sravan/system76-coreboot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cpu/x86/smm: Pass full SMRAM region info to SMM runtime

Browse Source 
This data is used by smm_region_overlaps_handler(). Callers use this
helper to determine if it's safe to read/write to memory buffers taken
from untrusted input.

coreboot SMI handlers must not be confused into writing over any SMRAM
subregion, which includes the TSEG_STAGE_CACHE and chipset-specific area
(sometimes, IED), not just the handlers.

If stage cache writes were permitted, this could compromise the
integrity of the S3 resume path.

The consequences to overwriting the chipset-specific area are undefined.

Change-Id: Ibd9ed34fcfd77a4236b5cf122747a6718ce9c91f
Signed-off-by: Benjamin Doron <benjamin.doron@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/80703
Reviewed-by: Shuo Liu <shuo.liu@intel.com>
Reviewed-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-by: Jérémy Compostella <jeremy.compostella@intel.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
This commit is contained in:
Benjamin Doron
2024-02-20 22:46:50 -05:00
committed by Arthur Heymans
parent 6b4522e2aa
commit bb1f81271b
1 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/cpu/x86/smm/smm_module_loader.c
View File

@@ -320,12 +320,15 @@ int smm_setup_relocation_handler(struct smm_loader_params *params)
}
static void setup_smihandler_params(struct smm_runtime *mod_params,
uintptr_t smram_base,
uintptr_t smram_size,
struct smm_loader_params *loader_params)
{
mod_params->smbase = smram_base;
mod_params->smm_size = smram_size;
uintptr_t tseg_base;
size_t tseg_size;
smm_region(&tseg_base, &tseg_size);
mod_params->smbase = tseg_base;
mod_params->smm_size = tseg_size;
mod_params->save_state_size = loader_params->cpu_save_state_size;
mod_params->num_cpus = loader_params->num_cpus;
mod_params->gnvs_ptr = (uint32_t)(uintptr_t)acpi_get_gnvs();
@@ -534,7 +537,7 @@ int smm_load_module(const uintptr_t smram_base, const size_t smram_size,
struct smm_runtime *smihandler_params = rmodule_parameters(&smi_handler);
params->handler = rmodule_entry(&smi_handler);
setup_smihandler_params(smihandler_params, smram_base, smram_size, params);
setup_smihandler_params(smihandler_params, params);
return smm_module_setup_stub(stub_segment_base, smram_size, params);
}