-----BEGIN PGP SIGNED MESSAGE-----
On 08/12/2015 10:54 AM, Timothy Pearson wrote:
On 08/12/2015 10:44 AM, Patrick Georgi wrote:
2015-08-12 16:28 GMT+02:00 Francis Rowe
My basic question is: are coreboot systems
affected by this
vulnerability, and if so, what work is being done to patch it?
I reviewed our SMM handler, drafted out how to
mitigate any potential
issue and started work on a PoC. Then got distracted by something else.
My test system is the getac/p470 (i945, core2duo
Specifically, in my case, I am interested in
the following coreboot
* i945 platforms (Lenovo X60/T60, Macbook2,1)
* GM45 platforms (Lenovo X200/T400/T500/R400/R500)
* fam10h AMD platforms (ASUS KFSN4-DRE, ASUS
Totally different architecture, I'm not sure
if the APIC decoding
behavior even translates to that.
I will be checking this out sometime soon. I'm not expecting to find
anything given that SMM is (mostly*) deactivated on all of the non-AGESA
platforms I have looked at.
* SMM is given a base address, memory window, and then locked. If I
understand the exploit correctly it requires SMM to both be triggerable
and for SMM to attempt to execute code after being triggered.
Sorry, that should read "non-AGESA Family 10h platforms" above.
+1 (415) 727-8645
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----