diff --git a/MdeModulePkg/MdeModulePkg.ci.yaml b/MdeModulePkg/MdeModulePkg.ci.yaml
index cbdd8dfddc..85c3287643 100644
--- a/MdeModulePkg/MdeModulePkg.ci.yaml
+++ b/MdeModulePkg/MdeModulePkg.ci.yaml
@@ -91,6 +91,9 @@
## options defined .pytool/Plugin/LibraryClassCheck
"LibraryClassCheck": {
+ "IgnoreLibraryClass": [
+ "HwResetSystemLib" # MU_CHANGE - "Virtual" LibraryClass
+ ],
"IgnoreHeaderFile": []
},
diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc
index f5f7da0fa6..5e539988d0 100644
--- a/MdeModulePkg/MdeModulePkg.dsc
+++ b/MdeModulePkg/MdeModulePkg.dsc
@@ -86,6 +86,8 @@
DebugAgentLib|MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf
PlatformHookLib|MdeModulePkg/Library/BasePlatformHookLibNull/BasePlatformHookLibNull.inf
ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf
+ ResetUtilityLib|MdeModulePkg/Library/ResetUtilityLib/ResetUtilityLib.inf ## MU_CHANGE
+ HwResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf ## MU_CHANGE
SmbusLib|MdePkg/Library/DxeSmbusLib/DxeSmbusLib.inf
S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf
CpuExceptionHandlerLib|MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.inf
diff --git a/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf b/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
index 601eada170..ee95f30efc 100644
--- a/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
@@ -64,6 +64,7 @@
PrintLib
BaseMemoryLib
CacheMaintenanceLib
+ ResetUtilityLib ## MU_CHANGE
[LibraryClasses.X64]
UefiLib
@@ -74,6 +75,7 @@
## SOMETIMES_PRODUCES ## Variable:L"CapsuleLongModeBuffer" # The long mode buffer used by IA32 Capsule PEIM to call X64 CapsuleCoalesce code to handle >4GB capsule blocks
gEfiCapsuleVendorGuid
gEfiFmpCapsuleGuid ## SOMETIMES_CONSUMES ## GUID # FMP capsule GUID
+ gCapsuleArmedResetGuid ## SOMETIMES_CONSUMES # MU_CHANGE
[Protocols]
gEfiCapsuleArchProtocolGuid ## PRODUCES
diff --git a/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleService.c b/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleService.c
index f8047c23e1..17416f5423 100644
--- a/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleService.c
+++ b/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleService.c
@@ -5,12 +5,16 @@
the capsule runtime services are ready.
Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation.
+
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include "CapsuleService.h"
+#include // MU_CHANGE - ResetSystem refactoring.
+
//
// Handle for the installation of Capsule Architecture Protocol.
//
@@ -224,7 +228,8 @@ UpdateCapsule (
// will initiate a reset of the platform which is compatible with the passed-in capsule request and will
// not return back to the caller.
//
- EfiResetSystem (EfiResetWarm, EFI_SUCCESS, 0, NULL);
+ // MU_CHANGE_250018 - ResetSystem refactoring.
+ ResetSystemWithSubtype (EfiResetWarm, &gCapsuleArmedResetGuid);
}
}
diff --git a/MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf b/MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf
index 89f48bc49d..8cf51a6ebe 100644
--- a/MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf
+++ b/MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf
@@ -38,7 +38,7 @@
PeiServicesLib
HobLib
PeimEntryPoint
- ResetSystemLib
+ HwResetSystemLib ## MU_CHANGE - Use HW reset from reset arch providers.
ReportStatusCodeLib
[Ppis]
diff --git a/MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf b/MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
index a11e38b5b6..8f7484088b 100644
--- a/MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
@@ -32,7 +32,7 @@
MdeModulePkg/MdeModulePkg.dec
[LibraryClasses]
- ResetSystemLib
+ HwResetSystemLib ## MU_CHANGE - Use HwResetSystemLib
UefiRuntimeServicesTableLib
UefiRuntimeLib
UefiBootServicesTableLib
diff --git a/MdePkg/Include/Library/UefiRuntimeLib.h b/MdePkg/Include/Library/UefiRuntimeLib.h
index c5aca42aa1..c15f233ff9 100644
--- a/MdePkg/Include/Library/UefiRuntimeLib.h
+++ b/MdePkg/Include/Library/UefiRuntimeLib.h
@@ -323,6 +323,8 @@ EfiGetNextHighMonotonicCount (
OUT UINT32 *HighCount
);
+// MU_CHANGE [BEGIN] - Move EfiResetSystem out of UefiRuntimeLib and into ResetSystemLib.
