[L] Change in coreboot[main]: cpu/x86/smm/smm_module_handler: Protect SMM using Nx bit - coreboot-gerrit

21 Apr 2025


      Attention is currently required from: Jérémy Compostella, Shuo Liu.
Patrick Rudolph has posted comments on this change by Patrick Rudolph. ( https://review.coreboot.org/c/coreboot/+/87357?usp=email )
Change subject: cpu/x86/smm/smm_module_handler: Protect SMM using Nx bit
......................................................................
Patch Set 3:
(1 comment)
Commit Message:
https://review.coreboot.org/c/coreboot/+/87357/comment/eb12197e_84cf9c4e?usp... :
PS3, Line 31: TEST: Booted on qemu x86_64 enabled.
...
Were you able, through hack and dedicated tests, to verify that the policies are set up properly? Fo […]
I confirmed that NX bit is working. Stack and heap are no longer executable.
My tests also showed that RO memory is still writable. Will investigate why (if that's an QEMU issue or a bug in the code).
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/87357?usp=email
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email

Gerrit-MessageType: comment
Gerrit-Project: coreboot
Gerrit-Branch: main
Gerrit-Change-Id: I49d513e53e6f96449bdc92cc0335247df7aa7871
Gerrit-Change-Number: 87357
Gerrit-PatchSet: 3
Gerrit-Owner: Patrick Rudolph patrick.rudolph@9elements.com
Gerrit-Reviewer: Jérémy Compostella jeremy.compostella@intel.com
Gerrit-Reviewer: Shuo Liu shuo.liu@intel.com
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-Attention: Jérémy Compostella jeremy.compostella@intel.com
Gerrit-Attention: Shuo Liu shuo.liu@intel.com
Gerrit-Comment-Date: Mon, 21 Apr 2025 06:23:56 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: Jérémy Compostella jeremy.compostella@intel.com