diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c index 05fb455936..f891a81112 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c @@ -336,3 +336,17 @@ RestoreCr2 ( { return ; } + +/** + Return whether access to non-SMRAM is restricted. + + @retval TRUE Access to non-SMRAM is restricted. + @retval FALSE Access to non-SMRAM is not restricted. +*/ +BOOLEAN +IsRestrictedMemoryAccess ( + VOID + ) +{ + return TRUE; +} diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c index 69a04dfb23..723fd5042f 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c @@ -1431,15 +1431,17 @@ PerformRemainingTasks ( // SetMemMapAttributes (); - // - // For outside SMRAM, we only map SMM communication buffer or MMIO. - // - SetUefiMemMapAttributes (); + if (IsRestrictedMemoryAccess ()) { + // + // For outside SMRAM, we only map SMM communication buffer or MMIO. + // + SetUefiMemMapAttributes (); - // - // Set page table itself to be read-only - // - SetPageTableAttributes (); + // + // Set page table itself to be read-only + // + SetPageTableAttributes (); + } // // Configure SMM Code Access Check feature if available. diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h index 8c29f1a558..daf977f654 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -1450,4 +1450,15 @@ InitializeDataForMmMp ( VOID ); +/** + Return whether access to non-SMRAM is restricted. + + @retval TRUE Access to non-SMRAM is restricted. + @retval FALSE Access to non-SMRAM is not restricted. +*/ +BOOLEAN +IsRestrictedMemoryAccess ( + VOID + ); + #endif diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c index 7516f35055..733d107efd 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c @@ -1252,3 +1252,17 @@ RestoreCr2 ( AsmWriteCr2 (Cr2); } } + +/** + Return whether access to non-SMRAM is restricted. + + @retval TRUE Access to non-SMRAM is restricted. + @retval FALSE Access to non-SMRAM is not restricted. +*/ +BOOLEAN +IsRestrictedMemoryAccess ( + VOID + ) +{ + return mCpuSmmRestrictedMemoryAccess; +}