On 11/15/16 03:47, Laszlo Ersek wrote: > On 11/11/16 13:59, Laszlo Ersek wrote: >> On 11/11/16 13:53, Yao, Jiewen wrote: >>> Sorry, I did not explain it clear enough before. >>> >>> Jeff is right. The NX fix is introduced in this patch series. >>> The reason is that when we update page table to protect the SMRAM, we would >>> like enable the protection as early as possible. >>> We moved the NX enabling code from C function to ASM function to achieve >>> that. >>> >>> You can see my GIT message in 5/6. >>> ============== >>> The XD enabling code is moved to SmiEntry to let NX take effect. >>> ============== >>> >>> Unfortunately, I introduced a bug there. You help to catch it and now I fix >>> it. >>> It is not related to current code. >>> >>> What about your idea? >> >> Right, I missed that the XD handling in SmiEntry.nasm was brand new code >> added by this series. So, the current structure of both series should be >> fine; I should be able to start testing them (hopefully) soon. > > Jeff's v2 series was fine, and it is now committed (see > <https://bugzilla.tianocore.org/show_bug.cgi?id=216#c2>). > > However, in order to test it successfully with OVMF, I needed the > patches linked in <https://bugzilla.tianocore.org/show_bug.cgi?id=230>. > I intend to test this v3 series too with those (QEMU and OVMF) patches > applied. I hope I can get to it tomorrow or so.
(1) I tested this series as fetched from Jiewen's public SmmProtection_V3_Rebase branch (which is based on current master, ec8a38770090 "UefiCpuPkg/PiSmmCpuDxeSmm: Decrease mNumberToFinish in AP safe code"), *plus* I applied the QEMU and OVMF patches listed in <https://bugzilla.tianocore.org/show_bug.cgi?id=230#c3> and <https://bugzilla.tianocore.org/show_bug.cgi?id=230#c4>. series OVMF VCPU boot S3 resume # applied platform PcdCpuMaxLogicalProcessorNumber PcdCpuSmmStaticPageTable topology result result -- ------- -------- ------------------------------- ------------------------ -------- ------ --------- 1 no Ia32 64 n/a 1x2x2 pass pass 4 no Ia32X64 64 n/a 1x2x2 pass pass 7 v3 Ia32 64 FALSE 1x2x2 pass pass (40 cycles) 8 v3 Ia32 64 TRUE 1x2x2 pass pass (40 cycles) 13 v3 Ia32X64 64 FALSE 1x2x2 pass pass (40 cycles) 14 v3 Ia32X64 64 TRUE 1x2x2 pass pass (40 cycles) For patches #1 through #5: Tested-by: Laszlo Ersek <ler...@redhat.com> (2) Jiewen, after this series is reviewed and you commit it, can you please submit an OvmfPkg patch for addressing the following messages in the log: > SMM !!!!!!!! InsertImageRecord - Section Alignment(0x20) is not 4K !!!!!!!! For that, I believe we need a patch similar to: commit ddd89cd50dd3a989e58a75ed38011168e3ec0954 Author: Ard Biesheuvel <ard.biesheu...@linaro.org> Date: Wed Sep 30 08:53:00 2015 +0000 OvmfPkg: set 4 KB section alignment for DXE_RUNTIME_DRIVER modules Increase the section alignment to 4 KB for DXE_RUNTIME_DRIVER modules. This allows the OS to map them with tightened permissions (i.e., R-X for .text and RW- for .data). This is a prerequisite for enabling the EFI_PROPERTIES_RUNTIME_MEMORY_PROTECTION_NON_EXECUTABLE_PE_DATA (sic) feature that was introduced in UEFIv2.5. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheu...@linaro.org> Reviewed-by: Laszlo Ersek <ler...@redhat.com> Reviewed-by: Jordan Justen <jordan.l.jus...@intel.com> Tested-by: Laszlo Ersek <ler...@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18564 6f19259b-4bc3-4df7-8a09-765794883524 just that it should be for DXE_SMM_DRIVER and for SMM_CORE. ... Basically, please submit patch #6 for OvmfPkg as well. (I can test that too for you, but I prefer to see this series committed first, so this patch should be separate.) Thank you, Laszlo _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
