[SeaBIOS] Saving a few bytes across a reboot
Laszlo Ersek
lersek at redhat.com
Wed Feb 7 16:06:47 CET 2018
On 02/07/18 15:57, Igor Mammedov wrote:
> On Wed, 7 Feb 2018 08:51:58 -0500
> Stefan Berger <stefanb at linux.vnet.ibm.com> wrote:
>
>> On 01/10/2018 08:22 AM, Laszlo Ersek wrote:
>>> Stefan,
>>>
>>> On 01/09/18 20:02, Stefan Berger wrote:
>>>
> [...]
>
>
>> So the point is SMM is needed for UEFI. QEMU would need to provide the
>> ACPI code for it, which is basically a translation of the ACPI from EDK2
>> so that this could work. To support SeaBIOS as well, we would have to be
>> able to distinguish a BIOS from the UEFI on the QEMU level so that we
>> could produce different ACPI (no SMI and different OperationRegion than
>> 0xFFFF 0000 for SeaBIOS), *if* on a system with a BIOS the memory area
>> can be considered to be safe (like that EDK2 variable).
> Does KVM actually restrict access to SMM memory (implements SMRR MSRs)?
KVM does not implement SMRRs, but QEMU+KVM implement SMRAM. OVMF exposes
the Q35 TSEG region as SMRAM to the edk2 machinery. TSEG is controlled
through various chipset registers.
Paolo's presentation and slides from 2015:
https://www.youtube.com/watch?v=IxLvxP1O8T8
> And even with SMRR, memory might be exposed to another cpu on
> cpu hotplug in current hotplug impl. if malicious code wins
> SIPI race in bringing up hotplugged CPU from (unprotected)
> reset state.
Yes, VCPU hotplug isn't even expected to work with SMM at the moment.
"Don't do that just yet."
https://bugzilla.redhat.com/show_bug.cgi?id=1454803
Thanks
Laszlo
More information about the SeaBIOS
mailing list