GNUBoot
/
coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
47,598 Commits 1 Branch 29 Tags 224 MiB
C 90.7%
ASL 5.1%
Makefile 1.1%
Assembly 0.9%
Pawn 0.6%
Other 1.5%
Go to file
Arthur Heymans d7c371619a cpu/x86/smm_module_load: Rewrite setup_stub 
This code was hard to read as it did too much and had a lot of state
to keep track of.

It also looks like the staggered entry points were first copied and
only later the parameters of the first stub were filled in. This
means that only the BSP stub is actually jumping to the permanent
smihandler. On the APs the stub would jump to wherever c_handler
happens to point to, which is likely 0. This effectively means that on
APs it's likely easy to have arbitrary code execution in SMM which is a
security problem.

Change-Id: I42ef9d6a30f3039f25e2cde975086a1365ca4182
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/63478
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin L Roth <gaumless@tutanota.com>
 		2022-05-28 05:07:57 +00:00
3rdparty 3rdparty/fsp: Update submodule pointer to newest master 2022-05-24 12:59:05 +00:00
Documentation Treewide: Remove doxygen config files and targets 2022-05-28 01:24:51 +00:00
LICENSES treewide: Remove trailing whitespace 2021-02-17 17:30:05 +00:00
configs nb/intel/gm45: Enable 64bit support 2022-05-13 10:57:41 +00:00
payloads payloads/external: Add more option related to SeaBIOS and GRUB2 2022-05-24 12:58:52 +00:00
spd spd/lp5: Add new part MT62F2G32D8DR-031 2022-03-10 15:16:52 +00:00
src cpu/x86/smm_module_load: Rewrite setup_stub 2022-05-28 05:07:57 +00:00
tests lib: Check for non-existent DIMMs in check_if_dimm_changed 2022-04-20 06:57:21 +00:00
util util/lint/checkpatch: Warn on period at the end of commit subject 2022-05-28 01:26:03 +00:00
.checkpatch.conf checkpatch.conf: Disable gerrit change ID for coreboot 2022-04-12 20:39:50 +00:00
.clang-format
.editorconfig
.gitignore Treewide: Remove doxygen config files and targets 2022-05-28 01:24:51 +00:00
.gitmodules tests: update CMocka to stable-1.1 2022-04-19 13:00:36 +00:00
.gitreview
.mailmap .mailmap: Add a .mailmap file for git 2022-03-08 18:53:47 +00:00
AUTHORS
COPYING
MAINTAINERS MAINTAINERS: Add myself as maintainer of mc_ehl boards 2022-04-29 13:14:24 +00:00
Makefile Treewide: Remove doxygen config files and targets 2022-05-28 01:24:51 +00:00
Makefile.inc Makefile.inc: Add bootblock to CBFS before others 2022-05-27 01:46:24 +00:00
README.md Treewide: Remove doxygen config files and targets 2022-05-28 01:24:51 +00:00
gnat.adc
toolchain.inc build system: immediately report what users are supposed to look into 2021-10-18 16:39:25 +00:00

README.md

coreboot README

coreboot is a Free Software project aimed at replacing the proprietary BIOS (firmware) found in most computers. coreboot performs a little bit of hardware initialization and then executes additional boot logic, called a payload.

With the separation of hardware initialization and later boot logic, coreboot can scale from specialized applications that run directly firmware, run operating systems in flash, load custom bootloaders, or implement firmware standards, like PC BIOS services or UEFI. This allows for systems to only include the features necessary in the target application, reducing the amount of code and flash space required.

coreboot was formerly known as LinuxBIOS.

Payloads

After the basic initialization of the hardware has been performed, any desired "payload" can be started by coreboot.

See https://www.coreboot.org/Payloads for a list of supported payloads.

Supported Hardware

coreboot supports a wide range of chipsets, devices, and mainboards.

For details please consult:

Build Requirements

  • make
  • gcc / g++ Because Linux distribution compilers tend to use lots of patches. coreboot does lots of "unusual" things in its build system, some of which break due to those patches, sometimes by gcc aborting, sometimes - and that's worse - by generating broken object code. Two options: use our toolchain (eg. make crosstools-i386) or enable the ANY_TOOLCHAIN Kconfig option if you're feeling lucky (no support in this case).
  • iasl (for targets with ACPI support)
  • pkg-config
  • libssl-dev (openssl)

Optional:

  • gdb (for better debugging facilities on some targets)
  • ncurses (for make menuconfig and make nconfig)
  • flex and bison (for regenerating parsers)

Building coreboot

Please consult https://www.coreboot.org/Build_HOWTO for details.

Testing coreboot Without Modifying Your Hardware

If you want to test coreboot without any risks before you really decide to use it on your hardware, you can use the QEMU system emulator to run coreboot virtually in QEMU.

Please see https://www.coreboot.org/QEMU for details.

Website and Mailing List

Further details on the project, a FAQ, many HOWTOs, news, development guidelines and more can be found on the coreboot website:

https://www.coreboot.org

You can contact us directly on the coreboot mailing list:

https://www.coreboot.org/Mailinglist

Copyright and License

The copyright on coreboot is owned by quite a large number of individual developers and companies. Please check the individual source files for details.

coreboot is licensed under the terms of the GNU General Public License (GPL). Some files are licensed under the "GPL (version 2, or any later version)", and some files are licensed under the "GPL, version 2". For some parts, which were derived from other projects, other (GPL-compatible) licenses may apply. Please check the individual source files for details.

This makes the resulting coreboot images licensed under the GPL, version 2.