/**
The Page fault handler to save SMM profile data.
@param Rip The RIP when exception happens.
@param ErrorCode The Error code of exception.
**/
VOID
SmmProfilePFHandler (
UINTN Rip,
UINTN ErrorCode
)
{
UINT64 *PageTable;
UINT64 PFAddress;
UINTN CpuIndex;
UINTN Index;
UINT64 InstructionAddress;
UINTN MaxEntryNumber;
UINTN CurrentEntryNumber;
BOOLEAN IsValidPFAddress;
SMM_PROFILE_ENTRY *SmmProfileEntry;
UINT64 SmiCommand;
EFI_STATUS Status;
UINT8 SoftSmiValue;
EFI_SMM_SAVE_STATE_IO_INFO IoInfo;
if (!mSmmProfileStart) {
//
// If SMM profile does not start, call original page fault handler.
//
SmiDefaultPFHandler ();
return;
}
if (mBtsSupported) {
DisableBTS ();
}
IsValidPFAddress = FALSE;
PageTable = (UINT64 *)AsmReadCr3 ();
PFAddress = AsmReadCr2 ();
CpuIndex = GetCpuIndex ();
if (PFAddress <= 0xFFFFFFFF) {
RestorePageTableBelow4G (PageTable, PFAddress, CpuIndex, ErrorCode);
} else {
RestorePageTableAbove4G (PageTable, PFAddress, CpuIndex, ErrorCode, &IsValidPFAddress);
}
if (!IsValidPFAddress) {
InstructionAddress = Rip;
if ((ErrorCode & IA32_PF_EC_ID) != 0 && (mBtsSupported)) {
//
// If it is instruction fetch failure, get the correct IP from BTS.
//
InstructionAddress = GetSourceFromDestinationOnBts (CpuIndex, Rip);
if (InstructionAddress == 0) {
//
// It indicates the instruction which caused page fault is not a jump instruction,
// set instruction address same as the page fault address.
//
InstructionAddress = PFAddress;
}
}
//
// Indicate it is not software SMI
//
SmiCommand = 0xFFFFFFFFFFFFFFFFULL;
for (Index = 0; Index < gSmst->NumberOfCpus; Index++) {
Status = SmmReadSaveState(&mSmmCpu, sizeof(IoInfo), EFI_SMM_SAVE_STATE_REGISTER_IO, Index, &IoInfo);
if (EFI_ERROR (Status)) {
continue;
}
if (IoInfo.IoPort == mSmiCommandPort) {
//
// A software SMI triggered by SMI command port has been found, get SmiCommand from SMI command port.
//
SoftSmiValue = IoRead8 (mSmiCommandPort);
SmiCommand = (UINT64)SoftSmiValue;
break;
}
}
SmmProfileEntry = (SMM_PROFILE_ENTRY *)(UINTN)(mSmmProfileBase + 1);
//
// Check if there is already a same entry in profile data.
//
for (Index = 0; Index < (UINTN) mSmmProfileBase->CurDataEntries; Index++) {
if ((SmmProfileEntry[Index].ErrorCode == (UINT64)ErrorCode) &&
(SmmProfileEntry[Index].Address == PFAddress) &&
(SmmProfileEntry[Index].CpuNum == (UINT64)CpuIndex) &&
(SmmProfileEntry[Index].Instruction == InstructionAddress) &&
(SmmProfileEntry[Index].SmiCmd == SmiCommand)) {
//
// Same record exist, need not save again.
//
break;
}
}
if (Index == mSmmProfileBase->CurDataEntries) {
CurrentEntryNumber = (UINTN) mSmmProfileBase->CurDataEntries;
MaxEntryNumber = (UINTN) mSmmProfileBase->MaxDataEntries;
if (FeaturePcdGet (PcdCpuSmmProfileRingBuffer)) {
CurrentEntryNumber = CurrentEntryNumber % MaxEntryNumber;
}
if (CurrentEntryNumber < MaxEntryNumber) {
//
// Log the new entry
//
SmmProfileEntry[CurrentEntryNumber].SmiNum = mSmmProfileBase->NumSmis;
SmmProfileEntry[CurrentEntryNumber].ErrorCode = (UINT64)ErrorCode;
SmmProfileEntry[CurrentEntryNumber].ApicId = (UINT64)GetApicId ();
SmmProfileEntry[CurrentEntryNumber].CpuNum = (UINT64)CpuIndex;
SmmProfileEntry[CurrentEntryNumber].Address = PFAddress;
SmmProfileEntry[CurrentEntryNumber].Instruction = InstructionAddress;
SmmProfileEntry[CurrentEntryNumber].SmiCmd = SmiCommand;
//
// Update current entry index and data size in the header.
//
mSmmProfileBase->CurDataEntries++;
mSmmProfileBase->CurDataSize = MultU64x64 (mSmmProfileBase->CurDataEntries, sizeof (SMM_PROFILE_ENTRY));
}
}
}
//
// Flush TLB
//
CpuFlushTlb ();
if (mBtsSupported) {
EnableBTS ();
}
}
/**
Update page table to map the memory correctly in order to make the instruction
which caused page fault execute successfully. And it also save the original page
table to be restored in single-step exception.
@param PageTable PageTable Address.
@param PFAddress The memory address which caused page fault exception.
@param CpuIndex The index of the processor.
@param ErrorCode The Error code of exception.
@param IsValidPFAddress The flag indicates if SMM profile data need be added.
