From 30e1f2342667dbb4cdac87f84da44c28617d0920 Mon Sep 17 00:00:00 2001 From: Bret Barkelew Date: Fri, 2 Oct 2020 17:18:10 -0700 Subject: [PATCH 1/4] MdeModulePkg: Use HwResetSytemLib Uses a new library class to represent the reset library linked against core reset modules. This allows differentiation from the reset library instance linked against all other modules that may depend on functionality produced by the core reset module. Co-authored-by: Michael Kubacki Signed-off-by: Michael Kubacki --- MdeModulePkg/MdeModulePkg.ci.yaml | 3 +++ MdeModulePkg/MdeModulePkg.dsc | 1 + MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf | 2 +- .../Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf | 2 +- 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/MdeModulePkg.ci.yaml b/MdeModulePkg/MdeModulePkg.ci.yaml index cbdd8dfddc..85c3287643 100644 --- a/MdeModulePkg/MdeModulePkg.ci.yaml +++ b/MdeModulePkg/MdeModulePkg.ci.yaml @@ -91,6 +91,9 @@ ## options defined .pytool/Plugin/LibraryClassCheck "LibraryClassCheck": { + "IgnoreLibraryClass": [ + "HwResetSystemLib" # MU_CHANGE - "Virtual" LibraryClass + ], "IgnoreHeaderFile": [] }, diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index f5f7da0fa6..c3e4d12de3 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -86,6 +86,7 @@ DebugAgentLib|MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf PlatformHookLib|MdeModulePkg/Library/BasePlatformHookLibNull/BasePlatformHookLibNull.inf ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf + HwResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf ## MU_CHANGE SmbusLib|MdePkg/Library/DxeSmbusLib/DxeSmbusLib.inf S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf CpuExceptionHandlerLib|MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.inf diff --git a/MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf b/MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf index 89f48bc49d..8cf51a6ebe 100644 --- a/MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf +++ b/MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf @@ -38,7 +38,7 @@ PeiServicesLib HobLib PeimEntryPoint - ResetSystemLib + HwResetSystemLib ## MU_CHANGE - Use HW reset from reset arch providers. ReportStatusCodeLib [Ppis] diff --git a/MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf b/MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf index a11e38b5b6..8f7484088b 100644 --- a/MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf +++ b/MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf @@ -32,7 +32,7 @@ MdeModulePkg/MdeModulePkg.dec [LibraryClasses] - ResetSystemLib + HwResetSystemLib ## MU_CHANGE - Use HwResetSystemLib UefiRuntimeServicesTableLib UefiRuntimeLib UefiBootServicesTableLib From 6120aea5d3522b8d47eb3cd3131fbee71f974910 Mon Sep 17 00:00:00 2001 From: Bret Barkelew Date: Fri, 2 Oct 2020 17:18:10 -0700 Subject: [PATCH 2/4] MdeModulePkg: Perform capsule reset with subtype If a capsule indicates it should initiate a reset, reset with the subtype gCapsuleArmedResetGuid using the helper function in ResetUtilityLib. Signed-off-by: Michael Kubacki --- MdeModulePkg/MdeModulePkg.dsc | 1 + .../Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf | 2 ++ MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleService.c | 7 ++++++- MdePkg/MdePkg.dec | 5 +++++ 4 files changed, 14 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index c3e4d12de3..5e539988d0 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -86,6 +86,7 @@ DebugAgentLib|MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf PlatformHookLib|MdeModulePkg/Library/BasePlatformHookLibNull/BasePlatformHookLibNull.inf ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf + ResetUtilityLib|MdeModulePkg/Library/ResetUtilityLib/ResetUtilityLib.inf ## MU_CHANGE HwResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf ## MU_CHANGE SmbusLib|MdePkg/Library/DxeSmbusLib/DxeSmbusLib.inf S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf diff --git a/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf b/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf index 601eada170..ee95f30efc 100644 --- a/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf +++ b/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf @@ -64,6 +64,7 @@ PrintLib BaseMemoryLib CacheMaintenanceLib + ResetUtilityLib ## MU_CHANGE [LibraryClasses.X64] UefiLib @@ -74,6 +75,7 @@ ## SOMETIMES_PRODUCES ## Variable:L"CapsuleLongModeBuffer" # The long mode buffer used by IA32 Capsule PEIM to call X64 CapsuleCoalesce code to handle >4GB capsule blocks gEfiCapsuleVendorGuid gEfiFmpCapsuleGuid ## SOMETIMES_CONSUMES ## GUID # FMP capsule GUID + gCapsuleArmedResetGuid ## SOMETIMES_CONSUMES # MU_CHANGE [Protocols] gEfiCapsuleArchProtocolGuid ## PRODUCES diff --git a/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleService.c b/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleService.c index f8047c23e1..17416f5423 100644 --- a/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleService.c +++ b/MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleService.c @@ -5,12 +5,16 @@ the capsule runtime services are ready. Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent **/ #include "CapsuleService.h" +#include // MU_CHANGE - ResetSystem refactoring. + // // Handle for the installation of Capsule Architecture Protocol. // @@ -224,7 +228,8 @@ UpdateCapsule ( // will initiate a reset of the platform which is compatible with the passed-in capsule request and will // not return back to the caller. // - EfiResetSystem (EfiResetWarm, EFI_SUCCESS, 0, NULL); + // MU_CHANGE_250018 - ResetSystem refactoring. + ResetSystemWithSubtype (EfiResetWarm, &gCapsuleArmedResetGuid); } } diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index 959fbfb899..b5819b4d59 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -886,6 +886,11 @@ # gLinuxEfiInitrdMediaGuid = {0x5568e427, 0x68fc, 0x4f3d, {0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68}} + # MU_CHANGE [BEGIN] - Guid to use for gRT->ResetSystem() to indicate the type of reset that is being performed. + gCapsuleArmedResetGuid = {0xc6b4eea7, 0xfce2, 0x4625, {0x9c, 0x4f, 0xc4, 0xb0, 0x82, 0x37, 0xae, 0x23}} + gCapsuleUpdateCompleteResetGuid = {0x5d512714, 0xa4df, 0x4e46, {0xb6, 0xc7, 0xbc, 0x9f, 0x97, 0x9d, 0x59, 0xa0}} + # MU_CHANGE [END] - Guid to use for gRT->ResetSystem() to indicate the type of reset that is being