From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.61]) by mx.groups.io with SMTP id smtpd.web11.617.1580334272846669256 for ; Wed, 29 Jan 2020 13:44:33 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=UpUz0aqr; spf=pass (domain: redhat.com, ip: 205.139.110.61, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1580334271; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=JGPgcG6GV2Gm+Ju+xjdvJr1aLQcpe2o5VzcXChm3TUU=; b=UpUz0aqrdV31afjdO844Fw/ryjvaQf2/Eks+5XZEozSRK3y5J67UBliGdbcDSV21hVoKHV 6BoN+DfcCnpM2sxAteyEsCMAzAAENq3LW3yHclK8iqg0SS461ajAgWhmrgcS/ZX8mE7q4G pdxfW6OkjMWdQjn8mjEW44dtxJ+2JeY= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-192--UM4TPm8PEiA_IhY3VDccw-1; Wed, 29 Jan 2020 16:44:29 -0500 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id DE08F1007268; Wed, 29 Jan 2020 21:44:28 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-32.ams2.redhat.com [10.36.116.32]) by smtp.corp.redhat.com (Postfix) with ESMTP id EB7115DA75; Wed, 29 Jan 2020 21:44:27 +0000 (UTC) From: "Laszlo Ersek" To: edk2-devel-groups-io Cc: Ard Biesheuvel , Jordan Justen Subject: [PATCH v2 09/11] OvmfPkg/SmmAccess: close and lock SMRAM at default SMBASE Date: Wed, 29 Jan 2020 22:44:10 +0100 Message-Id: <20200129214412.2361-10-lersek@redhat.com> In-Reply-To: <20200129214412.2361-1-lersek@redhat.com> References: <20200129214412.2361-1-lersek@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-MC-Unique: -UM4TPm8PEiA_IhY3VDccw-1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: base64 RHVyaW5nIG5vcm1hbCBib290LCB3aGVuIEVGSV9EWEVfU01NX1JFQURZX1RPX0xPQ0tfUFJPVE9D T0wgaXMgaW5zdGFsbGVkCmJ5IHBsYXRmb3JtIEJEUywgdGhlIFNNTSBJUEwgbG9ja3MgU01SQU0g KFRTRUcpIHRocm91Z2gKRUZJX1NNTV9BQ0NFU1MyX1BST1RPQ09MLkxvY2soKS4gU2VlIFNtbUlw bFJlYWR5VG9Mb2NrRXZlbnROb3RpZnkoKSBpbgoiTWRlTW9kdWxlUGtnL0NvcmUvUGlTbW1Db3Jl L1BpU21tSXBsLmMiLgoKRHVyaW5nIFMzIHJlc3VtZSwgUzNSZXN1bWUyUGVpIGxvY2tzIFNNUkFN IChUU0VHKSB0aHJvdWdoClBFSV9TTU1fQUNDRVNTX1BQSS5Mb2NrKCksIGJlZm9yZSBleGVjdXRp bmcgdGhlIGJvb3Qgc2NyaXB0LiBTZWUKUzNSZXN1bWVFeGVjdXRlQm9vdFNjcmlwdCgpIGluCiJV