Attention is currently required from: Arthur Heymans. Hello build bot (Jenkins), Martin Roth, Angel Pons, Aaron Durbin,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/37289
to look at the new patch set (#7).
Change subject: cpu/x86/smm: Add sinkhole mitigation to relocatable smmstub ......................................................................
cpu/x86/smm: Add sinkhole mitigation to relocatable smmstub
The sinkhole exploit exists in placing the lapic base such that it messes with GDT. This can be mitigated by checking the lapic MSR against the current program counter.
Change-Id: I49927c4f4218552b732bac8aae551d845ad7f079 Signed-off-by: Arthur Heymans arthur@aheymans.xyz --- M src/cpu/x86/smm/smm_stub.S 1 file changed, 39 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/89/37289/7