summaryrefslogtreecommitdiff
path: root/src/cpu/x86
diff options
context:
space:
mode:
authorPatrick Rudolph <patrick.rudolph@9elements.com>2020-05-06 10:55:12 +0200
committerPatrick Georgi <pgeorgi@google.com>2020-06-17 09:17:56 +0000
commit41fec869fb3b25fd5bb5b454ab1bf39660ce314d (patch)
tree914ae7cef0e1b90e2173d62f3698a8e30a9a1655 /src/cpu/x86
parentc59d9e3917a4d30d74d64c8210ed3a516b269534 (diff)
downloadcoreboot-41fec869fb3b25fd5bb5b454ab1bf39660ce314d.tar.xz
cpu/x86/smm: Add helper functions to verify SMM access
* Add a function to check if a region overlaps with SMM. * Add a function to check if a pointer points to SMM. * Document functions in Documentation/security/smm To be used to verify data accesses in SMM. Change-Id: Ia525d2bc685377f50ecf3bdcf337a4c885488213 Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com> Signed-off-by: Christian Walter <christian.walter@9elements.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41084 Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/cpu/x86')
-rw-r--r--src/cpu/x86/smm/smihandler.c10
-rw-r--r--src/cpu/x86/smm/smm_module_handler.c9
2 files changed, 18 insertions, 1 deletions
diff --git a/src/cpu/x86/smm/smihandler.c b/src/cpu/x86/smm/smihandler.c
index bb4689e24e..8fd95bb563 100644
--- a/src/cpu/x86/smm/smihandler.c
+++ b/src/cpu/x86/smm/smihandler.c
@@ -2,6 +2,7 @@
#include <arch/io.h>
#include <console/console.h>
+#include <commonlib/region.h>
#include <cpu/x86/smm.h>
#include <cpu/x86/smi_deprecated.h>
#include <cpu/amd/amd64_save_state.h>
@@ -119,6 +120,13 @@ static inline void *smm_save_state(uintptr_t base, int arch_offset, int node)
return (void *)base;
}
+bool smm_region_overlaps_handler(const struct region *r)
+{
+ const struct region r_smm = {SMM_BASE, SMM_DEFAULT_SIZE};
+
+ return region_overlap(&r_smm, r);
+}
+
/**
* @brief Interrupt handler for SMI#
*
@@ -129,7 +137,7 @@ void smi_handler(u32 smm_revision)
{
unsigned int node;
smm_state_save_area_t state_save;
- u32 smm_base = 0xa0000; /* ASEG */
+ u32 smm_base = SMM_BASE; /* ASEG */
/* Are we ok to execute the handler? */
if (!smi_obtain_lock()) {
diff --git a/src/cpu/x86/smm/smm_module_handler.c b/src/cpu/x86/smm/smm_module_handler.c
index 404b0ccdaa..37af199080 100644
--- a/src/cpu/x86/smm/smm_module_handler.c
+++ b/src/cpu/x86/smm/smm_module_handler.c
@@ -2,6 +2,7 @@
#include <arch/io.h>
#include <console/console.h>
+#include <commonlib/region.h>
#include <cpu/x86/smm.h>
#include <rmodule.h>
@@ -103,6 +104,14 @@ void *smm_get_save_state(int cpu)
return base;
}
+bool smm_region_overlaps_handler(const struct region *r)
+{
+ const struct region r_smm = {smm_runtime->smbase, smm_runtime->smm_size};
+ const struct region r_aseg = {SMM_BASE, SMM_DEFAULT_SIZE};
+
+ return region_overlap(&r_smm, r) || region_overlap(&r_aseg, r);
+}
+
asmlinkage void smm_handler_start(void *arg)
{
const struct smm_module_params *p;