Now that we are getting more serious about implementing secure boot
on ARM systems, by putting the code that manipulated the variable
store in a secure partition, it makes sense to give some attention
to the non-secure side as well, since having secure authenticated
variables is moot if we can just nop out the authentication check
in the image loader.

Patch #1 fixes an issue in ArmMmuLib that is triggered when HeapGuard
is enabled.

Patch #2 optimizes TLB management so that we don't flush all of it
every time. This is a performance optimization as well as a hardening
measure, since it makes it more difficult to trigger a flush of all
TLBs, which is needed when abusing a write exploit to change memory
permissions.

Patch #3 is a prerequisite for enabling StackGuard and HeapGuard, which
make use of the EFI_MEMORY_RP attribute and this wasn't wired up yet.

Patch #4 adds support to ArmMmuLib to remap all page tables read-only,
so that they are no longer vulnerable to rogue writes.

Patch #5 enables the feature added in #4 at EndOfDxe.

Ard Biesheuvel (5):
  ArmPkg/ArmMmuLib AARCH64: fix out of bounds access
  ArmPkg/ArmMmuLib AARCH64: get rid of needless TLB invalidation
  ArmPkg/ArmMmuLib AARCH64: implement support for EFI_MEMORY_RP
    permissions
  ArmPkg/ArmMmuLib AARCH64: add support for read-only page tables
  ArmPkg/CpuDxe: switch to read-only page tables at EndOfDxe

 ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c                      |   5 +-
 ArmPkg/Drivers/CpuDxe/CpuDxe.c                           |  23 +++
 ArmPkg/Drivers/CpuDxe/CpuDxe.inf                         |   1 +
 ArmPkg/Include/Library/ArmMmuLib.h                       |   9 +-
 ArmPkg/Library/ArmLib/AArch64/ArmLibSupport.S            |   6 +-
 ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c         | 149 
+++++++++++++++++---
 ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S |  14 +-
 ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c             |   8 ++
 8 files changed, 181 insertions(+), 34 deletions(-)

-- 
2.20.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Reply via email to