Branch: refs/heads/master
Home: https://github.com/tianocore/edk2
Commit: e67f405713f0cc1e8c4cb266bf9cd11a89ff162f
https://github.com/tianocore/edk2/commit/e67f405713f0cc1e8c4cb266bf9cd11a89ff162f
Author: Oliver Smith-Denny <[email protected]>
Date: 2025-10-23 (Thu, 23 Oct 2025)
Changed paths:
M UefiCpuPkg/CpuDxe/CpuDxe.inf
M UefiCpuPkg/CpuDxe/CpuMp.c
M UefiCpuPkg/CpuMpPei/CpuMpPei.c
Log Message:
-----------
UefiCpuPkg: Always Initialize Separate AP Exception Stacks
Today, CpuMpPei and CpuDxe only initialize separate exception
stacks for the APs when PcdCpuStackGuard is enabled so that
if a stack overflow occurs, hitting the guard page, the exception
can be handler with a separate stack.
However, this operation also creates a separate GDT for each AP.
This is a safer option than all APs sharing the BSP's GDT because
there are issues with concurrent access to the structures contained
within. Furthermore, even when a stack guard page is not present,
stack overflows can still occur and corrupt the stack; if an
exception is taken here, it is still valuable to have a separate
exception stack for sanity.
This commit updates CpuMpPei and CpuDxe to always create separate
exception stacks for the APs (and therefore separate GDTs).
Signed-off-by: Oliver Smith-Denny <[email protected]>
Commit: 34cd1aca46b9d2fec67f3f25c9457fc6179c09ed
https://github.com/tianocore/edk2/commit/34cd1aca46b9d2fec67f3f25c9457fc6179c09ed
Author: Oliver Smith-Denny <[email protected]>
Date: 2025-10-23 (Thu, 23 Oct 2025)
Changed paths:
M UefiCpuPkg/Library/MpInitLib/MpLib.c
Log Message:
-----------
UefiCpuPkg: MpInitLib: Fix Task Register Race Condition GP Fault
TR is used to enable a separate safe stack when a stack overflow occurs.
When PEI starts up the APs, TR is non-zero and so each processor has its
own GDT. TR is an offset into the GDT and so points to a different TSS
entry in each AP.
There is a small window in early DXE after MpInitLibInitialize() is
called where:
- TR is non-zero because it has been inherited from the PEI phase
- TR is not restored to 0
- The APs are all switched to using the BSP's GDT
- SaveVolatileRegisters() is called from ApWakeupFunction() before the
APs go to sleep, which saves the non-zero TR value to
CpuMpData->CpuData[].VolatileRegisters.Tr, cause TR to point to the
same TSS entry in the BSP's GDT
- The next time the APs are woken up, RestoreVolatileRegisters() is
called from ApWakeupFunction() which would attempt to load the non-zero
TR value into the actual task register, which creates a race condition
to a #GP fault because loading the task register sets the busy bit in
the TSS descriptor and a #GP fault occurs if the busy bit is already
set when loading the task register.
To avoid this issue, the task register is only loaded if TR is non-zero
and the TSS descriptor is valid and not busy. HW sets the busy bit and
does not clear it. edk2 does not clear the busy bit, so the BSP's TSS
descriptor will be marked busy forever and the APs will not load the
task register until they have their own GDT/TSS set up.
Co-authored-by: Ray Ni <[email protected]>
Signed-off-by: Oliver Smith-Denny <[email protected]>
Commit: 1d6f2f0d8d4fb967df4a54d0734f1c4cee32bf88
https://github.com/tianocore/edk2/commit/1d6f2f0d8d4fb967df4a54d0734f1c4cee32bf88
Author: Oliver Smith-Denny <[email protected]>
Date: 2025-10-23 (Thu, 23 Oct 2025)
Changed paths:
M
MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.c
Log Message:
-----------
MdeModulePkg: CpuExceptionHandlerLibNull: Return Success On Null Func
Currently, CpuExceptionHandlerLibNull returns EFI_UNSUPPORTED for
InitializeSeparateExceptionStacks. However, CpuMpPei, CpuDxe, and
DXE Core are all moving to call this function unconditionally and
expect it returns success. As such, the null lib is updated to
return success.
This fixes a hang on EmulatorPkg where DXE Core asserts if this
function returns an error.
Signed-off-by: Oliver Smith-Denny <[email protected]>
Commit: cec2c6bbccf7b529266884dbef25ad212bf167d5
https://github.com/tianocore/edk2/commit/cec2c6bbccf7b529266884dbef25ad212bf167d5
Author: Oliver Smith-Denny <[email protected]>
Date: 2025-10-23 (Thu, 23 Oct 2025)
Changed paths:
M MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
Log Message:
-----------
MdeModulePkg: Always Initialize Separate Exception Stacks
Following the APs now always initializing separate exception
stacks, this commit always initializes a separate exception
stack for the BSP as well. Previously, this was only enabled
when PcdCpuStackGuard was set.
However, even when a stack guard page is not present,
stack overflows can still occur and corrupt the stack; if an
exception is taken here, it is still valuable to have a separate
exception stack for sanity.
Signed-off-by: Oliver Smith-Denny <[email protected]>
Compare: https://github.com/tianocore/edk2/compare/f64b4065b7d3...cec2c6bbccf7
To unsubscribe from these emails, change your notification settings at
https://github.com/tianocore/edk2/settings/notifications
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
