[M] Change in coreboot[main]: cpu/x86: Support SMBASE relocation-only use-case - coreboot-gerrit

30 Oct 2023


      Attention is currently required from: Angel Pons, Dinesh Gehlot, Eran Mitrani, Felix Held, Fred Reitberger, Jason Glenesk, Kapil Porwal, Martin L Roth, Matt DeVillier, Matt DeVillier, Maulik Vaghela, Raul Rangel, Subrata Banik, Tarun, Tarun Tuli, ron minnich.
Benjamin Doron has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/70376?usp=email )
Change subject: cpu/x86: Support SMBASE relocation-only use-case
......................................................................
Patch Set 7:
(3 comments)
Patchset:
PS7:
...
i'm a bit concerned if this approach has any security implications; moving away from coreboot only i […]
It's a fair concern, but if we want to use payload SMI handlers, the payload must put code in SMM. Yes, this puts the payload in the TCB/a more privileged position than before, though the user should be allowed to make that trade-off.
It's not a 'true' HOB (that is, in ring-0 memory that's created by PEI and available to DXE). When this design was first created for SBL + EDK2, they reused the HOB data struct, but it's just a single struct at the start of SMRAM. It's created by SMM code, then locked, then (SMRAM is) available again to the bootloader on an S3 resume.
File src/cpu/x86/Kconfig:
https://review.coreboot.org/c/coreboot/+/70376/comment/57c827a6_208360ad :
PS7, Line 159: 	bool
             : 	default n
...
I don't see this Kconfig option being used in this patch. […]
It's used above by HAVE_NATIVE_SMI_HANDLER, which determines if smm.manual ("permanent handlers") is linked in, among other things. This Kconfig can be used to disable that one. If by 'not being used' you mean that it has no effect, well, we could remove it, but I think that would leave this setup/patch incomplete.
File src/southbridge/intel/common/Kconfig.common:
https://review.coreboot.org/c/coreboot/+/70376/comment/0debe57d_ff9c1913 :
PS7, Line 93: HAVE_SMI_HANDLER
...
2nd
Ah, because from memory, this would leave SPI, etc. unlocked for the external SMM case, and it's safe to drop because apmc_trigger won't actually initiate the SMI. This will leave specific parts of lockdown incomplete, I'll check whether they're necessary (we actually want SMRAM unlocked so that the payload can use it).
The point is to get as much lockdown done here as possible.
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/70376?usp=email
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: main
Gerrit-Change-Id: Iec96bab19cdcf80622756f02a3dae49b42036c8d
Gerrit-Change-Number: 70376
Gerrit-PatchSet: 7
Gerrit-Owner: Benjamin Doron benjamin.doron00@gmail.com
Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com
Gerrit-Reviewer: Dinesh Gehlot digehlot@google.com
Gerrit-Reviewer: Eran Mitrani mitrani@google.com
Gerrit-Reviewer: Felix Held felix-coreboot@felixheld.de
Gerrit-Reviewer: Fred Reitberger reitbergerfred@gmail.com
Gerrit-Reviewer: Jason Glenesk jason.glenesk@gmail.com
Gerrit-Reviewer: Kapil Porwal kapilporwal@google.com
Gerrit-Reviewer: Lean Sheng Tan sheng.tan@9elements.com
Gerrit-Reviewer: Matt DeVillier matt.devillier@amd.corp-partner.google.com
Gerrit-Reviewer: Maulik Vaghela maulikvaghela@google.com
Gerrit-Reviewer: Raul Rangel rrangel@chromium.org
Gerrit-Reviewer: Subrata Banik subratabanik@google.com
Gerrit-Reviewer: Tarun tstuli@gmail.com
Gerrit-Reviewer: Tarun Tuli taruntuli@google.com
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-CC: Martin L Roth gaumless@gmail.com
Gerrit-CC: Matt DeVillier matt.devillier@gmail.com
Gerrit-CC: Stefan Reinauer stefan.reinauer@coreboot.org
Gerrit-CC: ron minnich rminnich@gmail.com
Gerrit-Attention: Raul Rangel rrangel@chromium.org
Gerrit-Attention: Eran Mitrani mitrani@google.com
Gerrit-Attention: Matt DeVillier matt.devillier@amd.corp-partner.google.com
Gerrit-Attention: Maulik Vaghela maulikvaghela@google.com
Gerrit-Attention: Matt DeVillier matt.devillier@gmail.com
Gerrit-Attention: Dinesh Gehlot digehlot@google.com
Gerrit-Attention: Angel Pons th3fanbus@gmail.com
Gerrit-Attention: Tarun tstuli@gmail.com
Gerrit-Attention: Jason Glenesk jason.glenesk@gmail.com
Gerrit-Attention: Tarun Tuli taruntuli@google.com
Gerrit-Attention: Martin L Roth gaumless@gmail.com
Gerrit-Attention: Subrata Banik subratabanik@google.com
Gerrit-Attention: Kapil Porwal kapilporwal@google.com
Gerrit-Attention: Fred Reitberger reitbergerfred@gmail.com
Gerrit-Attention: ron minnich rminnich@gmail.com
Gerrit-Attention: Felix Held felix-coreboot@felixheld.de
Gerrit-Comment-Date: Mon, 30 Oct 2023 19:39:22 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: Martin L Roth gaumless@gmail.com
Comment-In-Reply-To: Matt DeVillier matt.devillier@gmail.com
Comment-In-Reply-To: Felix Held felix-coreboot@felixheld.de
Gerrit-MessageType: comment