1 /** @file
2 X64 processor specific functions to enable SMM profile.
3
4 Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include "PiSmmCpuDxeSmm.h"
16 #include "SmmProfileInternal.h"
17
18 //
19 // Current page index.
20 //
21 UINTN mPFPageIndex;
22
23 //
24 // Pool for dynamically creating page table in page fault handler.
25 //
26 UINT64 mPFPageBuffer;
27
28 //
29 // Store the uplink information for each page being used.
30 //
31 UINT64 *mPFPageUplink[MAX_PF_PAGE_COUNT];
32
33 /**
34 Create SMM page table for S3 path.
35
36 **/
37 VOID
InitSmmS3Cr3(VOID)38 InitSmmS3Cr3 (
39 VOID
40 )
41 {
42 EFI_PHYSICAL_ADDRESS Pages;
43 UINT64 *PTEntry;
44
45 //
46 // Generate PAE page table for the first 4GB memory space
47 //
48 Pages = Gen4GPageTable (1, FALSE);
49
50 //
51 // Fill Page-Table-Level4 (PML4) entry
52 //
53 PTEntry = (UINT64*)(UINTN)(Pages - EFI_PAGES_TO_SIZE (1));
54 *PTEntry = Pages | PAGE_ATTRIBUTE_BITS;
55 ZeroMem (PTEntry + 1, EFI_PAGE_SIZE - sizeof (*PTEntry));
56
57 //
58 // Return the address of PML4 (to set CR3)
59 //
60 mSmmS3ResumeState->SmmS3Cr3 = (UINT32)(UINTN)PTEntry;
61
62 return ;
63 }
64
65 /**
66 Allocate pages for creating 4KB-page based on 2MB-page when page fault happens.
67
68 **/
69 VOID
InitPagesForPFHandler(VOID)70 InitPagesForPFHandler (
71 VOID
72 )
73 {
74 VOID *Address;
75
76 //
77 // Pre-Allocate memory for page fault handler
78 //
79 Address = NULL;
80 Address = AllocatePages (MAX_PF_PAGE_COUNT);
81 ASSERT_EFI_ERROR (Address != NULL);
82
83 mPFPageBuffer = (UINT64)(UINTN) Address;
84 mPFPageIndex = 0;
85 ZeroMem ((VOID *) (UINTN) mPFPageBuffer, EFI_PAGE_SIZE * MAX_PF_PAGE_COUNT);
86 ZeroMem (mPFPageUplink, sizeof (mPFPageUplink));
87
88 return;
89 }
90
91 /**
92 Allocate one page for creating 4KB-page based on 2MB-page.
93
94 @param Uplink The address of Page-Directory entry.
95
96 **/
97 VOID
AcquirePage(UINT64 * Uplink)98 AcquirePage (
99 UINT64 *Uplink
100 )
101 {
102 UINT64 Address;
103
104 //
105 // Get the buffer
106 //
107 Address = mPFPageBuffer + EFI_PAGES_TO_SIZE (mPFPageIndex);
108 ZeroMem ((VOID *) (UINTN) Address, EFI_PAGE_SIZE);
109
110 //
111 // Cut the previous uplink if it exists and wasn't overwritten
112 //
113 if ((mPFPageUplink[mPFPageIndex] != NULL) && ((*mPFPageUplink[mPFPageIndex] & PHYSICAL_ADDRESS_MASK) == Address)) {
114 *mPFPageUplink[mPFPageIndex] = 0;
115 }
116
117 //
118 // Link & Record the current uplink
119 //
120 *Uplink = Address | PAGE_ATTRIBUTE_BITS;
121 mPFPageUplink[mPFPageIndex] = Uplink;
122
123 mPFPageIndex = (mPFPageIndex + 1) % MAX_PF_PAGE_COUNT;
124 }
125
126 /**
127 Update page table to map the memory correctly in order to make the instruction
128 which caused page fault execute successfully. And it also save the original page
129 table to be restored in single-step exception.
130
131 @param PageTable PageTable Address.
132 @param PFAddress The memory address which caused page fault exception.
133 @param CpuIndex The index of the processor.
134 @param ErrorCode The Error code of exception.
135 @param IsValidPFAddress The flag indicates if SMM profile data need be added.
136
137 **/
138 VOID
RestorePageTableAbove4G(UINT64 * PageTable,UINT64 PFAddress,UINTN CpuIndex,UINTN ErrorCode,BOOLEAN * IsValidPFAddress)139 RestorePageTableAbove4G (
140 UINT64 *PageTable,
141 UINT64 PFAddress,
142 UINTN CpuIndex,
143 UINTN ErrorCode,
144 BOOLEAN *IsValidPFAddress
145 )
146 {
147 UINTN PTIndex;
148 UINT64 Address;
149 BOOLEAN Nx;
150 BOOLEAN Existed;
151 UINTN Index;
152 UINTN PFIndex;
153
154 ASSERT ((PageTable != NULL) && (IsValidPFAddress != NULL));
155
156 //
157 // If page fault address is 4GB above.
158 //
159
160 //
161 // Check if page fault address has existed in page table.
162 // If it exists in page table but page fault is generated,
163 // there are 2 possible reasons: 1. present flag is set to 0; 2. instruction fetch in protected memory range.
