Reviewed-by: [email protected] > -----Original Message----- > From: Wu, Hao A > Sent: Tuesday, September 25, 2018 2:13 PM > To: [email protected] > Cc: Wu, Hao A <[email protected]>; Ard Biesheuvel > <[email protected]>; Leif Lindholm <[email protected]>; > Laszlo Ersek <[email protected]>; Yao, Jiewen <[email protected]>; > Kinney, Michael D <[email protected]>; Gao, Liming > <[email protected]>; Zeng, Star <[email protected]>; Dong, Eric > <[email protected]> > Subject: [PATCH v2 0/5] [CVE-2017-5753] Bounds Check Bypass issue in SMI > handlers > > V2 changes: > A. Rename the newly introduced BaseLib API to 'AsmLfence', and makes it > IA32/X64 specific. > > B. Add brief comments before calls of the AsmLfence() to state the > purpose. > > C. Refine the patch for Variable/RuntimeDxe driver and make the change > focus on the SMM code. > > V1 history: > The series aims to mitigate the Bounds Check Bypass (CVE-2017-5753) issues > within SMI handlers. > > A more detailed explanation of the purpose of the series is under the > 'Bounds check bypass mitigation' section of the below link: > https://software.intel.com/security-software-guidance/insights/host-firmw > are-speculative-execution-side-channel-mitigation > > And the document at: > https://software.intel.com/security-software-guidance/api-app/sites/defaul > t/files/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf > > Cc: Ard Biesheuvel <[email protected]> > Cc: Leif Lindholm <[email protected]> > Cc: Laszlo Ersek <[email protected]> > Cc: Jiewen Yao <[email protected]> > Cc: Michael D Kinney <[email protected]> > Cc: Liming Gao <[email protected]> > Cc: Star Zeng <[email protected]> > Cc: Eric Dong <[email protected]> > > Hao Wu (5): > MdePkg/BaseLib: Add new AsmLfence API > MdeModulePkg/FaultTolerantWrite:[CVE-2017-5753]Fix bounds check > bypass > MdeModulePkg/SmmLockBox: [CVE-2017-5753] Fix bounds check bypass > MdeModulePkg/Variable: [CVE-2017-5753] Fix bounds check bypass > UefiCpuPkg/PiSmmCpuDxeSmm: [CVE-2017-5753] Fix bounds check > bypass > > > MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c > | 7 ++++ > > MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.in > f | 1 + > MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c > | 10 ++++++ > MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c > | 31 ++++++++++++++++ > MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c > | 30 ++++++++++++++++ > MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h > | 13 ++++++- > MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c > | 6 ++++ > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf > | 1 + > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c > | 18 ++++++++++ > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf > | 1 + > MdePkg/Include/Library/BaseLib.h > | 13 +++++++ > MdePkg/Library/BaseLib/BaseLib.inf > | 2 ++ > MdePkg/Library/BaseLib/Ia32/Lfence.nasm > | 37 +++++++++++++++++++ > MdePkg/Library/BaseLib/X64/Lfence.nasm > | 38 ++++++++++++++++++++ > UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c > | 5 +++ > 15 files changed, 212 insertions(+), 1 deletion(-) > create mode 100644 > MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c > create mode 100644 > MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c > create mode 100644 MdePkg/Library/BaseLib/Ia32/Lfence.nasm > create mode 100644 MdePkg/Library/BaseLib/X64/Lfence.nasm > > -- > 2.12.0.windows.1
_______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
