Hi Cameron, Thanks for the reply.
My requirement is to publish a protocol with same guid in both DXE and SMM. Does EDKII support this kind of mechanism ? If not, it's a limitation to EDKII. Thanks, Naresh -----Original Message----- From: edk2-devel-requ...@lists.sourceforge.net [mailto:edk2-devel-requ...@lists.sourceforge.net] Sent: Tuesday, July 17, 2012 3:31 PM To: edk2-devel@lists.sourceforge.net Subject: edk2-devel Digest, Vol 31, Issue 41 Send edk2-devel mailing list submissions to edk2-devel@lists.sourceforge.net To subscribe or unsubscribe via the World Wide Web, visit https://lists.sourceforge.net/lists/listinfo/edk2-devel or, via email, send a message with subject or body 'help' to edk2-devel-requ...@lists.sourceforge.net You can reach the person managing the list at edk2-devel-ow...@lists.sourceforge.net When replying, please edit your Subject line so it is more specific than "Re: Contents of edk2-devel digest..." Today's Topics: 1. Re: [PATCH] NX/ASLR/GS/RTCs Security Features (Yao, Jiewen) 2. How to close a popup created using CreatePopup() (jabir) 3. Edk2 FAQ - INF SMM dependency (Naresh Kollu.) 4. Re: How to close a popup created using CreatePopup() (Gao, Liming) 5. Re: Edk2 FAQ - INF SMM dependency (Cameron Esfahani) ---------------------------------------------------------------------- Message: 1 Date: Tue, 17 Jul 2012 08:21:11 +0000 From: "Yao, Jiewen" <jiewen....@intel.com> Subject: Re: [edk2] [PATCH] NX/ASLR/GS/RTCs Security Features To: "edk2-devel@lists.sourceforge.net" <edk2-devel@lists.sourceforge.net> Message-ID: <74d8a39837df1e4da445a8c0b3885c500f9...@shsmsx101.ccr.corp.intel.com> Content-Type: text/plain; charset="us-ascii" Thanks Eugene. Yes, I thought I have reviewed your separated patch. Maybe I miss GS/RTCs one for GCC. I am not worried too much on stack check, because we can have a standalone compiler lib to handle that. No much core impact. While NX and ASLR do impact MdeModulePkg/Core part and need code change to support, I think we need review that part more carefully. :-) Thank you Yao Jiewen "The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter." -----Original Message----- From: Eugene Khoruzhenko [mailto:eugene_khoruzhe...@phoenix.com] Sent: Tuesday, July 17, 2012 3:59 PM To: edk2-devel@lists.sourceforge.net Subject: Re: [edk2] [PATCH] NX/ASLR/GS/RTCs Security Features Hi Yao, Sorry for the late response - my team and I are at UEFI Plugfest in Redmond this week. Thanks for reviewing our patches, we will start addressing your comments right after the event. Yes, the original big patch was split into several smaller ones per feature and per affected package, and also applied feedback received from community so far. I sent 4 small patches and we have the GS/RTC patch almost ready to submit, so you can disregard the original big patch. Our new GS/RTC patch currently supports MSVC and GCC. We (or others) can iteratively add the other compilers, e.g. we were looking to add RVCT next, but I think we need to establish some baseline, so adding compilers is easy. Regards ek -----Original Message----- From: Yao, Jiewen [mailto:jiewen....@intel.com] Sent: Saturday, July 14, 2012 4:48 PM To: edk2-devel@lists.sourceforge.net Subject: Re: [edk2] [PATCH] NX/ASLR/GS/RTCs Security Features Hi Eugene Thanks a lot for your patch. It seems big feature, so it takes me some time to review. I have read all you patch you sent separately later. Below is some of my personal comment: (Combine them together) 1) GS/RTC This feature is compiler specific one. E.g. GCC/ICC has another compile option -fstack-protector, and we need provide stub for __stack_chk_guard, __stack_chk_fail(). So basically, I suggest we create a standalone Pkg, or at least standalone Library, like CompilerStackCheckLib, with NULL library class. Do we have official document on implementation for each compiler? 