[XL] Change in coreboot[main]: soc/intel/xeon-sp: Hook up public FSP bin and headers - coreboot-gerrit

31 May 2024


      Attention is currently required from: Arthur Heymans, Chen, Gang C, Christian Walter, David Hendricks, Fabian Meyer, Felix Singer, Jincheng Li, Johnny Lin, Jonathan Zhang, Lean Sheng Tan, Patrick Rudolph, Shuo Liu, Srinidhi N Kaushik, Tim Chu.
Nico Huber has posted comments on this change by Arthur Heymans. ( https://review.coreboot.org/c/coreboot/+/80360?usp=email )
Change subject: soc/intel/xeon-sp: Hook up public FSP bin and headers
......................................................................
Patch Set 4:
(1 comment)
Patchset:
PS4:
...
FSP-S is loaded by the bootloader, thus FSP-S must never access the SPI flash, modify it, protect it or whatsoever. There's no TOCTOU Vulnerability, thus nothing to protect.
It's a bit more complicated. The concern is about pointers left by FSP-M or the
code around it (e.g. in HOBs). Though, enabling paging in FSP-S is rather late
anyway. I guess they use it as a development tool, e.g. like an assertion that
tells you where you have troublesome code. Not sure why they would ever put that
into a production binary, though. And of course it's not reasonable to break FSP
ssumptions for it. It explains why the code exists, it just doesn't fit into the
FSP world, I guess.
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/80360?usp=email
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email

Gerrit-MessageType: comment
Gerrit-Project: coreboot
Gerrit-Branch: main
Gerrit-Change-Id: I778d3535c273dff653330518653bdefcb45e66f4
Gerrit-Change-Number: 80360
Gerrit-PatchSet: 4
Gerrit-Owner: Arthur Heymans arthur@aheymans.xyz
Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com
Gerrit-Reviewer: Chen, Gang C gang.c.chen@intel.com
Gerrit-Reviewer: Christian Walter christian.walter@9elements.com
Gerrit-Reviewer: David Hendricks david.hendricks@gmail.com
Gerrit-Reviewer: Jincheng Li jincheng.li@intel.com
Gerrit-Reviewer: Johnny Lin Johnny_Lin@wiwynn.com
Gerrit-Reviewer: Jonathan Zhang jon.zhixiong.zhang@gmail.com
Gerrit-Reviewer: Lean Sheng Tan sheng.tan@9elements.com
Gerrit-Reviewer: Patrick Rudolph patrick.rudolph@9elements.com
Gerrit-Reviewer: Shuo Liu shuo.liu@intel.com
Gerrit-Reviewer: Srinidhi N Kaushik kaushiksrinidhin@gmail.com
Gerrit-Reviewer: Tim Chu Tim.Chu@quantatw.com
Gerrit-CC: Fabian Meyer fabian@meyfa.net
Gerrit-CC: Felix Singer service+coreboot-gerrit@felixsinger.de
Gerrit-CC: Nico Huber nico.h@gmx.de
Gerrit-CC: build bot (Jenkins) no-reply@coreboot.org
Gerrit-Attention: Felix Singer service+coreboot-gerrit@felixsinger.de
Gerrit-Attention: Patrick Rudolph patrick.rudolph@9elements.com
Gerrit-Attention: Jonathan Zhang jon.zhixiong.zhang@gmail.com
Gerrit-Attention: Fabian Meyer fabian@meyfa.net
Gerrit-Attention: Arthur Heymans arthur@aheymans.xyz
Gerrit-Attention: Chen, Gang C gang.c.chen@intel.com
Gerrit-Attention: Johnny Lin Johnny_Lin@wiwynn.com
Gerrit-Attention: David Hendricks david.hendricks@gmail.com
Gerrit-Attention: Christian Walter christian.walter@9elements.com
Gerrit-Attention: Shuo Liu shuo.liu@intel.com
Gerrit-Attention: Jincheng Li jincheng.li@intel.com
Gerrit-Attention: Lean Sheng Tan sheng.tan@9elements.com
Gerrit-Attention: Srinidhi N Kaushik kaushiksrinidhin@gmail.com
Gerrit-Attention: Tim Chu Tim.Chu@quantatw.com
Gerrit-Comment-Date: Fri, 31 May 2024 14:55:17 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No