Sure. Answer inline. From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Laszlo Ersek Sent: Thursday, November 3, 2016 4:29 PM To: Yao, Jiewen <jiewen....@intel.com>; edk2-de...@ml01.01.org Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Tian, Feng <feng.t...@intel.com>; Fan, Jeff <jeff....@intel.com>; Zeng, Star <star.z...@intel.com> Subject: Re: [edk2] [PATCH 4/6] UefiCpuPkg/dec: Add PcdCpuSmmStaticPageTable.
Jiewen, On 11/03/16 07:53, Jiewen Yao wrote: > If enabled, SMM will not use on-demand paging. > SMM will build static page table for all memory. > > Cc: Jeff Fan <jeff....@intel.com<mailto:jeff....@intel.com>> > Cc: Feng Tian <feng.t...@intel.com<mailto:feng.t...@intel.com>> > Cc: Star Zeng <star.z...@intel.com<mailto:star.z...@intel.com>> > Cc: Michael D Kinney > <michael.d.kin...@intel.com<mailto:michael.d.kin...@intel.com>> > Cc: Laszlo Ersek <ler...@redhat.com<mailto:ler...@redhat.com>> > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Jiewen Yao <jiewen....@intel.com<mailto:jiewen....@intel.com>> > --- > UefiCpuPkg/UefiCpuPkg.dec | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec > index 8674533..a110820 100644 > --- a/UefiCpuPkg/UefiCpuPkg.dec > +++ b/UefiCpuPkg/UefiCpuPkg.dec > @@ -199,6 +199,14 @@ > # @Prompt The specified AP target C-state for Mwait. > gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate|0|UINT8|0x00000007 > > + ## Indicates if SMM uses static page table. > + # If enabled, SMM will not use on-demand paging. SMM will build static > page table for all memory.<BR><BR> > + # This flag only impacts X64 build, because SMM alway builds static page > table for IA32. > + # TRUE - SMM uses static page table for all memory.<BR> > + # FALSE - SMM uses static page table for below 4G memory and use > on-demand paging for above 4G memory.<BR> > + # @Prompt Use static page table for all memory in SMM. > + gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStaticPageTable|TRUE|BOOLEAN|0x3213210D > + > [PcdsDynamic, PcdsDynamicEx] > ## Contains the pointer to a CPU S3 data buffer of structure ACPI_CPU_DATA. > # @Prompt The pointer to a CPU S3 data buffer. > can you add more documentation about the PCD (to this patch or the next patch)? Such as: - What SMRAM footprint do we expect for the page tables, for what main RAM size? [Jiewen] The page table size depend on 2 things: 1) The 1G paging capability. 2) The whole system memory/MMIO addressing capability. Let's discuss one by one. If the system only supports 2M paging When the whole memory/MMIO is 32bit, we only need 1+1+4=6 pages for 4G. When the whole memory/MMIO is 39bit, we need 1+1+256 pages (~ 1M) When the whole memory/MMIO is 48bit, we need 1+256+256*256 pages (~ 257M) If the system supports 1G paging. When the whole memory/MMIO is 32bit, we only need 1+1+4=6 pages for 4G. We still generate 2M page for maintenance consideration. When the whole memory/MMIO is 39bit, we still need 6 pages. We setup 1G paging for >1G. When the whole memory/MMIO is 48bit, we need 1+256 pages (~ 1M) QEMU's Q35 machine type offers 8MB SMRAM at the most, and that's already quite consumed if you specify a high CPU count for the guest. I don't have any numbers ready, but I seem to recall that with 255 CPUs it gets quite tight. [Jiewen] I see. I tried default build and OVMF can boot. So I did not touch OVMF. If you want, I can update Ovmf to disable static paging. Then you can try to see what happen and decide to enable or disable later. - If a platform disables PcdCpuSmmStaticPageTable, does it lose the SMM page level protection then? [Jiewen] It depends. This set of patch added multiple protection 1) For PE/COFF image - Only code region is marked as executable. Data region is non-executable, if it is 4K aligned. 2) Important data structure is set to NX and RO, such as IDT/GDT. 3) SmmSaveState is set to NX. 4) SmmEntrypoint is set to RO. 5) If static page is supported, page table is RO We use page table to protect other component, and itself. If we use dynamic paging, we can still provide *partial* protection. And hope page table is not modified by other component. If that's the case, then it should be documented in UefiCpuPkg.dec. One might even argue that the PCD should be renamed: the protection is the main featue (our end goal), and the page tables being fully pre-allocated are just an implementation detail for that. Thanks Laszlo _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org> https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
