integer
- OUT: original integer 0
-**/
-VOID
-WaitForBsp  (
-  IN OUT  volatile UINT32  *ApSem
-  )
-{
-  WaitForSemaphore (ApSem);
-}
-
-/**
-  Used for AP to release BSP.
-
-  @param  BspSem IN:  32-bit unsigned integer
- OUT: original integer + 1
-**/
-VOID
-ReleaseBsp   (
-  IN OUT  volatile UINT32  *BspSem
-  )
-{
-  ReleaseSemaphore (BspSem);
-}
-
 /**
   Check whether the index of CPU perform the package level register
   programming during System Management Mode initialization.
 
   The index of Processor specified by mPackageFirstThreadIndex[PackageIndex]
@@ -292,35 +138,35 @@ AllCpusInSmmExceptBlockedDisabled (
 
   

[edk2-devel] [PATCH v1 2/7] UefiCpuPkg/PiSmmCpuDxeSmm: Reduce times of BSP and AP Sync for SMM Exit

[Wu, Jiaxin]

After review, there are unnecessary steps for BSP and AP sync for SMM
exit. This patch is to reduce one round BSP and AP sync so as to improve
SMI performance:
BSP: WaitForAllAPs <-- AP: ReleaseBsp
BSP: ReleaseAllAPs --> AP: WaitForBsp

Change-Id: Ic33f42f3daa7ff1847e524d0c3d9cd4fcdefa61b
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 44 +++
 1 file changed, 24 insertions(+), 20 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
index e96c7f51d6..5a42a5dd12 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
@@ -665,11 +665,13 @@ BSPHandler (
 //
 *mSmmMpSyncData->AllCpusInSync = TRUE;
 ApCount= LockdownSemaphore 
(mSmmMpSyncData->Counter) - 1;
 
 //
-// Wait for all APs to get ready for programming MTRRs
+// Wait for all APs:
+// 1. Make sure all Aps have set the Present.
+// 2. Get ready for programming MTRRs.
 //
 WaitForAllAPs (ApCount);
 
 if (SmmCpuFeaturesNeedConfigureMtrrs ()) {
   //
@@ -768,16 +770,16 @@ BSPHandler (
   // Notify all APs to exit
   //
   *mSmmMpSyncData->InsideSmm = FALSE;
   ReleaseAllAPs ();
 
-  //
-  // Wait for all APs to complete their pending tasks
-  //
-  WaitForAllAPs (ApCount);
-
   if (SmmCpuFeaturesNeedConfigureMtrrs ()) {
+//
+// Wait for all APs to complete their pending tasks
+//
+WaitForAllAPs (ApCount);
+
 //
 // Signal APs to restore MTRRs
 //
 ReleaseAllAPs ();
 
@@ -789,23 +791,23 @@ BSPHandler (
 
 //
 // Wait for all APs to complete MTRR programming
 //
 WaitForAllAPs (ApCount);
+
+//
+// Signal APs to Reset states/semaphore for this processor
+//
+ReleaseAllAPs ();
   }
 
   //
   // Stop source level debug in BSP handler, the code below will not be
   // debugged.
   //
   InitializeDebugAgent (DEBUG_AGENT_INIT_EXIT_SMI, NULL, NULL);
 
-  //
-  // Signal APs to Reset states/semaphore for this processor
-  //
-  ReleaseAllAPs ();
-
   //
   // Perform pending operations for hot-plug
   //
   SmmCpuUpdate ();
 
@@ -941,10 +943,12 @@ APHandler (
   *(mSmmMpSyncData->CpuData[CpuIndex].Present) = TRUE;
 
   if ((SyncMode == SmmCpuSyncModeTradition) || 
SmmCpuFeaturesNeedConfigureMtrrs ()) {
 //
 // Notify BSP of arrival at this point
+// 1. Set the Present.
+// 2. Get ready for programming MTRRs.
 //
 ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
   }
 
   if (SmmCpuFeaturesNeedConfigureMtrrs ()) {
@@ -1033,21 +1037,21 @@ APHandler (
 //
 // Restore OS MTRRs
 //
 SmmCpuFeaturesReenableSmrr ();
 MtrrSetAllMtrrs ();
-  }
 
-  //
-  // Notify BSP the readiness of this AP to Reset states/semaphore for this 
processor
-  //
-  ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
+//
+// Notify BSP the readiness of this AP to Reset states/semaphore for this 
processor
+//
+ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
 
-  //
-  // Wait for the signal from BSP to Reset states/semaphore for this processor
-  //
-  WaitForBsp (mSmmMpSyncData->CpuData[CpuIndex].Run);
+//
+// Wait for the signal from BSP to Reset states/semaphore for this 
processor
+//
+WaitForBsp (mSmmMpSyncData->CpuData[CpuIndex].Run);
+  }
 
   //
   // Reset states/semaphore for this processor
   //
   *(mSmmMpSyncData->CpuData[CpuIndex].Present) = FALSE;
-- 
2.16.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110638): https://edk2.groups.io/g/devel/message/110638
Mute This Topic: https://groups.io/mt/102366299/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 3/7] UefiCpuPkg: Adds SmmCpuSyncLib library class

[Wu, Jiaxin]

Intel is planning to provide different SMM CPU Sync implementation
along with some specific registers to improve the SMI performance,
hence need SmmCpuSyncLib Library for Intel.

This patch is to:
1.Adds SmmCpuSyncLib Library class in UefiCpuPkg.dec.
2.Adds SmmCpuSyncLib.h function declaration header file.

Change-Id: Ib7f5e317526e8b9e29b65e072bdb485dbd678817
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Gerd Hoffmann 
Cc: Rahul Kumar 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/Include/Library/SmmCpuSyncLib.h | 191 +
 UefiCpuPkg/UefiCpuPkg.dec  |   3 +
 2 files changed, 194 insertions(+)
 create mode 100644 UefiCpuPkg/Include/Library/SmmCpuSyncLib.h

diff --git a/UefiCpuPkg/Include/Library/SmmCpuSyncLib.h 
b/UefiCpuPkg/Include/Library/SmmCpuSyncLib.h
new file mode 100644
index 00..b9b190c516
--- /dev/null
+++ b/UefiCpuPkg/Include/Library/SmmCpuSyncLib.h
@@ -0,0 +1,191 @@
+/** @file
+Library that provides SMM CPU Sync related operations.
+
+Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef SMM_CPU_SYNC_LIB_H_
+#define SMM_CPU_SYNC_LIB_H_
+
+#include 
+
+/**
+  Creates and Init a new Smm Cpu Sync context.
+
+  @param[in]  NumberOfCpus The number of processors in the system.
+
+  @return Pointer to an allocated Smm Cpu Sync context object.
+  If the creation failed, returns NULL.
+
+**/
+VOID *
+EFIAPI
+SmmCpuSyncContextInit (
+  IN UINTN  NumberOfCpus
+  );
+
+/**
+  Deinit an allocated Smm Cpu Sync context object.
+
+  @param[in]  SmmCpuSyncCtxPointer to the Smm Cpu Sync context object to 
be released.
+
+**/
+VOID
+EFIAPI
+SmmCpuSyncContextDeinit (
+  IN VOID  *SmmCpuSyncCtx
+  );
+
+/**
+  Reset Smm Cpu Sync context object.
+
+  @param[in]  SmmCpuSyncCtxPointer to the Smm Cpu Sync context object to 
be released.
+
+**/
+VOID
+EFIAPI
+SmmCpuSyncContextReset (
+  IN VOID  *SmmCpuSyncCtx
+  );
+
+/**
+  Get current arrived CPU count.
+
+  @param[in]  SmmCpuSyncCtxPointer to the Smm Cpu Sync context object to 
be released.
+
+  @return Current number of arrived CPU count.
+  -1: indicate the door has been locked.
+
+**/
+UINT32
+EFIAPI
+SmmCpuSyncGetArrivedCpuCount (
+  IN VOID  *SmmCpuSyncCtx
+  );
+
+/**
+  Performs an atomic operation to check in CPU.
+  Check in CPU successfully if the returned arrival CPU count value is
+  positive, otherwise indicate the door has been locked, the CPU can
+  not checkin.
+
+  @param[in]  SmmCpuSyncCtxPointer to the Smm CPU Sync context object to 
be released.
+  @param[in]  CpuIndex Pointer to the CPU Index to checkin.
+
+  @return Positive value (>0): CPU arrival count number after check in 
CPU successfully.
+  Nonpositive value (<=0): check in CPU failure.
+
+**/
+INT32
+EFIAPI
+SmmCpuSyncCheckInCpu (
+  IN VOID   *SmmCpuSyncCtx,
+  IN UINTN  CpuIndex
+  );
+
+/**
+  Performs an atomic operation to check out CPU.
+  Check out CPU successfully if the returned arrival CPU count value is
+  nonnegative, otherwise indicate the door has been locked, the CPU can
+  not checkout.
+
+  @param[in]  SmmCpuSyncCtxPointer to the Smm Cpu Sync context object to 
be released.
+  @param[in]  CpuIndex Pointer to the Cpu Index to checkout.
+
+  @return Nonnegative value (>=0): CPU arrival count number after check 
out CPU successfully.
+  Negative value (<0): Check out CPU failure.
+
+
+**/
+INT32
+EFIAPI
+SmmCpuSyncCheckOutCpu (
+  IN VOID   *SmmCpuSyncCtx,
+  IN UINTN  CpuIndex
+  );
+
+/**
+  Performs an atomic operation lock door for CPU checkin or checkout.
+  With this function, CPU can not check in via SmmCpuSyncCheckInCpu () or
+  check out via SmmCpuSyncCheckOutCpu ().
+
+  @param[in]  SmmCpuSyncCtxPointer to the Smm Cpu Sync context object to 
be released.
+  @param[in]  CpuIndex Pointer to the Cpu Index to lock door.
+
+  @return CPU arrival count number.
+
+**/
+UINT32
+EFIAPI
+SmmCpuSyncLockDoor (
+  IN VOID   *SmmCpuSyncCtx,
+  IN UINTN  CpuIndex
+  );
+
+/**
+  Used for BSP to wait all APs.
+
+  @param[in]  SmmCpuSyncCtxPointer to the Smm Cpu Sync context object.
+  @param[in]  NumberOfAPs  Number of APs need to wait.
+  @param[in]  BspIndex Pointer to the BSP Index.
+
+**/
+VOID
+EFIAPI
+SmmCpuSyncWaitForAllAPs (
+  IN VOID   *SmmCpuSyncCtx,
+  IN UINTN  NumberOfAPs,
+  IN UINTN  BspIndex
+  );
+
+/**
+  Used for BSP to release one AP.
+
+  @param[in]  SmmCpuSyncCtxPointer to the Smm Cpu Sync context object.
+  @param[in]  CpuIndex Pointer to the Cpu Index, indicate which AP 
need to be released.
+  @param[in]  BspIndex Pointer to the BSP Index.
+
+**/
+VOID
+EFIAPI
+SmmCpuSyncReleaseOneAp   (
+  IN VOID   *SmmCpuSyncCtx,
+  IN UINTN  CpuIndex,
+  IN UINTN  BspIndex
+  );
+
+/**
+  Used for AP to wait BSP.
+
+  @param[in]  SmmCpuSyncCtxPointer to the Smm Cpu Sync context 

[edk2-devel] [PATCH v1 0/7] Refine SMM CPU Sync flow and abstract SmmCpuSyncLib

[Wu, Jiaxin]

The series patches are to refine SMM CPU Sync flow. After the refinement,
it's easy to abstract SmmCpuSyncLib for any user to provide different SMM
CPU Sync implementation.

Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Gerd Hoffmann 
Cc: Rahul Kumar 
Cc: Ard Biesheuvel 
Cc: Jiewen Yao 
Cc: Jordan Justen 
Cc: Guo Dong 
Cc: Sean Rhodes 
Cc: James Lu 
Cc: Gua Guo 
Signed-off-by: Jiaxin Wu 

Jiaxin Wu (7):
  UefiCpuPkg/PiSmmCpuDxeSmm: Optimize Semaphore Sync between BSP and AP
  UefiCpuPkg/PiSmmCpuDxeSmm: Reduce times of BSP and AP Sync for SMM
Exit
  UefiCpuPkg: Adds SmmCpuSyncLib library class
  UefiCpuPkg: Implements SmmCpuSyncLib library instance
  OvmfPkg: Specifies SmmCpuSyncLib instance
  UefiPayloadPkg: Specifies SmmCpuSyncLib instance
  UefiCpuPkg/PiSmmCpuDxeSmm: Consume SmmCpuSyncLib

 OvmfPkg/CloudHv/CloudHvX64.dsc |   1 +
 OvmfPkg/OvmfPkgIa32.dsc|   1 +
 OvmfPkg/OvmfPkgIa32X64.dsc |   1 +
 OvmfPkg/OvmfPkgX64.dsc |   1 +
 UefiCpuPkg/Include/Library/SmmCpuSyncLib.h | 191 
 UefiCpuPkg/Library/SmmCpuSyncLib/SmmCpuSyncLib.c   | 481 +
 UefiCpuPkg/Library/SmmCpuSyncLib/SmmCpuSyncLib.inf |  38 ++
 UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c  | 252 +++
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h |   6 +-
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf   |   1 +
 UefiCpuPkg/UefiCpuLibs.dsc.inc |  15 +
 UefiCpuPkg/UefiCpuPkg.dec  |   3 +
 UefiCpuPkg/UefiCpuPkg.dsc  |   1 +
 UefiPayloadPkg/UefiPayloadPkg.dsc  |   1 +
 14 files changed, 805 insertions(+), 188 deletions(-)
 create mode 100644 UefiCpuPkg/Include/Library/SmmCpuSyncLib.h
 create mode 100644 UefiCpuPkg/Library/SmmCpuSyncLib/SmmCpuSyncLib.c
 create mode 100644 UefiCpuPkg/Library/SmmCpuSyncLib/SmmCpuSyncLib.inf
 create mode 100644 UefiCpuPkg/UefiCpuLibs.dsc.inc

-- 
2.16.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110636): https://edk2.groups.io/g/devel/message/110636
Mute This Topic: https://groups.io/mt/102366296/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 1/7] UefiCpuPkg/PiSmmCpuDxeSmm: Optimize Semaphore Sync between BSP and AP

[Wu, Jiaxin]

This patch is to define 3 new functions (WaitForBsp & ReleaseBsp &
ReleaseOneAp) used for the semaphore sync between BSP & AP. With the
change, BSP and AP Sync flow will be easy understand as below:
BSP: ReleaseAllAPs or ReleaseOneAp --> AP: WaitForBsp
BSP: WaitForAllAPs <-- AP: ReleaseBsp

Change-Id: I0fb25e26e1015e918800f4d8d62e5276dcd5b5b1
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 72 ---
 1 file changed, 58 insertions(+), 14 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
index 25d058c5b9..e96c7f51d6 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
@@ -120,10 +120,11 @@ LockdownSemaphore (
 
   return Value;
 }
 
 /**
+  Used for BSP to wait all APs.
   Wait all APs to performs an atomic compare exchange operation to release 
semaphore.
 
   @param   NumberOfAPs  AP number
 
 **/
@@ -139,10 +140,11 @@ WaitForAllAPs (
 WaitForSemaphore (mSmmMpSyncData->CpuData[BspIndex].Run);
   }
 }
 
 /**
+  Used for BSP to release all APs.
   Performs an atomic compare exchange operation to release semaphore
   for each AP.
 
 **/
 VOID
@@ -157,10 +159,52 @@ ReleaseAllAPs (
   ReleaseSemaphore (mSmmMpSyncData->CpuData[Index].Run);
 }
   }
 }
 
+/**
+  Used for BSP to release one AP.
+
+  @param  ApSem IN:  32-bit unsigned integer
+OUT: original integer + 1
+**/
+VOID
+ReleaseOneAp   (
+  IN OUT  volatile UINT32  *ApSem
+  )
+{
+  ReleaseSemaphore (ApSem);
+}
+
+/**
+  Used for AP to wait BSP.
+
+  @param  ApSem  IN:  32-bit unsigned integer
+ OUT: original integer 0
+**/
+VOID
+WaitForBsp  (
+  IN OUT  volatile UINT32  *ApSem
+  )
+{
+  WaitForSemaphore (ApSem);
+}
+
+/**
+  Used for AP to release BSP.
+
+  @param  BspSem IN:  32-bit unsigned integer
+ OUT: original integer + 1
+**/
+VOID
+ReleaseBsp   (
+  IN OUT  volatile UINT32  *BspSem
+  )
+{
+  ReleaseSemaphore (BspSem);
+}
+
 /**
   Check whether the index of CPU perform the package level register
   programming during System Management Mode initialization.
 
   The index of Processor specified by mPackageFirstThreadIndex[PackageIndex]
@@ -632,11 +676,11 @@ BSPHandler (
   // Signal all APs it's time for backup MTRRs
   //
   ReleaseAllAPs ();
 
   //
-  // WaitForSemaphore() may wait for ever if an AP happens to enter SMM at
+  // WaitForBsp() may wait for ever if an AP happens to enter SMM at
   // exactly this point. Please make sure PcdCpuSmmMaxSyncLoops has been 
set
   // to a large enough value to avoid this situation.
   // Note: For HT capable CPUs, threads within a core share the same set 
of MTRRs.
   // We do the backup first and then set MTRR to avoid race condition for 
threads
   // in the same core.
@@ -652,11 +696,11 @@ BSPHandler (
   // Let all processors program SMM MTRRs together
   //
   ReleaseAllAPs ();
 
   //
-  // WaitForSemaphore() may wait for ever if an AP happens to enter SMM at
+  // WaitForBsp() may wait for ever if an AP happens to enter SMM at
   // exactly this point. Please make sure PcdCpuSmmMaxSyncLoops has been 
set
   // to a large enough value to avoid this situation.
   //
   ReplaceOSMtrrs (CpuIndex);
 
@@ -898,50 +942,50 @@ APHandler (
 
   if ((SyncMode == SmmCpuSyncModeTradition) || 
SmmCpuFeaturesNeedConfigureMtrrs ()) {
 //
 // Notify BSP of arrival at this point
 //
-ReleaseSemaphore (mSmmMpSyncData->CpuData[BspIndex].Run);
+ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
   }
 
   if (SmmCpuFeaturesNeedConfigureMtrrs ()) {
 //
 // Wait for the signal from BSP to backup MTRRs
 //
-WaitForSemaphore (mSmmMpSyncData->CpuData[CpuIndex].Run);
+WaitForBsp (mSmmMpSyncData->CpuData[CpuIndex].Run);
 
 //
 // Backup OS MTRRs
 //
 MtrrGetAllMtrrs ();
 
 //
 // Signal BSP the completion of this AP
 //
-ReleaseSemaphore (mSmmMpSyncData->CpuData[BspIndex].Run);
+ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
 
 //
 // Wait for BSP's signal to program MTRRs
 //
-WaitForSemaphore (mSmmMpSyncData->CpuData[CpuIndex].Run);
+WaitForBsp (mSmmMpSyncData->CpuData[CpuIndex].Run);
 
 //
 // Replace OS MTRRs with SMI MTRRs
 //
 ReplaceOSMtrrs (CpuIndex);
 
 //
 // Signal BSP the completion of this AP
 //
-ReleaseSemaphore (mSmmMpSyncData->CpuData[BspIndex].Run);
+ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
   }
 
   while (TRUE) {
 //
 // Wait for something to happen
 //
-WaitForSemaphore (mSmmMpSyncData->CpuData[CpuIndex].Run);
+WaitForBsp (mSmmMpSyncData->CpuData[CpuIndex].Run);
 
 //
 // Check if BSP wants to exit 

[edk2-devel] [PATCH v1 4/7] UefiCpuPkg: Implements SmmCpuSyncLib library instance

[Wu, Jiaxin]

Implements SmmCpuSyncLib Library class. The instance follows the
existing SMM CPU driver (PiSmmCpuDxeSmm) sync implementation:
1.Abstract Counter and Run semaphores into SmmCpuSyncCtx.
2.Abstract CPU arrival count operation to
SmmCpuSyncGetArrivedCpuCount(), SmmCpuSyncCheckInCpu(),
SmmCpuSyncCheckOutCpu(), SmmCpuSyncLockDoor().
Implementation is aligned with existing SMM CPU driver.
3. Abstract SMM CPU Sync flow to:
BSP: SmmCpuSyncReleaseOneAp  -->  AP: SmmCpuSyncWaitForBsp
BSP: SmmCpuSyncWaitForAllAPs <--  AP: SmmCpuSyncReleaseBsp
Semaphores release & wait during sync flow is same as existing SMM
CPU driver.
4.Same operation to Counter and Run semaphores by leverage the atomic
compare exchange.