**/
VOID
RestorePageTableAbove4G (
UINT64 *PageTable,
UINT64 PFAddress,
UINTN CpuIndex,
UINTN ErrorCode,
BOOLEAN *IsValidPFAddress
)
{
UINTN PTIndex;
UINT64 Address;
BOOLEAN Nx;
BOOLEAN Existed;
UINTN Index;
UINTN PFIndex;
ASSERT ((PageTable != NULL) && (IsValidPFAddress != NULL));
//
// If page fault address is 4GB above.
//
//
// Check if page fault address has existed in page table.
// If it exists in page table but page fault is generated,
// there are 2 possible reasons: 1. present flag is set to 0; 2. instruction fetch in protected memory range.
//
Existed = FALSE;
PageTable = (UINT64*)(AsmReadCr3 () & PHYSICAL_ADDRESS_MASK);
PTIndex = BitFieldRead64 (PFAddress, 39, 47);
if ((PageTable[PTIndex] & IA32_PG_P) != 0) {
// PML4E
PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
PTIndex = BitFieldRead64 (PFAddress, 30, 38);
if ((PageTable[PTIndex] & IA32_PG_P) != 0) {
// PDPTE
PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
PTIndex = BitFieldRead64 (PFAddress, 21, 29);
// PD
if ((PageTable[PTIndex] & IA32_PG_PS) != 0) {
//
// 2MB page
//
Address = (UINT64)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
if ((Address & PHYSICAL_ADDRESS_MASK & ~((1ull << 21) - 1)) == ((PFAddress & PHYSICAL_ADDRESS_MASK & ~((1ull << 21) - 1)))) {
Existed = TRUE;
}
} else {
//
// 4KB page
//
PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
if (PageTable != 0) {
//
// When there is a valid entry to map to 4KB page, need not create a new entry to map 2MB.
//
PTIndex = BitFieldRead64 (PFAddress, 12, 20);
Address = (UINT64)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
if ((Address & PHYSICAL_ADDRESS_MASK & ~((1ull << 12) - 1)) == (PFAddress & PHYSICAL_ADDRESS_MASK & ~((1ull << 12) - 1))) {
Existed = TRUE;
}
}
}
}
}
//
// If page entry does not existed in page table at all, create a new entry.
//
if (!Existed) {
if (IsAddressValid (PFAddress, &Nx)) {
//
// If page fault address above 4GB is in protected range but it causes a page fault exception,
// Will create a page entry for this page fault address, make page table entry as present/rw and execution-disable.
// this access is not saved into SMM profile data.
//
*IsValidPFAddress = TRUE;
}
//
// Create one entry in page table for page fault address.
//
SmiDefaultPFHandler ();
//
// Find the page table entry created just now.
//
PageTable = (UINT64*)(AsmReadCr3 () & PHYSICAL_ADDRESS_MASK);
PFAddress = AsmReadCr2 ();
// PML4E
PTIndex = BitFieldRead64 (PFAddress, 39, 47);
PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
// PDPTE
PTIndex = BitFieldRead64 (PFAddress, 30, 38);
PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
// PD
PTIndex = BitFieldRead64 (PFAddress, 21, 29);
Address = PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK;
//
// Check if 2MB-page entry need be changed to 4KB-page entry.
//
if (IsAddressSplit (Address)) {
AcquirePage (&PageTable[PTIndex]);
// PTE
PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & PHYSICAL_ADDRESS_MASK);
for (Index = 0; Index < 512; Index++) {
PageTable[Index] = Address | IA32_PG_RW | IA32_PG_P;
if (!IsAddressValid (Address, &Nx)) {
PageTable[Index] = PageTable[Index] & (INTN)(INT32)(~(IA32_PG_RW | IA32_PG_P));
}
if (Nx && mXdSupported) {
PageTable[Index] = PageTable[Index] | IA32_PG_NX;
}
if (Address == (PFAddress & PHYSICAL_ADDRESS_MASK & ~((1ull << 12) - 1))) {
PTIndex = Index;
}
Address += SIZE_4KB;
} // end for PT
} else {
//
// Update 2MB page entry.
//
if (!IsAddressValid (Address, &Nx)) {
//
// Patch to remove present flag and rw flag.
//
PageTable[PTIndex] = PageTable[PTIndex] & (INTN)(INT32)(~(IA32_PG_RW | IA32_PG_P));
}
//
// Set XD bit to 1
//
if (Nx && mXdSupported) {
PageTable[PTIndex] = PageTable[PTIndex] | IA32_PG_NX;
}
}
}
//
// Record old entries with non-present status
// Old entries include the memory which instruction is at and the memory which instruction access.
//
//
ASSERT (mPFEntryCount[CpuIndex] < MAX_PF_ENTRY_COUNT);
if (mPFEntryCount[CpuIndex] < MAX_PF_ENTRY_COUNT) {
PFIndex = mPFEntryCount[CpuIndex];
mLastPFEntryValue[CpuIndex][PFIndex] = PageTable[PTIndex];
mLastPFEntryPointer[CpuIndex][PFIndex] = &PageTable[PTIndex];
mPFEntryCount[CpuIndex]++;
}
//
// Add present flag or clear XD flag to make page fault handler succeed.
//
PageTable[PTIndex] |= (UINT64)(IA32_PG_RW | IA32_PG_P);
if ((ErrorCode & IA32_PF_EC_ID) != 0) {
//
// If page fault is caused by instruction fetch, clear XD bit in the entry.
//
PageTable[PTIndex] &= ~IA32_PG_NX;
}
return;
}
