sravan/system76-coreboot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SMM: Validate more user-provided pointers

Browse Source 
Mitigate issues presented in "Digging Into The Core of Boot" found by
"Yuriy Bulygin" and "Oleksandr Bazhaniuk" at RECON-MTL-2017.

Validate user-provided pointers using the newly-added functions.
This protects SMM from ring0 attacks.

Change-Id: I8a347ccdd20816924bf1bceb3b24bf7b22309312
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Signed-off-by: Christian Walter <christian.walter@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41086
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
This commit is contained in:
Patrick Rudolph
2020-05-06 11:58:45 +02:00
committed by Patrick Georgi
parent 37ac368c78
commit 9f8f11513a
8 changed files with 58 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/southbridge/intel/ibexpeak/smihandler.c
View File

@@ -152,6 +152,10 @@ void southbridge_update_gnvs(u8 apm_cnt, int *smm_done)
if (state) {
/* EBX in the state save contains the GNVS pointer */
gnvs = (struct global_nvs *)((u32)state->rbx);
if (smm_points_to_smram(gnvs, sizeof(*gnvs))) {
printk(BIOS_ERR, "SMI#: ERROR: GNVS overlaps SMM\n");
return;
}
*smm_done = 1;
printk(BIOS_DEBUG, "SMI#: Setting GNVS to %p\n", gnvs);
}