From 5ba17d5ccbc0938c0e657b77183d2483ad589033 Mon Sep 17 00:00:00 2001 From: Krystian Hebel Date: Mon, 13 May 2024 12:24:37 +0200 Subject: security/memory_clear: fix wrong size of reserved memory range The code used to reserve MEMSET_PAE_PGTL_SIZE (20 KiB) for page used for clearing the memory above 4 GiB that was assumed to be 2 MiB page. memset_pae() checks only the alignment and not the size of this region, so no error was reported by it. In most cases this reserved memory in 2-4 MiB range, and because this range isn't usually used by coreboot (architectural stuff is located in lower 1 MiB, coreboot tables and ramstage are close to TOLUM and payload isn't yet loaded when the broken code is executed), it never caused any problems. Change MEMSET_PAE_PGTL_SIZE to MEMSET_PAE_VMEM_SIZE and fix wrong macro definition to reserve properly sized region. Change-Id: I0df15b0d1767196fe70be14d94428ccdf8dbd5d3 Signed-off-by: Krystian Hebel Reviewed-on: https://review.coreboot.org/c/coreboot/+/82397 Tested-by: build bot (Jenkins) Reviewed-by: Sergii Dmytruk Reviewed-by: Paul Menzel --- src/security/memory/memory_clear.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/security') diff --git a/src/security/memory/memory_clear.c b/src/security/memory/memory_clear.c index 03c6f8bd75..996b1d3802 100644 --- a/src/security/memory/memory_clear.c +++ b/src/security/memory/memory_clear.c @@ -6,8 +6,8 @@ #define memset_pae(a, b, c, d, e) 0 #define MEMSET_PAE_PGTL_ALIGN 0 #define MEMSET_PAE_PGTL_SIZE 0 -#define MEMSET_PAE_PGTL_SIZE 0 #define MEMSET_PAE_VMEM_ALIGN 0 +#define MEMSET_PAE_VMEM_SIZE 0 #endif #include @@ -92,7 +92,7 @@ static void clear_memory(void *unused) BM_MEM_TABLE); vmem_addr = get_free_memory_range(&mem, MEMSET_PAE_VMEM_ALIGN, - MEMSET_PAE_PGTL_SIZE); + MEMSET_PAE_VMEM_SIZE); printk(BIOS_SPEW, "%s: pgtbl at %p, virt memory at %p\n", __func__, (void *)pgtbl, (void *)vmem_addr); -- cgit v1.2.3