[coreboot-gerrit] Change in coreboot[master]: Documentation: Add technote/design doc for mitigating ReBAR ...
Patrick Georgi (Code Review)
gerrit at coreboot.org
Tue Apr 11 19:52:42 CEST 2017
Patrick Georgi has posted comments on this change. ( https://review.coreboot.org/19242 )
Change subject: Documentation: Add technote/design doc for mitigating ReBAR issue
......................................................................
Patch Set 1:
> I'm not sure if it's a problem, but should this issue be
> generalized to say that all addresses that are loaded from outside
> of SMM need to be validated?
one issue with catching all memory accesses is that it is often done directly - something we can't easily wrap like in this proposal.
> Should we also look to see if there's anything that can be moved
> out of SMM? Our handlers are pretty thin already, but maybe some
> suspend/resume code can be moved out of SMM into ACPI for example?
The SMM handlers are already pretty minimal. Moving things to ACPI _might_ work, but would require testing across lots of OSes.
For example on i945, power-down only works if all devices on pci stopped being bus master. Might be possible to do that correctly in ACPI but there's too much variance in that.
--
To view, visit https://review.coreboot.org/19242
To unsubscribe, visit https://review.coreboot.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: Icba9d7910dfd46f32a2c46b6fd064a9cc8e3beac
Gerrit-PatchSet: 1
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Owner: Patrick Georgi <pgeorgi at google.com>
Gerrit-Reviewer: Martin Roth <martinroth at google.com>
Gerrit-Reviewer: Patrick Georgi <pgeorgi at google.com>
Gerrit-Reviewer: Paul Menzel <paulepanter at users.sourceforge.net>
Gerrit-Reviewer: build bot (Jenkins)
Gerrit-HasComments: No
More information about the coreboot-gerrit
mailing list