+
/**
This service is a wrapper for the UEFI Runtime Service ResetSystem().
@@ -351,14 +353,15 @@ EfiGetNextHighMonotonicCount (
address. For a ResetType of EfiResetPlatformSpecific the data buffer also starts with a Null-terminated
string that is followed by an EFI_GUID that describes the specific type of reset to perform.
**/
-VOID
-EFIAPI
-EfiResetSystem (
- IN EFI_RESET_TYPE ResetType,
- IN EFI_STATUS ResetStatus,
- IN UINTN DataSize,
- IN VOID *ResetData OPTIONAL
- );
+// VOID
+// EFIAPI
+// EfiResetSystem (
+// IN EFI_RESET_TYPE ResetType,
+// IN EFI_STATUS ResetStatus,
+// IN UINTN DataSize,
+// IN VOID *ResetData OPTIONAL
+// );
+// MU_CHANGE [END] - Move EfiResetSystem out of UefiRuntimeLib and into ResetSystemLib.
/**
This service is a wrapper for the UEFI Runtime Service ConvertPointer().
diff --git a/MdePkg/Library/UefiRuntimeLib/RuntimeLib.c b/MdePkg/Library/UefiRuntimeLib/RuntimeLib.c
index 2563f6e060..755c64aba7 100644
--- a/MdePkg/Library/UefiRuntimeLib/RuntimeLib.c
+++ b/MdePkg/Library/UefiRuntimeLib/RuntimeLib.c
@@ -192,6 +192,8 @@ EfiGoneVirtual (
return mEfiGoneVirtual;
}
+// MU_CHANGE [BEGIN] - Move EfiResetSystem out of UefiRuntimeLib and into ResetSystemLib.
+
/**
This service is a wrapper for the UEFI Runtime Service ResetSystem().
@@ -221,17 +223,18 @@ EfiGoneVirtual (
that is followed by a physical VOID * to an EFI_CAPSULE_HEADER.
**/
-VOID
-EFIAPI
-EfiResetSystem (
- IN EFI_RESET_TYPE ResetType,
- IN EFI_STATUS ResetStatus,
- IN UINTN DataSize,
- IN VOID *ResetData OPTIONAL
- )
-{
- mInternalRT->ResetSystem (ResetType, ResetStatus, DataSize, ResetData);
-}
+// VOID
+// EFIAPI
+// EfiResetSystem (
+// IN EFI_RESET_TYPE ResetType,
+// IN EFI_STATUS ResetStatus,
+// IN UINTN DataSize,
+// IN VOID *ResetData OPTIONAL
+// )
+// {
+// mInternalRT->ResetSystem (ResetType, ResetStatus, DataSize, ResetData);
+// }
+// MU_CHANGE [END] - Move EfiResetSystem out of UefiRuntimeLib and into ResetSystemLib.
/**
This service is a wrapper for the UEFI Runtime Service GetTime().
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index 959fbfb899..b5819b4d59 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -886,6 +886,11 @@
#
gLinuxEfiInitrdMediaGuid = {0x5568e427, 0x68fc, 0x4f3d, {0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68}}
+ # MU_CHANGE [BEGIN] - Guid to use for gRT->ResetSystem() to indicate the type of reset that is being performed.
+ gCapsuleArmedResetGuid = {0xc6b4eea7, 0xfce2, 0x4625, {0x9c, 0x4f, 0xc4, 0xb0, 0x82, 0x37, 0xae, 0x23}}
+ gCapsuleUpdateCompleteResetGuid = {0x5d512714, 0xa4df, 0x4e46, {0xb6, 0xc7, 0xbc, 0x9f, 0x97, 0x9d, 0x59, 0xa0}}
+ # MU_CHANGE [END] - Guid to use for gRT->ResetSystem() to indicate the type of reset that is being performed.
