Hi Mike, We found that this API needs to be inserted within file: MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
which is in module: MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf This module (INF file) is consumed by the AARCH64/ARM architectures as well. That is the reason I do not make this API as IA32/X64 specific. Best Regards, Hao Wu > -----Original Message----- > From: edk2-devel [mailto:[email protected]] On Behalf Of > Kinney, Michael D > Sent: Thursday, September 20, 2018 9:59 PM > To: Wu, Hao A; [email protected]; Kinney, Michael D > Cc: Dong, Eric; Gao, Liming; Yao, Jiewen; Laszlo Ersek; Zeng, Star > Subject: Re: [edk2] [PATCH v1 0/5] [CVE-2017-5753] Bounds Check Bypass issue > in SMI handlers > > Hao Wu, > > I see that implementations of this API are only > provided for IA32 and X64. Should this be an IA32/X64 > specific API in BaseLib? Also, since the API is providing > a C callable function to execute a specific IA32/X64 > instruction, should the API be prefixed with Asm to > match the convention of other APIs in BaseLib? > > Thanks, > > Mike > > > -----Original Message----- > > From: Wu, Hao A > > Sent: Wednesday, September 19, 2018 11:41 PM > > To: [email protected] > > Cc: Wu, Hao A <[email protected]>; Ard Biesheuvel > > <[email protected]>; Laszlo Ersek > > <[email protected]>; Yao, Jiewen > > <[email protected]>; Kinney, Michael D > > <[email protected]>; Gao, Liming > > <[email protected]>; Zeng, Star > > <[email protected]>; Dong, Eric <[email protected]> > > Subject: [PATCH v1 0/5] [CVE-2017-5753] Bounds Check > > Bypass issue in SMI handlers > > > > The series aims to mitigate the Bounds Check Bypass > > (CVE-2017-5753) issues > > within SMI handlers. > > > > A more detailed explanation of the purpose of the > > series is under the > > 'Bounds check bypass mitigation' section of the below > > link: > > https://software.intel.com/security-software- > > guidance/insights/host-firmware-speculative-execution- > > side-channel-mitigation > > > > And the document at: > > https://software.intel.com/security-software- > > guidance/api-app/sites/default/files/337879-analyzing- > > potential-bounds-Check-bypass-vulnerabilities.pdf > > > > Cc: Ard Biesheuvel <[email protected]> > > Cc: Laszlo Ersek <[email protected]> > > Cc: Jiewen Yao <[email protected]> > > Cc: Michael D Kinney <[email protected]> > > Cc: Liming Gao <[email protected]> > > Cc: Star Zeng <[email protected]> > > Cc: Eric Dong <[email protected]> > > > > Hao Wu (5): > > MdePkg/BaseLib: Add new LoadFence API > > MdeModulePkg/FaultTolerantWrite:[CVE-2017-5753]Fix > > bounds check bypass > > MdeModulePkg/SmmLockBox: [CVE-2017-5753] Fix bounds > > check bypass > > MdeModulePkg/Variable: [CVE-2017-5753] Fix bounds > > check bypass > > UefiCpuPkg/PiSmmCpuDxeSmm: [CVE-2017-5753] Fix bounds > > check bypass > > > > > > MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultToler > > antWriteSmm.c | 2 ++ > > > > MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultToler > > antWriteSmm.inf | 1 + > > MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c > > | 2 ++ > > MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c > > | 1 + > > > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm. > > c | 3 ++ > > MdePkg/Include/Library/BaseLib.h > > | 12 +++++++ > > MdePkg/Library/BaseLib/Arm/LoadFence.c > > | 26 ++++++++++++++ > > MdePkg/Library/BaseLib/BaseLib.inf > > | 4 +++ > > MdePkg/Library/BaseLib/Ebc/CpuBreakpoint.c > > | 15 +++++++- > > MdePkg/Library/BaseLib/Ia32/LoadFence.nasm > > | 37 +++++++++++++++++++ > > MdePkg/Library/BaseLib/X64/LoadFence.nasm > > | 38 ++++++++++++++++++++ > > UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c > > | 1 + > > 12 files changed, 141 insertions(+), 1 deletion(-) > > create mode 100644 > > MdePkg/Library/BaseLib/Arm/LoadFence.c > > create mode 100644 > > MdePkg/Library/BaseLib/Ia32/LoadFence.nasm > > create mode 100644 > > MdePkg/Library/BaseLib/X64/LoadFence.nasm > > > > -- > > 2.12.0.windows.1 > > _______________________________________________ > edk2-devel mailing list > [email protected] > https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
