diff options
| author | Benjamin Doron <benjamin.doron@9elements.com> | 2024-02-20 22:46:50 -0500 |
|---|---|---|
| committer | Arthur Heymans <arthur@aheymans.xyz> | 2024-03-20 06:11:20 +0000 |
| commit | bb1f81271b5c8f3c39b64f045857169b08760035 (patch) | |
| tree | b13c48e077f873749d96887ad6444961c5b5c8d2 | |
| parent | 6b4522e2aa40b6c97929342716ad61e32a694cce (diff) | |
cpu/x86/smm: Pass full SMRAM region info to SMM runtime
This data is used by smm_region_overlaps_handler(). Callers use this
helper to determine if it's safe to read/write to memory buffers taken
from untrusted input.
coreboot SMI handlers must not be confused into writing over any SMRAM
subregion, which includes the TSEG_STAGE_CACHE and chipset-specific area
(sometimes, IED), not just the handlers.
If stage cache writes were permitted, this could compromise the
integrity of the S3 resume path.
The consequences to overwriting the chipset-specific area are undefined.
Change-Id: Ibd9ed34fcfd77a4236b5cf122747a6718ce9c91f
Signed-off-by: Benjamin Doron <benjamin.doron@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/80703
Reviewed-by: Shuo Liu <shuo.liu@intel.com>
Reviewed-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-by: Jérémy Compostella <jeremy.compostella@intel.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
| -rw-r--r-- | src/cpu/x86/smm/smm_module_loader.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/src/cpu/x86/smm/smm_module_loader.c b/src/cpu/x86/smm/smm_module_loader.c index e342557b13..17ef92ea7f 100644 --- a/src/cpu/x86/smm/smm_module_loader.c +++ b/src/cpu/x86/smm/smm_module_loader.c @@ -320,12 +320,15 @@ int smm_setup_relocation_handler(struct smm_loader_params *params) } static void setup_smihandler_params(struct smm_runtime *mod_params, - uintptr_t smram_base, - uintptr_t smram_size, struct smm_loader_params *loader_params) { - mod_params->smbase = smram_base; - mod_params->smm_size = smram_size; + uintptr_t tseg_base; + size_t tseg_size; + + smm_region(&tseg_base, &tseg_size); + + mod_params->smbase = tseg_base; + mod_params->smm_size = tseg_size; mod_params->save_state_size = loader_params->cpu_save_state_size; mod_params->num_cpus = loader_params->num_cpus; mod_params->gnvs_ptr = (uint32_t)(uintptr_t)acpi_get_gnvs(); @@ -534,7 +537,7 @@ int smm_load_module(const uintptr_t smram_base, const size_t smram_size, struct smm_runtime *smihandler_params = rmodule_parameters(&smi_handler); params->handler = rmodule_entry(&smi_handler); - setup_smihandler_params(smihandler_params, smram_base, smram_size, params); + setup_smihandler_params(smihandler_params, params); return smm_module_setup_stub(stub_segment_base, smram_size, params); } |