Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/37392 )
Change subject: cpu/x86/smm/smm_stub: Add x86_64 support
......................................................................
Patch Set 4:
Patch Set 4:
Patch Set 4: Code-Review-1
(1 comment)
For security reasons, the page tables used in SMM must be located in SMRAM.
Please explain your threat model and why it is a security issue if the page table are not in SMRAM.
I imagine it is because th SMM page tables can then be accessed from outside SMM, which could be exploited to escalate privileges to SMM. Which would not be fun.
--
To view, visit
https://review.coreboot.org/c/coreboot/+/37392
To unsubscribe, or for help writing mail filters, visit
https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I26300492e4be62ddd5d80525022c758a019d63a1
Gerrit-Change-Number: 37392
Gerrit-PatchSet: 4
Gerrit-Owner: Patrick Rudolph
patrick.rudolph@9elements.com
Gerrit-Reviewer: Eugene Myers
cedarhouse1@comcast.net
Gerrit-Reviewer: Patrick Rudolph
patrick.rudolph@9elements.com
Gerrit-Reviewer: Patrick Rudolph
siro@das-labor.org
Gerrit-Reviewer: Raul Rangel
rrangel@chromium.org
Gerrit-Reviewer: build bot (Jenkins)
no-reply@coreboot.org
Gerrit-CC: Angel Pons
th3fanbus@gmail.com
Gerrit-CC: Arthur Heymans
arthur@aheymans.xyz
Gerrit-CC: Patrick Rudolph
Gerrit-CC: Paul Menzel
paulepanter@users.sourceforge.net
Gerrit-CC: ron minnich
rminnich@gmail.com
Gerrit-Comment-Date: Sat, 20 Jun 2020 10:53:59 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: No
Gerrit-MessageType: comment