29 Jul
2020
29 Jul
'20
9:32 a.m.
Patrick Georgi has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/43976 )
Change subject: lib/Makefile.inc: Enable UBSAN on SMM, too ......................................................................
Patch Set 1:
We don't want SMM running into UB, but I'm not sure we can easily enable this here: The sanitizers usually have some extra memory somewhere to keep track of things, and while I'm not sure if that's true for UBSAN, if it is, we ought to ensure that this memory isn't somewhere in userspace (both due to the resulting attack surface against SMM and because SMM could unwittingly corrupt non-SMM data if that stuff is simply placed anywhere)
--
To view, visit https://review.coreboot.org/c/coreboot/+/43976
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I24f4c074ff90365cf96abf1f5bad3e2cde68547d
Gerrit-Change-Number: 43976
Gerrit-PatchSet: 1
Gerrit-Owner: Angel Pons th3fanbus@gmail.com
Gerrit-Reviewer: Martin Roth martinroth@google.com
Gerrit-Reviewer: Patrick Georgi pgeorgi@google.com
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-CC: Paul Menzel paulepanter@users.sourceforge.net
Gerrit-Comment-Date: Wed, 29 Jul 2020 09:32:06 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: No
Gerrit-MessageType: comment