+
## Include/Protocol/CcMeasurement.h
gEfiCcFinalEventsTableGuid = { 0xdd4a4648, 0x2de7, 0x4665, { 0x96, 0x4d, 0x21, 0xd9, 0xef, 0x5f, 0xb4, 0x46 }}
diff --git a/UefiCpuPkg/Include/Protocol/SmmExceptionTestProtocol.h b/UefiCpuPkg/Include/Protocol/SmmExceptionTestProtocol.h
new file mode 100644
index 0000000000..25432ee657
--- /dev/null
+++ b/UefiCpuPkg/Include/Protocol/SmmExceptionTestProtocol.h
@@ -0,0 +1,38 @@
+/** @file -- SmmExceptionTestProtocol.h
+A simple protocol to enable SMM exception handling being placed in test mode.
+
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef SMM_EXCEPTION_TEST_PROTOCOL_H_
+#define SMM_EXCEPTION_TEST_PROTOCOL_H_
+
+// B76383A1-0E70-4A3F-86B4-C6134C8E5723
+#define SMM_EXCEPTION_TEST_PROTOCOL_GUID \
+ { \
+ 0xb76383a1, 0x0e70, 0x4a3f, { 0x86, 0xb4, 0xc6, 0x13, 0x4c, 0x8e, 0x57, 0x23 } \
+ }
+
+extern EFI_GUID gSmmExceptionTestProtocolGuid;
+
+/**
+ Enable exception handling test mode.
+
+ NOTE: This should only work on debug builds, otherwise return EFI_UNSUPPORTED.
+
+ @retval EFI_SUCCESS Test mode enabled.
+ @retval EFI_UNSUPPORTED Test mode could not be enabled.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *SMM_ENABLE_EXCEPTION_TEST_MODE)(
+ VOID
+ );
+
+typedef struct _SMM_EXCEPTION_TEST_PROTOCOL {
+ SMM_ENABLE_EXCEPTION_TEST_MODE EnableTestMode;
+} SMM_EXCEPTION_TEST_PROTOCOL;
+
+#endif // SMM_EXCEPTION_TEST_PROTOCOL_H_
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c
index e400bee8d5..3d037e59af 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c
@@ -4,6 +4,7 @@ Agent Module to load other modules to deploy SMM Entry Vector for X86 CPU.
Copyright (c) 2009 - 2023, Intel Corporation. All rights reserved.
Copyright (c) 2017, AMD Incorporated. All rights reserved.
Copyright (C) 2023 - 2024 Advanced Micro Devices, Inc. All rights reserved.
+Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -126,6 +127,39 @@ SPIN_LOCK *mConfigSmmCodeAccessCheckLock = NULL;
//
EFI_SMRAM_DESCRIPTOR *mSmmCpuSmramRanges;
UINTN mSmmCpuSmramRangeCount;
+//
+// MU_CHANGE [BEGIN] - Add flag to enable "test mode" for the SMM protections.
+// NOTE: "Test mode" will only be enabled in DEBUG builds.
+// Flag to indicate exception handling should be in test mode.
+// This will cause exceptions to reset the system and/or log
+// additional telemetry.
+//
+
+/**
+ Enable exception handling test mode.
+
+ NOTE: This should only work on debug builds, otherwise return EFI_UNSUPPORTED.
+
+ @retval EFI_SUCCESS Test mode enabled.
+ @retval EFI_UNSUPPORTED Test mode could not be enabled.
+
+**/
+EFI_STATUS
+EFIAPI
+EnableSmmExceptionTestMode (
+ VOID
+ );
+
+//
+// Protocol for other drivers to enable test mode.
+//
+SMM_EXCEPTION_TEST_PROTOCOL mSmmExceptionTestProtocol = {
+ EnableSmmExceptionTestMode
+};
+EFI_HANDLE mSmmExceptionTestProtocolHandle = NULL;
+
+BOOLEAN mSmmRebootOnException = TRUE;
+// MU_CHANGE [END]
UINT8 mPhysicalAddressBits;
@@ -874,6 +908,8 @@ PiCpuSmmEntry (
EFI_COMPUTING_UNIT_HOST_PROCESSOR | EFI_CU_HP_PC_SMM_INIT
);
+ mSmmRebootOnException = PcdGetBool (PcdSmmExceptionRebootInsteadOfHaltDefault); // MS_CHANGE
+
//
// Find out SMRR Base and SMRR Size
//
@@ -1299,6 +1335,20 @@ PiCpuSmmEntry (
);
ASSERT_EFI_ERROR (Status);
+ // MU_CHANGE [BEGIN] - Add flag to enable "test mode" for the SMM protections.
