From 9108fc17b09cf89a6dad0dcad3e15fb884ccf707 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Mon, 23 Sep 2019 11:41:41 +0200 Subject: [PATCH] OvmfPkg/SmmAccess: close and lock SMRAM at default SMBASE During normal boot, when EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL is installed by platform BDS, the SMM IPL locks SMRAM (TSEG) through EFI_SMM_ACCESS2_PROTOCOL.Lock(). See SmmIplReadyToLockEventNotify() in "MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c". During S3 resume, S3Resume2Pei locks SMRAM (TSEG) through PEI_SMM_ACCESS_PPI.Lock(), before executing the boot script. See S3ResumeExecuteBootScript() in "UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c". Those are precisely the places where the SMRAM at the default SMBASE should be locked too. Add such an action to SmramAccessLock(). Notes: - The SMRAM at the default SMBASE doesn't support the "closed and unlocked" state (and so it can't be closed without locking it, and it cannot be opened after closing it). - The SMRAM at the default SMBASE isn't (and shouldn't) be exposed with another EFI_SMRAM_DESCRIPTOR in the GetCapabilities() members of EFI_SMM_ACCESS2_PROTOCOL / PEI_SMM_ACCESS_PPI. That's because the SMRAM in question is not "general purpose"; it's only QEMU's solution to protect the initial SMI handler from the OS, when a VCPU is hot-plugged. Consequently, the state of the SMRAM at the default SMBASE is not reflected in the "OpenState" / "LockState" fields of the protocol and PPI. - An alternative to extending SmramAccessLock() would be to register an EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL notify in SmmAccess2Dxe (for locking at normal boot), and an EDKII_S3_SMM_INIT_DONE_GUID PPI notify in SmmAccessPei (for locking at S3 resume). Cc: Ard Biesheuvel Cc: Jordan Justen Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1512 Signed-off-by: Laszlo Ersek Reviewed-by: Jiewen Yao Message-Id: <20200129214412.2361-10-lersek@redhat.com> Reviewed-by: Ard Biesheuvel --- OvmfPkg/SmmAccess/SmmAccess2Dxe.c | 7 +++++++ OvmfPkg/SmmAccess/SmmAccess2Dxe.inf | 1 + OvmfPkg/SmmAccess/SmmAccessPei.c | 6 ++++++ OvmfPkg/SmmAccess/SmmAccessPei.inf | 1 + OvmfPkg/SmmAccess/SmramInternal.c | 25 +++++++++++++++++++++++++ OvmfPkg/SmmAccess/SmramInternal.h | 8 ++++++++ 6 files changed, 48 insertions(+) diff --git a/OvmfPkg/SmmAccess/SmmAccess2Dxe.c b/OvmfPkg/SmmAccess/SmmAccess2Dxe.c index e098f6f15f..3691a6cd1f 100644 --- a/OvmfPkg/SmmAccess/SmmAccess2Dxe.c +++ b/OvmfPkg/SmmAccess/SmmAccess2Dxe.c @@ -145,6 +145,13 @@ SmmAccess2DxeEntryPoint ( InitQ35TsegMbytes (); GetStates (&mAccess2.LockState, &mAccess2.OpenState); + + // + // SmramAccessLock() depends on "mQ35SmramAtDefaultSmbase"; init the latter + // just before exposing the former via EFI_SMM_ACCESS2_PROTOCOL.Lock(). + // + InitQ35SmramAtDefaultSmbase (); + return gBS->InstallMultipleProtocolInterfaces (&ImageHandle, &gEfiSmmAccess2ProtocolGuid, &mAccess2, NULL); diff --git a/OvmfPkg/SmmAccess/SmmAccess2Dxe.inf b/OvmfPkg/SmmAccess/SmmAccess2Dxe.inf index 7ced6b4e7f..d86381d0fb 100644 --- a/OvmfPkg/SmmAccess/SmmAccess2Dxe.inf +++ b/OvmfPkg/SmmAccess/SmmAccess2Dxe.inf @@ -49,6 +49,7 @@ gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire [Pcd] + gUefiOvmfPkgTokenSpaceGuid.PcdQ35SmramAtDefaultSmbase gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes [Depex] diff --git a/OvmfPkg/SmmAccess/SmmAccessPei.c b/OvmfPkg/SmmAccess/SmmAccessPei.c index d67850651c..c8bbc17e90 100644 --- a/OvmfPkg/SmmAccess/SmmAccessPei.c +++ b/OvmfPkg/SmmAccess/SmmAccessPei.c @@ -372,6 +372,12 @@ SmmAccessPeiEntryPoint ( CopyMem (GuidHob, &SmramMap[DescIdxSmmS3ResumeState], sizeof SmramMap[DescIdxSmmS3ResumeState]); + // + // SmramAccessLock() depends on "mQ35SmramAtDefaultSmbase"; init the latter + // just before exposing the former via PEI_SMM_ACCESS_PPI.Lock(). + // + InitQ35SmramAtDefaultSmbase (); + // // We're done. The next step should succeed, but even if it fails, we can't // roll back the above BuildGuidHob() allocation, because PEI doesn't support diff --git a/OvmfPkg/SmmAccess/SmmAccessPei.inf b/OvmfPkg/SmmAccess/SmmAccessPei.inf index d73a029cc7..1698c4ce6c 100644 --- a/OvmfPkg/SmmAccess/SmmAccessPei.inf +++ b/OvmfPkg/SmmAccess/SmmAccessPei.inf @@ -54,6 +54,7 @@ gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire [Pcd] + gUefiOvmfPkgTokenSpaceGuid.PcdQ35SmramAtDefaultSmbase gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes [Ppis] diff --git a/OvmfPkg/SmmAccess/SmramInternal.c b/OvmfPkg/SmmAccess/SmramInternal.c index 09657d0f9b..0b07dc667b 100644 --- a/OvmfPkg/SmmAccess/SmramInternal.c +++ b/OvmfPkg/SmmAccess/SmramInternal.c @@ -21,6 +21,12 @@ // UINT16 mQ35TsegMbytes; +// +// The value of PcdQ35SmramAtDefaultSmbase is saved into this variable at +// module startup. +// +STATIC BOOLEAN mQ35SmramAtDefaultSmbase; + /** Save PcdQ35TsegMbytes into mQ35TsegMbytes. **/ @@ -32,6 +38,17 @@ InitQ35TsegMbytes ( mQ35TsegMbytes = PcdGet16 (PcdQ35TsegMbytes); } +/** + Save PcdQ35SmramAtDefaultSmbase into mQ35SmramAtDefaultSmbase. +**/ +VOID +InitQ35SmramAtDefaultSmbase ( + VOID + ) +{ + mQ35SmramAtDefaultSmbase = PcdGetBool (PcdQ35SmramAtDefaultSmbase); +} + /** Read the MCH_SMRAM and ESMRAMC registers, and update the LockState and OpenState fields in the PEI_SMM_ACCESS_PPI / EFI_SMM_ACCESS2_PROTOCOL object, @@ -125,6 +142,14 @@ SmramAccessLock ( PciOr8 (DRAMC_REGISTER_Q35 (MCH_ESMRAMC), MCH_ESMRAMC_T_EN); PciOr8 (DRAMC_REGISTER_Q35 (MCH_SMRAM), MCH_SMRAM_D_LCK); + // + // Close & lock the SMRAM at the default SMBASE, if it exists. + // + if (mQ35SmramAtDefaultSmbase) { + PciWrite8 (DRAMC_REGISTER_Q35 (MCH_DEFAULT_SMBASE_CTL), + MCH_DEFAULT_SMBASE_LCK); + } + GetStates (LockState, OpenState); if (*OpenState || !*LockState) { return EFI_DEVICE_ERROR; diff --git a/OvmfPkg/SmmAccess/SmramInternal.h b/OvmfPkg/SmmAccess/SmramInternal.h index 74d962b4ec..a4d8827adf 100644 --- a/OvmfPkg/SmmAccess/SmramInternal.h +++ b/OvmfPkg/SmmAccess/SmramInternal.h @@ -38,6 +38,14 @@ InitQ35TsegMbytes ( VOID ); +/** + Save PcdQ35SmramAtDefaultSmbase into mQ35SmramAtDefaultSmbase. +**/ +VOID +InitQ35SmramAtDefaultSmbase ( + VOID + ); + /** Read the MCH_SMRAM and ESMRAMC registers, and update the LockState and OpenState fields in the PEI_SMM_ACCESS_PPI / EFI_SMM_ACCESS2_PROTOCOL object,