[coreboot-gerrit] [S] Change in coreboot[main]: tree: Handle NULL pointer returned by smm_get_save_state()

17 Jan 2025

Attention is currently required from: Felix Held, Fred Reitberger, Intel coreboot Reviewers, Jason Glenesk, Jeff Daly, Matt DeVillier, Vanessa Eusebio.
Jérémy Compostella has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/86040?usp=email )
Change subject: tree: Handle NULL pointer returned by smm_get_save_state()
......................................................................
tree: Handle NULL pointer returned by smm_get_save_state()
Since commit 64d9e8568172402d8078c2c80ba994da16f4745b
("cpu/x86/smm_module_hander: Set up a save state map"), the
smm_get_save_state() function can return a NULL pointer. Therefore, it
is crucial to ensure that code properly handles the potential for a
NULL pointer return value from smm_get_save_state().
Change-Id: Ie263393ca7d9d6b5e9868c5f73240fc788116cd0
Signed-off-by: Jeremy Compostella jeremy.compostella@intel.com
---
M src/soc/amd/common/block/cpu/smm/smi_apmc.c
M src/soc/intel/braswell/smihandler.c
M src/soc/intel/broadwell/pch/smihandler.c
M src/soc/intel/denverton_ns/smihandler.c
M src/southbridge/intel/common/smihandler.c
M src/southbridge/intel/lynxpoint/smihandler.c
6 files changed, 12 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/40/86040/1

diff --git a/src/soc/amd/common/block/cpu/smm/smi_apmc.c b/src/soc/amd/common/block/cpu/smm/smi_apmc.c
index 9df6ae3..7c98405 100644
--- a/src/soc/amd/common/block/cpu/smm/smi_apmc.c
+++ b/src/soc/amd/common/block/cpu/smm/smi_apmc.c
@@ -33,6 +33,8 @@
    /* Check all nodes looking for the one that issued the IO */
    for (core = 0; core < CONFIG_MAX_CPUS; core++) {
    	state = smm_get_save_state(core);
+		if (!state)
+			continue;
    	smm_io_trap = state->smm_io_trap_offset;
    	/* Check for Valid IO Trap Word (bit1==1) */
    	if (!(smm_io_trap & SMM_IO_TRAP_VALID))
diff --git a/src/soc/intel/braswell/smihandler.c b/src/soc/intel/braswell/smihandler.c
index d2588cf..617ee10 100644
--- a/src/soc/intel/braswell/smihandler.c
+++ b/src/soc/intel/braswell/smihandler.c
@@ -176,6 +176,8 @@
    /* Check all nodes looking for the one that issued the IO */
    for (node = 0; node < CONFIG_MAX_CPUS; node++) {
    	state = smm_get_save_state(node);
+		if (!state)
+			continue;
/* Check for Synchronous IO (bit0==1) */
    	if (!(state->io_misc_info & (1 << 0)))
diff --git a/src/soc/intel/broadwell/pch/smihandler.c b/src/soc/intel/broadwell/pch/smihandler.c
index 99906d9..890167b 100644
--- a/src/soc/intel/broadwell/pch/smihandler.c
+++ b/src/soc/intel/broadwell/pch/smihandler.c
@@ -228,6 +228,8 @@
    /* Check all nodes looking for the one that issued the IO */
    for (node = 0; node < CONFIG_MAX_CPUS; node++) {
    	state = smm_get_save_state(node);
+		if (!state)
+			continue;
/* Check for Synchronous IO (bit0 == 1) */
    	if (!(state->io_misc_info & (1 << 0)))
diff --git a/src/soc/intel/denverton_ns/smihandler.c b/src/soc/intel/denverton_ns/smihandler.c
index 3bdc2a4..88d3e80 100644
--- a/src/soc/intel/denverton_ns/smihandler.c
+++ b/src/soc/intel/denverton_ns/smihandler.c
@@ -141,6 +141,8 @@
    /* Check all nodes looking for the one that issued the IO */
    for (node = 0; node < CONFIG_MAX_CPUS; node++) {
    	state = smm_get_save_state(node);
+		if (!state)
+			continue;
/* Check for Synchronous IO (bit0==1) */
    	if (!(state->io_misc_info & (1 << 0)))
diff --git a/src/southbridge/intel/common/smihandler.c b/src/southbridge/intel/common/smihandler.c
index 798f2f1..b1a6a66 100644
--- a/src/southbridge/intel/common/smihandler.c
+++ b/src/southbridge/intel/common/smihandler.c
@@ -205,6 +205,8 @@
    /* Check all nodes looking for the one that issued the IO */
    for (node = 0; node < CONFIG_MAX_CPUS; node++) {
    	state = smm_get_save_state(node);
+		if (!state)
+			continue;
/* Check for Synchronous IO (bit0 == 1) */
    	if (!(state->io_misc_info & (1 << 0)))
diff --git a/src/southbridge/intel/lynxpoint/smihandler.c b/src/southbridge/intel/lynxpoint/smihandler.c
index 8caafb7..838b448 100644
--- a/src/southbridge/intel/lynxpoint/smihandler.c
+++ b/src/southbridge/intel/lynxpoint/smihandler.c
@@ -177,6 +177,8 @@
    /* Check all nodes looking for the one that issued the IO */
    for (node = 0; node < CONFIG_MAX_CPUS; node++) {
    	state = smm_get_save_state(node);
+		if (!state)
+			continue;
/* Check for Synchronous IO (bit0 == 1) */
    	if (!(state->io_misc_info & (1 << 0)))
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/86040?usp=email
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email

Gerrit-MessageType: newchange
Gerrit-Project: coreboot
Gerrit-Branch: main
Gerrit-Change-Id: Ie263393ca7d9d6b5e9868c5f73240fc788116cd0
Gerrit-Change-Number: 86040
Gerrit-PatchSet: 1
Gerrit-Owner: Jérémy Compostella jeremy.compostella@intel.com
Gerrit-Reviewer: Felix Held felix-coreboot@felixheld.de
Gerrit-Reviewer: Fred Reitberger reitbergerfred@gmail.com
Gerrit-Reviewer: Intel coreboot Reviewers intel_coreboot_reviewers@intel.com
Gerrit-Reviewer: Jason Glenesk jason.glenesk@gmail.com
Gerrit-Reviewer: Jeff Daly jeffd@silicom-usa.com
Gerrit-Reviewer: Matt DeVillier matt.devillier@amd.corp-partner.google.com
Gerrit-Reviewer: Vanessa Eusebio vanessa.f.eusebio@intel.com
Gerrit-Attention: Jason Glenesk jason.glenesk@gmail.com
Gerrit-Attention: Intel coreboot Reviewers intel_coreboot_reviewers@intel.com
Gerrit-Attention: Jeff Daly jeffd@silicom-usa.com
Gerrit-Attention: Matt DeVillier matt.devillier@amd.corp-partner.google.com
Gerrit-Attention: Vanessa Eusebio vanessa.f.eusebio@intel.com
Gerrit-Attention: Fred Reitberger reitbergerfred@gmail.com
Gerrit-Attention: Felix Held felix-coreboot@felixheld.de



    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[coreboot-gerrit] [S] Change in coreboot[main]: tree: Handle NULL pointer returned by smm_get_save_state()