Patrick Georgi has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/37289 )
Change subject: cpu/x86/smm: Add sinkhole mitigation to relocatable smmstub ......................................................................
Patch Set 1:
(2 comments)
Neat strategy to use the early stack setup to check the later stuff. The stack is within the safe area, right?
https://review.coreboot.org/c/coreboot/+/37289/1/src/cpu/x86/smm/sinkhole.c File src/cpu/x86/smm/sinkhole.c:
https://review.coreboot.org/c/coreboot/+/37289/1/src/cpu/x86/smm/sinkhole.c@... PS1, Line 31: printk(BIOS_EMERG, "Wrong LAPIC base detected! dying...\n");
hmm do we really want to link console code into the stub?
We don't need to be too friendly about this as there's really no reason for anybody to do this legitimately: Do weird stuff, get hurt. I'm fine with that.
Because of that I'd go with the crash code we already have. Maybe add a symbol there (added a comment at that place) and use that to jump there from here?
https://review.coreboot.org/c/coreboot/+/37289/1/src/cpu/x86/smm/smm_stub.S File src/cpu/x86/smm/smm_stub.S:
https://review.coreboot.org/c/coreboot/+/37289/1/src/cpu/x86/smm/smm_stub.S@... PS1, Line 96: 1: I'd just jump here from the later test in mitigate sinkhole.