summaryrefslogtreecommitdiff
path: root/OvmfPkg/Sec/SecMain.c
diff options
context:
space:
mode:
Diffstat (limited to 'OvmfPkg/Sec/SecMain.c')
-rw-r--r--OvmfPkg/Sec/SecMain.c13
1 files changed, 13 insertions, 0 deletions
diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index 4f87059e17..0cf127af84 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -698,6 +698,19 @@ SecCoreStartupWithStack (
SEC_IDT_TABLE IdtTableInStack;
IA32_DESCRIPTOR IdtDescriptor;
UINT32 Index;
+ volatile UINT8 *Table;
+
+ //
+ // To ensure SMM can't be compromised on S3 resume, we must force re-init of
+ // the BaseExtractGuidedSectionLib. Since this is before library contructors
+ // are called, we must use a loop rather than SetMem.
+ //
+ Table = (UINT8*)(UINTN)FixedPcdGet64 (PcdGuidedExtractHandlerTableAddress);
+ for (Index = 0;
+ Index < FixedPcdGet32 (PcdGuidedExtractHandlerTableSize);
+ ++Index) {
+ Table[Index] = 0;
+ }
ProcessLibraryConstructorList (NULL, NULL);