ZWZpQ3B1UGtnL1VuaXZlcnNhbC9BY3BpL1MzUmVzdW1lMlBlaS9TM1Jlc3VtZS5jIi4KClRob3Nl IGFyZSBwcmVjaXNlbHkgdGhlIHBsYWNlcyB3aGVyZSB0aGUgU01SQU0gYXQgdGhlIGRlZmF1bHQg U01CQVNFCnNob3VsZCBiZSBsb2NrZWQgdG9vLiBBZGQgc3VjaCBhbiBhY3Rpb24gdG8gU21yYW1B Y2Nlc3NMb2NrKCkuCgpOb3RlczoKCi0gVGhlIFNNUkFNIGF0IHRoZSBkZWZhdWx0IFNNQkFTRSBk b2Vzbid0IHN1cHBvcnQgdGhlICJjbG9zZWQgYW5kCiAgdW5sb2NrZWQiIHN0YXRlIChhbmQgc28g aXQgY2FuJ3QgYmUgY2xvc2VkIHdpdGhvdXQgbG9ja2luZyBpdCwgYW5kIGl0CiAgY2Fubm90IGJl IG9wZW5lZCBhZnRlciBjbG9zaW5nIGl0KS4KCi0gVGhlIFNNUkFNIGF0IHRoZSBkZWZhdWx0IFNN QkFTRSBpc24ndCAoYW5kIHNob3VsZG4ndCkgYmUgZXhwb3NlZCB3aXRoCiAgYW5vdGhlciBFRklf U01SQU1fREVTQ1JJUFRPUiBpbiB0aGUgR2V0Q2FwYWJpbGl0aWVzKCkgbWVtYmVycyBvZgogIEVG SV9TTU1fQUNDRVNTMl9QUk9UT0NPTCAvIFBFSV9TTU1fQUNDRVNTX1BQSS4gVGhhdCdzIGJlY2F1 c2UgdGhlIFNNUkFNCiAgaW4gcXVlc3Rpb24gaXMgbm90ICJnZW5lcmFsIHB1cnBvc2UiOyBpdCdz IG9ubHkgUUVNVSdzIHNvbHV0aW9uIHRvCiAgcHJvdGVjdCB0aGUgaW5pdGlhbCBTTUkgaGFuZGxl ciBmcm9tIHRoZSBPUywgd2hlbiBhIFZDUFUgaXMgaG90LXBsdWdnZWQuCgogIENvbnNlcXVlbnRs eSwgdGhlIHN0YXRlIG9mIHRoZSBTTVJBTSBhdCB0aGUgZGVmYXVsdCBTTUJBU0UgaXMgbm90CiAg cmVmbGVjdGVkIGluIHRoZSAiT3BlblN0YXRlIiAvICJMb2NrU3RhdGUiIGZpZWxkcyBvZiB0aGUg cHJvdG9jb2wgYW5kCiAgUFBJLgoKLSBBbiBhbHRlcm5hdGl2ZSB0byBleHRlbmRpbmcgU21yYW1B Y2Nlc3NMb2NrKCkgd291bGQgYmUgdG8gcmVnaXN0ZXIgYW4KICBFRklfRFhFX1NNTV9SRUFEWV9U T19MT0NLX1BST1RPQ09MIG5vdGlmeSBpbiBTbW1BY2Nlc3MyRHhlIChmb3IgbG9ja2luZwogIGF0 IG5vcm1hbCBib290KSwgYW5kIGFuIEVES0lJX1MzX1NNTV9JTklUX0RPTkVfR1VJRCBQUEkgbm90 aWZ5IGluCiAgU21tQWNjZXNzUGVpIChmb3IgbG9ja2luZyBhdCBTMyByZXN1bWUpLgoKQ2M6IEFy ZCBCaWVzaGV1dmVsIDxhcmQuYmllc2hldXZlbEBsaW5hcm8ub3JnPgpDYzogSm9yZGFuIEp1c3Rl biA8am9yZGFuLmwuanVzdGVuQGludGVsLmNvbT4KUmVmOiBodHRwczovL2J1Z3ppbGxhLnRpYW5v Y29yZS5vcmcvc2hvd19idWcuY2dpP2lkPTE1MTIKU2lnbmVkLW9mZi1ieTogTGFzemxvIEVyc2Vr IDxsZXJzZWtAcmVkaGF0LmNvbT4KUmV2aWV3ZWQtYnk6IEppZXdlbiBZYW8gPGppZXdlbi55YW9A aW50ZWwuY29tPgotLS0KCk5vdGVzOgogICAgdjI6CiAgICAtIHRyaW0gQ2MgbGlzdAogICAgLSBw aWNrIHVwIEppZXdlbidzIFItYiA8aHR0cHM6Ly9lZGsyLmdyb3Vwcy5pby9nL2RldmVsL21lc3Nh Z2UvNDgxNjY+CgogT3ZtZlBrZy9TbW1BY2Nlc3MvU21tQWNjZXNzMkR4ZS5pbmYgfCAgMSArCiBP