summaryrefslogtreecommitdiff
path: root/src/cpu
diff options
context:
space:
mode:
authorTimothy Pearson <tpearson@raptorengineeringinc.com>2015-08-12 11:19:10 -0500
committerAlexandru Gagniuc <mr.nuke.me@gmail.com>2015-08-14 01:16:22 +0200
commit27baa32fbefa19afe2bc96b60f534ca20cb49065 (patch)
tree2c6d9b53cd42c08bdcf3c58ff46ae5fa21770078 /src/cpu
parente3260ec29a0bce2d57ba66b99ea1d87a56e1e18a (diff)
downloadcoreboot-27baa32fbefa19afe2bc96b60f534ca20cb49065.tar.xz
cpu/amd/model_10xxx: Do not initialize SMM memory if SMM is disabled
In the wake of the recent Intel "Memoy Sinkhole" exploit a code review of the AMD SMM code was undertaken. While native Family 10h support does not appear to be affected by the same SMM flaw, it also does not require SMM to function. Therefore, the SMM memory range initialization should only be executed if SMM will be used on the target platform. Change-Id: I6531908a7724933e4ba5a2bbefeb89356197e8fd Signed-off-by: Timothy Pearson <tpearson@raptorengineeringinc.com> Reviewed-on: http://review.coreboot.org/11211 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: Raptor Engineering Automated Test Stand <noreply@raptorengineeringinc.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Diffstat (limited to 'src/cpu')
-rw-r--r--src/cpu/amd/model_10xxx/model_10xxx_init.c34
1 files changed, 25 insertions, 9 deletions
diff --git a/src/cpu/amd/model_10xxx/model_10xxx_init.c b/src/cpu/amd/model_10xxx/model_10xxx_init.c
index c17f335334..590b89d65e 100644
--- a/src/cpu/amd/model_10xxx/model_10xxx_init.c
+++ b/src/cpu/amd/model_10xxx/model_10xxx_init.c
@@ -99,15 +99,31 @@ static void model_10xxx_init(device_t dev)
msr.hi &= ~(1 << (35-32));
wrmsr(BU_CFG2_MSR, msr);
- /* Set SMM base address for this CPU */
- msr = rdmsr(SMM_BASE_MSR);
- msr.lo = SMM_BASE - (lapicid() * 0x400);
- wrmsr(SMM_BASE_MSR, msr);
-
- /* Enable the SMM memory window */
- msr = rdmsr(SMM_MASK_MSR);
- msr.lo |= (1 << 0); /* Enable ASEG SMRAM Range */
- wrmsr(SMM_MASK_MSR, msr);
+ if (IS_ENABLED(CONFIG_HAVE_SMI_HANDLER)) {
+ printk(BIOS_DEBUG, "Initializing SMM ASeg memory\n");
+
+ /* Set SMM base address for this CPU */
+ msr = rdmsr(SMM_BASE_MSR);
+ msr.lo = SMM_BASE - (lapicid() * 0x400);
+ wrmsr(SMM_BASE_MSR, msr);
+
+ /* Enable the SMM memory window */
+ msr = rdmsr(SMM_MASK_MSR);
+ msr.lo |= (1 << 0); /* Enable ASEG SMRAM Range */
+ wrmsr(SMM_MASK_MSR, msr);
+ } else {
+ printk(BIOS_DEBUG, "Disabling SMM ASeg memory\n");
+
+ /* Set SMM base address for this CPU */
+ msr = rdmsr(SMM_BASE_MSR);
+ msr.lo = SMM_BASE - (lapicid() * 0x400);
+ wrmsr(SMM_BASE_MSR, msr);
+
+ /* Disable the SMM memory window */
+ msr.hi = 0x0;
+ msr.lo = 0x0;
+ wrmsr(SMM_MASK_MSR, msr);
+ }
/* Set SMMLOCK to avoid exploits messing with SMM */
msr = rdmsr(HWCR_MSR);