Patch Set 4:

Patch Set 4: Code-Review-1

(1 comment)

For security reasons, the page tables used in SMM must be located in SMRAM.

Please explain your threat model and why it is a security issue if the page table are not in SMRAM.

I imagine it is because th SMM page tables can then be accessed from outside SMM, which could be exploited to escalate privileges to SMM. Which would not be fun.

View Change

To view, visit change 37392. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I26300492e4be62ddd5d80525022c758a019d63a1
Gerrit-Change-Number: 37392
Gerrit-PatchSet: 4
Gerrit-Owner: Patrick Rudolph <patrick.rudolph@9elements.com>
Gerrit-Reviewer: Eugene Myers <cedarhouse1@comcast.net>
Gerrit-Reviewer: Patrick Rudolph <patrick.rudolph@9elements.com>
Gerrit-Reviewer: Patrick Rudolph <siro@das-labor.org>
Gerrit-Reviewer: Raul Rangel <rrangel@chromium.org>
Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org>
Gerrit-CC: Angel Pons <th3fanbus@gmail.com>
Gerrit-CC: Arthur Heymans <arthur@aheymans.xyz>
Gerrit-CC: Patrick Rudolph
Gerrit-CC: Paul Menzel <paulepanter@users.sourceforge.net>
Gerrit-CC: ron minnich <rminnich@gmail.com>
Gerrit-Comment-Date: Sat, 20 Jun 2020 10:53:59 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: No
Gerrit-MessageType: comment