Change-Id: I5a004637f8b24a90594a794092548b850b187493
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Gerd Hoffmann 
Cc: Rahul Kumar 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/Library/SmmCpuSyncLib/SmmCpuSyncLib.c   | 481 +
 UefiCpuPkg/Library/SmmCpuSyncLib/SmmCpuSyncLib.inf |  38 ++
 UefiCpuPkg/UefiCpuLibs.dsc.inc |  15 +
 UefiCpuPkg/UefiCpuPkg.dsc  |   1 +
 4 files changed, 535 insertions(+)
 create mode 100644 UefiCpuPkg/Library/SmmCpuSyncLib/SmmCpuSyncLib.c
 create mode 100644 UefiCpuPkg/Library/SmmCpuSyncLib/SmmCpuSyncLib.inf
 create mode 100644 UefiCpuPkg/UefiCpuLibs.dsc.inc

diff --git a/UefiCpuPkg/Library/SmmCpuSyncLib/SmmCpuSyncLib.c 
b/UefiCpuPkg/Library/SmmCpuSyncLib/SmmCpuSyncLib.c
new file mode 100644
index 00..3bc3ebe49a
--- /dev/null
+++ b/UefiCpuPkg/Library/SmmCpuSyncLib/SmmCpuSyncLib.c
@@ -0,0 +1,481 @@
+/** @file
+  SMM CPU Sync lib implementation.
+
+  Copyright (c) 2023, Intel Corporation. All rights reserved.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+typedef struct {
+  ///
+  /// Indicate how many CPU entered SMM.
+  ///
+  volatile UINT32*Counter;
+} SMM_CPU_SYNC_SEMAPHORE_GLOBAL;
+
+typedef struct {
+  ///
+  /// Used for control each CPU continue run or wait for signal
+  ///
+  volatile UINT32*Run;
+} SMM_CPU_SYNC_SEMAPHORE_CPU;
+
+typedef struct {
+  ///
+  ///  All global semaphores' pointer in SMM CPU Sync
+  ///
+  SMM_CPU_SYNC_SEMAPHORE_GLOBAL*GlobalSem;
+  ///
+  ///  All semaphores for each processor in SMM CPU Sync
+  ///
+  SMM_CPU_SYNC_SEMAPHORE_CPU   *CpuSem;
+  ///
+  /// The number of processors in the system.
+  /// This does not indicate the number of processors that entered SMM.
+  ///
+  UINTNNumberOfCpus;
+  ///
+  /// Address of global and each CPU semaphores
+  ///
+  UINTN*SemBlock;
+  ///
+  /// Size of global and each CPU semaphores
+  ///
+  UINTNSemBlockPages;
+} SMM_CPU_SYNC_CTX;
+
+/**
+  Performs an atomic compare exchange operation to get semaphore.
+  The compare exchange operation must be performed using MP safe
+  mechanisms.
+
+  @param  SemIN:  32-bit unsigned integer
+ OUT: original integer - 1
+
+  @return Original integer - 1
+
+**/
+UINT32
+InternalWaitForSemaphore (
+  IN OUT  volatile UINT32  *Sem
+  )
+{
+  UINT32  Value;
+
+  for ( ; ;) {
+Value = *Sem;
+if ((Value != 0) &&
+(InterlockedCompareExchange32 (
+   (UINT32 *)Sem,
+   Value,
+   Value - 1
+   ) == Value))
+{
+  break;
+}
+
+CpuPause ();
+  }
+
+  return Value - 1;
+}
+
+/**
+  Performs an atomic compare exchange operation to release semaphore.
+  The compare exchange operation must be performed using MP safe
+  mechanisms.
+
+  @param  SemIN:  32-bit unsigned integer
+ OUT: original integer + 1
+
+  @return Original integer + 1
+
+**/
+UINT32
+InternalReleaseSemaphore (
+  IN OUT  volatile UINT32  *Sem
+  )
+{
+  UINT32  Value;
+
+  do {
+Value = *Sem;
+  } while (Value + 1 != 0 &&
+   InterlockedCompareExchange32 (
+ (UINT32 *)Sem,
+ Value,
+ Value + 1
+ ) != Value);
+
+  return Value + 1;
+}
+
+/**
+  Performs an atomic compare exchange operation to lock semaphore.
+  The compare exchange operation must be performed using MP safe
+  mechanisms.
+
+  @param  SemIN:  32-bit unsigned integer
+ OUT: -1
+
+  @return Original integer
+
+**/
+UINT32
+InternalLockdownSemaphore (
+  IN OUT  volatile UINT32  *Sem
+  )
+{
+  UINT32  Value;
+
+  do {
+Value = *Sem;
+  } while (InterlockedCompareExchange32 (
+ (UINT32 *)Sem,
+ Value,
+ (UINT32)-1
+ ) != Value);
+
+  return Value;
+}
+
+/**
+  Creates and Init a new Smm Cpu Sync context.
+
+  @param[in]  NumberOfCpus The number of processors in the system.
+
+  @return Pointer to an allocated Smm Cpu Sync context object.
+  If the 

[edk2-devel] [PATCH v1 5/7] OvmfPkg: Specifies SmmCpuSyncLib instance

[Wu, Jiaxin]

The SmmCpuSyncLib instance is included in UefiCpuLibs.dsc.inc.
This patch is to specify SmmCpuSyncLib instance in OvmfPkg by
using "!include UefiCpuPkg/UefiCpuLibs.dsc.inc".

Change-Id: I2ab1737425e26a7bfc4f564b3b7f15ca5c2268fb
Cc: Ard Biesheuvel 
Cc: Jiewen Yao 
Cc: Jordan Justen 
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Signed-off-by: Jiaxin Wu 
---
 OvmfPkg/CloudHv/CloudHvX64.dsc | 1 +
 OvmfPkg/OvmfPkgIa32.dsc| 1 +
 OvmfPkg/OvmfPkgIa32X64.dsc | 1 +
 OvmfPkg/OvmfPkgX64.dsc | 1 +
 4 files changed, 4 insertions(+)

diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index c23c7eaf6c..e65767fe16 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -122,10 +122,11 @@
 # Library Class section - list of all Library Classes needed by this Platform.
 #
 

 
 !include MdePkg/MdeLibs.dsc.inc
+!include UefiCpuPkg/UefiCpuLibs.dsc.inc
 
 [LibraryClasses]
   PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
   TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseAcpiTimerLib.inf
   ResetSystemLib|OvmfPkg/Library/ResetSystemLib/BaseResetSystemLib.inf
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index ed3a19feeb..07d16e6935 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -125,10 +125,11 @@
 # Library Class section - list of all Library Classes needed by this Platform.
 #
 

 
 !include MdePkg/MdeLibs.dsc.inc
+!include UefiCpuPkg/UefiCpuLibs.dsc.inc
 
 [LibraryClasses]
   PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
   TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseAcpiTimerLib.inf
   ResetSystemLib|OvmfPkg/Library/ResetSystemLib/BaseResetSystemLib.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 16ca139b29..8d243b7075 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -130,10 +130,11 @@
 # Library Class section - list of all Library Classes needed by this Platform.
 #
 

 
 !include MdePkg/MdeLibs.dsc.inc
+!include UefiCpuPkg/UefiCpuLibs.dsc.inc
 
 [LibraryClasses]
   PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
   TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseAcpiTimerLib.inf
   ResetSystemLib|OvmfPkg/Library/ResetSystemLib/BaseResetSystemLib.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index dc1a0942aa..6343789152 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -143,10 +143,11 @@
 # Library Class section - list of all Library Classes needed by this Platform.
 #
 

 
 !include MdePkg/MdeLibs.dsc.inc
+!include UefiCpuPkg/UefiCpuLibs.dsc.inc
 
 [LibraryClasses]
   PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
   TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseAcpiTimerLib.inf
   ResetSystemLib|OvmfPkg/Library/ResetSystemLib/BaseResetSystemLib.inf
-- 
2.16.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110641): https://edk2.groups.io/g/devel/message/110641
Mute This Topic: https://groups.io/mt/102366302/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 6/7] UefiPayloadPkg: Specifies SmmCpuSyncLib instance

[Wu, Jiaxin]

The SmmCpuSyncLib instance is included in UefiCpuLibs.dsc.inc.
This patch is to specify SmmCpuSyncLib instance in UefiPayloadPkg
by using "!include UefiCpuPkg/UefiCpuLibs.dsc.inc".

Change-Id: Ib303a9cdf260ac1ffc146e5f2e68834dec00ff25
Cc: Guo Dong 
Cc: Sean Rhodes 
Cc: James Lu 
Cc: Gua Guo 
Cc: Ray Ni 
Cc: Zeng Star 
Signed-off-by: Jiaxin Wu 
---
 UefiPayloadPkg/UefiPayloadPkg.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc 
b/UefiPayloadPkg/UefiPayloadPkg.dsc
index af9308ef8e..6f6d815c07 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
@@ -169,10 +169,11 @@
 # Library Class section - list of all Library Classes needed by this Platform.
 #
 

 
 !include MdePkg/MdeLibs.dsc.inc
+!include UefiCpuPkg/UefiCpuLibs.dsc.inc
 
 [LibraryClasses]
   #
   # Entry point
   #
-- 
2.16.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110642): https://edk2.groups.io/g/devel/message/110642
Mute This Topic: https://groups.io/mt/102366304/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET enable

[Wu, Jiaxin]

Shadow stack will stop update after CET disable (DisableCet in
DisableReadOnlyPageWriteProtect), but normal smi stack will be
continue updated with the function return and enter
(DisableReadOnlyPageWriteProtect & EnableReadOnlyPageWriteProtect),
thus leading stack mismatch after CET re-enabled (EnableCet in
EnableReadOnlyPageWriteProtect).

Normal smi stack and shadow stack must be matched when CET enable,
otherwise CP Exception will happen, which is caused by a near RET
instruction (See SDM Vol 3, 6.15-Control Protection Exception).

With above requirement, CET feature enable & disable must be in the
same function to avoid stack mismatch issue.

Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Gerd Hoffmann 
Cc: Rahul Kumar 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h |  10 +-
 UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 104 ++---
 UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c |  19 +++-
 3 files changed, 91 insertions(+), 42 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h 
b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
index 654935dc76..daa843b057 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
@@ -1554,26 +1554,24 @@ SmmWaitForApArrival (
 
 /**
   Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1.
 
   @param[out]  WpEnabled  If Cr0.WP is enabled.
-  @param[out]  CetEnabled If CET is enabled.
+
 **/
 VOID
 DisableReadOnlyPageWriteProtect (
-  OUT BOOLEAN  *WpEnabled,
-  OUT BOOLEAN  *CetEnabled
+  OUT BOOLEAN  *WpEnabled
   );
 
 /**
   Enable Write Protect on pages marked as read-only.
 
   @param[out]  WpEnabled  If Cr0.WP should be enabled.
-  @param[out]  CetEnabled If CET should be enabled.
+
 **/
 VOID
 EnableReadOnlyPageWriteProtect (
-  BOOLEAN  WpEnabled,
-  BOOLEAN  CetEnabled
+  BOOLEAN  WpEnabled
   );
 
 #endif
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
index 6f49866615..2c198a161a 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
@@ -42,61 +42,44 @@ BOOLEAN  mIsReadOnlyPageTable = FALSE;
 
 /**
   Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1.
 
   @param[out]  WpEnabled  If Cr0.WP is enabled.
-  @param[out]  CetEnabled If CET is enabled.
+
 **/
 VOID
 DisableReadOnlyPageWriteProtect (
-  OUT BOOLEAN  *WpEnabled,
-  OUT BOOLEAN  *CetEnabled
+  OUT BOOLEAN  *WpEnabled
   )
 {
   IA32_CR0  Cr0;
 
-  *CetEnabled = ((AsmReadCr4 () & CR4_CET_ENABLE) != 0) ? TRUE : FALSE;
-  Cr0.UintN   = AsmReadCr0 ();
-  *WpEnabled  = (Cr0.Bits.WP != 0) ? TRUE : FALSE;
+  Cr0.UintN  = AsmReadCr0 ();
+  *WpEnabled = (Cr0.Bits.WP != 0) ? TRUE : FALSE;
   if (*WpEnabled) {
-if (*CetEnabled) {
-  //
-  // CET must be disabled if WP is disabled. Disable CET before clearing 
CR0.WP.
-  //
-  DisableCet ();
-}
-
 Cr0.Bits.WP = 0;
 AsmWriteCr0 (Cr0.UintN);
   }
 }
 
 /**
   Enable Write Protect on pages marked as read-only.
 
   @param[out]  WpEnabled  If Cr0.WP should be enabled.
-  @param[out]  CetEnabled If CET should be enabled.
+
 **/
 VOID
 EnableReadOnlyPageWriteProtect (
-  BOOLEAN  WpEnabled,
-  BOOLEAN  CetEnabled
+  BOOLEAN  WpEnabled
   )
 {
   IA32_CR0  Cr0;
 
   if (WpEnabled) {
 Cr0.UintN   = AsmReadCr0 ();
 Cr0.Bits.WP = 1;
 AsmWriteCr0 (Cr0.UintN);
-
-if (CetEnabled) {
-  //
-  // re-enable CET.
-  //
-  EnableCet ();
-}
   }
 }
 
 /**
   Initialize a buffer pool for page table use only.
@@ -157,13 +140,29 @@ InitializePageTablePool (
 
   //
   // If page table memory has been marked as RO, mark the new pool pages as 
read-only.
   //
   if (mIsReadOnlyPageTable) {
-DisableReadOnlyPageWriteProtect (, );
+//
+// CET must be disabled if WP is disabled.
+//
+CetEnabled = ((AsmReadCr4 () & CR4_CET_ENABLE) != 0) ? TRUE : FALSE;
+if (CetEnabled) {
+  DisableCet ();
+}
+
+DisableReadOnlyPageWriteProtect ();
+
 SmmSetMemoryAttributes ((EFI_PHYSICAL_ADDRESS)(UINTN)Buffer, 
EFI_PAGES_TO_SIZE (PoolPages), EFI_MEMORY_RO);
-EnableReadOnlyPageWriteProtect (WpEnabled, CetEnabled);
+
+//
+// Enable the WP and restore CET to enable
+//
+EnableReadOnlyPageWriteProtect (WpEnabled);
+if (CetEnabled) {
+  EnableCet ();
+}
   }
 
   return TRUE;
 }
 
@@ -1055,11 +1054,19 @@ SetMemMapAttributes (
 Status = PageTableParse (PageTable, mPagingMode, Map, );
   }
 
   ASSERT_RETURN_ERROR (Status);
 
-  DisableReadOnlyPageWriteProtect (, );
+  //
+  // CET must be disabled if WP is disabled.
+  //
+  CetEnabled = ((AsmReadCr4 () & CR4_CET_ENABLE) != 0) ? TRUE : FALSE;
+  if (CetEnabled) {
+DisableCet ();
+  }
+
+  DisableReadOnlyPageWriteProtect ();
 
   MemoryMap = MemoryMapStart;
   for (Index = 0; Index < 

Re: [edk2-devel] [PATCH v1] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET enable

[Wu, Jiaxin]

Hi Laszlo,

Thanks the feedback.

> 
> Is this somehow related to
> 
>   [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Clear CR4.CET before
> restoring MSR IA32_S_CET
> 
> at
> 
>   https://edk2.groups.io/g/devel/message/110605
> 
> ?
> 
> I'm not familiar with control flow integrity, but both patches seem to fix up
> problems with CET management. Therefore I would suggest to join forces and
> include all the patches in the same series. (Not same "patch", mind you --
> different patches in the same series.) We've already asked for that other 
> patch
> to be split up into series, anyway.
> 

I think it's total different issue. I found the system hang once we are trying 
enable the CET. And root caused to the stack mismatch.

Actually, the issue is not the CET itself, but due to the wrong use of CET 
enable/disable by consumer (smm cpu driver). SMM CPU enable/disable the CET 
feature improperly.

For the patch you mentioned, it looks to handle the CET itself init bug, right? 
if so, do you think we can keep to handle it separated or you still think we 
need join forces in same series?

Thanks,
Jiaxin


]

> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110625): https://edk2.groups.io/g/devel/message/110625
Mute This Topic: https://groups.io/mt/102362300/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET enable

[Wu, Jiaxin]

Hi Laszlo, 

Thanks comments.

> 
> I have two comments:
> 
> 
> (1) both the pre-patch code and the post-patch code have several
> instances of the following pattern:
> 
>   Boolean = (Expression != 0) ? TRUE : FALSE;
> 
> This is an anti-pattern. It should only be:
> 
>   Boolean = Expression != 0;
> 
> or if you prefer the parentheses, then
> 
>   Boolean = (Expression != 0);
> 
> I recommend cleaning up all instances of this, independently of the
> actual issue.
> 

Agree, I will clean it in next version.


> 
> (2) The critical information is in the last paragraph of the commit
> message ("CET feature enable & disable must be in the same function to
> avoid stack mismatch"); however, that critical information is not
> visible anywhere in the new code. People will not understand why the
> code is littered with EnableCet / DisableCet calls.
> 
> In fact, I only realized the weight of the commit message after I first
> looked at the patch, and deduced that the patch did, functionally
> speaking, nothing at all!
> 
> So here's what I recommend: please replace the functions
> 
> - EnableReadOnlyPageWriteProtect()
> - DisableReadOnlyPageWriteProtect()
> 
> with *macros*
> 
> - WRITE_PROTECT_RO_PAGES()
> - WRITE_UNPROTECT_RO_PAGES()
> 

ok, agree, I will refine the patch with those macros definition.


> These macros should continue taking two parameters (Wp and Cet). The WP
> manipulation can be factored out to helper functions if necessary, but
> the CET manipulation needs to be expanded inline.
> 
> (I've also renamed the APIs because the current API names are awkward.
> "Enable Write Protection" is just better expressed as "Write Protect",
> and "Disable Write Protection" is just better expressed as "Write
> Unprotect", in my opinion.)
> 

yes. I will rename by following the suggestion. 

> And then, comments on the macro definitions should explain that these
> pieces of logic are defined as macros and not functions because "CET
> feature enable & disable must be in the same function to avoid stack
> mismatch".
> 

> Thanks!
> Laszlo
> 
> >
> > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> > index 654935dc76..daa843b057 100644
> > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> > @@ -1554,26 +1554,24 @@ SmmWaitForApArrival (
> >
> >  /**
> >Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1.
> >
> >@param[out]  WpEnabled  If Cr0.WP is enabled.
> > -  @param[out]  CetEnabled If CET is enabled.
> > +
> >  **/
> >  VOID
> >  DisableReadOnlyPageWriteProtect (
> > -  OUT BOOLEAN  *WpEnabled,
> > -  OUT BOOLEAN  *CetEnabled
> > +  OUT BOOLEAN  *WpEnabled
> >);
> >
> >  /**
> >Enable Write Protect on pages marked as read-only.
> >
> >@param[out]  WpEnabled  If Cr0.WP should be enabled.
> > -  @param[out]  CetEnabled If CET should be enabled.
> > +
> >  **/
> >  VOID
> >  EnableReadOnlyPageWriteProtect (
> > -  BOOLEAN  WpEnabled,
> > -  BOOLEAN  CetEnabled
> > +  BOOLEAN  WpEnabled
> >);
> >
> >  #endif
> > diff --git
> a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
> b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
> > index 6f49866615..2c198a161a 100644
> > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
> > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
> > @@ -42,61 +42,44 @@ BOOLEAN  mIsReadOnlyPageTable = FALSE;
> >
> >  /**
> >Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1.
> >
> >@param[out]  WpEnabled  If Cr0.WP is enabled.
> > -  @param[out]  CetEnabled If CET is enabled.
> > +
> >  **/
> >  VOID
> >  DisableReadOnlyPageWriteProtect (
> > -  OUT BOOLEAN  *WpEnabled,
> > -  OUT BOOLEAN  *CetEnabled
> > +  OUT BOOLEAN  *WpEnabled
> >)
> >  {
> >IA32_CR0  Cr0;
> >
> > -  *CetEnabled = ((AsmReadCr4 () & CR4_CET_ENABLE) != 0) ? TRUE : FALSE;
> > -  Cr0.UintN   = AsmReadCr0 ();
> > -  *WpEnabled  = (Cr0.Bits.WP != 0) ? TRUE : FALSE;
> > +  Cr0.UintN  = AsmReadCr0 ();
> > +  *WpEnabled = (Cr0.Bits.WP != 0) ? TRUE : FALSE;
> >if (*WpEnabled) {
> > -if (*CetEnabled) {
> > -  //
> > -  // CET must be disabled if WP is disabled. Disable CET before 
> > clearing
> CR0.WP.
> > -  //
> > -  DisableCet ();
> > -}
> > -
> >  Cr0.Bits.WP = 0;
> >  AsmWriteCr0 (Cr0.UintN);
> >}
> >  }
> >
> >  /**
> >Enable Write Protect on pages marked as read-only.
> >
> >@param[out]  WpEnabled  If Cr0.WP should be enabled.
> > -  @param[out]  CetEnabled If CET should be enabled.
> > +
> >  **/
> >  VOID
> >  EnableReadOnlyPageWriteProtect (
> > -  BOOLEAN  WpEnabled,
> > -  BOOLEAN  CetEnabled
> > +  BOOLEAN  WpEnabled
> >)
> >  {
> >IA32_CR0  Cr0;
> >
> >if (WpEnabled) {
> >  Cr0.UintN   = AsmReadCr0 ();
> >  Cr0.Bits.WP = 1;
> >  AsmWriteCr0 (Cr0.UintN);
> > -
> > -if (CetEnabled) {
> > -  //
> > 

[edk2-devel] [PATCH v2] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET enable

[Wu, Jiaxin]

Shadow stack will stop update after CET disable (DisableCet in
DisableReadOnlyPageWriteProtect), but normal smi stack will be
continue updated with the function return and enter
(DisableReadOnlyPageWriteProtect & EnableReadOnlyPageWriteProtect),
thus leading stack mismatch after CET re-enabled (EnableCet in
EnableReadOnlyPageWriteProtect).

Normal smi stack and shadow stack must be matched when CET enable,
otherwise CP Exception will happen, which is caused by a near RET
instruction (See SDM Vol 3, 6.15-Control Protection Exception).

With above requirement, define below 2 macros instead of functions
for WP & CET operation:
WRITE_UNPROTECT_RO_PAGES (Wp, Cet)
WRITE_PROTECT_RO_PAGES (Wp, Cet)
Because "CET" feature disable & enable must be in the same
function to avoid shadow stack and normal SMI stack mismatch.

Note: WRITE_UNPROTECT_RO_PAGES () must be called pair with
WRITE_PROTECT_RO_PAGES () in same function.

Change-Id: I4e126697efcd8dbfb4887da034d8691bfca969e3
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Gerd Hoffmann 
Cc: Rahul Kumar 
Cc: Laszlo Ersek 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 46 ---
 UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 96 +++---
 UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 13 ++-
 3 files changed, 94 insertions(+), 61 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h 
b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
index 654935dc76..5d167899ff 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
@@ -1551,29 +1551,51 @@ VOID
 SmmWaitForApArrival (
   VOID
   );
 
 /**
-  Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1.
+  Write unprotect read-only pages if Cr0.Bits.WP is 1.
+
+  @param[out]  WriteProtect  If Cr0.WP is enabled.
 
-  @param[out]  WpEnabled  If Cr0.WP is enabled.
-  @param[out]  CetEnabled If CET is enabled.
 **/
 VOID
-DisableReadOnlyPageWriteProtect (
-  OUT BOOLEAN  *WpEnabled,
-  OUT BOOLEAN  *CetEnabled
+SmmWriteUnprotectReadOnlyPage (
+  OUT BOOLEAN  *WriteProtect
   );
 
 /**
-  Enable Write Protect on pages marked as read-only.
+  Write protect read-only pages.
+
+  @param[out]  WriteProtect  If Cr0.WP should be enabled.
 
-  @param[out]  WpEnabled  If Cr0.WP should be enabled.
-  @param[out]  CetEnabled If CET should be enabled.
 **/
 VOID
-EnableReadOnlyPageWriteProtect (
-  BOOLEAN  WpEnabled,
-  BOOLEAN  CetEnabled
+SmmWriteProtectReadOnlyPage (
+  IN  BOOLEAN  WriteProtect
   );
 
+///
+/// Below pieces of logic are defined as macros and not functions
+/// because "CET" feature disable & enable must be in the same
+/// function to avoid shadow stack and normal SMI stack mismatch,
+/// thus WRITE_UNPROTECT_RO_PAGES () must be called pair with
+/// WRITE_PROTECT_RO_PAGES () in same function.
+///
+#define WRITE_UNPROTECT_RO_PAGES(Wp, Cet) \
+{ \
+  Cet = ((AsmReadCr4 () & CR4_CET_ENABLE) != 0); \
+  if (Cet) { \
+DisableCet (); \
+  } \
+  SmmWriteUnprotectReadOnlyPage(); \
+}
+
+#define WRITE_PROTECT_RO_PAGES(Wp, Cet) \
+{ \
+  SmmWriteProtectReadOnlyPage(Wp); \
+  if (Cet) { \
+EnableCet (); \
+  } \
+}
+
 #endif
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
index 6f49866615..8edfddd3ea 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
@@ -39,64 +39,47 @@ PAGE_TABLE_POOL  *mPageTablePool = NULL;
 // If memory used by SMM page table has been mareked as ReadOnly.
 //
 BOOLEAN  mIsReadOnlyPageTable = FALSE;
 
 /**
-  Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1.
+  Write unprotect read-only pages if Cr0.Bits.WP is 1.
+
+  @param[out]  WriteProtect  If Cr0.WP is enabled.
 