2.1) ASLR - RandomLib It seems we need a RandomLib. So the best way I think, is to create another RandomLib library class. So we can have openssl instance, ISAAC instance, or any other. I do not suggest to modify and update BaseLib. Per definition BaseLib provides string functions, linked list functions, math functions, synchronization, functions, and CPU architecture-specific functions, while RandomLib is cryptography related. People may want to use his/her own crypto library. I attach a RandomLib.h file for review. 2.2) ASLR - Randomization in core. In the patch, I found it randomized the PE image loading. While I thought it might be better if we also randomize the data, such as page table, IDT entry. So my suggest is that we also update AllocatePages() implementation to allocate more random pages, and free used ones later. BTW: A quick question: have you validated S4 resume for your patch? I am not sure if we are OK to randomize the runtime service code or runtime service data for OS S4 resume? 3.1) NX - PageTableLib That is probably the most difficult part. Your patch seems a good start. I hope to create page table lib for multiple purpose and usage, for example, code can use page table lib to create identitymapping page table (needed by ACPI, S3, DxeIpl, SMM), code can use page table lib to set/clear P/RW/NX memory, or cache attribute (needed by NX feature later by CPU driver, and SMM driver), code can use page table lib to manage add/remove page (needed by SMM driver) Based on those, I draft a new PageTableLib.h attached for review. 3.2) NX - Set NX in core Basically, I think core does not need page table information or link page table lib, because it can use CPU protocol to SetMemoryAttribute(). Currently DXE has CPU_ARCH protocol, I created one for SMM. (consumed by SMM_CORE, and produced by SMM_CPU driver). I am not sure if we need set NX at PEI phase. Probably not, because it should be all OEM code. If we do need one, we can create another one for PEI to let PEI_CORE consume, and PEI_CPU produce. Yes, there is gap between Core initialization and CPU protocol ready, but I think the gap is small. Core can register a notify to set all protection when CPU protocol ready later. Thank you Yao Jiewen "The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter." -----Original Message----- From: Eugene Khoruzhenko [mailto:eugene_khoruzhe...@phoenix.com] Sent: Thursday, May 17, 2012 10:35 AM To: edk2-devel@lists.sourceforge.net Subject: [edk2] [PATCH] NX/ASLR/GS/RTCs Security Features Dear EDK2 MdeModulePkg maintainer and community, Please find the attached patch for the NX/ASLR/GS/RTCs features. Adding these features provides blanket security protection for latent vulnerabilities. The NX feature uses page tables and DXE memory management to mark pages containing data (or that do not contain code) as No Execute, causing a page fault if there is any attempt to execute code from those pages. This is to prevent code that exploits buffer overruns from including the code to be executed directly in the buffer overrun; for example, NX prevents code on the stack from being executed. This feature is implemented as a pair of libraries under MdePkg, one of which is BasePageTableLib stub library, and the other is a full implementation of the page table library for IA32E - BasePageTableLibIA32E. Integration involves changes to DxeCore and DxeIplPeim, as well as a bunch of changes to platform and silicon code to enable NXP in AP processors and SMM (not explicitly included with this patch). The ASLR feature causes PE images that are loaded to RAM to be loaded at randomized addresses. The intent is to prevent code that exploits stack buffer overruns from being able to use return oriented code from exploiting code loaded at known or fixed locations. This feature is implemented as a library that provides a randomization function called BaseBinSecurityLib. Integration involves changes to PeiCore, DxeIplPeim, DxeCore and SmmCore. GS and RTCs are to support VS2010 build with /GS and /RTCs switches enabled. Note that the /GS switch is only secure when ASLR is enabled, as we leverage ASLR's randomizing of the address of loaded code to automatically initialize