Attention is currently required from: Arthur Heymans.

Arthur Heymans uploaded patch set #7 to this change.

View Change

cpu/x86/smm: Add sinkhole mitigation to relocatable smmstub

The sinkhole exploit exists in placing the lapic base such that it
messes with GDT. This can be mitigated by checking the lapic MSR
against the current program counter.

Change-Id: I49927c4f4218552b732bac8aae551d845ad7f079
Signed-off-by: Arthur Heymans <>
M src/cpu/x86/smm/smm_stub.S
1 file changed, 39 insertions(+), 0 deletions(-)

git pull ssh:// refs/changes/89/37289/7

To view, visit change 37289. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I49927c4f4218552b732bac8aae551d845ad7f079
Gerrit-Change-Number: 37289
Gerrit-PatchSet: 7
Gerrit-Owner: Arthur Heymans <>
Gerrit-Reviewer: Aaron Durbin <>
Gerrit-Reviewer: Angel Pons <>
Gerrit-Reviewer: Arthur Heymans <>
Gerrit-Reviewer: Martin Roth <>
Gerrit-Reviewer: build bot (Jenkins) <>
Gerrit-CC: Patrick Rudolph <>
Gerrit-CC: Paul Menzel <>
Gerrit-Attention: Arthur Heymans <>
Gerrit-MessageType: newpatchset