-  @param[out]  WpEnabled  If Cr0.WP is enabled.
-  @param[out]  CetEnabled If CET is enabled.
 **/
 VOID
-DisableReadOnlyPageWriteProtect (
-  OUT BOOLEAN  *WpEnabled,
-  OUT BOOLEAN  *CetEnabled
+SmmWriteUnprotectReadOnlyPage (
+  OUT BOOLEAN  *WriteProtect
   )
 {
   IA32_CR0  Cr0;
 
-  *CetEnabled = ((AsmReadCr4 () & CR4_CET_ENABLE) != 0) ? TRUE : FALSE;
-  Cr0.UintN   = AsmReadCr0 ();
-  *WpEnabled  = (Cr0.Bits.WP != 0) ? TRUE : FALSE;
-  if (*WpEnabled) {
-if (*CetEnabled) {
-  //
-  // CET must be disabled if WP is disabled. Disable CET before clearing 
CR0.WP.
-  //
-  DisableCet ();
-}
-
+  Cr0.UintN = AsmReadCr0 ();
+  *WriteProtect = (Cr0.Bits.WP != 0) ? TRUE : FALSE;
+  if (*WriteProtect) {
 Cr0.Bits.WP = 0;
 AsmWriteCr0 (Cr0.UintN);
   }
 }
 
 /**
-  Enable Write Protect on pages marked as read-only.
+  Write protect read-only pages.
+
+  @param[out]  WriteProtect  If Cr0.WP should be enabled.
 
-  @param[out]  WpEnabled  If Cr0.WP should be enabled.
-  @param[out]  CetEnabled If CET should be enabled.
 **/
 VOID

[edk2-devel] [PATCH v1] UefiCpuPkg/PiSmmCpuDxeSmm: Use processor extended information

[Wu, Jiaxin]

Processor extended information is filled when
CPU_V2_EXTENDED_TOPOLOGY is set in parameter ProcessorNumber
from GetProcessorInfo() (See commit: 1fadd18d).

This filed value is retrieved from CPUID leaf 1FH, which is
a preferred superset to leaf 0BH.

Since Intel recommends first use the CPUID leaf 1FH instead of
leaf 0BH, this patch change to use the processor extended
information, which can reflect the value from CPUID leaf 1FH.

Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Star Zeng 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/CpuService.c | 10 ++
 UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c  |  6 +++---
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuService.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuService.c
index 391b64e9f2..c0485b0519 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuService.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuService.c
@@ -169,10 +169,20 @@ SmmAddProcessor (
 >ProcessorInfo[Index].Location.Package,
 >ProcessorInfo[Index].Location.Core,
 >ProcessorInfo[Index].Location.Thread
 );
 
+  GetProcessorLocation2ByApicId (
+(UINT32)ProcessorId,
+
>ProcessorInfo[Index].ExtendedInformation.Location2.Package,
+
>ProcessorInfo[Index].ExtendedInformation.Location2.Die,
+
>ProcessorInfo[Index].ExtendedInformation.Location2.Tile,
+
>ProcessorInfo[Index].ExtendedInformation.Location2.Module,
+
>ProcessorInfo[Index].ExtendedInformation.Location2.Core,
+
>ProcessorInfo[Index].ExtendedInformation.Location2.Thread
+);
+
   *ProcessorNumber = Index;
   gSmmCpuPrivate->Operation[Index] = SmmCpuAdd;
   return EFI_SUCCESS;
 }
   }
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
index 25d058c5b9..c61562c867 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
@@ -177,11 +177,11 @@ IsPackageFirstThread (
   IN UINTN  CpuIndex
   )
 {
   UINT32  PackageIndex;
 
-  PackageIndex =  gSmmCpuPrivate->ProcessorInfo[CpuIndex].Location.Package;
+  PackageIndex =  
gSmmCpuPrivate->ProcessorInfo[CpuIndex].ExtendedInformation.Location2.Package;
 
   ASSERT (mPackageFirstThreadIndex != NULL);
 
   //
   // Set the value of mPackageFirstThreadIndex[PackageIndex].
@@ -1834,12 +1834,12 @@ InitPackageFirstThreadIndexInfo (
 
   //
   // Count the number of package, set to max PackageId + 1
   //
   for (Index = 0; Index < mNumberOfCpus; Index++) {
-if (PackageId < gSmmCpuPrivate->ProcessorInfo[Index].Location.Package) {
-  PackageId = gSmmCpuPrivate->ProcessorInfo[Index].Location.Package;
+if (PackageId < 
gSmmCpuPrivate->ProcessorInfo[Index].ExtendedInformation.Location2.Package) {
+  PackageId = 
gSmmCpuPrivate->ProcessorInfo[Index].ExtendedInformation.Location2.Package;
 }
   }
 
   PackageCount = PackageId + 1;
 
-- 
2.16.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110786): https://edk2.groups.io/g/devel/message/110786
Mute This Topic: https://groups.io/mt/102436095/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v4] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET enable

[Wu, Jiaxin]

Root cause:
1. Before DisableReadonlyPageWriteProtect() is called, the return
address (#1) is pushed in shadow stack.
2. CET is disabled.
3. DisableReadonlyPageWriteProtect() returns to #1.
4. Page table is modified.
5. EnableReadonlyPageWriteProtect() is called, but the return
address (#2) is not pushed in shadow stack.
6. CET is enabled.
7. EnableReadonlyPageWriteProtect() returns to #2.
#CP exception happens because the actual return address (#2)
doesn't match the return address stored in shadow stack (#1).

Analysis:
Shadow stack will stop update after CET disable (DisableCet() in
DisableReadOnlyPageWriteProtect), but normal smi stack will be
continue updated with the function called and return
(DisableReadOnlyPageWriteProtect & EnableReadOnlyPageWriteProtect),
thus leading stack mismatch after CET re-enabled (EnableCet() in
EnableReadOnlyPageWriteProtect).

According SDM Vol 3, 6.15-Control Protection Exception:
Normal smi stack and shadow stack must be matched when CET enable,
otherwise CP Exception will happen, which is caused by a near RET
instruction.

CET is disabled in DisableCet(), while can be enabled in
EnableCet(). This way won't cause the problem because they are
implemented in a way that return address of DisableCet() is
poped out from shadow stack (Incsspq performs a pop to increases
the shadow stack) and EnableCet() doesn't use "RET" but "JMP" to
return to caller. So calling EnableCet() and DisableCet() doesn't
have the same issue as calling DisableReadonlyPageWriteProtect()
and EnableReadonlyPageWriteProtect().

With above root cause & analysis, define below 2 macros instead of
functions for WP & CET operation:
WRITE_UNPROTECT_RO_PAGES (Wp, Cet)
WRITE_PROTECT_RO_PAGES (Wp, Cet)
Because DisableCet() & EnableCet() must be in the same function
to avoid shadow stack and normal SMI stack mismatch.

Note: WRITE_UNPROTECT_RO_PAGES () must be called pair with
WRITE_PROTECT_RO_PAGES () in same function.

Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Gerd Hoffmann 
Cc: Rahul Kumar 
Cc: Laszlo Ersek 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 59 +
 UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 73 +-
 UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c |  7 ++-
 3 files changed, 81 insertions(+), 58 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h 
b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
index 654935dc76..20ada465c2 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
@@ -1551,29 +1551,64 @@ VOID
 SmmWaitForApArrival (
   VOID
   );
 
 /**
-  Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1.
+  Write unprotect read-only pages if Cr0.Bits.WP is 1.
+
+  @param[out]  WriteProtect  If Cr0.Bits.WP is enabled.
 
-  @param[out]  WpEnabled  If Cr0.WP is enabled.
-  @param[out]  CetEnabled If CET is enabled.
 **/
 VOID
-DisableReadOnlyPageWriteProtect (
-  OUT BOOLEAN  *WpEnabled,
-  OUT BOOLEAN  *CetEnabled
+SmmWriteUnprotectReadOnlyPage (
+  OUT BOOLEAN  *WriteProtect
   );
 
 /**
-  Enable Write Protect on pages marked as read-only.
+  Write protect read-only pages.
+
+  @param[in]  WriteProtect  If Cr0.Bits.WP should be enabled.
 
-  @param[out]  WpEnabled  If Cr0.WP should be enabled.
-  @param[out]  CetEnabled If CET should be enabled.
 **/
 VOID
-EnableReadOnlyPageWriteProtect (
-  BOOLEAN  WpEnabled,
-  BOOLEAN  CetEnabled
+SmmWriteProtectReadOnlyPage (
+  IN  BOOLEAN  WriteProtect
   );
 
+///
+/// Define macros to encapsulate the write unprotect/protect
+/// read-only pages.
+/// Below pieces of logic are defined as macros and not functions
+/// because "CET" feature disable & enable must be in the same
+/// function to avoid shadow stack and normal SMI stack mismatch,
+/// thus WRITE_UNPROTECT_RO_PAGES () must be called pair with
+/// WRITE_PROTECT_RO_PAGES () in same function.
+///
+/// @param[in,out] Wp   A BOOLEAN variable local to the containing
+/// function, carrying write protection status from
+/// WRITE_UNPROTECT_RO_PAGES() to
+/// WRITE_PROTECT_RO_PAGES().
+///
+/// @param[in,out] Cet  A BOOLEAN variable local to the containing
+/// function, carrying control flow integrity
+/// enforcement status from
+/// WRITE_UNPROTECT_RO_PAGES() to
+/// WRITE_PROTECT_RO_PAGES().
+///
+#define WRITE_UNPROTECT_RO_PAGES(Wp, Cet) \
+  do { \
+Cet = ((AsmReadCr4 () & CR4_CET_ENABLE) != 0); \
+if (Cet) { \
+  DisableCet (); \
+} \
+SmmWriteUnprotectReadOnlyPage (); \
+  } while (FALSE)
+
+#define WRITE_PROTECT_RO_PAGES(Wp, Cet) \
+  do { \
+SmmWriteProtectReadOnlyPage (Wp); \
+if (Cet) { \
+  EnableCet (); \
+} \
+  } while (FALSE)
+
 #endif
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c 

Re: [edk2-devel] [PATCH v4] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET enable

[Wu, Jiaxin]

Hi Ray & Laszlo,

Any more comments to this?

Thanks,
Jiaxin

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Wu,
> Jiaxin
> Sent: Tuesday, November 7, 2023 9:25 AM
> To: devel@edk2.groups.io
> Cc: Dong, Eric ; Ni, Ray ; Zeng, Star
> ; Gerd Hoffmann ; Kumar, Rahul R
> ; Laszlo Ersek 
> Subject: [edk2-devel] [PATCH v4] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP
> Exception when CET enable
> 
> Root cause:
> 1. Before DisableReadonlyPageWriteProtect() is called, the return
> address (#1) is pushed in shadow stack.
> 2. CET is disabled.
> 3. DisableReadonlyPageWriteProtect() returns to #1.
> 4. Page table is modified.
> 5. EnableReadonlyPageWriteProtect() is called, but the return
> address (#2) is not pushed in shadow stack.
> 6. CET is enabled.
> 7. EnableReadonlyPageWriteProtect() returns to #2.
> #CP exception happens because the actual return address (#2)
> doesn't match the return address stored in shadow stack (#1).
> 
> Analysis:
> Shadow stack will stop update after CET disable (DisableCet() in
> DisableReadOnlyPageWriteProtect), but normal smi stack will be
> continue updated with the function called and return
> (DisableReadOnlyPageWriteProtect & EnableReadOnlyPageWriteProtect),
> thus leading stack mismatch after CET re-enabled (EnableCet() in
> EnableReadOnlyPageWriteProtect).
> 
> According SDM Vol 3, 6.15-Control Protection Exception:
> Normal smi stack and shadow stack must be matched when CET enable,
> otherwise CP Exception will happen, which is caused by a near RET
> instruction.
> 
> CET is disabled in DisableCet(), while can be enabled in
> EnableCet(). This way won't cause the problem because they are
> implemented in a way that return address of DisableCet() is
> poped out from shadow stack (Incsspq performs a pop to increases
> the shadow stack) and EnableCet() doesn't use "RET" but "JMP" to
> return to caller. So calling EnableCet() and DisableCet() doesn't
> have the same issue as calling DisableReadonlyPageWriteProtect()
> and EnableReadonlyPageWriteProtect().
> 
> With above root cause & analysis, define below 2 macros instead of
> functions for WP & CET operation:
> WRITE_UNPROTECT_RO_PAGES (Wp, Cet)
> WRITE_PROTECT_RO_PAGES (Wp, Cet)
> Because DisableCet() & EnableCet() must be in the same function
> to avoid shadow stack and normal SMI stack mismatch.
> 
> Note: WRITE_UNPROTECT_RO_PAGES () must be called pair with
> WRITE_PROTECT_RO_PAGES () in same function.
> 
> Cc: Eric Dong 
> Cc: Ray Ni 
> Cc: Zeng Star 
> Cc: Gerd Hoffmann 
> Cc: Rahul Kumar 
> Cc: Laszlo Ersek 
> Signed-off-by: Jiaxin Wu 
> ---
>  UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 59
> +
>  UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 73
> +-
>  UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c |  7 ++-
>  3 files changed, 81 insertions(+), 58 deletions(-)
> 
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> index 654935dc76..20ada465c2 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> @@ -1551,29 +1551,64 @@ VOID
>  SmmWaitForApArrival (
>VOID
>);
> 
>  /**
> -  Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1.
> +  Write unprotect read-only pages if Cr0.Bits.WP is 1.
> +
> +  @param[out]  WriteProtect  If Cr0.Bits.WP is enabled.
> 
> -  @param[out]  WpEnabled  If Cr0.WP is enabled.
> -  @param[out]  CetEnabled If CET is enabled.
>  **/
>  VOID
> -DisableReadOnlyPageWriteProtect (
> -  OUT BOOLEAN  *WpEnabled,
> -  OUT BOOLEAN  *CetEnabled
> +SmmWriteUnprotectReadOnlyPage (
> +  OUT BOOLEAN  *WriteProtect
>);
> 
>  /**
> -  Enable Write Protect on pages marked as read-only.
> +  Write protect read-only pages.
> +
> +  @param[in]  WriteProtect  If Cr0.Bits.WP should be enabled.
> 
> -  @param[out]  WpEnabled  If Cr0.WP should be enabled.
> -  @param[out]  CetEnabled If CET should be enabled.
>  **/
>  VOID
> -EnableReadOnlyPageWriteProtect (
> -  BOOLEAN  WpEnabled,
> -  BOOLEAN  CetEnabled
> +SmmWriteProtectReadOnlyPage (
> +  IN  BOOLEAN  WriteProtect
>);
> 
> +///
> +/// Define macros to encapsulate the write unprotect/protect
> +/// read-only pages.
> +/// Below pieces of logic are defined as macros and not functions
> +/// because "CET" feature disable & enable must be in the same
> +/// function to avoid shadow stack and normal SMI stack mismatch,
> +/// thus WRITE_UNPROTECT_RO_PAGES () must be called pair with
> +/// WRITE_PROTECT_RO_PAGES () in

Re: [edk2-devel] [PATCH v1 7/7] UefiCpuPkg/PiSmmCpuDxeSmm: Consume SmmCpuSyncLib

[Wu, Jiaxin]

Thanks Laszlo, much appreciate all comments. I will check one by one for fix in 
next version. /Jiaxin 


> -Original Message-
> From: Laszlo Ersek 
> Sent: Tuesday, November 7, 2023 7:01 PM
> To: devel@edk2.groups.io; Wu, Jiaxin 
> Cc: Dong, Eric ; Ni, Ray ; Zeng, Star
> ; Gerd Hoffmann ; Kumar, Rahul R
> 
> Subject: Re: [edk2-devel] [PATCH v1 7/7] UefiCpuPkg/PiSmmCpuDxeSmm:
> Consume SmmCpuSyncLib
> 
> On 11/3/23 16:30, Wu, Jiaxin wrote:
> > There is the SmmCpuSyncLib Library class define the SMM CPU sync
> > flow, which is aligned with existing SMM CPU driver sync behavior.
> > This patch is to consume SmmCpuSyncLib instance directly.
> >
> > With this change, SMM CPU Sync flow/logic can be customized
> > with different implementation no matter for any purpose, e.g.
> > performance tuning, handle specific register, etc.
> >
> > Change-Id: Id034de47b85743c125f0d76420947e0dd9e69518
> > Cc: Eric Dong 
> > Cc: Ray Ni 
> > Cc: Zeng Star 
> > Cc: Gerd Hoffmann 
> > Cc: Rahul Kumar 
> > Signed-off-by: Jiaxin Wu 
> > ---
> >  UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c| 256 +
> --
> >  UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h   |   6 +-
> >  UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf |   1 +
> >  3 files changed, 49 insertions(+), 214 deletions(-)
> 
> I'll first review this in the v2 posting.
> 
> Laszlo



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110843): https://edk2.groups.io/g/devel/message/110843
Mute This Topic: https://groups.io/mt/102366305/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v4] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET enable

[Wu, Jiaxin]

Hi Liming & Mike & Ray,

Could you help approve this change for the coming edk2 stable tag? This is 
critical bug fix in smm cpu driver to handler the CET check failure, I think we 
need this change for the stable tag.

Thanks,
Jiaxin 

> -Original Message-
> From: Laszlo Ersek 
> Sent: Wednesday, November 8, 2023 2:57 AM
> To: devel@edk2.groups.io; Wu, Jiaxin 
> Cc: Dong, Eric ; Ni, Ray ; Zeng, Star
> ; Gerd Hoffmann ; Kumar, Rahul R
> 
> Subject: Re: [edk2-devel] [PATCH v4] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP
> Exception when CET enable
> 
> On 11/7/23 02:24, Wu, Jiaxin wrote:
> > Root cause:
> > 1. Before DisableReadonlyPageWriteProtect() is called, the return
> > address (#1) is pushed in shadow stack.
> > 2. CET is disabled.
> > 3. DisableReadonlyPageWriteProtect() returns to #1.
> > 4. Page table is modified.
> > 5. EnableReadonlyPageWriteProtect() is called, but the return
> > address (#2) is not pushed in shadow stack.
> > 6. CET is enabled.
> > 7. EnableReadonlyPageWriteProtect() returns to #2.
> > #CP exception happens because the actual return address (#2)
> > doesn't match the return address stored in shadow stack (#1).
> >
> > Analysis:
> > Shadow stack will stop update after CET disable (DisableCet() in
> > DisableReadOnlyPageWriteProtect), but normal smi stack will be
> > continue updated with the function called and return
> > (DisableReadOnlyPageWriteProtect & EnableReadOnlyPageWriteProtect),
> > thus leading stack mismatch after CET re-enabled (EnableCet() in
> > EnableReadOnlyPageWriteProtect).
> >
> > According SDM Vol 3, 6.15-Control Protection Exception:
> > Normal smi stack and shadow stack must be matched when CET enable,
> > otherwise CP Exception will happen, which is caused by a near RET
> > instruction.
> >
> > CET is disabled in DisableCet(), while can be enabled in
> > EnableCet(). This way won't cause the problem because they are
> > implemented in a way that return address of DisableCet() is
> > poped out from shadow stack (Incsspq performs a pop to increases
> > the shadow stack) and EnableCet() doesn't use "RET" but "JMP" to
> > return to caller. So calling EnableCet() and DisableCet() doesn't
> > have the same issue as calling DisableReadonlyPageWriteProtect()
> > and EnableReadonlyPageWriteProtect().
> >
> > With above root cause & analysis, define below 2 macros instead of
> > functions for WP & CET operation:
> > WRITE_UNPROTECT_RO_PAGES (Wp, Cet)
> > WRITE_PROTECT_RO_PAGES (Wp, Cet)
> > Because DisableCet() & EnableCet() must be in the same function
> > to avoid shadow stack and normal SMI stack mismatch.
> >
> > Note: WRITE_UNPROTECT_RO_PAGES () must be called pair with
> > WRITE_PROTECT_RO_PAGES () in same function.
> >
> > Cc: Eric Dong 
> > Cc: Ray Ni 
> > Cc: Zeng Star 
> > Cc: Gerd Hoffmann 
> > Cc: Rahul Kumar 
> > Cc: Laszlo Ersek 
> > Signed-off-by: Jiaxin Wu 
> > ---
> >  UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 59
> +
> >  UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 73
> +-
> >  UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c |  7 ++-
> >  3 files changed, 81 insertions(+), 58 deletions(-)
> 
> Reviewed-by: Laszlo Ersek 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110880): https://edk2.groups.io/g/devel/message/110880
Mute This Topic: https://groups.io/mt/102434876/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET enable

[Wu, Jiaxin]

Thanks Laszlo, all fixed in version 3.