dm1mUGtnL1NtbUFjY2Vzcy9TbW1BY2Nlc3NQZWkuaW5mICB8ICAxICsKIE92bWZQa2cvU21tQWNj ZXNzL1NtcmFtSW50ZXJuYWwuaCAgIHwgIDggKysrKysrKwogT3ZtZlBrZy9TbW1BY2Nlc3MvU21t QWNjZXNzMkR4ZS5jICAgfCAgNyArKysrKysKIE92bWZQa2cvU21tQWNjZXNzL1NtbUFjY2Vzc1Bl aS5jICAgIHwgIDYgKysrKysKIE92bWZQa2cvU21tQWNjZXNzL1NtcmFtSW50ZXJuYWwuYyAgIHwg MjUgKysrKysrKysrKysrKysrKysrKysKIDYgZmlsZXMgY2hhbmdlZCwgNDggaW5zZXJ0aW9ucygr KQoKZGlmZiAtLWdpdCBhL092bWZQa2cvU21tQWNjZXNzL1NtbUFjY2VzczJEeGUuaW5mIGIvT3Zt ZlBrZy9TbW1BY2Nlc3MvU21tQWNjZXNzMkR4ZS5pbmYKaW5kZXggN2NlZDZiNGU3ZmY0Li5kODYz ODFkMGZiZTIgMTAwNjQ0Ci0tLSBhL092bWZQa2cvU21tQWNjZXNzL1NtbUFjY2VzczJEeGUuaW5m CisrKyBiL092bWZQa2cvU21tQWNjZXNzL1NtbUFjY2VzczJEeGUuaW5mCkBAIC00OSw2ICs0OSw3 IEBAIFtGZWF0dXJlUGNkXQogICBnVWVmaU92bWZQa2dUb2tlblNwYWNlR3VpZC5QY2RTbW1TbXJh bVJlcXVpcmUNCiANCiBbUGNkXQ0KKyAgZ1VlZmlPdm1mUGtnVG9rZW5TcGFjZUd1aWQuUGNkUTM1 U21yYW1BdERlZmF1bHRTbWJhc2UNCiAgIGdVZWZpT3ZtZlBrZ1Rva2VuU3BhY2VHdWlkLlBjZFEz NVRzZWdNYnl0ZXMNCiANCiBbRGVwZXhdDQpkaWZmIC0tZ2l0IGEvT3ZtZlBrZy9TbW1BY2Nlc3Mv U21tQWNjZXNzUGVpLmluZiBiL092bWZQa2cvU21tQWNjZXNzL1NtbUFjY2Vzc1BlaS5pbmYKaW5k ZXggZDczYTAyOWNjNzkwLi4xNjk4YzRjZTZjOTIgMTAwNjQ0Ci0tLSBhL092bWZQa2cvU21tQWNj ZXNzL1NtbUFjY2Vzc1BlaS5pbmYKKysrIGIvT3ZtZlBrZy9TbW1BY2Nlc3MvU21tQWNjZXNzUGVp LmluZgpAQCAtNTQsNiArNTQsNyBAQCBbRmVhdHVyZVBjZF0KICAgZ1VlZmlPdm1mUGtnVG9rZW5T cGFjZUd1aWQuUGNkU21tU21yYW1SZXF1aXJlDQogDQogW1BjZF0NCisgIGdVZWZpT3ZtZlBrZ1Rv a2VuU3BhY2VHdWlkLlBjZFEzNVNtcmFtQXREZWZhdWx0U21iYXNlDQogICBnVWVmaU92bWZQa2dU b2tlblNwYWNlR3VpZC5QY2RRMzVUc2VnTWJ5dGVzDQogDQogW1BwaXNdDQpkaWZmIC0tZ2l0IGEv T3ZtZlBrZy9TbW1BY2Nlc3MvU21yYW1JbnRlcm5hbC5oIGIvT3ZtZlBrZy9TbW1BY2Nlc3MvU21y YW1JbnRlcm5hbC5oCmluZGV4IDc0ZDk2MmI0ZWNhZS4uYTRkODgyN2FkZmU0IDEwMDY0NAotLS0g YS9Pdm1mUGtnL1NtbUFjY2Vzcy9TbXJhbUludGVybmFsLmgKKysrIGIvT3ZtZlBrZy9TbW1BY2Nl c3MvU21yYW1JbnRlcm5hbC5oCkBAIC0zOCw2ICszOCwxNCBAQCBJbml0UTM1VHNlZ01ieXRlcyAo CiAgIFZPSUQNCiAgICk7DQogDQorLyoqDQorICBTYXZlIFBjZFEzNVNtcmFtQXREZWZhdWx0U21i YXNlIGludG8gbVEzNVNtcmFtQXREZWZhdWx0U21iYXNlLg0KKyoqLw0KK1ZPSUQNCitJbml0UTM1 U21yYW1BdERlZmF1bHRTbWJhc2UgKA0KKyAgVk9JRA0KKyAgKTsNCisNCiAvKioNCiAgIFJlYWQg