[edk2] [PATCH v1 0/5] [CVE-2017-5753] Bounds Check Bypass issue in SMI handlers

Wed, 19 Sep 2018 23:41:19 -0700 

The series aims to mitigate the Bounds Check Bypass (CVE-2017-5753) issues
within SMI handlers.

A more detailed explanation of the purpose of the series is under the
'Bounds check bypass mitigation' section of the below link:
https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation

And the document at:
https://software.intel.com/security-software-guidance/api-app/sites/default/files/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf

Cc: Ard Biesheuvel <[email protected]>
Cc: Laszlo Ersek <[email protected]>
Cc: Jiewen Yao <[email protected]>
Cc: Michael D Kinney <[email protected]>
Cc: Liming Gao <[email protected]>
Cc: Star Zeng <[email protected]>
Cc: Eric Dong <[email protected]>

Hao Wu (5):
  MdePkg/BaseLib: Add new LoadFence API
  MdeModulePkg/FaultTolerantWrite:[CVE-2017-5753]Fix bounds check bypass
  MdeModulePkg/SmmLockBox: [CVE-2017-5753] Fix bounds check bypass
  MdeModulePkg/Variable: [CVE-2017-5753] Fix bounds check bypass
  UefiCpuPkg/PiSmmCpuDxeSmm: [CVE-2017-5753] Fix bounds check bypass

 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c   |  2 ++
 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf |  1 +
 MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c                 |  2 ++
 MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c                  |  1 +
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c               |  3 ++
 MdePkg/Include/Library/BaseLib.h                                       | 12 
+++++++
 MdePkg/Library/BaseLib/Arm/LoadFence.c                                 | 26 
++++++++++++++
 MdePkg/Library/BaseLib/BaseLib.inf                                     |  4 +++
 MdePkg/Library/BaseLib/Ebc/CpuBreakpoint.c                             | 15 
+++++++-
 MdePkg/Library/BaseLib/Ia32/LoadFence.nasm                             | 37 
+++++++++++++++++++
 MdePkg/Library/BaseLib/X64/LoadFence.nasm                              | 38 
++++++++++++++++++++
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c                             |  1 +
 12 files changed, 141 insertions(+), 1 deletion(-)
 create mode 100644 MdePkg/Library/BaseLib/Arm/LoadFence.c
 create mode 100644 MdePkg/Library/BaseLib/Ia32/LoadFence.nasm
 create mode 100644 MdePkg/Library/BaseLib/X64/LoadFence.nasm

-- 
2.12.0.windows.1

_______________________________________________
edk2-devel mailing list
[email protected]
https://lists.01.org/mailman/listinfo/edk2-devel

Reply via email to