cedarhouse1@comcast.net has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38836 )
Change subject: security/intel/stm: Check for processor STM support ......................................................................
Patch Set 3:
(2 comments)
https://review.coreboot.org/c/coreboot/+/38836/3/src/security/intel/stm/StmP... File src/security/intel/stm/StmPlatformSmm.c:
https://review.coreboot.org/c/coreboot/+/38836/3/src/security/intel/stm/StmP... PS3, Line 162: stm_chk
nit: maybe call this vmx_basic ?
Done
https://review.coreboot.org/c/coreboot/+/38836/3/src/security/intel/stm/StmP... PS3, Line 172: BIOS_WARNING
How bad is it when STM has been enabled, but the CPU does not support it? Can the system still boot […]
If the DUAL_MONITOR_TREATMENT flag is off in the IA32_VMX_BASIC_MSR and there is an attempt to access the IA32_MONITOR_CTL_MSR (either WRMSR or RDMSR), a GP fault will be generated, which will keep the system from boot (aka brick). This check makes sure that this does not happen and give the developer a chance to address the situation (like, why is this bit not set?) In the rare event that the bit does not get set, that means that the STM will not get setup. One consequence of this, is that the IA32_SMM_MONITOR_VALID bit does not get set in the IA32_SMM_MONITOR_CTL_MSR. The IA32_SMM_MONITOR_VALID should be checked by the operating system/hypervisor, etc. before starting the STM. If the IA32_SMM_MONITOR_VALID is not set and the O/S attempts to start the STM a GP fault will occur.
By checking the IA32_SMM_MONITOR_VALID bit, which means that the STM has not been setup by the firmware, the O/S and/or the system owner can take remedial action since they are expecting an STM to be there.