Hi, > Let me explain more why need this change: > > 1. The EFI_SMM_SMRAM_MEMORY_GUID HOB, as defined in the PI specification, is > used to describe the SMRAM memory regions supported by the platform. This HOB > should be produced during the memory detection phase to align with the PI > spec. > > 2. In addition to the memory reserved for ACPI S3 resume, an increasing > number of features require reserving SMRAM for specific purposes, such as > SmmRelocation. Other advanced features in Intel platforms also necessitate > this. The implementation of these features varies and is entirely dependent > on the platform. This is why an increasing number of platforms are adopting > the EFI_SMM_SMRAM_MEMORY_GUID HOB for SMRAM description. > > 3. It is crucial that the SMRAM information remains consistent when retrieved > from the platform, whether through the SMM ACCESS PPI/Protocol or the > EFI_SMM_SMRAM_MEMORY_GUID HOB. Inconsistencies can lead to unexpected issues, > most commonly memory region conflicts. > > 4. The SMM ACCESS PPI/Protocol can be naturally implemented for general use. > The common approach is to utilize the EFI_SMM_SMRAM_MEMORY_GUID HOB. For > reference, see the existing implementation in the EDK2 repository at > edk2/UefiPayloadPkg/SmmAccessDxe/SmmAccessDxe.inf and > edk2-platforms/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.inf. > > > For the reasons mentioned, we are moving the SMRAM memory regions to HOBs and > allowing SMM access to consume these HOBs. > > I will add the above info into commit message.
Thanks. Creating the EFI_SMM_SMRAM_MEMORY_GUID HOB should be moved to its own function. Also move over the comments from SmmAccess describing the regions please. Adding a reference to the PI spec section describing this would be good too. > > Storing anything SMM related outside SMRAM makes me nervous. > > I'd strongly suggest to avoid that. > > > > It might be that in this specific case it is not a problem. But it > > needs very careful review of the implications (which I have not done) > > and you have to hope you don't miss a possible attack vector, such as > > someone modifying the HOB and the firmware then storing SMM data + code > > outside SMRAM. > > Understand, but here is the case we can record the info in non-smram > since PI spec exposes that, there is no difference the info retrieved > from PPI/ non-smm Protocol or the non-smram. Good point. take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118273): https://edk2.groups.io/g/devel/message/118273 Mute This Topic: https://groups.io/mt/105593577/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