> -Original Message-
> From: Laszlo Ersek 
> Sent: Sunday, November 5, 2023 7:01 PM
> To: Wu, Jiaxin ; devel@edk2.groups.io
> Cc: Dong, Eric ; Ni, Ray ; Zeng, Star
> ; Gerd Hoffmann ; Kumar, Rahul R
> 
> Subject: Re: [PATCH v2] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception
> when CET enable
> 
> Hi Jiaxin,
> 
> looks great; now I'm only asking for a few light touch-ups:
> 
> On 11/3/23 19:37, Jiaxin Wu wrote:
> > Shadow stack will stop update after CET disable (DisableCet in
> > DisableReadOnlyPageWriteProtect), but normal smi stack will be
> > continue updated with the function return and enter
> > (DisableReadOnlyPageWriteProtect & EnableReadOnlyPageWriteProtect),
> > thus leading stack mismatch after CET re-enabled (EnableCet in
> > EnableReadOnlyPageWriteProtect).
> >
> > Normal smi stack and shadow stack must be matched when CET enable,
> > otherwise CP Exception will happen, which is caused by a near RET
> > instruction (See SDM Vol 3, 6.15-Control Protection Exception).
> >
> > With above requirement, define below 2 macros instead of functions
> > for WP & CET operation:
> > WRITE_UNPROTECT_RO_PAGES (Wp, Cet)
> > WRITE_PROTECT_RO_PAGES (Wp, Cet)
> > Because "CET" feature disable & enable must be in the same
> > function to avoid shadow stack and normal SMI stack mismatch.
> >
> > Note: WRITE_UNPROTECT_RO_PAGES () must be called pair with
> > WRITE_PROTECT_RO_PAGES () in same function.
> >
> > Change-Id: I4e126697efcd8dbfb4887da034d8691bfca969e3
> 
> (1) Please drop the Change-Id line; it is not meaningful in the upstream
> repo.
> 
> > Cc: Eric Dong 
> > Cc: Ray Ni 
> > Cc: Zeng Star 
> > Cc: Gerd Hoffmann 
> > Cc: Rahul Kumar 
> > Cc: Laszlo Ersek 
> > Signed-off-by: Jiaxin Wu 
> > ---
> >  UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 46
> ---
> >  UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 96
> +++---
> >  UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 13 ++-
> >  3 files changed, 94 insertions(+), 61 deletions(-)
> >
> > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> > index 654935dc76..5d167899ff 100644
> > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
> > @@ -1551,29 +1551,51 @@ VOID
> >  SmmWaitForApArrival (
> >VOID
> >);
> >
> >  /**
> > -  Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1.
> > +  Write unprotect read-only pages if Cr0.Bits.WP is 1.
> > +
> > +  @param[out]  WriteProtect  If Cr0.WP is enabled.
> 
> (2) The comment references to the WP bit are not consistent. We should
> either stick with Cr0.WP or Cr0.Bits.WP, but not mix them.
> 
> I understand this inconsistency exists pre-patch, but because we're
> modifying the same sentences, I think it would be OK to clean up the WP
> bit references as well, at the same time.
> 
> >
> > -  @param[out]  WpEnabled  If Cr0.WP is enabled.
> > -  @param[out]  CetEnabled If CET is enabled.
> >  **/
> >  VOID
> > -DisableReadOnlyPageWriteProtect (
> > -  OUT BOOLEAN  *WpEnabled,
> > -  OUT BOOLEAN  *CetEnabled
> > +SmmWriteUnprotectReadOnlyPage (
> > +  OUT BOOLEAN  *WriteProtect
> >);
> >
> >  /**
> > -  Enable Write Protect on pages marked as read-only.
> > +  Write protect read-only pages.
> > +
> > +  @param[out]  WriteProtect  If Cr0.WP should be enabled.
> >
> > -  @param[out]  WpEnabled  If Cr0.WP should be enabled.
> > -  @param[out]  CetEnabled If CET should be enabled.
> >  **/
> >  VOID
> > -EnableReadOnlyPageWriteProtect (
> > -  BOOLEAN  WpEnabled,
> > -  BOOLEAN  CetEnabled
> > +SmmWriteProtectReadOnlyPage (
> > +  IN  BOOLEAN  WriteProtect
> >);
> 
> (3) If, under (2), you opt for preserving "Cr0.Bits.WP", then please use
> that term here too.
> 
> >
> > +///
> > +/// Below pieces of logic are defined as macros and not functions
> > +/// because "CET" feature disable & enable must be in the same
> > +/// function to avoid shadow stack and normal SMI stack mismatch,
> > +/// thus WRITE_UNPROTECT_RO_PAGES () must be called pair with
> > +/// WRITE_PROTECT_RO_PAGES () in same function.
> > +///
> > +#define WRITE_UNPROTECT_RO_PAGES(Wp, Cet) \
> > +{ \
> > +  Cet = ((AsmReadCr4 () &

[edk2-devel] [PATCH v3] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET enable

[Wu, Jiaxin]

Shadow stack will stop update after CET disable (DisableCet in
DisableReadOnlyPageWriteProtect), but normal smi stack will be
continue updated with the function return and enter
(DisableReadOnlyPageWriteProtect & EnableReadOnlyPageWriteProtect),
thus leading stack mismatch after CET re-enabled (EnableCet in
EnableReadOnlyPageWriteProtect).

Normal smi stack and shadow stack must be matched when CET enable,
otherwise CP Exception will happen, which is caused by a near RET
instruction (See SDM Vol 3, 6.15-Control Protection Exception).

With above requirement, define below 2 macros instead of functions
for WP & CET operation:
WRITE_UNPROTECT_RO_PAGES (Wp, Cet)
WRITE_PROTECT_RO_PAGES (Wp, Cet)
Because "CET" feature disable & enable must be in the same
function to avoid shadow stack and normal SMI stack mismatch.

Note: WRITE_UNPROTECT_RO_PAGES () must be called pair with
WRITE_PROTECT_RO_PAGES () in same function.

Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Gerd Hoffmann 
Cc: Rahul Kumar 
Cc: Laszlo Ersek 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 59 +
 UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 73 +-
 UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c |  7 ++-
 3 files changed, 81 insertions(+), 58 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h 
b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
index 654935dc76..20ada465c2 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
@@ -1551,29 +1551,64 @@ VOID
 SmmWaitForApArrival (
   VOID
   );
 
 /**
-  Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1.
+  Write unprotect read-only pages if Cr0.Bits.WP is 1.
+
+  @param[out]  WriteProtect  If Cr0.Bits.WP is enabled.
 
-  @param[out]  WpEnabled  If Cr0.WP is enabled.
-  @param[out]  CetEnabled If CET is enabled.
 **/
 VOID
-DisableReadOnlyPageWriteProtect (
-  OUT BOOLEAN  *WpEnabled,
-  OUT BOOLEAN  *CetEnabled
+SmmWriteUnprotectReadOnlyPage (
+  OUT BOOLEAN  *WriteProtect
   );
 
 /**
-  Enable Write Protect on pages marked as read-only.
+  Write protect read-only pages.
+
+  @param[in]  WriteProtect  If Cr0.Bits.WP should be enabled.
 
-  @param[out]  WpEnabled  If Cr0.WP should be enabled.
-  @param[out]  CetEnabled If CET should be enabled.
 **/
 VOID
-EnableReadOnlyPageWriteProtect (
-  BOOLEAN  WpEnabled,
-  BOOLEAN  CetEnabled
+SmmWriteProtectReadOnlyPage (
+  IN  BOOLEAN  WriteProtect
   );
 
+///
+/// Define macros to encapsulate the write unprotect/protect
+/// read-only pages.
+/// Below pieces of logic are defined as macros and not functions
+/// because "CET" feature disable & enable must be in the same
+/// function to avoid shadow stack and normal SMI stack mismatch,
+/// thus WRITE_UNPROTECT_RO_PAGES () must be called pair with
+/// WRITE_PROTECT_RO_PAGES () in same function.
+///
+/// @param[in,out] Wp   A BOOLEAN variable local to the containing
+/// function, carrying write protection status from
+/// WRITE_UNPROTECT_RO_PAGES() to
+/// WRITE_PROTECT_RO_PAGES().
+///
+/// @param[in,out] Cet  A BOOLEAN variable local to the containing
+/// function, carrying control flow integrity
+/// enforcement status from
+/// WRITE_UNPROTECT_RO_PAGES() to
+/// WRITE_PROTECT_RO_PAGES().
+///
+#define WRITE_UNPROTECT_RO_PAGES(Wp, Cet) \
+  do { \
+Cet = ((AsmReadCr4 () & CR4_CET_ENABLE) != 0); \
+if (Cet) { \
+  DisableCet (); \
+} \
+SmmWriteUnprotectReadOnlyPage (); \
+  } while (FALSE)
+
+#define WRITE_PROTECT_RO_PAGES(Wp, Cet) \
+  do { \
+SmmWriteProtectReadOnlyPage (Wp); \
+if (Cet) { \
+  EnableCet (); \
+} \
+  } while (FALSE)
+
 #endif
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
index 6f49866615..3d445df213 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
@@ -39,64 +39,47 @@ PAGE_TABLE_POOL  *mPageTablePool = NULL;
 // If memory used by SMM page table has been mareked as ReadOnly.
 //
 BOOLEAN  mIsReadOnlyPageTable = FALSE;
 
 /**
-  Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1.
+  Write unprotect read-only pages if Cr0.Bits.WP is 1.
+
+  @param[out]  WriteProtect  If Cr0.Bits.WP is enabled.
 
-  @param[out]  WpEnabled  If Cr0.WP is enabled.
-  @param[out]  CetEnabled If CET is enabled.
 **/
 VOID
-DisableReadOnlyPageWriteProtect (
-  OUT BOOLEAN  *WpEnabled,
-  OUT BOOLEAN  *CetEnabled
+SmmWriteUnprotectReadOnlyPage (
+  OUT BOOLEAN  *WriteProtect
   )
 {
   IA32_CR0  Cr0;
 
-  *CetEnabled = ((AsmReadCr4 () & CR4_CET_ENABLE) != 0) ? TRUE : FALSE;
-  Cr0.UintN   = AsmReadCr0 ();
-  *WpEnabled  = (Cr0.Bits.WP != 0) ? TRUE : FALSE;
-  if 

Re: [edk2-devel] [PATCH v3] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET enable

[Wu, Jiaxin]

Yes, ray, the flow is right, and I confirmed with CET feature owner about the 
EnableCet() & DisableCet() behavior before patch out.

Incsspq in DisableCet() performs a pop to increases the shadow stack, while POP 
& JMP in EnableCet() make sure return to caller without check failure.

I will refine the commit log to include your great suggestion. Thank you very 
much!

Jiaxin





From: Ni, Ray 
Sent: Monday, November 6, 2023 5:41 PM
To: Wu, Jiaxin ; devel@edk2.groups.io
Cc: Dong, Eric ; Zeng, Star ; Gerd 
Hoffmann ; Kumar, Rahul R ; Laszlo 
Ersek 
Subject: Re: [PATCH v3] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET 
enable

The commit message doesn't explain the root cause of the issue very clearly.
(I am sure that you understand the issue very clearly. But I see improvements 
in explaining it.)

I guess the root cause is due to the code flow as follows:
1. Before DisableReadonlyPageWriteProtect() is called, the return address (#1) 
is pushed in shadow stack.
2. CET is disabled.
3. DisableReadonlyPageWriteProtect() returns to #1.
4. Page table is modified.
5. EnableReadonlyPageWriteProtect() is called, but the return address (#2) is 
not pushed in shadow stack.
6. CET is enabled.
7. EnableReadonlyPageWriteProtect() returns to #2.
#CP exception happens because the actual return address (#2) doesn't match the 
return address stored in shadow stack (#1).

If yes, can you update the commit to explain in above way?

Also, please emphasize  that EnableCet() and DisableCet() is implemented in a 
way that return address of DisableCet() is poped  out
from shadow stack and EnableCet() doesn't use "RET" but "JMP" to return to 
caller. So calling EnableCet() and DisableCet() doesn't
have the same issue as calling DisableReadonlyPageWriteProtect() and 
EnableReadonlyPageWriteProtect().

Thanks,
Ray

____________
From: Wu, Jiaxin mailto:jiaxin...@intel.com>>
Sent: Monday, November 6, 2023 10:46 AM
To: devel@edk2.groups.io<mailto:devel@edk2.groups.io> 
mailto:devel@edk2.groups.io>>
Cc: Dong, Eric mailto:eric.d...@intel.com>>; Ni, Ray 
mailto:ray...@intel.com>>; Zeng, Star 
mailto:star.z...@intel.com>>; Gerd Hoffmann 
mailto:kra...@redhat.com>>; Kumar, Rahul R 
mailto:rahul.r.ku...@intel.com>>; Laszlo Ersek 
mailto:ler...@redhat.com>>
Subject: [PATCH v3] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET enable

Shadow stack will stop update after CET disable (DisableCet in
DisableReadOnlyPageWriteProtect), but normal smi stack will be
continue updated with the function return and enter
(DisableReadOnlyPageWriteProtect & EnableReadOnlyPageWriteProtect),
thus leading stack mismatch after CET re-enabled (EnableCet in
EnableReadOnlyPageWriteProtect).

Normal smi stack and shadow stack must be matched when CET enable,
otherwise CP Exception will happen, which is caused by a near RET
instruction (See SDM Vol 3, 6.15-Control Protection Exception).

With above requirement, define below 2 macros instead of functions
for WP & CET operation:
WRITE_UNPROTECT_RO_PAGES (Wp, Cet)
WRITE_PROTECT_RO_PAGES (Wp, Cet)
Because "CET" feature disable & enable must be in the same
function to avoid shadow stack and normal SMI stack mismatch.

Note: WRITE_UNPROTECT_RO_PAGES () must be called pair with
WRITE_PROTECT_RO_PAGES () in same function.

Cc: Eric Dong mailto:eric.d...@intel.com>>
Cc: Ray Ni mailto:ray...@intel.com>>
Cc: Zeng Star mailto:star.z...@intel.com>>
Cc: Gerd Hoffmann mailto:kra...@redhat.com>>
Cc: Rahul Kumar mailto:rahul1.ku...@intel.com>>
Cc: Laszlo Ersek mailto:ler...@redhat.com>>
Signed-off-by: Jiaxin Wu mailto:jiaxin...@intel.com>>
---
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 59 +
 UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 73 +-
 UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c |  7 ++-
 3 files changed, 81 insertions(+), 58 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h 
b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
index 654935dc76..20ada465c2 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
@@ -1551,29 +1551,64 @@ VOID
 SmmWaitForApArrival (
   VOID
   );

 /**
-  Disable Write Protect on pages marked as read-only if Cr0.Bits.WP is 1.
+  Write unprotect read-only pages if Cr0.Bits.WP is 1.
+
+  @param[out]  WriteProtect  If Cr0.Bits.WP is enabled.

-  @param[out]  WpEnabled  If Cr0.WP is enabled.
-  @param[out]  CetEnabled If CET is enabled.
 **/
 VOID
-DisableReadOnlyPageWriteProtect (
-  OUT BOOLEAN  *WpEnabled,
-  OUT BOOLEAN  *CetEnabled
+SmmWriteUnprotectReadOnlyPage (
+  OUT BOOLEAN  *WriteProtect
   );

 /**
-  Enable Write Protect on pages marked as read-only.
+  Write protect read-only pages.
+
+  @param[in]  WriteProtect  If Cr0.Bits.WP should be enabled.

-  @param[out]  WpEnabled 

[edk2-devel] [PATCH v1 2/2] UefiCpuPkg/PiSmmCpuDxeSmm: Reduce the times of BSP and AP sync for exit

[Wu, Jiaxin]

After review, there are unnecessary steps for BSP and AP sync for exit.
This patch is to reduce one round BSP and AP sync for exit so as to
improve SMM performance:
WaitForAllAPs <- ReleaseBsp
ReleaseAllAPs -> WaitForBsp

Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 44 +++
 1 file changed, 24 insertions(+), 20 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
index e96c7f51d6..5a42a5dd12 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
@@ -665,11 +665,13 @@ BSPHandler (
 //
 *mSmmMpSyncData->AllCpusInSync = TRUE;
 ApCount= LockdownSemaphore 
(mSmmMpSyncData->Counter) - 1;
 
 //
-// Wait for all APs to get ready for programming MTRRs
+// Wait for all APs:
+// 1. Make sure all Aps have set the Present.
+// 2. Get ready for programming MTRRs.
 //
 WaitForAllAPs (ApCount);
 
 if (SmmCpuFeaturesNeedConfigureMtrrs ()) {
   //
@@ -768,16 +770,16 @@ BSPHandler (
   // Notify all APs to exit
   //
   *mSmmMpSyncData->InsideSmm = FALSE;
   ReleaseAllAPs ();
 
-  //
-  // Wait for all APs to complete their pending tasks
-  //
-  WaitForAllAPs (ApCount);
-
   if (SmmCpuFeaturesNeedConfigureMtrrs ()) {
+//
+// Wait for all APs to complete their pending tasks
+//
+WaitForAllAPs (ApCount);
+
 //
 // Signal APs to restore MTRRs
 //
 ReleaseAllAPs ();
 
@@ -789,23 +791,23 @@ BSPHandler (
 
 //
 // Wait for all APs to complete MTRR programming
 //
 WaitForAllAPs (ApCount);
+
+//
+// Signal APs to Reset states/semaphore for this processor
+//
+ReleaseAllAPs ();
   }
 
   //
   // Stop source level debug in BSP handler, the code below will not be
   // debugged.
   //
   InitializeDebugAgent (DEBUG_AGENT_INIT_EXIT_SMI, NULL, NULL);
 
-  //
-  // Signal APs to Reset states/semaphore for this processor
-  //
-  ReleaseAllAPs ();
-
   //
   // Perform pending operations for hot-plug
   //
   SmmCpuUpdate ();
 
@@ -941,10 +943,12 @@ APHandler (
   *(mSmmMpSyncData->CpuData[CpuIndex].Present) = TRUE;
 
   if ((SyncMode == SmmCpuSyncModeTradition) || 
SmmCpuFeaturesNeedConfigureMtrrs ()) {
 //
 // Notify BSP of arrival at this point
+// 1. Set the Present.
+// 2. Get ready for programming MTRRs.
 //
 ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
   }
 
   if (SmmCpuFeaturesNeedConfigureMtrrs ()) {
@@ -1033,21 +1037,21 @@ APHandler (
 //
 // Restore OS MTRRs
 //
 SmmCpuFeaturesReenableSmrr ();
 MtrrSetAllMtrrs ();
-  }
 
-  //
-  // Notify BSP the readiness of this AP to Reset states/semaphore for this 
processor
-  //
-  ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
+//
+// Notify BSP the readiness of this AP to Reset states/semaphore for this 
processor
+//
+ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
 
-  //
-  // Wait for the signal from BSP to Reset states/semaphore for this processor
-  //
-  WaitForBsp (mSmmMpSyncData->CpuData[CpuIndex].Run);
+//
+// Wait for the signal from BSP to Reset states/semaphore for this 
processor
+//
+WaitForBsp (mSmmMpSyncData->CpuData[CpuIndex].Run);
+  }
 
   //
   // Reset states/semaphore for this processor
   //
   *(mSmmMpSyncData->CpuData[CpuIndex].Present) = FALSE;
-- 
2.16.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#109068): https://edk2.groups.io/g/devel/message/109068
Mute This Topic: https://groups.io/mt/101593530/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 0/2] Optimize semaphore sync between BSP and AP

[Wu, Jiaxin]

The series patches are to optimize semaphore sync between BSP
and AP:
Patch 1: Define 3 functions (WaitForBsp & ReleaseBsp & ReleaseOneAp)
specific for BSP & AP sync, which will make the flow easy to
understand.
Patch 2: Reduce one round BSP and AP sync for exit so as to
improve SMM performance

Jiaxin Wu (2):
  UefiCpuPkg/PiSmmCpuDxeSmm: Optimize semaphore sync between BSP and AP
  UefiCpuPkg/PiSmmCpuDxeSmm: Reduce the times of BSP and AP sync for
exit

 UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 112 --
 1 file changed, 80 insertions(+), 32 deletions(-)

-- 
2.16.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#109066): https://edk2.groups.io/g/devel/message/109066
Mute This Topic: https://groups.io/mt/101593527/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 1/2] UefiCpuPkg/PiSmmCpuDxeSmm: Optimize semaphore sync between BSP and AP

[Wu, Jiaxin]

This patch is to:
1. Define 2 new functions (WaitForBsp & ReleaseBsp) used
for the semaphore sync between BSP & AP.
2. Add ReleaseOneAp(), used for BSP to release one AP.

With the change, BSP & AP Sync flow will be easy understand:
BSP to Release All APs ---> AP to Wait BSP
ReleaseAllAPs ()WaitForBsp
BSP to Wait All APs<--- AP to Release BSP
WaitForAllAPs ()ReleaseBsp

BSP to Release One Ap  ---> AP to Wait BSP
ReleaseOneAp () ReleaseBsp

Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 72 ---
 1 file changed, 58 insertions(+), 14 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
index 25d058c5b9..e96c7f51d6 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
@@ -120,10 +120,11 @@ LockdownSemaphore (
 
   return Value;
 }
 
 /**
+  Used for BSP to wait all APs.
   Wait all APs to performs an atomic compare exchange operation to release 
semaphore.
 
   @param   NumberOfAPs  AP number
 
 **/
@@ -139,10 +140,11 @@ WaitForAllAPs (
 WaitForSemaphore (mSmmMpSyncData->CpuData[BspIndex].Run);
   }
 }
 
 /**
+  Used for BSP to release all APs.
   Performs an atomic compare exchange operation to release semaphore
   for each AP.
 
 **/
 VOID
@@ -157,10 +159,52 @@ ReleaseAllAPs (
   ReleaseSemaphore (mSmmMpSyncData->CpuData[Index].Run);
 }
   }
 }
 
+/**
+  Used for BSP to release one AP.
+
+  @param  ApSem IN:  32-bit unsigned integer
+OUT: original integer + 1
+**/
+VOID
+ReleaseOneAp   (
+  IN OUT  volatile UINT32  *ApSem
+  )
+{
+  ReleaseSemaphore (ApSem);
+}
+
+/**
+  Used for AP to wait BSP.
+
+  @param  ApSem  IN:  32-bit unsigned integer
+ OUT: original integer 0
+**/
+VOID
+WaitForBsp  (
+  IN OUT  volatile UINT32  *ApSem
+  )
+{
+  WaitForSemaphore (ApSem);
+}
+
+/**
+  Used for AP to release BSP.
+
+  @param  BspSem IN:  32-bit unsigned integer
+ OUT: original integer + 1
+**/
+VOID
+ReleaseBsp   (
+  IN OUT  volatile UINT32  *BspSem
+  )
+{
+  ReleaseSemaphore (BspSem);
+}
+
 /**
   Check whether the index of CPU perform the package level register
   programming during System Management Mode initialization.
 
   The index of Processor specified by mPackageFirstThreadIndex[PackageIndex]
@@ -632,11 +676,11 @@ BSPHandler (
   // Signal all APs it's time for backup MTRRs
   //
   ReleaseAllAPs ();
 
   //
-  // WaitForSemaphore() may wait for ever if an AP happens to enter SMM at
+  // WaitForBsp() may wait for ever if an AP happens to enter SMM at
   // exactly this point. Please make sure PcdCpuSmmMaxSyncLoops has been 
set
   // to a large enough value to avoid this situation.
   // Note: For HT capable CPUs, threads within a core share the same set 
of MTRRs.
   // We do the backup first and then set MTRR to avoid race condition for 
threads
   // in the same core.
@@ -652,11 +696,11 @@ BSPHandler (
   // Let all processors program SMM MTRRs together
   //
   ReleaseAllAPs ();
 
   //
-  // WaitForSemaphore() may wait for ever if an AP happens to enter SMM at
+  // WaitForBsp() may wait for ever if an AP happens to enter SMM at
   // exactly this point. Please make sure PcdCpuSmmMaxSyncLoops has been 
set
   // to a large enough value to avoid this situation.
   //
   ReplaceOSMtrrs (CpuIndex);
 
@@ -898,50 +942,50 @@ APHandler (
 
   if ((SyncMode == SmmCpuSyncModeTradition) || 
SmmCpuFeaturesNeedConfigureMtrrs ()) {
 //
 // Notify BSP of arrival at this point
 //
-ReleaseSemaphore (mSmmMpSyncData->CpuData[BspIndex].Run);
+ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
   }
 
   if (SmmCpuFeaturesNeedConfigureMtrrs ()) {
 //
 // Wait for the signal from BSP to backup MTRRs
 //
-WaitForSemaphore (mSmmMpSyncData->CpuData[CpuIndex].Run);
+WaitForBsp (mSmmMpSyncData->CpuData[CpuIndex].Run);
 
 //
 // Backup OS MTRRs
 //
 MtrrGetAllMtrrs ();
 
 //
 // Signal BSP the completion of this AP
 //
-ReleaseSemaphore (mSmmMpSyncData->CpuData[BspIndex].Run);
+ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
 
 //
 // Wait for BSP's signal to program MTRRs
 //
-WaitForSemaphore (mSmmMpSyncData->CpuData[CpuIndex].Run);
+WaitForBsp (mSmmMpSyncData->CpuData[CpuIndex].Run);
 
 //
 // Replace OS MTRRs with SMI MTRRs
 //
 ReplaceOSMtrrs (CpuIndex);
 
 //
 // Signal BSP the completion of this AP
 //
-ReleaseSemaphore (mSmmMpSyncData->CpuData[BspIndex].Run);
+ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
   }
 
   while (TRUE) {
 //
 // Wait for something to happen
 //
-WaitForSemaphore 

Re: [edk2-devel] [PATCH v1] UefiCpuPkg/SmmCpu: Refine semaphore sync between BSP and AP

[Wu, Jiaxin]

+Mike for this review. 



> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Wu,
> Jiaxin
> Sent: Wednesday, August 9, 2023 5:04 PM
> To: devel@edk2.groups.io
> Cc: Dong, Eric ; Ni, Ray ; Zeng, Star
> ; Kumar, Rahul R ; Gerd
> Hoffmann 
> Subject: [edk2-devel] [PATCH v1] UefiCpuPkg/SmmCpu: Refine semaphore
> sync between BSP and AP
> 
> For SMM CPU semaphore sync, there is no need atomic semaphore
> operation, just use the flag to indicate it has complete the
> wait/release. Based on this, this patch is to refine 2 functions
> (WaitForAllAPs & ReleaseAllAPs) and define 2 new functions
> (WaitForBsp & ReleaseBsp) used for the semaphore sync between
> BSP & AP.
> 
> Sync flow like below:
> 1. BSP to Release All APs ---> 1. AP to Wait BSP
>ReleaseAllAPs ()   WaitForBsp
> 2. BSP to Wait All APs<--- 2. AP to Release BSP
>WaitForAllAPs ()   ReleaseBsp
> 
> With this change, SMM CPU semaphore sync for SMI exit performance
> will be significant improved.
> 
> Cc: Eric Dong 
> Cc: Ray Ni 
> Cc: Zeng Star 
> Cc: Rahul Kumar 
> Cc: Gerd Hoffmann 
> Signed-off-by: Jiaxin Wu 
> ---
>  UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 68
> ++-
>  1 file changed, 51 insertions(+), 17 deletions(-)
> 
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
> b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
> index 25d058c5b9..0bf460e81c 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
> @@ -120,11 +120,11 @@ LockdownSemaphore (
> 
>return Value;
>  }
> 
>  /**
> -  Wait all APs to performs an atomic compare exchange operation to release
> semaphore.
> +  Used for BSP to wait all APs.
> 
>@param   NumberOfAPs  AP number
> 
>  **/
>  VOID
> @@ -133,18 +133,19 @@ WaitForAllAPs (
>)
>  {
>UINTN  BspIndex;
> 
>BspIndex = mSmmMpSyncData->BspIndex;
> -  while (NumberOfAPs-- > 0) {
> -WaitForSemaphore (mSmmMpSyncData->CpuData[BspIndex].Run);
> +  while (NumberOfAPs != *mSmmMpSyncData->CpuData[BspIndex].Run) {
> +CpuPause ();
>}
> +
> +  *mSmmMpSyncData->CpuData[BspIndex].Run = 0;
>  }
> 
>  /**
> -  Performs an atomic compare exchange operation to release semaphore
> -  for each AP.
> +  Used for BSP to release all APs.
> 
>  **/
>  VOID
>  ReleaseAllAPs (
>VOID
> @@ -152,15 +153,48 @@ ReleaseAllAPs (
>  {
>UINTN  Index;
> 
>for (Index = 0; Index < mMaxNumberOfCpus; Index++) {
>  if (IsPresentAp (Index)) {
> -  ReleaseSemaphore (mSmmMpSyncData->CpuData[Index].Run);
> +  ASSERT (*mSmmMpSyncData->CpuData[Index].Run == 0);
> +  *mSmmMpSyncData->CpuData[Index].Run  = 1;
>  }
>}
>  }
> 
> +/**
> +  Used for Ap to wait BSP.
> +
> +  @param  ApSem  IN:  32-bit unsigned integer
> + OUT: original integer 0
> +**/
> +VOID
> +WaitForBsp  (
> +  IN OUT  volatile UINT32 *ApSem
> +  )
> +{
> +  while (*ApSem == 0) {
> +CpuPause ();
> +  }
> +
> +  *ApSem = 0;
> +}
> +
> +/**
> +  Used for Ap to release BSP.
> +
> +  @param  BspSem IN:  32-bit unsigned integer
> + OUT: original integer + 1
> +**/
> +VOID
> +ReleaseBsp   (
> +  IN OUT  volatile UINT32  *BspSem
> +  )
> +{
> +  InterlockedIncrement (BspSem);
> +}
> +
>  /**
>Check whether the index of CPU perform the package level register
>programming during System Management Mode initialization.
> 
>The index of Processor specified by
> mPackageFirstThreadIndex[PackageIndex]
> @@ -898,50 +932,50 @@ APHandler (
> 
>if ((SyncMode == SmmCpuSyncModeTradition) ||
> SmmCpuFeaturesNeedConfigureMtrrs ()) {
>  //
>  // Notify BSP of arrival at this point
>  //
> -ReleaseSemaphore (mSmmMpSyncData->CpuData[BspIndex].Run);
> +ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
>}
> 
>if (SmmCpuFeaturesNeedConfigureMtrrs ()) {
>  //
>  // Wait for the signal from BSP to backup MTRRs
>  //
> -WaitForSemaphore (mSmmMpSyncData->CpuData[CpuIndex].Run);
> +WaitForBsp (mSmmMpSyncData->CpuData[CpuIndex].Run);
> 
>  //
>  // Backup OS MTRRs
>  //
>  MtrrGetAllMtrrs ();
> 
>  //
>  // Signal BSP the completion of this AP
>  //
> -ReleaseSemaphore (mSmmMpSyncData->CpuData[BspIndex].Run);
> +ReleaseBsp (mSmmMpSyncData->CpuData[BspIndex].Run);
> 
>  //
>  // Wait for BSP's signal to program MTRRs
>  //
> -  

Re: [edk2-devel] [PATCH v4] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET enable

[Wu, Jiaxin]

Thank you, Mike, the PR (https://github.com/tianocore/edk2/pull/4867) has been 
synced & updated with reviewed by tag, and we can merge once pass the CI check.



> -Original Message-
> From: Kinney, Michael D 
> Sent: Friday, November 10, 2023 8:25 AM
> To: Wu, Jiaxin ; Laszlo Ersek ;
> devel@edk2.groups.io; Gao, Liming 
> Cc: Dong, Eric ; Ni, Ray ; Zeng, Star
> ; Gerd Hoffmann ; Kumar, Rahul R
> ; Kinney, Michael D 
> Subject: RE: [edk2-devel] [PATCH v4] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP
> Exception when CET enable
> 
> I approve this change for edk2-stable202311
> 
> The PR looks out of sync with this email patch.
> 
> Can you please update PR with latest patch and commit
> message that was reviewed and add review tags?
> 
> Mike
> 
> > -Original Message-
> > From: Wu, Jiaxin 
> > Sent: Thursday, November 9, 2023 4:01 PM
> > To: Laszlo Ersek ; devel@edk2.groups.io; Gao,
> > Liming ; Kinney, Michael D
> > 
> > Cc: Dong, Eric ; Ni, Ray ;
> > Zeng, Star ; Gerd Hoffmann ;
> > Kumar, Rahul R 
> > Subject: RE: [edk2-devel] [PATCH v4] UefiCpuPkg/PiSmmCpuDxeSmm: Fix
> CP
> > Exception when CET enable
> >
> > Hi Liming & Mike,
> >
> > Could you help approve & merge this patch into stable tag? It has got
> > below reviewed-by:
> >
> > Reviewed-by: Laszlo Ersek 
> > Reviewed-by: Ray Ni 
> > Reviewed-by: Eric Dong 
> >
> > I also created the PR: https://github.com/tianocore/edk2/pull/4867
> >
> > Thanks,
> > Jiaxin
> >
> >
> > > -Original Message-
> > > From: Wu, Jiaxin
> > > Sent: Wednesday, November 8, 2023 9:17 AM
> > > To: Laszlo Ersek ; devel@edk2.groups.io; Gao,
> > Liming
> > > ; Kinney, Michael D
> > > 
> > > Cc: Dong, Eric ; Ni, Ray ;
> > Zeng, Star
> > > ; Gerd Hoffmann ; Kumar,
> > Rahul R
> > > 
> > > Subject: RE: [edk2-devel] [PATCH v4] UefiCpuPkg/PiSmmCpuDxeSmm: Fix
> > CP
> > > Exception when CET enable
> > >
> > > Hi Liming & Mike & Ray,
> > >
> > > Could you help approve this change for the coming edk2 stable tag?
> > This is
> > > critical bug fix in smm cpu driver to handler the CET check failure,
> > I think we
> > > need this change for the stable tag.
> > >
> > > Thanks,
> > > Jiaxin
> > >
> > > > -Original Message-
> > > > From: Laszlo Ersek 
> > > > Sent: Wednesday, November 8, 2023 2:57 AM
> > > > To: devel@edk2.groups.io; Wu, Jiaxin 
> > > > Cc: Dong, Eric ; Ni, Ray ;
> > Zeng, Star
> > > > ; Gerd Hoffmann ; Kumar,
> > Rahul
> > > R
> > > > 
> > > > Subject: Re: [edk2-devel] [PATCH v4] UefiCpuPkg/PiSmmCpuDxeSmm:
> > Fix
> > > CP
> > > > Exception when CET enable
> > > >
> > > > On 11/7/23 02:24, Wu, Jiaxin wrote:
> > > > > Root cause:
> > > > > 1. Before DisableReadonlyPageWriteProtect() is called, the
> > return
> > > > > address (#1) is pushed in shadow stack.
> > > > > 2. CET is disabled.
> > > > > 3. DisableReadonlyPageWriteProtect() returns to #1.
> > > > > 4. Page table is modified.
> > > > > 5. EnableReadonlyPageWriteProtect() is called, but the return
> > > > > address (#2) is not pushed in shadow stack.
> > > > > 6. CET is enabled.
> > > > > 7. EnableReadonlyPageWriteProtect() returns to #2.
> > > > > #CP exception happens because the actual return address (#2)
> > > > > doesn't match the return address stored in shadow stack (#1).
> > > > >
> > > > > Analysis:
> > > > > Shadow stack will stop update after CET disable (DisableCet() in
> > > > > DisableReadOnlyPageWriteProtect), but normal smi stack will be
> > > > > continue updated with the function called and return
> > > > > (DisableReadOnlyPageWriteProtect &
> > EnableReadOnlyPageWriteProtect),
> > > > > thus leading stack mismatch after CET re-enabled (EnableCet() in
> > > > > EnableReadOnlyPageWriteProtect).
> > > > >
> > > > > According SDM Vol 3, 6.15-Control Protection Exception:
> > > > > Normal smi stack and shadow stack must be matched when CET
> > enable,
> > > > > otherwise CP Exception will happen, which is caused by a near
> > RET
> > > > > instruction.
>

Re: [edk2-devel] [PATCH v4] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP Exception when CET enable

[Wu, Jiaxin]

Hi Liming & Mike,

Could you help approve & merge this patch into stable tag? It has got below 
reviewed-by:

Reviewed-by: Laszlo Ersek 
Reviewed-by: Ray Ni 
Reviewed-by: Eric Dong 

I also created the PR: https://github.com/tianocore/edk2/pull/4867

Thanks,
Jiaxin 


> -Original Message-----
> From: Wu, Jiaxin
> Sent: Wednesday, November 8, 2023 9:17 AM
> To: Laszlo Ersek ; devel@edk2.groups.io; Gao, Liming
> ; Kinney, Michael D
> 
> Cc: Dong, Eric ; Ni, Ray ; Zeng, Star
> ; Gerd Hoffmann ; Kumar, Rahul R
> 
> Subject: RE: [edk2-devel] [PATCH v4] UefiCpuPkg/PiSmmCpuDxeSmm: Fix CP
> Exception when CET enable
> 
> Hi Liming & Mike & Ray,
> 
> Could you help approve this change for the coming edk2 stable tag? This is
> critical bug fix in smm cpu driver to handler the CET check failure, I think 
> we
> need this change for the stable tag.
> 
> Thanks,
> Jiaxin
> 
> > -Original Message-
> > From: Laszlo Ersek 
> > Sent: Wednesday, November 8, 2023 2:57 AM
> > To: devel@edk2.groups.io; Wu, Jiaxin 
> > Cc: Dong, Eric ; Ni, Ray ; Zeng, Star
> > ; Gerd Hoffmann ; Kumar, Rahul
> R
> > 
> > Subject: Re: [edk2-devel] [PATCH v4] UefiCpuPkg/PiSmmCpuDxeSmm: Fix
> CP
> > Exception when CET enable
> >
> > On 11/7/23 02:24, Wu, Jiaxin wrote:
> > > Root cause:
> > > 1. Before DisableReadonlyPageWriteProtect() is called, the return
> > > address (#1) is pushed in shadow stack.
> > > 2. CET is disabled.
> > > 3. DisableReadonlyPageWriteProtect() returns to #1.
> > > 4. Page table is modified.
> > > 5. EnableReadonlyPageWriteProtect() is called, but the return
> > > address (#2) is not pushed in shadow stack.
> > > 6. CET is enabled.
> > > 7. EnableReadonlyPageWriteProtect() returns to #2.
> > > #CP exception happens because the actual return address (#2)
> > > doesn't match the return address stored in shadow stack (#1).
> > >
> > > Analysis:
> > > Shadow stack will stop update after CET disable (DisableCet() in
> > > DisableReadOnlyPageWriteProtect), but normal smi stack will be
> > > continue updated with the function called and return
> > > (DisableReadOnlyPageWriteProtect & EnableReadOnlyPageWriteProtect),
> > > thus leading stack mismatch after CET re-enabled (EnableCet() in
> > > EnableReadOnlyPageWriteProtect).
> > >
> > > According SDM Vol 3, 6.15-Control Protection Exception:
> > > Normal smi stack and shadow stack must be matched when CET enable,
> > > otherwise CP Exception will happen, which is caused by a near RET
> > > instruction.
> > >
> > > CET is disabled in DisableCet(), while can be enabled in
> > > EnableCet(). This way won't cause the problem because they are
> > > implemented in a way that return address of DisableCet() is
> > > poped out from shadow stack (Incsspq performs a pop to increases
> > > the shadow stack) and EnableCet() doesn't use "RET" but "JMP" to
> > > return to caller. So calling EnableCet() and DisableCet() doesn't
> > > have the same issue as calling DisableReadonlyPageWriteProtect()
> > > and EnableReadonlyPageWriteProtect().
> > >
> > > With above root cause & analysis, define below 2 macros instead of
> > > functions for WP & CET operation:
> > > WRITE_UNPROTECT_RO_PAGES (Wp, Cet)
> > > WRITE_PROTECT_RO_PAGES (Wp, Cet)
> > > Because DisableCet() & EnableCet() must be in the same function
> > > to avoid shadow stack and normal SMI stack mismatch.
> > >
> > > Note: WRITE_UNPROTECT_RO_PAGES () must be called pair with
> > > WRITE_PROTECT_RO_PAGES () in same function.
> > >
> > > Cc: Eric Dong 
> > > Cc: Ray Ni 
> > > Cc: Zeng Star 
> > > Cc: Gerd Hoffmann 
> > > Cc: Rahul Kumar 
> > > Cc: Laszlo Ersek 
> > > Signed-off-by: Jiaxin Wu 
> > > ---
> > >  UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 59
> > +
> > >  UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 73
> > +-
> > >  UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c |  7 ++-
> > >  3 files changed, 81 insertions(+), 58 deletions(-)
> >
> > Reviewed-by: Laszlo Ersek 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111001): https://edk2.groups.io/g/devel/message/111001
Mute This Topic: https://groups.io/mt/102434876/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1] UefiCpuPkg/PiSmmCpuDxeSmm: Use processor extended information

[Wu, Jiaxin]

Hi Laszlo,

> >
> > The patch looks OK to me, but:
> >
> > - I would like to test it with CPU hotplug (later, likely under v2), and
> >

Sure, I can wait the update from you.

> > - I think this should be two patches.
> >
> > First, the SmmAddProcessor() function should be extended just to
> > complete commit 1fadd18d. (BTW I highly appreciate the reference to
> > commit 1fadd18d; otherwise I couldn't find where the *coldplugged* CPUs'
> > locations were retrieved!)
> >
> > Then the Package calculations should be updated separately -- mostly
> > because I would appreciate a concrete description in that separate
> > commit message why the difference matters. Clearly you have a use case
> > where the v1 and v2 package numbers differ, and recording that in the
> > commit history would be great.

Sure, let me explain more, there are 2 reason I did this change:

1. the processor package ID retrieved from CPUID 0x0Bh may be not 
correct/accurate if CPU has the module & die info, it depends on the CPUID 
implementation. See SDM statement:

EAX Bits 04 - 00: Number of bits to shift right on x2APIC ID to get a unique 
topology ID of the *next level type*
ECX Bits 15 - 08: *Level type*
Level type field has the following encoding:
0: Invalid.
1: SMT.
2: Core.
3-255: Reserved

So,  if level type returned from ECX Bits 15 - 08 is 2 (Core), then what's the 
next level mean? Module or Die or Package? SDM doesn't has explanation for the 
next level of Core. If so, the value will be decided by implementation. 
The value can be package info for compatibility consideration, but it's not 
standardized. That's the reason we suggest use the leaf 1Fh.
   
2. And according SDM declaration, "CPUID leaf 1FH is a preferred superset to 
leaf 0BH. Intel recommends first checking for the existence of CPUID leaf 1FH 
before using leaf 0BH."
This is perfect match the existing GetProcessorLocation2ByApicId() 
implementation. 

That's the main reasons we switch to EFI_CPU_PHYSICAL_LOCATION2.

> 
> Side note, just for completeness: the x2apic lib instance performs the
> v2 feature detection correctly since Gerd's commit 170d4ce8e90a
> ("UefiCpuPkg/BaseXApicX2ApicLib: fix CPUID_V2_EXTENDED_TOPOLOGY
> detection", 2023-10-25). Furthermore, OVMF uses the x2apic lib instance
> since commit decb365b0016 ("OvmfPkg: select LocalApicLib instance with
> x2apic support", 2015-11-30). Therefore, this patch looks fine for OVMF.
> 
> However, for platforms that use the old xapic lib instance, there could
> be problems, as the v2 feature detection in *that* instance is not fixed
> -- it does not check EBX.
> 

Great catch this! I can create the patch 3 for this porting to old xapic lib 
instance if you no objection.


Thanks,
Jiaxin 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110893): https://edk2.groups.io/g/devel/message/110893
Mute This Topic: https://groups.io/mt/102436095/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1] UefiCpuPkg: Add PCD to control SMRR enable & SmmFeatureControl support

[Wu, Jiaxin]

For below question 1&3:
Since we have defined the PCD for the feature control, should we still need 
check the enable case? i though we only add the assert case for not support 
case, because we must make sure has the capability to enable it. But for 
support case, platform can still disable it via the pcd?

For below question 2:
It's the intention because FeatureControl & BIT3 is 0, which means SMRR 
Enable(BIT3) of MSR_FEATURE_CONTROL MSR(0x3A) is *not* set before
accessing SMRR base/mask MSRs, then ASSERT (!FeaturePcdGet (PcdSmrrEnable));


Thanks,
Jiaxin



> -Original Message-
> From: Ni, Ray 
> Sent: Tuesday, June 28, 2022 5:17 PM
> To: Wu, Jiaxin ; devel@edk2.groups.io
> Cc: Dong, Eric 
> Subject: RE: [PATCH v1] UefiCpuPkg: Add PCD to control SMRR enable &
> SmmFeatureControl support
> 
> > -  //
> > -  // Check CPUID(CPUID_VERSION_INFO).EDX[12] for MTRR capability
> > -  //
> > -  if ((RegEdx & BIT12) != 0) {
> > -//
> > -// Check MTRR_CAP MSR bit 11 for SMRR support
> > -//
> > -if ((AsmReadMsr64 (SMM_FEATURES_LIB_IA32_MTRR_CAP) & BIT11) !=
> 0)
> > {
> > -  mSmrrSupported = TRUE;
> 
> 1. can we keep the logic but just replace the above line as "ASSERT
> (FeaturePcdGet (PcdSmrrEnable));"?
> 
> >  if ((FeatureControl & BIT3) == 0) {
> > -  if ((FeatureControl & BIT0) == 0) {
> > +  if (((FeatureControl & BIT0) == 0) && (FeaturePcdGet
> (PcdSmrrEnable)))
> > {
> >  AsmWriteMsr64 (SMM_FEATURES_LIB_IA32_FEATURE_CONTROL,
> > FeatureControl | BIT3);
> >} else {
> > -mSmrrSupported = FALSE;
> > +ASSERT (!FeaturePcdGet (PcdSmrrEnable));
> 
> 2. If PcdSmrrEnable is TRUE but the FeatureControl MSR is locked (BIT0 is 
> set),
>   above assertion will be hit. We may need to reconsider the code logic.
> 
> > -{
> > -  //
> > -  // Check to see if the CPU supports the SMM Code Access Check
> feature
> > -  // Do not access this MSR unless the CPU supports the
> > SmmRegFeatureControl
> > -  //
> > -  if ((AsmReadMsr64 (SMM_FEATURES_LIB_IA32_MCA_CAP) &
> > SMM_CODE_ACCESS_CHK_BIT) != 0) {
> > -mSmmFeatureControlSupported = TRUE;
> 
> 3. can we keep the logic but just replace the above line as "ASSERT
> (FeaturePcdGet (PcdSmmFeatureControlEnable))"?


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#90828): https://edk2.groups.io/g/devel/message/90828
Mute This Topic: https://groups.io/mt/92040046/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1] UefiCpuPkg: Add PCD to control SMRR enable & SmmFeatureControl support

[Wu, Jiaxin]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3962

Two SMM variables (mSmrrSupported & mSmmFeatureControlSupported) are global
variables, they control whether the SMRR and SMM Feature Control MSR will
be restored respectively.
To avoid the TOCTOU, add PCD to control SMRR & SmmFeatureControl enable.