+ // NOTE: "Test mode" will only be enabled in DEBUG builds.
+ if (FeaturePcdGet (PcdSmmExceptionTestModeSupport)) {
+ Status = gSmst->SmmInstallProtocolInterface (
+ &mSmmExceptionTestProtocolHandle,
+ &gSmmExceptionTestProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &mSmmExceptionTestProtocol
+ );
+ ASSERT_EFI_ERROR (Status);
+ }
+
+ // MU_CHANGE [END]
+
//
// Install the SMM Memory Attribute Protocol into SMM protocol database
//
@@ -1745,3 +1795,34 @@ PerformPreTasks (
{
RestoreSmmConfigurationInS3 ();
}
+
+// MU_CHANGE [BEGIN] - Add flag to enable "test mode" for the SMM protections.
+// NOTE: "Test mode" will only be enabled in DEBUG builds.
+
+/**
+ Enable exception handling test mode.
+
+ NOTE: This should only work on debug builds, otherwise return EFI_UNSUPPORTED.
+
+ @retval EFI_SUCCESS Test mode enabled.
+ @retval EFI_UNSUPPORTED Test mode could not be enabled.
+
+**/
+EFI_STATUS
+EFIAPI
+EnableSmmExceptionTestMode (
+ VOID
+ )
+{
+ EFI_STATUS Status = EFI_UNSUPPORTED;
+
+ if (FeaturePcdGet (PcdSmmExceptionTestModeSupport)) {
+ DEBUG ((DEBUG_INFO, "%a - Test mode enabled!\n", __func__));
+ mSmmRebootOnException = TRUE;
+ Status = EFI_SUCCESS;
+ }
+
+ return Status;
+}
+
+// MU_CHANGE [END]
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
index f42910ddf1..eba22b2145 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h
@@ -21,6 +21,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include
#include
#include
+#include // MU_CHANGE - Add support for testing SMM page protections
#include
#include
@@ -192,6 +193,13 @@ typedef struct {
#define INVALID_APIC_ID 0xFFFFFFFFFFFFFFFFULL
+// MU_CHANGE [BEGIN]
+typedef UINT32 SMM_CPU_ARRIVAL_EXCEPTIONS;
+#define ARRIVAL_EXCEPTION_BLOCKED 0x1
+#define ARRIVAL_EXCEPTION_DELAYED 0x2
+#define ARRIVAL_EXCEPTION_SMI_DISABLED 0x4
+// MU_CHANGE [END]
+
//
// Wrapper used to convert EFI_AP_PROCEDURE2 and EFI_AP_PROCEDURE.
//
@@ -296,6 +304,8 @@ EnableCet (
VOID
);
+extern BOOLEAN mSmmRebootOnException; // MU_CHANGE
+
//
// SMM CPU Protocol function prototypes.
//
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf
index 3354f94a64..23a3f1b1b3 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf
@@ -4,6 +4,7 @@
# This SMM driver performs SMM initialization, deploy SMM Entry Vector,
# provides CPU specific services in SMM.
#
+# Copyright (c) Microsoft Corporation.