164 //
165 Existed = FALSE;
166 PageTable = (UINT64*)(AsmReadCr3 () & PHYSICAL_ADDRESS_MASK);
167 PTIndex = BitFieldRead64 (PFAddress, 39, 47);
168 if ((PageTable[PTIndex] & IA32_PG_P) != 0) {
169 // PML4E
170 PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
171 PTIndex = BitFieldRead64 (PFAddress, 30, 38);
172 if ((PageTable[PTIndex] & IA32_PG_P) != 0) {
173 // PDPTE
174 PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
175 PTIndex = BitFieldRead64 (PFAddress, 21, 29);
176 // PD
177 if ((PageTable[PTIndex] & IA32_PG_PS) != 0) {
178 //
179 // 2MB page
180 //
181 Address = (UINT64)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
182 if ((Address & PHYSICAL_ADDRESS_MASK & ~((1ull << 21) - 1)) == ((PFAddress & PHYSICAL_ADDRESS_MASK & ~((1ull << 21) - 1)))) {
183 Existed = TRUE;
184 }
185 } else {
186 //
187 // 4KB page
188 //
189 PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
190 if (PageTable != 0) {
191 //
192 // When there is a valid entry to map to 4KB page, need not create a new entry to map 2MB.
193 //
194 PTIndex = BitFieldRead64 (PFAddress, 12, 20);
195 Address = (UINT64)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
196 if ((Address & PHYSICAL_ADDRESS_MASK & ~((1ull << 12) - 1)) == (PFAddress & PHYSICAL_ADDRESS_MASK & ~((1ull << 12) - 1))) {
197 Existed = TRUE;
198 }
199 }
200 }
201 }
202 }
203
204 //
205 // If page entry does not existed in page table at all, create a new entry.
206 //
207 if (!Existed) {
208
209 if (IsAddressValid (PFAddress, &Nx)) {
210 //
211 // If page fault address above 4GB is in protected range but it causes a page fault exception,
212 // Will create a page entry for this page fault address, make page table entry as present/rw and execution-disable.
213 // this access is not saved into SMM profile data.
214 //
215 *IsValidPFAddress = TRUE;
216 }
217
218 //
219 // Create one entry in page table for page fault address.
220 //
221 SmiDefaultPFHandler ();
222 //
223 // Find the page table entry created just now.
224 //
225 PageTable = (UINT64*)(AsmReadCr3 () & PHYSICAL_ADDRESS_MASK);
226 PFAddress = AsmReadCr2 ();
227 // PML4E
228 PTIndex = BitFieldRead64 (PFAddress, 39, 47);
229 PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
230 // PDPTE
231 PTIndex = BitFieldRead64 (PFAddress, 30, 38);
232 PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
233 // PD
234 PTIndex = BitFieldRead64 (PFAddress, 21, 29);
235 Address = PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK;
236 //
237 // Check if 2MB-page entry need be changed to 4KB-page entry.
238 //
239 if (IsAddressSplit (Address)) {
240 AcquirePage (&PageTable[PTIndex]);
241
242 // PTE
243 PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
244 for (Index = 0; Index < 512; Index++) {
245 PageTable[Index] = Address | PAGE_ATTRIBUTE_BITS;
246 if (!IsAddressValid (Address, &Nx)) {
247 PageTable[Index] = PageTable[Index] & (INTN)(INT32)(~PAGE_ATTRIBUTE_BITS);
248 }
249 if (Nx && mXdSupported) {
250 PageTable[Index] = PageTable[Index] | IA32_PG_NX;
251 }
252 if (Address == (PFAddress & PHYSICAL_ADDRESS_MASK & ~((1ull << 12) - 1))) {
253 PTIndex = Index;
254 }
255 Address += SIZE_4KB;
256 } // end for PT
257 } else {
258 //
259 // Update 2MB page entry.
260 //
261 if (!IsAddressValid (Address, &Nx)) {
262 //
263 // Patch to remove present flag and rw flag.
264 //
265 PageTable[PTIndex] = PageTable[PTIndex] & (INTN)(INT32)(~PAGE_ATTRIBUTE_BITS);
266 }
267 //
268 // Set XD bit to 1
269 //
270 if (Nx && mXdSupported) {
271 PageTable[PTIndex] = PageTable[PTIndex] | IA32_PG_NX;
272 }
273 }
274 }
275
276 //
277 // Record old entries with non-present status
278 // Old entries include the memory which instruction is at and the memory which instruction access.
279 //
280 //
281 ASSERT (mPFEntryCount[CpuIndex] < MAX_PF_ENTRY_COUNT);
282 if (mPFEntryCount[CpuIndex] < MAX_PF_ENTRY_COUNT) {
283 PFIndex = mPFEntryCount[CpuIndex];
284 mLastPFEntryValue[CpuIndex][PFIndex] = PageTable[PTIndex];
285 mLastPFEntryPointer[CpuIndex][PFIndex] = &PageTable[PTIndex];
286 mPFEntryCount[CpuIndex]++;
287 }
288
289 //
290 // Add present flag or clear XD flag to make page fault handler succeed.
291 //
292 PageTable[PTIndex] |= (UINT64)(PAGE_ATTRIBUTE_BITS);
293 if ((ErrorCode & IA32_PF_EC_ID) != 0) {
294 //
295 // If page fault is caused by instruction fetch, clear XD bit in the entry.
296 //
297 PageTable[PTIndex] &= ~IA32_PG_NX;
298 }
299
300 return;
301 }
302
303 /**
304 Clear TF in FLAGS.
305
306 @param SystemContext A pointer to the processor context when
307 the interrupt occurred on the processor.
308
309 **/
310 VOID
ClearTrapFlag(IN OUT EFI_SYSTEM_CONTEXT SystemContext)311 ClearTrapFlag (
312 IN OUT EFI_SYSTEM_CONTEXT SystemContext
313 )
314 {
315 SystemContext.SystemContextX64->Rflags &= (UINTN) ~BIT8;
316 }
317