performed. + ## Include/Protocol/CcMeasurement.h gEfiCcFinalEventsTableGuid = { 0xdd4a4648, 0x2de7, 0x4665, { 0x96, 0x4d, 0x21, 0xd9, 0xef, 0x5f, 0xb4, 0x46 }} From 6a348c6a6a8bf55e5d428aa05bd98fb01af31970 Mon Sep 17 00:00:00 2001 From: Bret Barkelew Date: Fri, 2 Oct 2020 17:18:10 -0700 Subject: [PATCH 3/4] MdePkg: Remove EfiResetSystem() from UefiRuntimeLib Removes the EfiResetSystem() API from the library. ResetSystemLib can be used for reset. Signed-off-by: Michael Kubacki --- MdePkg/Include/Library/UefiRuntimeLib.h | 19 +++++++++------- MdePkg/Library/UefiRuntimeLib/RuntimeLib.c | 25 ++++++++++++---------- 2 files changed, 25 insertions(+), 19 deletions(-) diff --git a/MdePkg/Include/Library/UefiRuntimeLib.h b/MdePkg/Include/Library/UefiRuntimeLib.h index c5aca42aa1..c15f233ff9 100644 --- a/MdePkg/Include/Library/UefiRuntimeLib.h +++ b/MdePkg/Include/Library/UefiRuntimeLib.h @@ -323,6 +323,8 @@ EfiGetNextHighMonotonicCount ( OUT UINT32 *HighCount ); +// MU_CHANGE [BEGIN] - Move EfiResetSystem out of UefiRuntimeLib and into ResetSystemLib. + /** This service is a wrapper for the UEFI Runtime Service ResetSystem(). @@ -351,14 +353,15 @@ EfiGetNextHighMonotonicCount ( address. For a ResetType of EfiResetPlatformSpecific the data buffer also starts with a Null-terminated string that is followed by an EFI_GUID that describes the specific type of reset to perform. **/ -VOID -EFIAPI -EfiResetSystem ( - IN EFI_RESET_TYPE ResetType, - IN EFI_STATUS ResetStatus, - IN UINTN DataSize, - IN VOID *ResetData OPTIONAL - ); +// VOID +// EFIAPI +// EfiResetSystem ( +// IN EFI_RESET_TYPE ResetType, +// IN EFI_STATUS ResetStatus, +// IN UINTN DataSize, +// IN VOID *ResetData OPTIONAL +// ); +// MU_CHANGE [END] - Move EfiResetSystem out of UefiRuntimeLib and into ResetSystemLib. /** This service is a wrapper for the UEFI Runtime Service ConvertPointer(). diff --git a/MdePkg/Library/UefiRuntimeLib/RuntimeLib.c b/MdePkg/Library/UefiRuntimeLib/RuntimeLib.c index 2563f6e060..755c64aba7 100644 --- a/MdePkg/Library/UefiRuntimeLib/RuntimeLib.c +++ b/MdePkg/Library/UefiRuntimeLib/RuntimeLib.c @@ -192,6 +192,8 @@ EfiGoneVirtual ( return mEfiGoneVirtual; } +// MU_CHANGE [BEGIN] - Move EfiResetSystem out of UefiRuntimeLib and into ResetSystemLib. + /** This service is a wrapper for the UEFI Runtime Service ResetSystem(). @@ -221,17 +223,18 @@ EfiGoneVirtual ( that is followed by a physical VOID * to an EFI_CAPSULE_HEADER. **/ -VOID -EFIAPI -EfiResetSystem ( - IN EFI_RESET_TYPE ResetType, - IN EFI_STATUS ResetStatus, - IN UINTN DataSize, - IN VOID *ResetData OPTIONAL - ) -{ - mInternalRT->ResetSystem (ResetType, ResetStatus, DataSize, ResetData); -} +// VOID +// EFIAPI +// EfiResetSystem ( +// IN EFI_RESET_TYPE ResetType, +// IN EFI_STATUS ResetStatus, +// IN UINTN DataSize, +// IN VOID *ResetData OPTIONAL +// ) +// { +// mInternalRT->ResetSystem (ResetType, ResetStatus, DataSize, ResetData); +// } +// MU_CHANGE [END] - Move EfiResetSystem out of UefiRuntimeLib and into ResetSystemLib. /** This service is a wrapper for the UEFI Runtime Service GetTime(). From 2e0758ecc2ba05410bffeb537298689fdaabb144 Mon Sep 17 00:00:00 2001 From: Bret Barkelew Date: Mon, 22 Jan 2018 14:48:04 -0800 Subject: [PATCH 4/4] UefiCpuPkg: Add support for testing the SMM page protections Adds instrumentation to the PageTbl and SmiPFHandler code to allow reset (instead of halts) on page faults. This enables automated testing of fault detection and handling. Co-authored-by: Michael Kubacki Signed-off-by: Michael Kubacki --- .../Protocol/SmmExceptionTestProtocol.h | 38 +++++++++ UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 81 +++++++++++++++++++ UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 10 +++ UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf | 7 +- UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 52 +++++++++--- UefiCpuPkg/UefiCpuPkg.dec | 14 +++- UefiCpuPkg/UefiCpuPkg.dsc | 5 ++ 7 files changed, 195 insertions(+), 12 deletions(-) create mode 100644 UefiCpuPkg/Include/Protocol/SmmExceptionTestProtocol.h diff --git a/UefiCpuPkg/Include/Protocol/SmmExceptionTestProtocol.h b/UefiCpuPkg/Include/Protocol/SmmExceptionTestProtocol.h new file mode 100644 index 0000000000..25432ee657 --- /dev/null +++ b/UefiCpuPkg/Include/Protocol/SmmExceptionTestProtocol.h @@ -0,0 +1,38 @@ +/** @file -- SmmExceptionTestProtocol.h +A simple protocol to enable SMM exception handling being placed in test mode. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef SMM_EXCEPTION_TEST_PROTOCOL_H_ +#define SMM_EXCEPTION_TEST_PROTOCOL_H_ + +// B76383A1-0E70-4A3F-86B4-C6134C8E5723 +#define SMM_EXCEPTION_TEST_PROTOCOL_GUID \ + { \ + 0xb76383a1, 0x0e70, 0x4a3f, { 0x86, 0xb4, 0xc6, 0x13, 0x4c, 0x8e, 0x57, 0x23 } \ + } + +extern EFI_GUID gSmmExceptionTestProtocolGuid; + +/** + Enable exception handling test mode. + + NOTE: This should only work on debug builds, otherwise return EFI_UNSUPPORTED. + + @retval EFI_SUCCESS Test mode enabled. + @retval EFI_UNSUPPORTED Test mode could not be enabled. +**/ +typedef +EFI_STATUS +(EFIAPI *SMM_ENABLE_EXCEPTION_TEST_MODE)( + VOID + ); + +typedef struct _SMM_EXCEPTION_TEST_PROTOCOL { + SMM_ENABLE_EXCEPTION_TEST_MODE EnableTestMode; +} SMM_EXCEPTION_TEST_PROTOCOL; + +#endif // SMM_EXCEPTION_TEST_PROTOCOL_H_ diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c index e400bee8d5..3d037e59af 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c @@ -4,6 +4,7 @@ Agent Module to load other modules to deploy SMM Entry Vector for X86 CPU. Copyright (c) 2009 - 2023, Intel Corporation. All rights reserved.
Copyright (c) 2017, AMD Incorporated. All rights reserved.
Copyright (C) 2023 - 2024 Advanced Micro Devices, Inc. All rights reserved.
+Copyright (c) Microsoft Corporation. SPDX-License-Identifier: BSD-2-Clause-Patent @@ -126,6 +127,39 @@ SPIN_LOCK *mConfigSmmCodeAccessCheckLock = NULL; // EFI_SMRAM_DESCRIPTOR *mSmmCpuSmramRanges; UINTN mSmmCpuSmramRangeCount; +// +// MU_CHANGE [BEGIN] - Add flag to enable "test mode" for the SMM protections. +// NOTE: "Test mode" will only be enabled in DEBUG builds. +// Flag to indicate exception handling should be in test mode. +// This will cause exceptions to reset the system and/or log +// additional telemetry. +// + +/** + Enable exception handling test mode. + + NOTE: This should only work on debug builds, otherwise return EFI_UNSUPPORTED. + + @retval EFI_SUCCESS Test mode enabled. + @retval EFI_UNSUPPORTED Test mode could not be enabled. + +**/ +EFI_STATUS +EFIAPI +EnableSmmExceptionTestMode ( + VOID + ); + +// +// Protocol for other drivers to enable test mode. +// +SMM_EXCEPTION_TEST_PROTOCOL mSmmExceptionTestProtocol = { + EnableSmmExceptionTestMode +}; +EFI_HANDLE mSmmExceptionTestProtocolHandle = NULL; + +BOOLEAN mSmmRebootOnException = TRUE; +// MU_CHANGE [END] UINT8 mPhysicalAddressBits; @@ -874,6 +908,8 @@ PiCpuSmmEntry ( EFI_COMPUTING_UNIT_HOST_PROCESSOR | EFI_CU_HP_PC_SMM_INIT ); + mSmmRebootOnException = PcdGetBool (PcdSmmExceptionRebootInsteadOfHaltDefault); // MS_CHANGE + // // Find out SMRR Base and SMRR Size // @@ -1299,6 +1335,20 @@ PiCpuSmmEntry ( ); ASSERT_EFI_ERROR (Status); + // MU_CHANGE [BEGIN] - Add flag to enable "test mode" for the SMM protections. + // NOTE: "Test mode" will only be enabled in DEBUG builds. + if (FeaturePcdGet (PcdSmmExceptionTestModeSupport)) { + Status = gSmst->SmmInstallProtocolInterface ( + &mSmmExceptionTestProtocolHandle, + &gSmmExceptionTestProtocolGuid, + EFI_NATIVE_INTERFACE, + &mSmmExceptionTestProtocol + ); + ASSERT_EFI_ERROR (Status); + } + + // MU_CHANGE [END] + // // Install the SMM Memory Attribute Protocol into SMM protocol database // @@ -1745,3 +1795,34 @@ PerformPreTasks ( { RestoreSmmConfigurationInS3 (); } + +// MU_CHANGE [BEGIN] - Add flag to enable "test mode" for the SMM protections. +// NOTE: "Test mode" will only be enabled in DEBUG builds. + +/** + Enable exception handling test mode. + + NOTE: This should only work on debug builds, otherwise return EFI_UNSUPPORTED. + + @retval EFI_SUCCESS Test mode enabled. + @retval EFI_UNSUPPORTED Test mode could not be enabled. + +**/ +EFI_STATUS +EFIAPI +EnableSmmExceptionTestMode ( + VOID + ) +{ + EFI_STATUS Status = EFI_UNSUPPORTED; + + if (FeaturePcdGet (PcdSmmExceptionTestModeSupport)) { + DEBUG ((DEBUG_INFO, "%a - Test mode enabled!\n", __func__)); + mSmmRebootOnException = TRUE; + Status = EFI_SUCCESS; + } + + return Status; +} + +// MU_CHANGE [END] diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h index f42910ddf1..eba22b2145 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -21,6 +21,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include // MU_CHANGE - Add support for testing SMM page protections #include #include @@ -192,6 +193,13 @@ typedef struct { #define INVALID_APIC_ID 0xFFFFFFFFFFFFFFFFULL +// MU_CHANGE [BEGIN] +typedef UINT32 SMM_CPU_ARRIVAL_EXCEPTIONS; +#define ARRIVAL_EXCEPTION_BLOCKED 0x1 +#define ARRIVAL_EXCEPTION_DELAYED 0x2 +#define ARRIVAL_EXCEPTION_SMI_DISABLED 0x4 +// MU_CHANGE [END] + // // Wrapper used to convert EFI_AP_PROCEDURE2 and EFI_AP_PROCEDURE. // @@ -296,6 +304,8 @@ EnableCet ( VOID ); +extern BOOLEAN mSmmRebootOnException; // MU_CHANGE + // // SMM CPU Protocol function prototypes. // diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf index 3354f94a64..23a3f1b1b3 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf @@ -4,6 +4,7 @@ # This SMM driver performs SMM initialization, deploy SMM Entry Vector, # provides CPU specific services in SMM. # +# Copyright (c) Microsoft Corporation. # Copyright (c) 2009 - 2023, Intel Corporation. All rights reserved.