# Copyright (c) 2009 - 2023, Intel Corporation. All rights reserved.
# Copyright (c) 2017, AMD Incorporated. All rights reserved.
# Copyright (C) 2023 - 2024 Advanced Micro Devices, Inc. All rights reserved.
@@ -97,6 +98,7 @@
SmmCpuFeaturesLib
PeCoffGetEntryPointLib
PerformanceLib
+ HwResetSystemLib ## MU_CHANGE - Use HwResetSystemLib
CpuPageTableLib
MmSaveStateLib
SmmCpuSyncLib
@@ -105,6 +107,7 @@
gEfiSmmAccess2ProtocolGuid ## CONSUMES
gEfiSmmConfigurationProtocolGuid ## PRODUCES
gEfiSmmCpuProtocolGuid ## PRODUCES
+ gSmmExceptionTestProtocolGuid ## PRODUCES ## MS_CHANGE
gEfiSmmReadyToLockProtocolGuid ## NOTIFY
gEfiSmmCpuServiceProtocolGuid ## PRODUCES
gEdkiiSmmMemoryAttributeProtocolGuid ## PRODUCES
@@ -129,7 +132,8 @@
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmProfileRingBuffer ## CONSUMES
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmFeatureControlMsrLock ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode ## CONSUMES
- gUefiCpuPkgTokenSpaceGuid.PcdSmmApPerfLogEnable ## CONSUMES
+ gUefiCpuPkgTokenSpaceGuid.PcdSmmExceptionTestModeSupport
+ gUefiCpuPkgTokenSpaceGuid.PcdSmmApPerfLogEnable
[Pcd]
gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber ## SOMETIMES_CONSUMES
@@ -147,6 +151,7 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ## CONSUMES
gEfiMdePkgTokenSpaceGuid.PcdControlFlowEnforcementPropertyMask ## CONSUMES
+ gUefiCpuPkgTokenSpaceGuid.PcdSmmExceptionRebootInsteadOfHaltDefault ## CONSUMES ## MS_CHANGE
[FixedPcd]
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmMpTokenCountPerChunk ## CONSUMES
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c
index 5964884762..23b77c8057 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c
@@ -1,6 +1,7 @@
/** @file
Page Fault (#PF) handler for X64 processors
+Copyright (c) Microsoft Corporation.
Copyright (c) 2009 - 2023, Intel Corporation. All rights reserved.
Copyright (c) 2017, AMD Incorporated. All rights reserved.
@@ -8,6 +9,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
**/
+#include // MU_CHANGE - Allow system to reset instead of halt in test mode.
+
#include "PiSmmCpuDxeSmm.h"
#define PAGE_TABLE_PAGES 8
@@ -878,8 +881,11 @@ SmiPFHandler (
if (mCpuSmmRestrictedMemoryAccess && (PFAddress >= LShiftU64 (1, (mPhysicalAddressBits - 1)))) {
DumpCpuContext (InterruptType, SystemContext);
DEBUG ((DEBUG_ERROR, "Do not support address 0x%lx by processor!\n", PFAddress));
- CpuDeadLoop ();
- goto Exit;
+ // MU_CHANGE [BEGIN] - Allow system to reset instead of halt in test mode.
+ goto HaltOrReboot;
+ // CpuDeadLoop ();
+ // goto Exit;
+ // MU_CHANGE [END] - Allow system to reset instead of halt in test mode.
}
//
@@ -923,8 +929,11 @@ SmiPFHandler (
}
}
- CpuDeadLoop ();
- goto Exit;
+ // MU_CHANGE [BEGIN] - Allow system to reset instead of halt in test mode.
+ goto HaltOrReboot;
+ // CpuDeadLoop ();
+ // goto Exit;
+ // MU_CHANGE [END] - Allow system to reset instead of halt in test mode.
}
//
@@ -939,8 +948,11 @@ SmiPFHandler (
DEBUG_CODE (
DumpModuleInfoByIp (*(UINTN *)(UINTN)SystemContext.SystemContextX64->Rsp);
);
- CpuDeadLoop ();
- goto Exit;
+ // MU_CHANGE [BEGIN] - Allow system to reset instead of halt in test mode.
+ goto HaltOrReboot;
+ // CpuDeadLoop ();
+ // goto Exit;
+ // MU_CHANGE [END] - Allow system to reset instead of halt in test mode.
}
//
@@ -960,8 +972,11 @@ SmiPFHandler (
goto Exit;
}
- CpuDeadLoop ();
- goto Exit;
+ // MU_CHANGE [BEGIN] - Allow system to reset instead of halt in test mode.
+ goto HaltOrReboot;
+ // CpuDeadLoop ();
+ // goto Exit;
+ // MU_CHANGE [END] - Allow system to reset instead of halt in test mode.
}
if (mCpuSmmRestrictedMemoryAccess && IsSmmCommBufferForbiddenAddress (PFAddress)) {
@@ -970,8 +985,11 @@ SmiPFHandler (
DEBUG_CODE (
DumpModuleInfoByIp ((UINTN)SystemContext.SystemContextX64->Rip);
);
- CpuDeadLoop ();
- goto Exit;
+ // MU_CHANGE [BEGIN] - Allow system to reset instead of halt in test mode.
