[SeaBIOS] Saving a few bytes across a reboot

Igor Mammedov imammedo at redhat.com
Wed Feb 7 15:57:24 CET 2018

On Wed, 7 Feb 2018 08:51:58 -0500
Stefan Berger <stefanb at linux.vnet.ibm.com> wrote:

> On 01/10/2018 08:22 AM, Laszlo Ersek wrote:
> > Stefan,
> >
> > On 01/09/18 20:02, Stefan Berger wrote:
> >  

> So the point is SMM is needed for UEFI. QEMU would need to provide the 
> ACPI code for it, which is basically a translation of the ACPI from EDK2 
> so that this could work. To support SeaBIOS as well, we would have to be 
> able to distinguish a BIOS from the UEFI on the QEMU level so that we 
> could produce different ACPI (no SMI and different OperationRegion than 
> 0xFFFF 0000 for SeaBIOS), *if* on a system with a BIOS the memory area 
> can be considered to be safe (like that EDK2 variable).
Does KVM actually restrict access to SMM memory (implements SMRR MSRs)?

And even with SMRR, memory might be exposed to another cpu on
cpu hotplug in current hotplug impl. if malicious code wins
SIPI race in bringing up hotplugged CPU from (unprotected)
reset state.

> Otherwise I am 
> afraid it's better to not support it in SeaBIOS and provide all 
> necessary early TPM 2 operations via user interaction with the menu only.
> Comments ?
>       Stefan

More information about the SeaBIOS mailing list