[coreboot-gerrit] Patch merged into coreboot/master: smmhandler: on i945..nehalem, crash if LAPIC overlaps with ASEG
gerrit at coreboot.org
gerrit at coreboot.org
Thu Oct 29 10:27:02 CET 2015
the following patch was just integrated into master:
commit ce2564ac519fd974eeaa070ccb30d5a12e0c3334
Author: Patrick Georgi <patrick at georgi-clan.de>
Date: Sat Sep 5 20:21:24 2015 +0200
smmhandler: on i945..nehalem, crash if LAPIC overlaps with ASEG
This mitigates the Memory Sinkhole issue (described on
https://github.com/xoreaxeaxeax/sinkhole) by checking for the issue and
crashing the system explicitly if LAPIC overlaps ASEG.
This needs to happen without a data access (only code fetches) because
data accesses could be tampered with.
Don't try to recover because, if somebody tried to do shenanigans like
these, we have to expect more.
Sandybridge is safe because it does the same test in hardware, and
crashes. Newer chipsets presumably do the same.
This needs to be extended to deal with overlapping TSEG as well.
Change-Id: I508c0b10ab88779da81d18a94b08dcfeca6f5a6f
Signed-off-by: Patrick Georgi <patrick at georgi-clan.de>
Reviewed-on: http://review.coreboot.org/11519
Reviewed-by: Aaron Durbin <adurbin at chromium.org>
Tested-by: build bot (Jenkins)
See http://review.coreboot.org/11519 for details.
-gerrit
More information about the coreboot-gerrit
mailing list