+ goto HaltOrReboot;
+ // CpuDeadLoop ();
+ // goto Exit;
+ // MU_CHANGE [END] - Allow system to reset instead of halt in test mode.
}
}
@@ -984,8 +1002,22 @@ SmiPFHandler (
SmiDefaultPFHandler ();
}
+ // MU_CHNAGE [BEGIN] - Allow system to reset instead of halt in test mode.
+ goto Exit;
+
+HaltOrReboot:
+ if (mSmmRebootOnException) {
+ DEBUG ((DEBUG_ERROR, "%a - Reboot here in test mode.\n", __func__));
+ ResetWarm ();
+ CpuDeadLoop ();
+ } else {
+ CpuDeadLoop ();
+ }
+
Exit:
ReleaseSpinLock (mPFLock);
+ return;
+ // MU_CHNAGE [END] - Allow system to reset instead of halt in test mode.
}
/**
diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index f86a6d2bcb..42f8f0a59a 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -115,6 +115,10 @@
## Include/Protocol/SmMonitorInit.h
gEfiSmMonitorInitProtocolGuid = { 0x228f344d, 0xb3de, 0x43bb, { 0xa4, 0xd7, 0xea, 0x20, 0xb, 0x1b, 0x14, 0x82 }}
+ # MU_CHANGE - Add support for testing SMM protections
+ #
+ ## Include/Protocol/SmmExceptionTestProtocol.h
+ gSmmExceptionTestProtocolGuid = { 0xb76383a1, 0x0e70, 0x4a3f, { 0x86, 0xb4, 0xc6, 0x13, 0x4c, 0x8e, 0x57, 0x23 }}
[Protocols.RISCV64]
#
@@ -194,7 +198,6 @@
# FALSE - SMM Feature Control MSR will not be locked.
# @Prompt Lock SMM Feature Control MSR.
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmFeatureControlMsrLock|TRUE|BOOLEAN|0x3213210B
-
## Indicates if SMRR will be enabled.
# TRUE - SMRR will be enabled.
# FALSE - SMRR will not be enabled.
@@ -206,6 +209,11 @@
# FALSE - SmmFeatureControl will not be enabled.
# @Prompt Support SmmFeatureControl.
gUefiCpuPkgTokenSpaceGuid.PcdSmmFeatureControlEnable|TRUE|BOOLEAN|0x32132110
+ ## MU_CHANGE
+ ## If TRUE, Install the protocol to communicate to the Smm Exception
+ # handler so automated testing can be performed.
+ #
+ gUefiCpuPkgTokenSpaceGuid.PcdSmmExceptionTestModeSupport|FALSE|BOOLEAN|0x00000021
## Indicates if SMM perf logging in APs will be enabled.
# TRUE - SMM perf logging in APs will be enabled.
@@ -236,6 +244,10 @@
## Size of teh area of memory where the SEV-ES work area block lives.
# @Prompt Configure the SEV-ES work area base
gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize|0x0|UINT32|0x30002006
+ ## MU_CHANGE
+ ## If TRUE, the default Cpu Exception Handler in SMM will reboot
+ # This handler state can be changed by using the Exception Test Protocol
+ gUefiCpuPkgTokenSpaceGuid.PcdSmmExceptionRebootInsteadOfHaltDefault|TRUE|BOOLEAN|0x00000020
## Determining APs' first-time wakeup by SIPI or INIT-SIPI-SIPI.
# Following a power-up or RESET of an MP system, The APs complete a
diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc
index 037d2d0b2a..0685874ee0 100644
--- a/UefiCpuPkg/UefiCpuPkg.dsc
+++ b/UefiCpuPkg/UefiCpuPkg.dsc
@@ -80,6 +80,11 @@
UnitTestPersistenceLib|UnitTestFrameworkPkg/Library/UnitTestPersistenceLibNull/UnitTestPersistenceLibNull.inf
UnitTestResultReportLib|UnitTestFrameworkPkg/Library/UnitTestResultReportLib/UnitTestResultReportLibDebugLib.inf
+# MU_CHANGE [BEGIN] - Add HwResetSystemLib
+[LibraryClasses.X64, LibraryClasses.IA32]
+ HwResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf
+# MU_CHANGE [END] - Add HwResetSystemLib
+
[LibraryClasses.common.SEC]
PlatformSecLib|UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.inf
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf