[edk2-devel] WSMT bits

Tue, 10 Mar 2020 02:37:03 -0700 

Hi Jiewen,

reading the following chapter:

  
https://edk2-docs.gitbooks.io/a-tour-beyond-bios-memory-protection-in-uefi-bios/content/memory-protection-in-SMM.html

I'm having trouble associating the protection features implemented in
edk2 with the various bits in the WSMT (per
"MdePkg/Include/IndustryStandard/WindowsSmmSecurityMitigationTable.h").

For example, it seems like the bits a platform sets in the WSMT *might*
depend on "PcdCpuSmmRestrictedMemoryAccess".

Can someone clarify these please?


FWIW, in the edk2-platforms tree, the
"Platform/Intel/Vlv2TbltDevicePkg/AcpiPlatform/AcpiPlatform.c" source
file sets EFI_WSMT_PROTECTION_FLAGS_FIXED_COMM_BUFFERS and
EFI_WSMT_PROTECTION_FLAGS_COMM_BUFFER_NESTED_PTR_PROTECTION. It does not
set EFI_WSMT_PROTECTION_FLAGS_SYSTEM_RESOURCE_PROTECTION.

Is this bitmask (from Vlv2TbltDevicePkg) the general pattern that other
edk2 platforms with SMM support should expose too, as a starting point?

Does Vlv2TbltDevicePkg perform some specific actions in order to claim
these feature bits, or do they simply report guarantees that the core
edk2 SMM infrastructure provides out of the box?

This code was originally added to Vlv2TbltDevicePkg in edk2 (not
edk2-platforms) commit 2c855d3aaf36d (preceding the movement of
Vlv2TbltDevicePkg to edk2-platforms):

commit 2c855d3aaf36da80f8c4f0ae12d31900a628b0a9
Author: Lu, ShifeiX A <shifeix.a...@intel.com>
Date:   Thu Jul 28 16:21:28 2016 +0800

    Vlv2DeviceRefCodePkg&Vlv2DevicePkg:Add sample WSMT table.

    This is an sample WSMT table, which we only
    update BIT0 and BIT1 of Protections flags fields.

    Contributed-under: TianoCore Contribution Agreement 1.0
    Signed-off-by: lushifex <shifeix.a...@intel.com>
    Reviewed-by: David Wei <david....@intel.com>

 Vlv2DeviceRefCodePkg/AcpiTablesPCAT/AcpiTables.inf |  3 ++-
 Vlv2DeviceRefCodePkg/AcpiTablesPCAT/Wsmt/Wsmt.aslc | 60 
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 Vlv2TbltDevicePkg/AcpiPlatform/AcpiPlatform.c      | 13 +++++++++++++
 3 files changed, 75 insertions(+), 1 deletion(-)

And that's not a lot of explanation, unfortunately.

(Note: I have not read the WSMT spec.)

Thanks,
Laszlo


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#55712): https://edk2.groups.io/g/devel/message/55712
Mute This Topic: https://groups.io/mt/71853609/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to