Change-Id: I6835e4b0e12c5e6f52effb60fd9224e3eb97fc0d
Cc: Eric Dong 
Cc: Ray Ni 
Signed-off-by: Jiaxin Wu 
---
 .../SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf|  4 ++
 .../SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c| 84 --
 .../SmmCpuFeaturesLib/SmmCpuFeaturesLibStm.inf |  4 ++
 .../StandaloneMmCpuFeaturesLib.inf |  4 ++
 UefiCpuPkg/UefiCpuPkg.dec  | 12 
 UefiCpuPkg/UefiCpuPkg.uni  | 12 
 6 files changed, 48 insertions(+), 72 deletions(-)

diff --git a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf 
b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf
index 35292dac31..7b5cef9700 100644
--- a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf
+++ b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf
@@ -33,5 +33,9 @@
   MemoryAllocationLib
   DebugLib
 
 [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber## 
SOMETIMES_CONSUMES
+
+[FeaturePcd]
+  gUefiCpuPkgTokenSpaceGuid.PcdSmrrEnable  ## CONSUMES
+  gUefiCpuPkgTokenSpaceGuid.PcdSmmFeatureControlEnable  ## CONSUMES
diff --git a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c 
b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
index 78de7f8407..b88cdece2a 100644
--- a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
+++ b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
@@ -35,20 +35,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 // MSRs required for configuration of SMM Code Access Check
 //
 #define SMM_FEATURES_LIB_IA32_MCA_CAP  0x17D
 #define   SMM_CODE_ACCESS_CHK_BIT  BIT58
 
-//
-// Set default value to assume SMRR is not supported
-//
-BOOLEAN  mSmrrSupported = FALSE;
-
-//
-// Set default value to assume MSR_SMM_FEATURE_CONTROL is not supported
-//
-BOOLEAN  mSmmFeatureControlSupported = FALSE;
-
 //
 // Set default value to assume IA-32 Architectural MSRs are used
 //
 UINT32  mSmrrPhysBaseMsr = SMM_FEATURES_LIB_IA32_SMRR_PHYSBASE;
 UINT32  mSmrrPhysMaskMsr = SMM_FEATURES_LIB_IA32_SMRR_PHYSMASK;
@@ -81,39 +71,27 @@ CpuFeaturesLibInitialization (
   UINTN   ModelId;
 
   //
   // Retrieve CPU Family and Model
   //
-  AsmCpuid (CPUID_VERSION_INFO, , NULL, NULL, );
+  AsmCpuid (CPUID_VERSION_INFO, , NULL, NULL, NULL);
   FamilyId = (RegEax >> 8) & 0xf;
   ModelId  = (RegEax >> 4) & 0xf;
   if ((FamilyId == 0x06) || (FamilyId == 0x0f)) {
 ModelId = ModelId | ((RegEax >> 12) & 0xf0);
   }
 
-  //
-  // Check CPUID(CPUID_VERSION_INFO).EDX[12] for MTRR capability
-  //
-  if ((RegEdx & BIT12) != 0) {
-//
-// Check MTRR_CAP MSR bit 11 for SMRR support
-//
-if ((AsmReadMsr64 (SMM_FEATURES_LIB_IA32_MTRR_CAP) & BIT11) != 0) {
-  mSmrrSupported = TRUE;
-}
-  }
-
   //
   // Intel(R) 64 and IA-32 Architectures Software Developer's Manual
   // Volume 3C, Section 35.3 MSRs in the Intel(R) Atom(TM) Processor Family
   //
   // If CPU Family/Model is 06_1CH, 06_26H, 06_27H, 06_35H or 06_36H, then
   // SMRR Physical Base and SMM Physical Mask MSRs are not available.
   //
   if (FamilyId == 0x06) {
 if ((ModelId == 0x1C) || (ModelId == 0x26) || (ModelId == 0x27) || 
(ModelId == 0x35) || (ModelId == 0x36)) {
-  mSmrrSupported = FALSE;
+  ASSERT (!FeaturePcdGet (PcdSmrrEnable));
 }
   }
 
   //
   // Intel(R) 64 and IA-32 Architectures Software Developer's Manual
@@ -194,14 +172,10 @@ SmmCpuFeaturesInitializeProcessor (
   IN CPU_HOT_PLUG_DATA  *CpuHotPlugData
   )
 {
   SMRAM_SAVE_STATE_MAP  *CpuState;
   UINT64FeatureControl;
-  UINT32RegEax;
-  UINT32RegEdx;
-  UINTN FamilyId;
-  UINTN ModelId;
 
   //
   // Configure SMBASE.
   //
   CpuState = (SMRAM_SAVE_STATE_MAP *)(UINTN)(SMM_DEFAULT_SMBASE + 
SMRAM_SAVE_STATE_MAP_OFFSET);
@@ -214,17 +188,17 @@ SmmCpuFeaturesInitializeProcessor (
   // If Intel(R) Core(TM) Core(TM) 2 Processor Family MSRs are being used, then
   // make sure SMRR Enable(BIT3) of MSR_FEATURE_CONTROL MSR(0x3A) is set before
   // accessing SMRR base/mask MSRs.  If Lock(BIT0) of MSR_FEATURE_CONTROL 
MSR(0x3A)
   // is set, then the MSR is locked and can not be modified.
   //
-  if (mSmrrSupported && (mSmrrPhysBaseMsr == 
SMM_FEATURES_LIB_IA32_CORE_SMRR_PHYSBASE)) {
+  if (mSmrrPhysBaseMsr == SMM_FEATURES_LIB_IA32_CORE_SMRR_PHYSBASE) {
 FeatureControl = AsmReadMsr64 (SMM_FEATURES_LIB_IA32_FEATURE_CONTROL);
 if ((FeatureControl & BIT3) == 0) {
-  if ((FeatureControl & BIT0) == 0) {
+  if (((FeatureControl & BIT0) == 0) && (FeaturePcdGet (PcdSmrrEnable))) {
  

[edk2-devel] [PATCH v1] UefiCpuPkg: Dynamic check SMRR enable & SmmFeatureControl capability

[Wu, Jiaxin]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3962

Two SMM variables (mSmrrSupported & mSmmFeatureControlSupported) are global
variables, they control whether the SMRR and SMM Feature Control MSR will
be restored respectively.
To avoid the TOCTOU, dynamic check SMRR enable & SmmFeatureControl capability.

Change-Id: I6835e4b0e12c5e6f52effb60fd9224e3eb97fc0d
Cc: Eric Dong 
Cc: Ray Ni 
Signed-off-by: Jiaxin Wu 
---
 .../SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c| 248 -
 1 file changed, 141 insertions(+), 107 deletions(-)

diff --git a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c 
b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
index 78de7f8407..b2f31c993f 100644
--- a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
+++ b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
@@ -35,26 +35,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 // MSRs required for configuration of SMM Code Access Check
 //
 #define SMM_FEATURES_LIB_IA32_MCA_CAP  0x17D
 #define   SMM_CODE_ACCESS_CHK_BIT  BIT58
 
-//
-// Set default value to assume SMRR is not supported
-//
-BOOLEAN  mSmrrSupported = FALSE;
-
-//
-// Set default value to assume MSR_SMM_FEATURE_CONTROL is not supported
-//
-BOOLEAN  mSmmFeatureControlSupported = FALSE;
-
-//
-// Set default value to assume IA-32 Architectural MSRs are used
-//
-UINT32  mSmrrPhysBaseMsr = SMM_FEATURES_LIB_IA32_SMRR_PHYSBASE;
-UINT32  mSmrrPhysMaskMsr = SMM_FEATURES_LIB_IA32_SMRR_PHYSMASK;
-
 //
 // Set default value to assume MTRRs need to be configured on each SMI
 //
 BOOLEAN  mNeedConfigureMtrrs = TRUE;
 
@@ -62,26 +46,39 @@ BOOLEAN  mNeedConfigureMtrrs = TRUE;
 // Array for state of SMRR enable on all CPUs
 //
 BOOLEAN  *mSmrrEnabled;
 
 /**
-  Performs library initialization.
+  Return if SMRR is supported
 
-  This initialization function contains common functionality shared betwen all
-  library instance constructors.
+  @param[in] SmrrPhysBaseMsr   Pointer to SmrrPhysBaseMsr.
+  @param[in] SmrrPhysMaskMsr   Pointer to SmrrPhysMaskMsr.
+
+  @retval TRUE  SMRR is supported.
+  @retval FALSE SMRR is not supported.
 
 **/
-VOID
-CpuFeaturesLibInitialization (
-  VOID
+BOOLEAN
+IsSmrrSupported (
+  IN UINT32  *SmrrPhysBaseMsrOPTIONAL,
+  IN UINT32  *SmrrPhysMaskMsrOPTIONAL
   )
 {
+  BOOLEAN  ReturnValue;
+
   UINT32  RegEax;
   UINT32  RegEdx;
   UINTN   FamilyId;
   UINTN   ModelId;
 
+  UINT64  FeatureControl;
+
+  //
+  // Set default value to assume SMRR is not supported
+  //
+  ReturnValue = FALSE;
+
   //
   // Retrieve CPU Family and Model
   //
   AsmCpuid (CPUID_VERSION_INFO, , NULL, NULL, );
   FamilyId = (RegEax >> 8) & 0xf;
@@ -96,11 +93,11 @@ CpuFeaturesLibInitialization (
   if ((RegEdx & BIT12) != 0) {
 //
 // Check MTRR_CAP MSR bit 11 for SMRR support
 //
 if ((AsmReadMsr64 (SMM_FEATURES_LIB_IA32_MTRR_CAP) & BIT11) != 0) {
-  mSmrrSupported = TRUE;
+  ReturnValue = TRUE;
 }
   }
 
   //
   // Intel(R) 64 and IA-32 Architectures Software Developer's Manual
@@ -109,28 +106,79 @@ CpuFeaturesLibInitialization (
   // If CPU Family/Model is 06_1CH, 06_26H, 06_27H, 06_35H or 06_36H, then
   // SMRR Physical Base and SMM Physical Mask MSRs are not available.
   //
   if (FamilyId == 0x06) {
 if ((ModelId == 0x1C) || (ModelId == 0x26) || (ModelId == 0x27) || 
(ModelId == 0x35) || (ModelId == 0x36)) {
-  mSmrrSupported = FALSE;
+  ReturnValue = FALSE;
 }
   }
 
-  //
-  // Intel(R) 64 and IA-32 Architectures Software Developer's Manual
-  // Volume 3C, Section 35.2 MSRs in the Intel(R) Core(TM) 2 Processor Family
-  //
-  // If CPU Family/Model is 06_0F or 06_17, then use Intel(R) Core(TM) 2
-  // Processor Family MSRs
-  //
-  if (FamilyId == 0x06) {
-if ((ModelId == 0x17) || (ModelId == 0x0f)) {
-  mSmrrPhysBaseMsr = SMM_FEATURES_LIB_IA32_CORE_SMRR_PHYSBASE;
-  mSmrrPhysMaskMsr = SMM_FEATURES_LIB_IA32_CORE_SMRR_PHYSMASK;
+  if (ReturnValue) {
+//
+// Return the SmrrPhysBaseMsr & SmrrPhysMaskMsr if required & Smrr 
Supported
+//
+if (SmrrPhysBaseMsr != NULL) {
+  *SmrrPhysBaseMsr = SMM_FEATURES_LIB_IA32_SMRR_PHYSBASE;
+}
+
+if (SmrrPhysBaseMsr != NULL) {
+  *SmrrPhysMaskMsr = SMM_FEATURES_LIB_IA32_SMRR_PHYSMASK;
+}
+
+//
+// Intel(R) 64 and IA-32 Architectures Software Developer's Manual
+// Volume 3C, Section 35.2 MSRs in the Intel(R) Core(TM) 2 Processor Family
+//
+// If CPU Family/Model is 06_0F or 06_17, then use Intel(R) Core(TM) 2
+// Processor Family MSRs
+//
+if (FamilyId == 0x06) {
+  if ((ModelId == 0x17) || (ModelId == 0x0f)) {
+if (SmrrPhysBaseMsr != NULL) {
+  *SmrrPhysBaseMsr = SMM_FEATURES_LIB_IA32_CORE_SMRR_PHYSBASE;
+}
+
+if (SmrrPhysMaskMsr != NULL) {
+  *SmrrPhysMaskMsr = SMM_FEATURES_LIB_IA32_CORE_SMRR_PHYSMASK;
+}
+
+//
+// Intel(R) 64 and IA-32 Architectures 

Re: [edk2-devel] [PATCH v1] UefiCpuPkg: Add PCD to control SMRR enable & SmmFeatureControl support

[Wu, Jiaxin]

Drop this patch replaced by new patch set "[edk2-devel] [PATCH v1] UefiCpuPkg: 
Dynamic check SMRR enable & SmmFeatureControl capability" since it's totally 
different solution for fix.

>  -Original Message-
> From: Wu, Jiaxin
> Sent: Wednesday, June 29, 2022 9:38 AM
> To: Ni, Ray ; devel@edk2.groups.io
> Cc: Dong, Eric 
> Subject: RE: [PATCH v1] UefiCpuPkg: Add PCD to control SMRR enable &
> SmmFeatureControl support
> 
> For below question 1&3:
> Since we have defined the PCD for the feature control, should we still need
> check the enable case? i though we only add the assert case for not support
> case, because we must make sure has the capability to enable it. But for
> support case, platform can still disable it via the pcd?
> 
> For below question 2:
> It's the intention because FeatureControl & BIT3 is 0, which means SMRR
> Enable(BIT3) of MSR_FEATURE_CONTROL MSR(0x3A) is *not* set before
> accessing SMRR base/mask MSRs, then ASSERT (!FeaturePcdGet
> (PcdSmrrEnable));
> 
> 
> Thanks,
> Jiaxin
> 
> 
> 
> > -Original Message-
> > From: Ni, Ray 
> > Sent: Tuesday, June 28, 2022 5:17 PM
> > To: Wu, Jiaxin ; devel@edk2.groups.io
> > Cc: Dong, Eric 
> > Subject: RE: [PATCH v1] UefiCpuPkg: Add PCD to control SMRR enable &
> > SmmFeatureControl support
> >
> > > -  //
> > > -  // Check CPUID(CPUID_VERSION_INFO).EDX[12] for MTRR capability
> > > -  //
> > > -  if ((RegEdx & BIT12) != 0) {
> > > -//
> > > -// Check MTRR_CAP MSR bit 11 for SMRR support
> > > -//
> > > -if ((AsmReadMsr64 (SMM_FEATURES_LIB_IA32_MTRR_CAP) & BIT11) !=
> > 0)
> > > {
> > > -  mSmrrSupported = TRUE;
> >
> > 1. can we keep the logic but just replace the above line as "ASSERT
> > (FeaturePcdGet (PcdSmrrEnable));"?
> >
> > >  if ((FeatureControl & BIT3) == 0) {
> > > -  if ((FeatureControl & BIT0) == 0) {
> > > +  if (((FeatureControl & BIT0) == 0) && (FeaturePcdGet
> > (PcdSmrrEnable)))
> > > {
> > >  AsmWriteMsr64 (SMM_FEATURES_LIB_IA32_FEATURE_CONTROL,
> > > FeatureControl | BIT3);
> > >} else {
> > > -mSmrrSupported = FALSE;
> > > +ASSERT (!FeaturePcdGet (PcdSmrrEnable));
> >
> > 2. If PcdSmrrEnable is TRUE but the FeatureControl MSR is locked (BIT0 is 
> > set),
> >   above assertion will be hit. We may need to reconsider the code logic.
> >
> > > -{
> > > -  //
> > > -  // Check to see if the CPU supports the SMM Code Access Check
> > feature
> > > -  // Do not access this MSR unless the CPU supports the
> > > SmmRegFeatureControl
> > > -  //
> > > -  if ((AsmReadMsr64 (SMM_FEATURES_LIB_IA32_MCA_CAP) &
> > > SMM_CODE_ACCESS_CHK_BIT) != 0) {
> > > -mSmmFeatureControlSupported = TRUE;
> >
> > 3. can we keep the logic but just replace the above line as "ASSERT
> > (FeaturePcdGet (PcdSmmFeatureControlEnable))"?


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#91433): https://edk2.groups.io/g/devel/message/91433
Mute This Topic: https://groups.io/mt/92040046/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1] UefiCpuPkg: Add PCD to control SMRR enable & SmmFeatureControl support

[Wu, Jiaxin]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3962

Two SMM variables (mSmrrSupported & mSmmFeatureControlSupported) are global
variables, they control whether the SMRR and SMM Feature Control MSR will
be restored respectively.
To avoid the TOCTOU, add PCD to control SMRR & SmmFeatureControl enable.

Change-Id: I6835e4b0e12c5e6f52effb60fd9224e3eb97fc0d
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Star Zeng 
Cc: Michael D Kinney 
Signed-off-by: Jiaxin Wu 
---
 .../SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf|  4 +++
 .../SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c| 35 --
 .../SmmCpuFeaturesLib/SmmCpuFeaturesLibStm.inf |  4 +++
 .../StandaloneMmCpuFeaturesLib.inf |  4 +++
 UefiCpuPkg/UefiCpuPkg.dec  | 12 
 UefiCpuPkg/UefiCpuPkg.uni  | 12 
 6 files changed, 48 insertions(+), 23 deletions(-)

diff --git a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf 
b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf
index 35292dac31..7b5cef9700 100644
--- a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf
+++ b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf
@@ -33,5 +33,9 @@
   MemoryAllocationLib
   DebugLib
 
 [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber## 
SOMETIMES_CONSUMES
+
+[FeaturePcd]
+  gUefiCpuPkgTokenSpaceGuid.PcdSmrrEnable  ## CONSUMES
+  gUefiCpuPkgTokenSpaceGuid.PcdSmmFeatureControlEnable  ## CONSUMES
diff --git a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c 
b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
index 78de7f8407..75a0ec8e94 100644
--- a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
+++ b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
@@ -35,20 +35,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 // MSRs required for configuration of SMM Code Access Check
 //
 #define SMM_FEATURES_LIB_IA32_MCA_CAP  0x17D
 #define   SMM_CODE_ACCESS_CHK_BIT  BIT58
 
-//
-// Set default value to assume SMRR is not supported
-//
-BOOLEAN  mSmrrSupported = FALSE;
-
-//
-// Set default value to assume MSR_SMM_FEATURE_CONTROL is not supported
-//
-BOOLEAN  mSmmFeatureControlSupported = FALSE;
-
 //
 // Set default value to assume IA-32 Architectural MSRs are used
 //
 UINT32  mSmrrPhysBaseMsr = SMM_FEATURES_LIB_IA32_SMRR_PHYSBASE;
 UINT32  mSmrrPhysMaskMsr = SMM_FEATURES_LIB_IA32_SMRR_PHYSMASK;
@@ -96,11 +86,11 @@ CpuFeaturesLibInitialization (
   if ((RegEdx & BIT12) != 0) {
 //
 // Check MTRR_CAP MSR bit 11 for SMRR support
 //
 if ((AsmReadMsr64 (SMM_FEATURES_LIB_IA32_MTRR_CAP) & BIT11) != 0) {
-  mSmrrSupported = TRUE;
+  ASSERT (FeaturePcdGet (PcdSmrrEnable));
 }
   }
 
   //
   // Intel(R) 64 and IA-32 Architectures Software Developer's Manual
@@ -109,11 +99,11 @@ CpuFeaturesLibInitialization (
   // If CPU Family/Model is 06_1CH, 06_26H, 06_27H, 06_35H or 06_36H, then
   // SMRR Physical Base and SMM Physical Mask MSRs are not available.
   //
   if (FamilyId == 0x06) {
 if ((ModelId == 0x1C) || (ModelId == 0x26) || (ModelId == 0x27) || 
(ModelId == 0x35) || (ModelId == 0x36)) {
-  mSmrrSupported = FALSE;
+  ASSERT (!FeaturePcdGet (PcdSmrrEnable));
 }
   }
 
   //
   // Intel(R) 64 and IA-32 Architectures Software Developer's Manual
@@ -214,17 +204,16 @@ SmmCpuFeaturesInitializeProcessor (
   // If Intel(R) Core(TM) Core(TM) 2 Processor Family MSRs are being used, then
   // make sure SMRR Enable(BIT3) of MSR_FEATURE_CONTROL MSR(0x3A) is set before
   // accessing SMRR base/mask MSRs.  If Lock(BIT0) of MSR_FEATURE_CONTROL 
MSR(0x3A)
   // is set, then the MSR is locked and can not be modified.
   //
-  if (mSmrrSupported && (mSmrrPhysBaseMsr == 
SMM_FEATURES_LIB_IA32_CORE_SMRR_PHYSBASE)) {
+  if ((FeaturePcdGet (PcdSmrrEnable)) && (mSmrrPhysBaseMsr == 
SMM_FEATURES_LIB_IA32_CORE_SMRR_PHYSBASE)) {
 FeatureControl = AsmReadMsr64 (SMM_FEATURES_LIB_IA32_FEATURE_CONTROL);
 if ((FeatureControl & BIT3) == 0) {
+  ASSERT ((FeatureControl & BIT0) == 0);
   if ((FeatureControl & BIT0) == 0) {
 AsmWriteMsr64 (SMM_FEATURES_LIB_IA32_FEATURE_CONTROL, FeatureControl | 
BIT3);
-  } else {
-mSmrrSupported = FALSE;
   }
 }
   }
 
   //
@@ -232,11 +221,11 @@ SmmCpuFeaturesInitializeProcessor (
   // The EFI_MSR_SMRR_PHYS_MASK_VALID bit is not set until the first normal 
SMI.
   // The code that initializes SMM environment is running in normal mode
   // from SMRAM region.  If SMRR is enabled here, then the SMRAM region
   // is protected and the normal mode code execution will fail.
   //
-  if (mSmrrSupported) {
+  if (FeaturePcdGet (PcdSmrrEnable)) {
 //
 // SMRR size cannot be less than 4-KBytes
 // SMRR size must be of length 2^n
 // SMRR base alignment cannot be less than SMRR length
 //
@@ -285,11 +274,11 @@ SmmCpuFeaturesInitializeProcessor (
   //
   // Check to 

Re: [edk2-devel] [PATCH v1] UefiCpuPkg: Dynamic check SMRR enable & SmmFeatureControl capability

[Wu, Jiaxin]

Due to the SMI latency impact for IA-32 processor, I will drop this change & 
replace with the PCD check. I will resend the new patch for review.