# Copyright (c) 2017, AMD Incorporated. All rights reserved.
# Copyright (C) 2023 - 2024 Advanced Micro Devices, Inc. All rights reserved.
@@ -97,6 +98,7 @@ SmmCpuFeaturesLib PeCoffGetEntryPointLib PerformanceLib + HwResetSystemLib ## MU_CHANGE - Use HwResetSystemLib CpuPageTableLib MmSaveStateLib SmmCpuSyncLib @@ -105,6 +107,7 @@ gEfiSmmAccess2ProtocolGuid ## CONSUMES gEfiSmmConfigurationProtocolGuid ## PRODUCES gEfiSmmCpuProtocolGuid ## PRODUCES + gSmmExceptionTestProtocolGuid ## PRODUCES ## MS_CHANGE gEfiSmmReadyToLockProtocolGuid ## NOTIFY gEfiSmmCpuServiceProtocolGuid ## PRODUCES gEdkiiSmmMemoryAttributeProtocolGuid ## PRODUCES @@ -129,7 +132,8 @@ gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmProfileRingBuffer ## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmFeatureControlMsrLock ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode ## CONSUMES - gUefiCpuPkgTokenSpaceGuid.PcdSmmApPerfLogEnable ## CONSUMES + gUefiCpuPkgTokenSpaceGuid.PcdSmmExceptionTestModeSupport + gUefiCpuPkgTokenSpaceGuid.PcdSmmApPerfLogEnable [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber ## SOMETIMES_CONSUMES @@ -147,6 +151,7 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ## CONSUMES gEfiMdePkgTokenSpaceGuid.PcdControlFlowEnforcementPropertyMask ## CONSUMES + gUefiCpuPkgTokenSpaceGuid.PcdSmmExceptionRebootInsteadOfHaltDefault ## CONSUMES ## MS_CHANGE [FixedPcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmMpTokenCountPerChunk ## CONSUMES diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c index 5964884762..23b77c8057 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c @@ -1,6 +1,7 @@ /** @file Page Fault (#PF) handler for X64 processors +Copyright (c) Microsoft Corporation. Copyright (c) 2009 - 2023, Intel Corporation. All rights reserved.
Copyright (c) 2017, AMD Incorporated. All rights reserved.
@@ -8,6 +9,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/ +#include // MU_CHANGE - Allow system to reset instead of halt in test mode. + #include "PiSmmCpuDxeSmm.h" #define PAGE_TABLE_PAGES 8 @@ -878,8 +881,11 @@ SmiPFHandler ( if (mCpuSmmRestrictedMemoryAccess && (PFAddress >= LShiftU64 (1, (mPhysicalAddressBits - 1)))) { DumpCpuContext (InterruptType, SystemContext); DEBUG ((DEBUG_ERROR, "Do not support address 0x%lx by processor!\n", PFAddress)); - CpuDeadLoop (); - goto Exit; + // MU_CHANGE [BEGIN] - Allow system to reset instead of halt in test mode. + goto HaltOrReboot; + // CpuDeadLoop (); + // goto Exit; + // MU_CHANGE [END] - Allow system to reset instead of halt in test mode. } // @@ -923,8 +929,11 @@ SmiPFHandler ( } } - CpuDeadLoop (); - goto Exit; + // MU_CHANGE [BEGIN] - Allow system to reset instead of halt in test mode. + goto HaltOrReboot; + // CpuDeadLoop (); + // goto Exit; + // MU_CHANGE [END] - Allow system to reset instead of halt in test mode. } // @@ -939,8 +948,11 @@ SmiPFHandler ( DEBUG_CODE ( DumpModuleInfoByIp (*(UINTN *)(UINTN)SystemContext.SystemContextX64->Rsp); ); - CpuDeadLoop (); - goto Exit; + // MU_CHANGE [BEGIN] - Allow system to reset instead of halt in test mode. + goto HaltOrReboot; + // CpuDeadLoop (); + // goto Exit; + // MU_CHANGE [END] - Allow system to reset instead of halt in test mode. } // @@ -960,8 +972,11 @@ SmiPFHandler ( goto Exit; } - CpuDeadLoop (); - goto Exit; + // MU_CHANGE [BEGIN] - Allow system to reset instead of halt in test mode. + goto HaltOrReboot; + // CpuDeadLoop (); + // goto Exit; + // MU_CHANGE [END] - Allow system to reset instead of halt in test mode. } if (mCpuSmmRestrictedMemoryAccess && IsSmmCommBufferForbiddenAddress (PFAddress)) { @@ -970,8 +985,11 @@ SmiPFHandler ( DEBUG_CODE ( DumpModuleInfoByIp ((UINTN)SystemContext.SystemContextX64->Rip); ); - CpuDeadLoop (); - goto Exit; + // MU_CHANGE [BEGIN] - Allow system to reset instead of halt in test mode. + goto HaltOrReboot; + // CpuDeadLoop (); + // goto Exit; + // MU_CHANGE [END] - Allow system to reset instead of halt in test mode. } } @@ -984,8 +1002,22 @@ SmiPFHandler ( SmiDefaultPFHandler (); } + // MU_CHNAGE [BEGIN] - Allow system to reset instead of halt in test mode. + goto Exit; + +HaltOrReboot: + if (mSmmRebootOnException) { + DEBUG ((DEBUG_ERROR, "%a - Reboot here in test mode.\n", __func__)); + ResetWarm (); + CpuDeadLoop (); + } else { + CpuDeadLoop (); + } + Exit: ReleaseSpinLock (mPFLock); + return; + // MU_CHNAGE [END] - Allow system to reset instead of halt in test mode. } /** diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index f86a6d2bcb..42f8f0a59a 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -115,6 +115,10 @@ ## Include/Protocol/SmMonitorInit.h gEfiSmMonitorInitProtocolGuid = { 0x228f344d, 0xb3de, 0x43bb, { 0xa4, 0xd7, 0xea, 0x20, 0xb, 0x1b, 0x14, 0x82 }} + # MU_CHANGE - Add support for testing SMM protections + # + ## Include/Protocol/SmmExceptionTestProtocol.h + gSmmExceptionTestProtocolGuid = { 0xb76383a1, 0x0e70, 0x4a3f, { 0x86, 0xb4, 0xc6, 0x13, 0x4c, 0x8e, 0x57, 0x23 }} [Protocols.RISCV64] # @@ -194,7 +198,6 @@ # FALSE - SMM Feature Control MSR will not be locked.
# @Prompt Lock SMM Feature Control MSR. gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmFeatureControlMsrLock|TRUE|BOOLEAN|0x3213210B - ## Indicates if SMRR will be enabled.

# TRUE - SMRR will be enabled.
# FALSE - SMRR will not be enabled.
@@ -206,6 +209,11 @@ # FALSE - SmmFeatureControl will not be enabled.
# @Prompt Support SmmFeatureControl. gUefiCpuPkgTokenSpaceGuid.PcdSmmFeatureControlEnable|TRUE|BOOLEAN|0x32132110 + ## MU_CHANGE + ## If TRUE, Install the protocol to communicate to the Smm Exception + # handler so automated testing can be performed. + # + gUefiCpuPkgTokenSpaceGuid.PcdSmmExceptionTestModeSupport|FALSE|BOOLEAN|0x00000021 ## Indicates if SMM perf logging in APs will be enabled.

# TRUE - SMM perf logging in APs will be enabled.
@@ -236,6 +244,10 @@ ## Size of teh area of memory where the SEV-ES work area block lives. # @Prompt Configure the SEV-ES work area base gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize|0x0|UINT32|0x30002006 + ## MU_CHANGE + ## If TRUE, the default Cpu Exception Handler in SMM will reboot + # This handler state can be changed by using the Exception Test Protocol + gUefiCpuPkgTokenSpaceGuid.PcdSmmExceptionRebootInsteadOfHaltDefault|TRUE|BOOLEAN|0x00000020 ## Determining APs' first-time wakeup by SIPI or INIT-SIPI-SIPI. # Following a power-up or RESET of an MP system, The APs complete a diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc index 037d2d0b2a..0685874ee0 100644 --- a/UefiCpuPkg/UefiCpuPkg.dsc +++ b/UefiCpuPkg/UefiCpuPkg.dsc @@ -80,6 +80,11 @@ UnitTestPersistenceLib|UnitTestFrameworkPkg/Library/UnitTestPersistenceLibNull/UnitTestPersistenceLibNull.inf UnitTestResultReportLib|UnitTestFrameworkPkg/Library/UnitTestResultReportLib/UnitTestResultReportLibDebugLib.inf +# MU_CHANGE [BEGIN] - Add HwResetSystemLib +[LibraryClasses.X64, LibraryClasses.IA32] + HwResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf +# MU_CHANGE [END] - Add HwResetSystemLib + [LibraryClasses.common.SEC] PlatformSecLib|UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.inf CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf