-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/12/2015 10:44 AM, Patrick Georgi wrote: > 2015-08-12 16:28 GMT+02:00 Francis Rowe <[email protected] > <mailto:[email protected]>>: > > My basic question is: are coreboot systems affected by this > vulnerability, and if so, what work is being done to patch it? > > I reviewed our SMM handler, drafted out how to mitigate any potential > issue and started work on a PoC. Then got distracted by something else. > > My test system is the getac/p470 (i945, core2duo CPU) > > Specifically, in my case, I am interested in the following coreboot > systems: > * i945 platforms (Lenovo X60/T60, Macbook2,1) > * GM45 platforms (Lenovo X200/T400/T500/R400/R500) > > > > * fam10h AMD platforms (ASUS KFSN4-DRE, ASUS KGPE-D16) > > Totally different architecture, I'm not sure if the APIC decoding > behavior even translates to that. >
I will be checking this out sometime soon. I'm not expecting to find anything given that SMM is (mostly*) deactivated on all of the non-AGESA platforms I have looked at. * SMM is given a base address, memory window, and then locked. If I understand the exploit correctly it requires SMM to both be triggerable and for SMM to attempt to execute code after being triggered. - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 http://www.raptorengineeringinc.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJVy2w+AAoJEK+E3vEXDOFbw6oIALC388Qc6T/aXgtIe8z10njB 67Aza1Ex9sZKz462kh5/6Ga+n2/BLV0jRN8lB7j+I78/KoPKkXP+RAKm7RyRVNVI X4ZO/YLCyemcE00NQ3jki4tJ5LfDdYx+xwYqb0zb9lIX7EnHY9YPrmFULmrOoQvf w9cE3ZFFtpdd43lB7ivCKhAmJ43J/4GoqhqtZDwAPqdiO4aiVIH5CEytbYxbX14k Qi7sAR2ty2UTc8jzqbk8SJADXVaH2kxrnXozE6PfLNDKWj53jd8MTByOm2hDuBLk xErA/839ZUWqet/DWgBC/chCEvBKoVn6AM+ET4i2C/Q3dwyfo7dzgkX+6ioDfZY= =2QS4 -----END PGP SIGNATURE----- -- coreboot mailing list: [email protected] http://www.coreboot.org/mailman/listinfo/coreboot