Thanks,
Jiaxin  

> -Original Message-
> From: Wu, Jiaxin
> Sent: Monday, July 18, 2022 3:32 PM
> To: Kinney, Michael D ; devel@edk2.groups.io
> Cc: Dong, Eric ; Ni, Ray 
> Subject: RE: [edk2-devel] [PATCH v1] UefiCpuPkg: Dynamic check SMRR enable
> & SmmFeatureControl capability
> 
> Hi Mike,
> 
> Thanks the comments. Only IA-32 processor will check on every SMI since it
> needs configure Mtrr. Do you think the impact is acceptable or not?
> 
> For fixed PCD solution, the original concern: the fixed PCD will be treated as
> global variable. Should we need consider no compiler optimization case or it
> must be optimized away condition checks?
> 
> Thanks,
> Jiaxin
> 
> 
> > -Original Message-
> > From: Kinney, Michael D 
> > Sent: Monday, July 18, 2022 8:13 AM
> > To: devel@edk2.groups.io; Wu, Jiaxin ; Kinney, Michael
> > D 
> > Cc: Dong, Eric ; Ni, Ray 
> > Subject: RE: [edk2-devel] [PATCH v1] UefiCpuPkg: Dynamic check SMRR
> enable
> > & SmmFeatureControl capability
> >
> > Are these checks made on every SMI?
> >
> > What is the impact to SMI latency to do the check dynamically?
> >
> > FeatureFlag and FixedAtBuild PCDs are declared as const global variables
> > which are used by optimizing compiler as constants in instructions or
> > optimize away condition checks all together.  This option should still
> > be considered.
> >
> > Mike
> >
> > > -Original Message-
> > > From: devel@edk2.groups.io  On Behalf Of Wu,
> > Jiaxin
> > > Sent: Sunday, July 17, 2022 1:38 AM
> > > To: devel@edk2.groups.io
> > > Cc: Dong, Eric ; Ni, Ray 
> > > Subject: [edk2-devel] [PATCH v1] UefiCpuPkg: Dynamic check SMRR enable
> &
> > SmmFeatureControl capability
> > >
> > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3962
> > >
> > > Two SMM variables (mSmrrSupported & mSmmFeatureControlSupported)
> > are global
> > > variables, they control whether the SMRR and SMM Feature Control MSR
> will
> > > be restored respectively.
> > > To avoid the TOCTOU, dynamic check SMRR enable & SmmFeatureControl
> > capability.
> > >
> > > Change-Id: I6835e4b0e12c5e6f52effb60fd9224e3eb97fc0d
> > > Cc: Eric Dong 
> > > Cc: Ray Ni 
> > > Signed-off-by: Jiaxin Wu 
> > > ---
> > >  .../SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c| 248
> > -
> > >  1 file changed, 141 insertions(+), 107 deletions(-)
> > >
> > > diff --git
> > a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
> > > b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
> > > index 78de7f8407..b2f31c993f 100644
> > > ---
> > a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
> > > +++
> > b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
> > > @@ -35,26 +35,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> > >  // MSRs required for configuration of SMM Code Access Check
> > >  //
> > >  #define SMM_FEATURES_LIB_IA32_MCA_CAP  0x17D
> > >  #define   SMM_CODE_ACCESS_CHK_BIT  BIT58
> > >
> > > -//
> > > -// Set default value to assume SMRR is not supported
> > > -//
> > > -BOOLEAN  mSmrrSupported = FALSE;
> > > -
> > > -//
> > > -// Set default value to assume MSR_SMM_FEATURE_CONTROL is not
> > supported
> > > -//
> > > -BOOLEAN  mSmmFeatureControlSupported = FALSE;
> > > -
> > > -//
> > > -// Set default value to assume IA-32 Architectural MSRs are used
> > > -//
> > > -UINT32  mSmrrPhysBaseMsr =
> SMM_FEATURES_LIB_IA32_SMRR_PHYSBASE;
> > > -UINT32  mSmrrPhysMaskMsr =
> > SMM_FEATURES_LIB_IA32_SMRR_PHYSMASK;
> > > -
> > >  //
> > >  // Set default value to assume MTRRs need to be configured on each SMI
> > >  //
> > >  BOOLEAN  mNeedConfigureMtrrs = TRUE;
> > >
> > > @@ -62,26 +46,39 @@ BOOLEAN  mNeedConfigureMtrrs = TRUE;
> > >  // Array for state of SMRR enable on all CPUs
> > >  //
> > >  BOOLEAN  *mSmrrEnabled;
> > >
> > >  /**
> > > -  Performs library initialization.
> > > +  Return if SMRR is supported
> > >
> > > -  This initialization function contains comm

Re: [edk2-devel] [PATCH v1] UefiCpuPkg: Dynamic check SMRR enable & SmmFeatureControl capability

[Wu, Jiaxin]

Hi Mike,

Thanks the comments. Only IA-32 processor will check on every SMI since it 
needs configure Mtrr. Do you think the impact is acceptable or not?

For fixed PCD solution, the original concern: the fixed PCD will be treated as 
global variable. Should we need consider no compiler optimization case or it 
must be optimized away condition checks?

Thanks,
Jiaxin


> -Original Message-
> From: Kinney, Michael D 
> Sent: Monday, July 18, 2022 8:13 AM
> To: devel@edk2.groups.io; Wu, Jiaxin ; Kinney, Michael
> D 
> Cc: Dong, Eric ; Ni, Ray 
> Subject: RE: [edk2-devel] [PATCH v1] UefiCpuPkg: Dynamic check SMRR enable
> & SmmFeatureControl capability
> 
> Are these checks made on every SMI?
> 
> What is the impact to SMI latency to do the check dynamically?
> 
> FeatureFlag and FixedAtBuild PCDs are declared as const global variables
> which are used by optimizing compiler as constants in instructions or
> optimize away condition checks all together.  This option should still
> be considered.
> 
> Mike
> 
> > -----Original Message-
> > From: devel@edk2.groups.io  On Behalf Of Wu,
> Jiaxin
> > Sent: Sunday, July 17, 2022 1:38 AM
> > To: devel@edk2.groups.io
> > Cc: Dong, Eric ; Ni, Ray 
> > Subject: [edk2-devel] [PATCH v1] UefiCpuPkg: Dynamic check SMRR enable &
> SmmFeatureControl capability
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3962
> >
> > Two SMM variables (mSmrrSupported & mSmmFeatureControlSupported)
> are global
> > variables, they control whether the SMRR and SMM Feature Control MSR will
> > be restored respectively.
> > To avoid the TOCTOU, dynamic check SMRR enable & SmmFeatureControl
> capability.
> >
> > Change-Id: I6835e4b0e12c5e6f52effb60fd9224e3eb97fc0d
> > Cc: Eric Dong 
> > Cc: Ray Ni 
> > Signed-off-by: Jiaxin Wu 
> > ---
> >  .../SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c| 248
> -
> >  1 file changed, 141 insertions(+), 107 deletions(-)
> >
> > diff --git
> a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
> > b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
> > index 78de7f8407..b2f31c993f 100644
> > ---
> a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
> > +++
> b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibCommon.c
> > @@ -35,26 +35,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> >  // MSRs required for configuration of SMM Code Access Check
> >  //
> >  #define SMM_FEATURES_LIB_IA32_MCA_CAP  0x17D
> >  #define   SMM_CODE_ACCESS_CHK_BIT  BIT58
> >
> > -//
> > -// Set default value to assume SMRR is not supported
> > -//
> > -BOOLEAN  mSmrrSupported = FALSE;
> > -
> > -//
> > -// Set default value to assume MSR_SMM_FEATURE_CONTROL is not
> supported
> > -//
> > -BOOLEAN  mSmmFeatureControlSupported = FALSE;
> > -
> > -//
> > -// Set default value to assume IA-32 Architectural MSRs are used
> > -//
> > -UINT32  mSmrrPhysBaseMsr = SMM_FEATURES_LIB_IA32_SMRR_PHYSBASE;
> > -UINT32  mSmrrPhysMaskMsr =
> SMM_FEATURES_LIB_IA32_SMRR_PHYSMASK;
> > -
> >  //
> >  // Set default value to assume MTRRs need to be configured on each SMI
> >  //
> >  BOOLEAN  mNeedConfigureMtrrs = TRUE;
> >
> > @@ -62,26 +46,39 @@ BOOLEAN  mNeedConfigureMtrrs = TRUE;
> >  // Array for state of SMRR enable on all CPUs
> >  //
> >  BOOLEAN  *mSmrrEnabled;
> >
> >  /**
> > -  Performs library initialization.
> > +  Return if SMRR is supported
> >
> > -  This initialization function contains common functionality shared betwen 
> > all
> > -  library instance constructors.
> > +  @param[in] SmrrPhysBaseMsr   Pointer to SmrrPhysBaseMsr.
> > +  @param[in] SmrrPhysMaskMsr   Pointer to SmrrPhysMaskMsr.
> > +
> > +  @retval TRUE  SMRR is supported.
> > +  @retval FALSE SMRR is not supported.
> >
> >  **/
> > -VOID
> > -CpuFeaturesLibInitialization (
> > -  VOID
> > +BOOLEAN
> > +IsSmrrSupported (
> > +  IN UINT32  *SmrrPhysBaseMsrOPTIONAL,
> > +  IN UINT32  *SmrrPhysMaskMsrOPTIONAL
> >)
> >  {
> > +  BOOLEAN  ReturnValue;
> > +
> >UINT32  RegEax;
> >UINT32  RegEdx;
> >UINTN   FamilyId;
> >UINTN   ModelId;
> >
> > +  UINT64  FeatureControl;
> > +
> > +  //
> > +  // Set default value to assume SMRR is not supported
> > +  //
> > +  ReturnValue = FALSE;
> > +
> >//
> >// Retrieve CPU F

Re: [edk2-devel] [PATCH v1 05/34] NetworkPkg: Add LOONGARCH64 architecture for EDK2 CI.

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 

> -Original Message-
> From: Chao Li 
> Sent: Thursday, September 8, 2022 12:48 PM
> To: devel@edk2.groups.io
> Cc: Maciej Rabeda ; Wu, Jiaxin
> ; Siyuan Fu 
> Subject: [PATCH v1 05/34] NetworkPkg: Add LOONGARCH64 architecture for
> EDK2 CI.
> 
> Add LOONGARCH64 architecture for EDK2 CI testing.
> 
> Cc: Maciej Rabeda 
> Cc: Jiaxin Wu 
> Cc: Siyuan Fu 
> 
> Signed-off-by: Chao Li 
> ---
>  NetworkPkg/NetworkPkg.dsc | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/NetworkPkg/NetworkPkg.dsc b/NetworkPkg/NetworkPkg.dsc
> index 762134023d..6c231c97b5 100644
> --- a/NetworkPkg/NetworkPkg.dsc
> +++ b/NetworkPkg/NetworkPkg.dsc
> @@ -4,6 +4,7 @@
>  # (C) Copyright 2014 Hewlett-Packard Development Company, L.P.
> 
>  # Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.
> 
>  # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> reserved.
> 
> +# Copyright (c) 2022, Loongson Technology Corporation Limited. All rights
> reserved.
> 
>  #SPDX-License-Identifier: BSD-2-Clause-Patent
> 
>  #
> 
>  ##
> 
> @@ -14,7 +15,7 @@
>PLATFORM_VERSION   = 0.98
> 
>DSC_SPECIFICATION  = 0x00010005
> 
>OUTPUT_DIRECTORY   = Build/NetworkPkg
> 
> -  SUPPORTED_ARCHITECTURES=
> IA32|X64|EBC|ARM|AARCH64|RISCV64
> 
> +  SUPPORTED_ARCHITECTURES=
> IA32|X64|EBC|ARM|AARCH64|RISCV64|LOONGARCH64
> 
>BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
> 
>SKUID_IDENTIFIER   = DEFAULT
> 
> 
> 
> --
> 2.27.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94205): https://edk2.groups.io/g/devel/message/94205
Mute This Topic: https://groups.io/mt/93542510/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 06/34] NetworkPkg/HttpBootDxe: Add LOONGARCH64 architecture for EDK2 CI.

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 

> -Original Message-
> From: Chao Li 
> Sent: Wednesday, September 14, 2022 5:36 PM
> To: devel@edk2.groups.io
> Cc: Maciej Rabeda ; Wu, Jiaxin
> ; Siyuan Fu 
> Subject: [PATCH v2 06/34] NetworkPkg/HttpBootDxe: Add LOONGARCH64
> architecture for EDK2 CI.
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4053
> 
> Add LOONGARCH architecture for EDK2 CI testing.
> 
> Cc: Maciej Rabeda 
> Cc: Jiaxin Wu 
> Cc: Siyuan Fu 
> 
> Signed-off-by: Chao Li 
> ---
>  NetworkPkg/HttpBootDxe/HttpBootDhcp4.h | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/NetworkPkg/HttpBootDxe/HttpBootDhcp4.h
> b/NetworkPkg/HttpBootDxe/HttpBootDhcp4.h
> index d76f0e84d6..f00fabead2 100644
> --- a/NetworkPkg/HttpBootDxe/HttpBootDhcp4.h
> +++ b/NetworkPkg/HttpBootDxe/HttpBootDhcp4.h
> @@ -3,6 +3,7 @@
> 
> 
>  Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
> 
>  Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> reserved.
> 
> +Copyright (c) 2022, Loongson Technology Corporation Limited. All rights
> reserved.
> 
>  SPDX-License-Identifier: BSD-2-Clause-Patent
> 
> 
> 
>  **/
> 
> @@ -40,6 +41,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>  #define EFI_HTTP_BOOT_CLIENT_SYSTEM_ARCHITECTURE
> HTTP_CLIENT_ARCH_RISCV64
> 
>  #elif defined (MDE_CPU_EBC)
> 
>  #define EFI_HTTP_BOOT_CLIENT_SYSTEM_ARCHITECTURE
> HTTP_CLIENT_ARCH_EBC
> 
> +#elif defined (MDE_CPU_LOONGARCH64)
> 
> +#define EFI_HTTP_BOOT_CLIENT_SYSTEM_ARCHITECTURE
> HTTP_CLIENT_ARCH_LOONGARCH64
> 
>  #endif
> 
> 
> 
>  /// DHCP offer types among HTTP boot.
> 
> --
> 2.27.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94204): https://edk2.groups.io/g/devel/message/94204
Mute This Topic: https://groups.io/mt/93674187/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 1/1] UefiCpuPkg: Reset a parameter when BSP Exit in CPU relaxed mode.

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 


> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Ni, Ray
> Sent: Saturday, October 8, 2022 2:34 PM
> To: Li, Zhihao ; devel@edk2.groups.io
> Cc: Dong, Eric 
> Subject: Re: [edk2-devel] [PATCH v1 1/1] UefiCpuPkg: Reset a parameter
> when BSP Exit in CPU relaxed mode.
> 
> Reviewed-by: Ray Ni 
> 
> > -Original Message-
> > From: Li, Zhihao 
> > Sent: Tuesday, September 27, 2022 8:58 PM
> > To: devel@edk2.groups.io
> > Cc: Dong, Eric ; Ni, Ray 
> > Subject: [PATCH v1 1/1] UefiCpuPkg: Reset a parameter when BSP Exit in
> > CPU relaxed mode.
> >
> > From: Zhihao Li 
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4083
> >
> > In CPU relaxed mode, it doesn't reset the value of
> > mSmmMpSyncData->AllApArrivedWithException when BSP exit smm
> mode.
> > So this patch will reset this variable.
> >
> > Cc: Eric Dong 
> > Cc: Ray Ni 
> >
> > Signed-off-by: Zhihao Li 
> > ---
> >  UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 5 +++--
> >  1 file changed, 3 insertions(+), 2 deletions(-)
> >
> > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
> > b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
> > index 13c2cb8da4c3..c79da418e37c 100644
> > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
> > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
> > @@ -696,8 +696,9 @@ BSPHandler (
> >//
> >
> >// Allow APs to check in from this point on
> >
> >//
> >
> > -  *mSmmMpSyncData->Counter   = 0;
> >
> > -  *mSmmMpSyncData->AllCpusInSync = FALSE;
> >
> > +  *mSmmMpSyncData->Counter  = 0;
> >
> > +  *mSmmMpSyncData->AllCpusInSync= FALSE;
> >
> > +  mSmmMpSyncData->AllApArrivedWithException = FALSE;
> >
> >  }
> >
> >
> >
> >  /**
> >
> > --
> > 2.26.2.windows.1
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94873): https://edk2.groups.io/g/devel/message/94873
Mute This Topic: https://groups.io/mt/93948933/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] NetworkPkg: Add WiFi profile sync protocol support

[Wu, Jiaxin]

Hi Zachary,

Insert all my comments as below.

Besides: where defined this protocol (EFI_WIFI_PROFILE_SYNC_PROTOCOL)? I didn't 
find in the UEFI spec, in such a case, could we named it as 
EDKII_WIFI_PROFILE_SYNC_PROTOCOL? please add more description about the 
protocol usage.

Thanks,
Jiaxin


> +/**
> +  Used by the WiFi connection manager to get the WiFi profile that AMT
> shared
> +  and was stored in WiFi profile protocol. Aligns the AMT WiFi profile data 
> to
> +  the WiFi connection manager profile structure fo connection use.
> +
> +  @param[in, out]  WcmProfile   WiFi Connection Manager profile
> structure
> +  @param[in, out]  MacAddress   MAC address from AMT saved to NiC
> MAC address
> +
> +  @retval EFI_SUCCESS   Stored WiFi profile converted and 
> returned
> succefully
> +  @retval EFI_UNSUPPORTED   Profile protocol sharing not supported or
> enabled
> +  @retval EFI_NOT_FOUND No profiles to returned
> +  @retval OthersError Occurred
> +**/
> +typedef
> +EFI_STATUS
> +(EFIAPI *WIFI_PROFILE_GET)(
> +  IN OUT  WIFI_MGR_NETWORK_PROFILE  *Profile,
> +  IN OUT  EFI_80211_MAC_ADDRESS MacAddress
> +  );

Does it mean the returned Profile is only for the returned MacAddress? Does it 
must 1:1 mapping??

Think more, Does AMT support maintain multiple mappings? Image we have multiple 
network socket, how AMT handle such case?  




> +
> +/**
> +  Saves the WiFi connection status recieved by the WiFiConnectionManager
> when
> +  in a KVM OR One Click Recovery WLAN recovery flow. Input as
> +  EFI_80211_CONNECT_NETWORK_RESULT_CODE then converted and
> stored as EFI_STATUS type.
> +

Why need stored as EFI_STATUS type since we have defined the 
EFI_80211_CONNECT_NETWORK_RESULT_CODE???




> +  @param[in] ConnectionStatus WiFi connection attempt results
> +**/
> +typedef
> +VOID
> +(EFIAPI *WIFI_SET_CONNECT_STATE)(
> +  IN  EFI_80211_CONNECT_NETWORK_RESULT_CODE ConnectionStatus
> +  );
> +
> +/**
> +  Retrieves the stored WiFi connection status when in either KVM OR One
> Click
> +  Recovery WLAN recovery flow.
> +
> +  @retval EFI_SUCCESS   WiFi connection completed succesfully
> +  @retval OthersConnection failure occurred
> +**/
> +typedef
> +EFI_STATUS
> +(EFIAPI *WIFI_GET_CONNECT_STATE)(
> +  VOID
> +  );


What's the output? Only EFI_STATUS? why not return the 
EFI_80211_CONNECT_NETWORK_RESULT_CODE? We should not mix the 
EFI_80211_CONNECT_NETWORK_RESULT_CODE & EFI_STATUS.



> +
> +//
> +//  WiFi Profile Sync Protocol structure.
> +//
> +typedef struct {
> +  UINT32Revision;
> +  WIFI_SET_CONNECT_STATEWifiProfileSyncSetConnectState;
> +  WIFI_GET_CONNECT_STATEWifiProfileSyncGetConnectState;
> +  WIFI_PROFILE_GET  WifiProfileSyncGetProfile;
> +} EFI_WIFI_PROFILE_SYNC_PROTOCOL;
> +


Could we remove the prefix -- WifiProfileSync?



>Tests to see if this driver supports a given controller. If a child device 
> is
> provided,
>it further tests to see if this driver supports creating a handle for the
> specified child device.
> @@ -167,8 +172,10 @@ WifiMgrDxeDriverBindingStart (
>EFI_WIRELESS_MAC_CONNECTION_II_PROTOCOL  *Wmp;
>EFI_SUPPLICANT_PROTOCOL  *Supplicant;
>EFI_EAP_CONFIGURATION_PROTOCOL   *EapConfig;
> +  EFI_WIFI_PROFILE_SYNC_PROTOCOL   *WiFiProfileSyncProtocol;
> 
> -  Nic = NULL;
> +  mWifiConnectionCount = 0;
> +  Nic  = NULL;
> 
>//
>// Open Protocols
> @@ -236,47 +243,73 @@ WifiMgrDxeDriverBindingStart (
>InitializeListHead (>ProfileList);
> 
>//
> -  // Record the MAC address of the incoming NIC.
> +  // WiFi profile sync protocol installation check for OS recovery flow.
>//
> -  Status = NetLibGetMacAddress (
> - ControllerHandle,
> - (EFI_MAC_ADDRESS *)>MacAddress,
> - 
> - );
> -  if (EFI_ERROR (Status)) {
> -goto ERROR2;
> -  }
> -
> -  //
> -  // Create and start the timer for the status check
> -  //
> -  Status = gBS->CreateEvent (
> -  EVT_NOTIFY_SIGNAL | EVT_TIMER,
> -  TPL_CALLBACK,
> -  WifiMgrOnTimerTick,
> -  Nic,
> -  >TickTimer
> +  Status = gBS->LocateProtocol (
> +  ,
> +  NULL,
> +  (VOID **)
>);
> -  if (EFI_ERROR (Status)) {
> -goto ERROR2;
> -  }
> +  if (!EFI_ERROR (Status)) {
> +Nic->ConnectPendingNetwork = (WIFI_MGR_NETWORK_PROFILE
> *)AllocateZeroPool (sizeof (WIFI_MGR_NETWORK_PROFILE));
> +if (Nic->ConnectPendingNetwork == NULL) {
> +  Status = EFI_OUT_OF_RESOURCES;
> +  goto ERROR1;
> +}
> 
> -  Status = gBS->SetTimer (Nic->TickTimer, TimerPeriodic,
> EFI_TIMER_PERIOD_MILLISECONDS (500));
> -  if (EFI_ERROR (Status)) {
> -goto ERROR3;
> -  }
> +WiFiProfileSyncProtocol->WifiProfileSyncGetProfile (Nic-
> 

Re: [edk2-devel] [PATCH] NetworkPkg: Add WiFi profile sync protocol support

[Wu, Jiaxin]

One comment as below, Others good to me. 

Reviewed-by: Wu Jiaxin 


> +  @param[in, out]  WcmProfile   WiFi Connection Manager profile
> structure
> +  @param[in, out]  MacAddress   MAC address from AMT saved to NiC
> MAC address
> +
> +  @retval EFI_SUCCESS   Stored WiFi profile converted and 
> returned
> succefully
> +  @retval EFI_UNSUPPORTED   Profile protocol sharing not supported or
> enabled
> +  @retval EFI_NOT_FOUND No profiles to returned
> +  @retval OthersError Occurred
> +**/
> +typedef
> +EFI_STATUS
> +(EFIAPI *WIFI_PROFILE_GET)(
> +  IN OUT  WIFI_MGR_NETWORK_PROFILE  *Profile,
> +  IN OUT  EFI_80211_MAC_ADDRESS MacAddress
> +  );

Does it make sense remove the OUT declaring since this is just to get the 
corresponding MacAddress Profile? For OUT, we expect there will be changed when 
return but here it's not.

Thanks,
Jiaxin 

> -Original Message-
> From: Clark-williams, Zachary 
> Sent: Saturday, January 7, 2023 9:31 AM
> To: devel@edk2.groups.io
> Cc: Zachary Clark-Williams ; Maciej Rabeda
> ; Wu, Jiaxin ;
> Otcheretianski, Andrei ; Clark-williams,
> Zachary 
> Subject: [PATCH] NetworkPkg: Add WiFi profile sync protocol support
> 
> From: Zachary Clark-Williams 
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3845
> 
> Enables KVM and One Click Recovery WLAN capability with WiFi Profile
> Sync feature and protocol. Adding WiFiProfileSyncProtocol, which
> supports the profilesync driver operations for transferring WiFi profiles
> from AMT to the Supplicant. WiFiConnectionManager will check for the
> WifiProfileSyncProtocol and if found will operate on the premise of a
> One Click Recovery, or KVM flow with a Wifi profile provided by AMT.
> 
> Cc: Maciej Rabeda 
> Cc: Wu Jiaxin 
> Cc: Andrei Otcheretianski 
> 
> Signed-off-by: Zachary Clark-Williams 
> ---
>  .../Protocol/WiFiProfileSyncProtocol.h|  90 +++
>  NetworkPkg/NetworkPkg.dec |   3 +
>  .../WifiConnectionManagerDxe.inf  |   3 +-
>  .../WifiConnectionMgrConfigNVDataStruct.h |   2 +-
>  .../WifiConnectionMgrDriver.c | 125 ++
>  .../WifiConnectionMgrDxe.h|   4 +-
>  .../WifiConnectionMgrImpl.c   | 219 +++---
>  .../WifiConnectionMgrMisc.c   |  13 ++
>  8 files changed, 386 insertions(+), 73 deletions(-)
>  create mode 100644
> NetworkPkg/Include/Protocol/WiFiProfileSyncProtocol.h
> 
> diff --git a/NetworkPkg/Include/Protocol/WiFiProfileSyncProtocol.h
> b/NetworkPkg/Include/Protocol/WiFiProfileSyncProtocol.h
> new file mode 100644
> index 00..90523e30fa
> --- /dev/null
> +++ b/NetworkPkg/Include/Protocol/WiFiProfileSyncProtocol.h
> @@ -0,0 +1,90 @@
> +/** @file
> +  WiFi profile sync protocol. Supports One Click Recovery or KVM OS
> recovery
> +  boot flow over WiFi. This protocol will hold the WiFi profile provided by
> AMT
> +  in its original structure, then convert the profile when the
> WifiConnectionManager
> +  is attempting a connection during a system recovery reboot, OCR or KVM.
> These
> +  converstion and operations are found in the WifiProfileSync driver and in
> +  the link provided below.
> +
> +  Pulbic links to speficiation document for KVM and One Click Recovery
> feature.
> +
> https://software.intel.com/sites/manageability/AMT_Implementation_and_
> Reference_Guide/default.htm?turl=WordDocuments%2Foneclickrecovery.h
> tm
> +
> +  Copyright (c) 2022, Intel Corporation. All rights reserved.
> +
> +  SPDX-License-Identifier: BSD-2-Clause-Patent
> +**/
> +
> +#ifndef WIFI_PROFILE_SYNC_PROTOCOL_H_
> +#define WIFI_PROFILE_SYNC_PROTOCOL_H_
> +
> +#include 
> +
> +//
> +//  WiFi Profile Sync Protocol GUID variable.
> +//
> +extern EFI_GUID  gEfiWiFiProfileSyncProtocolGuid;
> +
> +/**
> +  Used by the WiFi connection manager to get the WiFi profile that AMT
> shared
> +  and was stored in WiFi profile protocol. Aligns the AMT WiFi profile data 
> to
> +  the WiFi connection manager profile structure fo connection use.
> +
> +  @param[in, out]  WcmProfile   WiFi Connection Manager profile
> structure
> +  @param[in, out]  MacAddress   MAC address from AMT saved to NiC
> MAC address
> +
> +  @retval EFI_SUCCESS   Stored WiFi profile converted and 
> returned
> succefully
> +  @retval EFI_UNSUPPORTED   Profile protocol sharing not supported or
> enabled
> +  @retval EFI_NOT_FOUND No profiles to returned
> +  @retval OthersError Occurred
> +**/
> +typedef
> +EFI_STATUS
> +(EFIAPI *WIFI_PRO

[edk2-devel] [PATCH v2] UefiCpuPkg: Support SMM Relocated SmBase handling

[Wu, Jiaxin]

Mainly changes as below:
1. Add Smm Base HOB, which is used to store the information of
Smm Relocated SmBase array for each Processors;
2. Combine 2 SMIs (gcSmmInitTemplate & gcSmiHandlerTemplate) into one
(gcSmiHandlerTemplate), the new SMI handler needs to run to 2 paths: one
to SmmCpuFeaturesInitializeProcessor(), the other to SMM Core Entry Point.
3. Issue SMI IPI (All Excluding Self SMM IPI + BSP SMM IPI) for SMM init
before normal SMI sources happen.
4. Call SmmCpuFeaturesInitializeProcessor() in parallel.

v2:
- Refine the coding style
- Rename hob to gSmmBaseHobGuid
- Update SmmInitHandler() to handle the SMM relocation
- Correct the S3 for SMM relocation

v1:
- Thread: https://edk2.groups.io/g/devel/message/97748

Change-Id: Iec7bf25166bfeefb44a202285465a35b5debbce4
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/Include/Guid/SmmBaseHob.h   |  36 +
 .../Library/SmmCpuFeaturesLib/CpuFeaturesLib.h |   2 +
 .../SmmCpuFeaturesLib/IntelSmmCpuFeaturesLib.c |  24 +++-
 .../SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf|   4 +
 .../SmmCpuFeaturesLib/SmmCpuFeaturesLibStm.inf |   1 +
 UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmStm.c  |   1 -
 .../StandaloneMmCpuFeaturesLib.inf |   4 +
 UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c  |  39 +-
 UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c  |  25 +++-
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 149 -
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h |  21 ++-
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf   |   1 +
 UefiCpuPkg/UefiCpuPkg.dec  |   3 +
 13 files changed, 261 insertions(+), 49 deletions(-)
 create mode 100644 UefiCpuPkg/Include/Guid/SmmBaseHob.h

diff --git a/UefiCpuPkg/Include/Guid/SmmBaseHob.h 
b/UefiCpuPkg/Include/Guid/SmmBaseHob.h
new file mode 100644
index 00..4729bbb986
--- /dev/null
+++ b/UefiCpuPkg/Include/Guid/SmmBaseHob.h
@@ -0,0 +1,36 @@
+/** @file
+  The Smm Base HOB is used to store the information of:
+  * Smm Relocated SmBase array for each Processors
+
+  Copyright (c) 2023, Intel Corporation. All rights reserved.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef SMM_BASE_HOB_H_
+#define SMM_BASE_HOB_H_
+
+#include 
+#include 
+
+#define SMM_BASE_HOB_DATA_GUID \
+  { \
+0xc2217ba7, 0x03bb, 0x4f63, {0xa6, 0x47, 0x7c, 0x25, 0xc5, 0xfc, 0x9d, 
0x73}  \
+  }
+
+#pragma pack(1)
+typedef struct {
+  ///
+  /// Describes the Number of all max supported processors.
+  ///
+  UINT64NumberOfProcessors;
+  ///
+  /// Pointer to SmBase array for each Processors.
+  ///
+  UINT64SmBase[];
+} SMM_BASE_HOB_DATA;
+#pragma pack()
+
+extern EFI_GUID  gSmmBaseHobGuid;
+
+#endif
diff --git a/UefiCpuPkg/Library/SmmCpuFeaturesLib/CpuFeaturesLib.h 
b/UefiCpuPkg/Library/SmmCpuFeaturesLib/CpuFeaturesLib.h
index fd3e902547..c2e4fbe96b 100644
--- a/UefiCpuPkg/Library/SmmCpuFeaturesLib/CpuFeaturesLib.h
+++ b/UefiCpuPkg/Library/SmmCpuFeaturesLib/CpuFeaturesLib.h
@@ -7,15 +7,17 @@
 **/
 
 #ifndef CPU_FEATURES_LIB_H_
 #define CPU_FEATURES_LIB_H_
 
+#include 
 #include 
 #include 
 #include 
 #include 
 #include 
+#include 
 
 /**
   Performs library initialization.
 
   This initialization function contains common functionality shared betwen all
diff --git a/UefiCpuPkg/Library/SmmCpuFeaturesLib/IntelSmmCpuFeaturesLib.c 
b/UefiCpuPkg/Library/SmmCpuFeaturesLib/IntelSmmCpuFeaturesLib.c
index d5eaaa7a99..9cedeee4bb 100644
--- a/UefiCpuPkg/Library/SmmCpuFeaturesLib/IntelSmmCpuFeaturesLib.c
+++ b/UefiCpuPkg/Library/SmmCpuFeaturesLib/IntelSmmCpuFeaturesLib.c
@@ -36,10 +36,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 // Set default value to assume IA-32 Architectural MSRs are used
 //
 UINT32  mSmrrPhysBaseMsr = SMM_FEATURES_LIB_IA32_SMRR_PHYSBASE;
 UINT32  mSmrrPhysMaskMsr = SMM_FEATURES_LIB_IA32_SMRR_PHYSMASK;
 
+//
+// Indicate Smm Relocation done or not
+//
+BOOLEAN  mSmmRelocationDone;
+
 //
 // Set default value to assume MTRRs need to be configured on each SMI
 //
 BOOLEAN  mNeedConfigureMtrrs = TRUE;
 
@@ -142,10 +147,17 @@ CpuFeaturesLibInitialization (
   //
   // Allocate array for state of SMRR enable on all CPUs
   //
   mSmrrEnabled = (BOOLEAN *)AllocatePool (sizeof (BOOLEAN) * 
GetCpuMaxLogicalProcessorNumber ());
   ASSERT (mSmrrEnabled != NULL);
+
+  //
+  // If gSmmBaseHobGuid found, means Smm Relocation has been done.
+  //
+  if (GetFirstGuidHob () != NULL) {
+mSmmRelocationDone = TRUE;
+  }
 }
 
 /**
   Called during the very first SMI into System Management Mode to initialize
   CPU features, including SMBASE, for the currently executing CPU.  Since this
@@ -184,15 +196,17 @@ SmmCpuFeaturesInitializeProcessor (
   UINT32RegEax;
   UINT32RegEdx;
   UINTN FamilyId;
   UINTN ModelId;
 
-  //
-  // Configure SMBASE.
-  //
-  CpuState = (SMRAM_SAVE_STATE_MAP 

[edk2-devel] [PATCH v1 0/4] Support SMM Relocated SmBase handling

[Wu, Jiaxin]

Below serial patches are to support the SMM Relocated SmBase handling.
To achieve, new hob interface is procuded, and will be consumed by SMM
CPU driver & SmmCpuFeaturesLib to do SmBase initialization:

The Smm Base HOB is used to store the relocated SmBase in
array for each Processors. If gSmmBaseHobGuid produced,
indicate SmBase for each Processors have been relocated.
The SmBase address in hob can be guaranteed the SMRAM state
save areas for all processors do not overlap.

SMM CPU driver will retrieve the SMBASE addresses from SMM Base Hob
and installs the SMI handler at [SMBASE+8000h] for each processor
instead of relocating SMM Base addresses from SMRAM again.

With SMM Base Hob, SMM CPU driver does not need the RSM instruction
to reload the SMBASE register with the new allocated value in SMBASE
field each time it exits SMM. SMBASE Register for each processors
have already been programmed in parallel since the same default
SMBASE Address(0x3) is not used, thus the CPUs over-writing
each other's SMM Save State Area will not happen. This way will save
boot time on multi-core system.

Beside, If gSmmBaseHobGuid found, no need to do the relocation in
SmmCpuFeaturesInitializeProcessor().

Jiaxin Wu (4):
  UefiCpuPkg/SmmBaseHob.h: Add SMM Base HOB Data
  UefiCpuPkg/PiSmmCpuDxeSmm: Consume SMM Base Hob for SmBase info
  UefiCpuPkg/SmmCpuFeaturesLib: Skip to configure SMBASE
  OvmfPkg/SmmCpuFeaturesLib: Skip to configure SMBASE

 .../Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c  |  39 --
 .../SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf|   4 +
 UefiCpuPkg/Include/Guid/SmmBaseHob.h   |  51 +++
 .../Library/SmmCpuFeaturesLib/CpuFeaturesLib.h |   2 +
 .../SmmCpuFeaturesLib/IntelSmmCpuFeaturesLib.c |  25 +++-
 .../SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf|   4 +
 .../SmmCpuFeaturesLib/SmmCpuFeaturesLibStm.inf |   1 +
 UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmStm.c  |   1 -
 .../StandaloneMmCpuFeaturesLib.inf |   4 +
 UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c  |  40 +-
 UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c  |  25 +++-
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 155 -
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h |  21 ++-
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf   |   1 +
 UefiCpuPkg/UefiCpuPkg.dec  |   3 +
 15 files changed, 318 insertions(+), 58 deletions(-)
 create mode 100644 UefiCpuPkg/Include/Guid/SmmBaseHob.h

-- 
2.16.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#98446): https://edk2.groups.io/g/devel/message/98446
Mute This Topic: https://groups.io/mt/96241699/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 1/4] UefiCpuPkg/SmmBaseHob.h: Add SMM Base HOB Data

[Wu, Jiaxin]

The Smm Base HOB is used to store the relocated SmBase in
array for each Processors. If gSmmBaseHobGuid produced,
indicate SmBase for each Processors have been relocated.
The SmBase address in hob can be guaranteed the SMRAM state
save areas for all processors do not overlap.

Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Laszlo Ersek 
Cc: Gerd Hoffmann 
Cc: Rahul Kumar 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/Include/Guid/SmmBaseHob.h | 51 
 UefiCpuPkg/UefiCpuPkg.dec|  3 +++
 2 files changed, 54 insertions(+)
 create mode 100644 UefiCpuPkg/Include/Guid/SmmBaseHob.h

diff --git a/UefiCpuPkg/Include/Guid/SmmBaseHob.h 
b/UefiCpuPkg/Include/Guid/SmmBaseHob.h
new file mode 100644
index 00..090b22a274
--- /dev/null
+++ b/UefiCpuPkg/Include/Guid/SmmBaseHob.h
@@ -0,0 +1,51 @@
+/** @file
+  The Smm Base HOB is used to store the information of:
+  * The relocated SmBase in array for each Processors.
+
+  If gSmmBaseHobGuid produced, indicate SmBase for each Processors
+  have been relocated and SmBase in HOB can be guaranteed the SMRAM
+  state save areas for all processors do not overlap. SMM CPU driver
+  should retrieve the SMBASE addresses from this HOB and installs the
+  SMI handler at [SMBASE+8000h] for each processor instead of relocating
+  SMM Base addresses from SMRAM again.
+
+  With SMM Base Hob, SMM CPU driver doesn't need the RSM instruction
+  to reload the SMBASE register with the new allocated value in SMBASE
+  field each time it exits SMM. SMBASE Register for each processors
+  have already been programmed in parallel since the same default
+  SMBASE Address (0x3) is not used, thus the CPUs over-writing
+  each other's SMM Save State Area will not happen. This way will save
+  boot time on multi-core system.
+
+  Copyright (c) 2023, Intel Corporation. All rights reserved.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef SMM_BASE_HOB_H_
+#define SMM_BASE_HOB_H_
+
+#include 
+#include 
+
+#define SMM_BASE_HOB_DATA_GUID \
+  { \
+0xc2217ba7, 0x03bb, 0x4f63, {0xa6, 0x47, 0x7c, 0x25, 0xc5, 0xfc, 0x9d, 
0x73}  \
+  }
+
+#pragma pack(1)
+typedef struct {
+  ///
+  /// Describes the Number of all max supported processors.
+  ///
+  UINT64NumberOfProcessors;
+  ///
+  /// Pointer to SmBase address for each Processors.
+  ///
+  UINT64SmBase[];
+} SMM_BASE_HOB_DATA;
+#pragma pack()
+
+extern EFI_GUID  gSmmBaseHobGuid;
+
+#endif
diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index cff239d528..2afd08cdd2 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -76,10 +76,13 @@
   gEdkiiCpuFeaturesInitDoneGuid  = { 0xc77c3a41, 0x61ab, 0x4143, { 0x98, 0x3e, 
0x33, 0x39, 0x28, 0x6, 0x28, 0xe5 }}
 
   ## Include/Guid/MicrocodePatchHob.h
   gEdkiiMicrocodePatchHobGuid= { 0xd178f11d, 0x8716, 0x418e, { 0xa1, 0x31, 
0x96, 0x7d, 0x2a, 0xc4, 0x28, 0x43 }}
 
+  ## Include/Guid/SmmBaseHob.h
+  gSmmBaseHobGuid  = { 0xc2217ba7, 0x03bb, 0x4f63, {0xa6, 0x47, 0x7c, 
0x25, 0xc5, 0xfc, 0x9d, 0x73 }}
+
 [Protocols]
   ## Include/Protocol/SmmCpuService.h
   gEfiSmmCpuServiceProtocolGuid   = { 0x1d202cab, 0xc8ab, 0x4d5c, { 0x94, 
0xf7, 0x3c, 0xfc, 0xc0, 0xd3, 0xd3, 0x35 }}
   gEdkiiSmmCpuRendezvousProtocolGuid = { 0xaa00d50b, 0x4911, 0x428f, { 0xb9, 
0x1a, 0xa5, 0x9d, 0xdb, 0x13, 0xe2, 0x4c }}
 
-- 
2.16.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#98447): https://edk2.groups.io/g/devel/message/98447
Mute This Topic: https://groups.io/mt/96241701/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 2/4] UefiCpuPkg/PiSmmCpuDxeSmm: Consume SMM Base Hob for SmBase info

[Wu, Jiaxin]

SMM CPU driver will retrieve the SMBASE addresses from SMM Base Hob
and installs the SMI handler at [SMBASE+8000h] for each processor
instead of relocating SMM Base addresses from SMRAM again.

With SMM Base Hob, SMM CPU driver does not need the RSM instruction
to reload the SMBASE register with the new allocated value in SMBASE
field each time it exits SMM. SMBASE Register for each processors
have already been programmed in parallel since the same default
SMBASE Address(0x3) is not used, thus the CPUs over-writing
each other's SMM Save State Area will not happen. This way will save
boot time on multi-core system.

Mainly changes as below:
*Combine 2 SMIs (gcSmmInitTemplate & gcSmiHandlerTemplate) into one
(gcSmiHandlerTemplate), the new SMI handler needs to run to 2 paths:
one to SmmCpuFeaturesInitializeProcessor(), the other to SMM Core
Entry Point.
*Issue SMI IPI (All Excluding Self SMM IPI + BSP SMM IPI) for SMM
init before normal SMI sources happen.
*Call SmmCpuFeaturesInitializeProcessor() in parallel.

Cc: Eric Dong 
Cc: Ray Ni 
Cc: Zeng Star 
Cc: Laszlo Ersek 
Cc: Gerd Hoffmann 
Cc: Rahul Kumar 
Signed-off-by: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c|  40 ++-
 UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c|  25 -
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c   | 155 ---
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h   |  21 +++-
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf |   1 +
 5 files changed, 197 insertions(+), 45 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
index fb4a44eab6..f7479fc74d 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
@@ -765,10 +765,11 @@ SmmRestoreCpu (
   SMM_S3_RESUME_STATE   *SmmS3ResumeState;
   IA32_DESCRIPTOR   Ia32Idtr;
   IA32_DESCRIPTOR   X64Idtr;
   IA32_IDT_GATE_DESCRIPTOR  IdtEntryTable[EXCEPTION_VECTOR_NUMBER];
   EFI_STATUSStatus;
+  UINTN Index;
 
   DEBUG ((DEBUG_INFO, "SmmRestoreCpu()\n"));
 
   mSmmS3Flag = TRUE;
 
@@ -822,13 +823,48 @@ SmmRestoreCpu (
 //
 InitializeCpuBeforeRebase ();
   }
 
   //
-  // Restore SMBASE for BSP and all APs
+  // Retrive the allocated SmmBase from gSmmBaseHobGuid. If found,
+  // means the SmBase relocation has been done.
+  //
+  if (GetFirstGuidHob () != NULL) {
+mSmBaseRelocationDone = TRUE;
+  } else {
+mSmBaseRelocationDone = FALSE;
+  }
+
+  //
+  // Check whether Smm Relocation is done or not.
+  // If not, will do the SmmBases Relocation here!!!
   //
-  SmmRelocateBases ();
+  if (!mSmBaseRelocationDone) {
+//
+// Restore SMBASE for BSP and all APs
+//
+SmmRelocateBases ();
+  } else {
+mSmmInitialized = (BOOLEAN *)AllocateZeroPool (sizeof (BOOLEAN) * 
mMaxNumberOfCpus);
+ASSERT (mSmmInitialized != NULL);
+
+mBspApicId = GetApicId ();
+
+//
+// Issue SMI IPI (All Excluding Self SMM IPI + BSP SMM IPI) for SMM init
+//
+SendSmiIpi (mBspApicId);
+SendSmiIpiAllExcludingSelf ();
+
+//
+// Wait for all processors to finish its 1st SMI
+//
+for (Index = 0; Index < mNumberOfCpus; Index++) {
+  while (mSmmInitialized[Index] == FALSE) {
+  }
+}
+  }
 
   //
   // Skip initialization if mAcpiCpuData is not valid
   //
   if (mAcpiCpuData.NumberOfCpus > 0) {
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
index a0967eb69c..b4339eef48 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
@@ -1728,10 +1728,29 @@ SmiRendezvous (
   // when using on-demand paging for above 4G memory.
   //
   Cr2 = 0;
   SaveCr2 ();
 
+  if (mSmBaseRelocationDone && !mSmmInitialized[CpuIndex]) {
+//
+// Perform SmmInitHandler for CpuIndex
+//
+SmmInitHandler ();
+
+//
+// Restore Cr2
+//
+RestoreCr2 (Cr2);
+
+//
+// Mark the first SMI init for CpuIndex has been done so as to avoid the 
reentry.
+//
+mSmmInitialized[CpuIndex] = TRUE;
+
+return;
+  }
+
   //
   // Call the user register Startup function first.
   //
   if (mSmmMpSyncData->StartupProcedure != NULL) {
 mSmmMpSyncData->StartupProcedure (mSmmMpSyncData->StartupProcArgs);
@@ -1882,13 +1901,13 @@ Exit:
   //
   RestoreCr2 (Cr2);
 }
 
 /**
-  Initialize PackageBsp Info. Processor specified by 
mPackageFirstThreadIndex[PackageIndex]
-  will do the package-scope register programming. Set default CpuIndex to 
(UINT32)-1, which
-  means not specified yet.
+  Initialize mPackageFirstThreadIndex Info. Processor specified by 
mPackageFirstThreadIndex[PackageIndex]
+  will do the package-scope register programming. Set default CpuIndex to 
(UINT32)-1, which means not
+  specified yet.
 
 **/
 VOID
 InitPackageFirstThreadIndexInfo (
   VOID
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c
index 655175a2c6..aa1700ba58