There are three PCDs that may impact the behavior of each other in SMM environment: PcdCpuSmmProfileEnable PcdHeapGuardPropertyMask in MdeModulePkg PcdCpuSmmRestrictedMemoryAccess
The patch updates the comments in DEC file to document it. Signed-off-by: Ray Ni <ray...@intel.com> Cc: Eric Dong <eric.d...@intel.com> Cc: Jiewen Yao <jiewen....@intel.com> Cc: Laszlo Ersek <ler...@redhat.com> --- UefiCpuPkg/UefiCpuPkg.dec | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index 83acd33612..9a03bdd716 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -81,7 +81,8 @@ [Ppis] [PcdsFeatureFlag] ## Indicates if SMM Profile will be enabled. # If enabled, instruction executions in and data accesses to memory outside of SMRAM will be logged. - # It could not be enabled at the same time with SMM static page table feature (PcdCpuSmmStaticPageTable). + # In X64 build, it could not be enabled when PcdCpuSmmRestrictedMemoryAccess is TRUE. + # In IA32 build, the page table memory is not marked as read-only when it is enabled. # This PCD is only for validation purpose. It should be set to false in production.<BR><BR> # TRUE - SMM Profile will be enabled.<BR> # FALSE - SMM Profile will be disabled.<BR> @@ -285,6 +286,11 @@ [PcdsFixedAtBuild.X64, PcdsPatchableInModule.X64, PcdsDynamic.X64, PcdsDynamicEx # The PCD value is considered as constantly TRUE in IA32 platforms. # When the PCD value is TRUE, page table is initialized to cover all memory spaces # and the memory occupied by page table is protected by page table itself as read-only. + # In X64 build, it cannot be enabled at the same time with SMM profile feature (PcdCpuSmmProfileEnable). + # In X64 build, it could not be enabled also at the same time with heap guard feature for SMM + # (PcdHeapGuardPropertyMask in MdeModulePkg). + # In IA32 build, page table memory is not marked as read-only when either SMM profile feature (PcdCpuSmmProfileEnable) + # or heap guard feature for SMM (PcdHeapGuardPropertyMask in MdeModulePkg) is enabled. # TRUE - Access to non-SMRAM memory is restricted to reserved, runtime and ACPI NVS type after SmmReadyToLock.<BR> # FALSE - Access to any type of non-SMRAM memory after SmmReadyToLock is allowed.<BR> # @Prompt Access to non-SMRAM memory is restricted to reserved, runtime and ACPI NVS type after SmmReadyToLock. -- 2.21.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#46347): https://edk2.groups.io/g/devel/message/46347 Mute This Topic: https://groups.io/mt/33027101/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-