On 15/08/19 18:07, Igor Mammedov wrote: > Looking at Q35 code and Seabios SMM relocation as example, if I see it > right QEMU has: > - SMRAM is aliased from DRAM at 0xa0000 > - and TSEG steals from the top of low RAM when configured > > Now problem is that default SMBASE at 0x30000 isn't backed by anything > in SMRAM address space and default SMI entry falls-through to the same > location in System address space. > > The later is not trusted and entry into SMM mode will corrupt area + might > jump to 'random' SMI handler (hence save/restore code in Seabios). > > Here is an idea, can we map a memory region at 0x30000 in SMRAM address > space with relocation space/code reserved. It could be a part of TSEG > (so we don't have to invent ABI to configure that)?
No, there could be real mode code using it. What we _could_ do is initialize SMBASE to 0xa0000, but I think it's better to not deviate too much from processor behavior (even if it's admittedly a 20-years legacy that doesn't make any sense). Paolo