dGhlIE1DSF9TTVJBTSBhbmQgRVNNUkFNQyByZWdpc3RlcnMsIGFuZCB1cGRhdGUgdGhlIExvY2tT dGF0ZSBhbmQNCiAgIE9wZW5TdGF0ZSBmaWVsZHMgaW4gdGhlIFBFSV9TTU1fQUNDRVNTX1BQSSAv IEVGSV9TTU1fQUNDRVNTMl9QUk9UT0NPTCBvYmplY3QsDQpkaWZmIC0tZ2l0IGEvT3ZtZlBrZy9T bW1BY2Nlc3MvU21tQWNjZXNzMkR4ZS5jIGIvT3ZtZlBrZy9TbW1BY2Nlc3MvU21tQWNjZXNzMkR4 ZS5jCmluZGV4IGUwOThmNmYxNWY3Ny4uMzY5MWE2Y2QxZjEwIDEwMDY0NAotLS0gYS9Pdm1mUGtn L1NtbUFjY2Vzcy9TbW1BY2Nlc3MyRHhlLmMKKysrIGIvT3ZtZlBrZy9TbW1BY2Nlc3MvU21tQWNj ZXNzMkR4ZS5jCkBAIC0xNDUsNiArMTQ1LDEzIEBAIFNtbUFjY2VzczJEeGVFbnRyeVBvaW50ICgK IA0KICAgSW5pdFEzNVRzZWdNYnl0ZXMgKCk7DQogICBHZXRTdGF0ZXMgKCZtQWNjZXNzMi5Mb2Nr U3RhdGUsICZtQWNjZXNzMi5PcGVuU3RhdGUpOw0KKw0KKyAgLy8NCisgIC8vIFNtcmFtQWNjZXNz TG9jaygpIGRlcGVuZHMgb24gIm1RMzVTbXJhbUF0RGVmYXVsdFNtYmFzZSI7IGluaXQgdGhlIGxh dHRlcg0KKyAgLy8ganVzdCBiZWZvcmUgZXhwb3NpbmcgdGhlIGZvcm1lciB2aWEgRUZJX1NNTV9B Q0NFU1MyX1BST1RPQ09MLkxvY2soKS4NCisgIC8vDQorICBJbml0UTM1U21yYW1BdERlZmF1bHRT bWJhc2UgKCk7DQorDQogICByZXR1cm4gZ0JTLT5JbnN0YWxsTXVsdGlwbGVQcm90b2NvbEludGVy ZmFjZXMgKCZJbWFnZUhhbmRsZSwNCiAgICAgICAgICAgICAgICAgJmdFZmlTbW1BY2Nlc3MyUHJv dG9jb2xHdWlkLCAmbUFjY2VzczIsDQogICAgICAgICAgICAgICAgIE5VTEwpOw0KZGlmZiAtLWdp dCBhL092bWZQa2cvU21tQWNjZXNzL1NtbUFjY2Vzc1BlaS5jIGIvT3ZtZlBrZy9TbW1BY2Nlc3Mv U21tQWNjZXNzUGVpLmMKaW5kZXggZDY3ODUwNjUxYzU4Li5jOGJiYzE3ZTkwN2EgMTAwNjQ0Ci0t LSBhL092bWZQa2cvU21tQWNjZXNzL1NtbUFjY2Vzc1BlaS5jCisrKyBiL092bWZQa2cvU21tQWNj ZXNzL1NtbUFjY2Vzc1BlaS5jCkBAIC0zNzIsNiArMzcyLDEyIEBAIFNtbUFjY2Vzc1BlaUVudHJ5 UG9pbnQgKAogICBDb3B5TWVtIChHdWlkSG9iLCAmU21yYW1NYXBbRGVzY0lkeFNtbVMzUmVzdW1l U3RhdGVdLA0KICAgICBzaXplb2YgU21yYW1NYXBbRGVzY0lkeFNtbVMzUmVzdW1lU3RhdGVdKTsN CiANCisgIC8vDQorICAvLyBTbXJhbUFjY2Vzc0xvY2soKSBkZXBlbmRzIG9uICJtUTM1U21yYW1B dERlZmF1bHRTbWJhc2UiOyBpbml0IHRoZSBsYXR0ZXINCisgIC8vIGp1c3QgYmVmb3JlIGV4cG9z aW5nIHRoZSBmb3JtZXIgdmlhIFBFSV9TTU1fQUNDRVNTX1BQSS5Mb2NrKCkuDQorICAvLw0KKyAg SW5pdFEzNVNtcmFtQXREZWZhdWx0U21iYXNlICgpOw0KKw0KICAgLy8NCiAgIC8vIFdlJ3JlIGRv bmUuIFRoZSBuZXh0IHN0ZXAgc2hvdWxkIHN1Y2NlZWQsIGJ1dCBldmVuIGlmIGl0IGZhaWxzLCB3 ZSBjYW4ndA0KICAgLy8gcm9sbCBiYWNrIHRoZSBhYm92ZSBCdWlsZEd1aWRIb2IoKSBhbGxvY2F0 aW9uLCBiZWNhdXNlIFBFSSBkb2Vzbid0IHN1cHBvcnQNCmRpZmYgLS1naXQgYS9Pdm1mUGtnL1Nt bUFjY2Vzcy9TbXJhbUludGVybmFsLmMgYi9Pdm1mUGtnL1NtbUFjY2Vzcy9TbXJhbUludGVybmFs LmMKaW5kZXggMDk2NTdkMGY5YjBmLi4wYjA3ZGM2NjdiM2YgMTAwNjQ0Ci0tLSBhL092bWZQa2cv U21tQWNjZXNzL1NtcmFtSW50ZXJuYWwuYworKysgYi9Pdm1mUGtnL1NtbUFjY2Vzcy9TbXJhbUlu dGVybmFsLmMKQEAgLTIxLDYgKzIxLDEyIEBACiAvLw0KIFVJTlQxNiBtUTM1VHNlZ01ieXRlczsN CiANCisvLw0KKy8vIFRoZSB2YWx1ZSBvZiBQY2RRMzVTbXJhbUF0RGVmYXVsdFNtYmFzZSBpcyBz YXZlZCBpbnRvIHRoaXMgdmFyaWFibGUgYXQNCisvLyBtb2R1bGUgc3RhcnR1cC4NCisvLw0KK1NU QVRJQyBCT09MRUFOIG1RMzVTbXJhbUF0RGVmYXVsdFNtYmFzZTsNCisNCiAvKioNCiAgIFNhdmUg UGNkUTM1VHNlZ01ieXRlcyBpbnRvIG1RMzVUc2VnTWJ5dGVzLg0KICoqLw0KQEAgLTMyLDYgKzM4 LDE3IEBAIEluaXRRMzVUc2VnTWJ5dGVzICgKICAgbVEzNVRzZWdNYnl0ZXMgPSBQY2RHZXQxNiAo UGNkUTM1VHNlZ01ieXRlcyk7DQogfQ0KIA0KKy8qKg0KKyAgU2F2ZSBQY2RRMzVTbXJhbUF0RGVm YXVsdFNtYmFzZSBpbnRvIG1RMzVTbXJhbUF0RGVmYXVsdFNtYmFzZS4NCisqKi8NCitWT0lEDQor SW5pdFEzNVNtcmFtQXREZWZhdWx0U21iYXNlICgNCisgIFZPSUQNCisgICkNCit7DQorICBtUTM1 U21yYW1BdERlZmF1bHRTbWJhc2UgPSBQY2RHZXRCb29sIChQY2RRMzVTbXJhbUF0RGVmYXVsdFNt YmFzZSk7DQorfQ0KKw0KIC8qKg0KICAgUmVhZCB0aGUgTUNIX1NNUkFNIGFuZCBFU01SQU1DIHJl Z2lzdGVycywgYW5kIHVwZGF0ZSB0aGUgTG9ja1N0YXRlIGFuZA0KICAgT3BlblN0YXRlIGZpZWxk cyBpbiB0aGUgUEVJX1NNTV9BQ0NFU1NfUFBJIC8gRUZJX1NNTV9BQ0NFU1MyX1BST1RPQ09MIG9i amVjdCwNCkBAIC0xMjUsNiArMTQyLDE0IEBAIFNtcmFtQWNjZXNzTG9jayAoCiAgIFBjaU9yOCAo RFJBTUNfUkVHSVNURVJfUTM1IChNQ0hfRVNNUkFNQyksIE1DSF9FU01SQU1DX1RfRU4pOw0KICAg UGNpT3I4IChEUkFNQ19SRUdJU1RFUl9RMzUgKE1DSF9TTVJBTSksICAgTUNIX1NNUkFNX0RfTENL KTsNCiANCisgIC8vDQorICAvLyBDbG9zZSAmIGxvY2sgdGhlIFNNUkFNIGF0IHRoZSBkZWZhdWx0 IFNNQkFTRSwgaWYgaXQgZXhpc3RzLg0KKyAgLy8NCisgIGlmIChtUTM1U21yYW1BdERlZmF1bHRT bWJhc2UpIHsNCisgICAgUGNpV3JpdGU4IChEUkFNQ19SRUdJU1RFUl9RMzUgKE1DSF9ERUZBVUxU X1NNQkFTRV9DVEwpLA0KKyAgICAgIE1DSF9ERUZBVUxUX1NNQkFTRV9MQ0spOw0KKyAgfQ0KKw0K ICAgR2V0U3RhdGVzIChMb2NrU3RhdGUsIE9wZW5TdGF0ZSk7DQogICBpZiAoKk9wZW5TdGF0ZSB8 fCAhKkxvY2tTdGF0ZSkgew0KICAgICByZXR1cm4gRUZJX0RFVklDRV9FUlJPUjsNCi0tIAoyLjE5 LjEuMy5nMzAyNDdhYTVkMjAxCgoK