From 41fec869fb3b25fd5bb5b454ab1bf39660ce314d Mon Sep 17 00:00:00 2001 From: Patrick Rudolph Date: Wed, 6 May 2020 10:55:12 +0200 Subject: cpu/x86/smm: Add helper functions to verify SMM access * Add a function to check if a region overlaps with SMM. * Add a function to check if a pointer points to SMM. * Document functions in Documentation/security/smm To be used to verify data accesses in SMM. Change-Id: Ia525d2bc685377f50ecf3bdcf337a4c885488213 Signed-off-by: Patrick Rudolph Signed-off-by: Christian Walter Reviewed-on: https://review.coreboot.org/c/coreboot/+/41084 Reviewed-by: Angel Pons Reviewed-by: Patrick Georgi Tested-by: build bot (Jenkins) --- src/cpu/x86/smm/smihandler.c | 10 +++++++++- src/cpu/x86/smm/smm_module_handler.c | 9 +++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) (limited to 'src/cpu') diff --git a/src/cpu/x86/smm/smihandler.c b/src/cpu/x86/smm/smihandler.c index bb4689e24e..8fd95bb563 100644 --- a/src/cpu/x86/smm/smihandler.c +++ b/src/cpu/x86/smm/smihandler.c @@ -2,6 +2,7 @@ #include #include +#include #include #include #include @@ -119,6 +120,13 @@ static inline void *smm_save_state(uintptr_t base, int arch_offset, int node) return (void *)base; } +bool smm_region_overlaps_handler(const struct region *r) +{ + const struct region r_smm = {SMM_BASE, SMM_DEFAULT_SIZE}; + + return region_overlap(&r_smm, r); +} + /** * @brief Interrupt handler for SMI# * @@ -129,7 +137,7 @@ void smi_handler(u32 smm_revision) { unsigned int node; smm_state_save_area_t state_save; - u32 smm_base = 0xa0000; /* ASEG */ + u32 smm_base = SMM_BASE; /* ASEG */ /* Are we ok to execute the handler? */ if (!smi_obtain_lock()) { diff --git a/src/cpu/x86/smm/smm_module_handler.c b/src/cpu/x86/smm/smm_module_handler.c index 404b0ccdaa..37af199080 100644 --- a/src/cpu/x86/smm/smm_module_handler.c +++ b/src/cpu/x86/smm/smm_module_handler.c @@ -2,6 +2,7 @@ #include #include +#include #include #include @@ -103,6 +104,14 @@ void *smm_get_save_state(int cpu) return base; } +bool smm_region_overlaps_handler(const struct region *r) +{ + const struct region r_smm = {smm_runtime->smbase, smm_runtime->smm_size}; + const struct region r_aseg = {SMM_BASE, SMM_DEFAULT_SIZE}; + + return region_overlap(&r_smm, r) || region_overlap(&r_aseg, r); +} + asmlinkage void smm_handler_start(void *arg) { const struct smm_module_params *p; -- cgit v1.2.3