[coreboot-gerrit] Change in coreboot[master]: SMM: Validate more user-provided pointers

15 Jun 2020


      Hello Piotr Kleinschmidt, build bot (Jenkins), Frans Hendriks, Stefan Reinauer, Duncan Laurie, Angel Pons, Julius Werner, Arthur Heymans, Kyösti Mälkki, Aaron Durbin, Patrick Rudolph, Philipp Deppenwiese, Michał Żygowski, Tim Wawrzynczak, Christian Walter, Alexander Couzens, Furquan Shaikh, Wim Vervoorn,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/41086
to look at the new patch set (#12).
Change subject: SMM: Validate more user-provided pointers
......................................................................
SMM: Validate more user-provided pointers
Migitate issues presented in "Digging Into The Core of Boot" found by
"Yuriy Bulygin" and "Oleksandr Bazhaniuk" at RECON-MTL-2017.
Validate user-provided pointers using the newly-added functions.
This protects SMM from ring0 attacks.
Change-Id: I8a347ccdd20816924bf1bceb3b24bf7b22309312
Signed-off-by: Patrick Rudolph patrick.rudolph@9elements.com
Signed-off-by: Christian Walter christian.walter@9elements.com
---
M src/mainboard/lenovo/t60/smihandler.c
M src/soc/intel/baytrail/smihandler.c
M src/soc/intel/braswell/smihandler.c
M src/soc/intel/broadwell/smihandler.c
M src/soc/intel/common/block/smm/smihandler.c
M src/southbridge/intel/bd82x6x/smihandler.c
M src/southbridge/intel/ibexpeak/smihandler.c
M src/southbridge/intel/lynxpoint/smihandler.c
8 files changed, 75 insertions(+), 23 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/86/41086/12
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/41086
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I8a347ccdd20816924bf1bceb3b24bf7b22309312
Gerrit-Change-Number: 41086
Gerrit-PatchSet: 12
Gerrit-Owner: Patrick Rudolph patrick.rudolph@9elements.com
Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org
Gerrit-Reviewer: Alexander Couzens lynxis@fe80.eu
Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com
Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz
Gerrit-Reviewer: Christian Walter christian.walter@9elements.com
Gerrit-Reviewer: Duncan Laurie dlaurie@chromium.org
Gerrit-Reviewer: Frans Hendriks fhendriks@eltan.com
Gerrit-Reviewer: Furquan Shaikh furquan.m.shaikh@gmail.com
Gerrit-Reviewer: Julius Werner jwerner@chromium.org
Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com
Gerrit-Reviewer: Michał Żygowski michal.zygowski@3mdeb.com
Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org
Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com
Gerrit-Reviewer: Piotr Kleinschmidt piotr.kleinschmidt@3mdeb.com
Gerrit-Reviewer: Stefan Reinauer reinauer@chromium.org
Gerrit-Reviewer: Tim Wawrzynczak twawrzynczak@chromium.org
Gerrit-Reviewer: Wim Vervoorn wvervoorn@eltan.com
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-CC: Paul Menzel paulepanter@users.sourceforge.net
Gerrit-MessageType: newpatchset

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[coreboot-gerrit] Change in coreboot[master]: SMM: Validate more user-provided pointers