the security cookie. Rather than setting the security cookie randomly in the program entrypoint code, we let PE loader set the security cookie value to the address of an arbitrarily selected function within BaseBinSecurityLib, and that address is random as a side effect of ASLR. This way, we don't have to link the full randomization code into every single driver or application. Regards, Eugene Khoruzhenko Principal Software Architect Phoenix Technologies Ltd. (425) 443-3883 ------------------------------------------------------------------------ ------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel ------------------------------ Message: 2 Date: Tue, 17 Jul 2012 14:01:28 +0530 From: jabir <jab...@gmail.com> Subject: [edk2] How to close a popup created using CreatePopup() To: edk2-devel@lists.sourceforge.net Message-ID: <CAPJUX+p=2c_zwln4gddd_3ms-9eq915jo+vzt9sb6k6hkwo...@mail.gmail.com> Content-Type: text/plain; charset="iso-8859-1" Hi, I am using the function CreatePopup() defined in MdePkg\Library\UefiLib\Console.c to create popup. Two or more Popup overlaps if CreatePopup() is called in a sequence. I want the screen back to normal i.e the screen should not have any popups after returning from CreatePopup(). Is there any way to achieve this ? anything similar to ClearPopup() ? Please help. -- Jabir -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ Message: 3 Date: Tue, 17 Jul 2012 14:33:04 +0530 From: "Naresh Kollu." <nare...@amiindia.co.in> Subject: [edk2] Edk2 FAQ - INF SMM dependency To: <edk2-devel@lists.sourceforge.net> Message-ID: <13688c12f44c7c428726663f950ca2530620a...@venus.in.megatrends.com> Content-Type: text/plain; charset="us-ascii" Hi, If same protocol guid is installed in both DXE(using pbs->InstallProtocol()) and SMM(using Smst->InstallProtocol()), when we try to add the same guid dependency in other SMM driver, the dependency is evaluated with DXE instance not SMM instance. Because of this, the dependent SMM driver is getting dispatched before the SMM driver which produces the the protocol GUID. Is there any other way by which we can refer to SMM instance for the same GUID ? I think this should be supported by EDKII INF component but do not know exactly how to use this. If EDKII INF supports, can you please give an example ? Please give your suggestions on it. Thanks, Naresh -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ Message: 4 Date: Tue, 17 Jul 2012 09:34:07 +0000 From: "Gao, Liming" <liming....@intel.com> Subject: Re: [edk2] How to close a popup created using CreatePopup() To: "edk2-devel@lists.sourceforge.net" <edk2-devel@lists.sourceforge.net> Message-ID: <4a89e2ef3dfedb4c8bfde51014f606a10fdd0...@shsmsx102.ccr.corp.intel.com> Content-Type: text/plain; charset="us-ascii" Hi, gST->ConOut->ClearScreen (gST->ConOut) can be used to clear the whole screen. Thanks Liming From: jabir [mailto:jab...@gmail.com] Sent: Tuesday, July 17, 2012 4:31 PM To: edk2-devel@lists.sourceforge.net Subject: [edk2] How to close a popup created using CreatePopup() Hi, I am using the function CreatePopup() defined in MdePkg\Library\UefiLib\Console.c to create popup. Two or more Popup overlaps if CreatePopup() is called in a sequence. I want the screen back to normal i.e the screen should not have any popups after returning from CreatePopup(). Is there any way to achieve this ? anything similar to ClearPopup() ? Please help. -- Jabir -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ Message: 5 Date: Tue, 17 Jul 2012 03:00:38 -0700 From: Cameron Esfahani <di...@apple.com> Subject: Re: [edk2] Edk2 FAQ - INF SMM dependency To: "edk2-devel@lists.sourceforge.net" <edk2-devel@lists.sourceforge.net> Message-ID: <bc4246b4-1e60-423e-a121-7ba4ab3d6...@apple.com> Content-Type: text/plain; charset="us-ascii" Use different GUIDS for SMM and DXE. Since they are, in fact, different protocols di...@apple.com On Jul 17, 2012, at 2:03, "Naresh Kollu." <nare...@amiindia.co.in> wrote: > Hi, > > If same protocol guid is installed in both DXE(using pbs->InstallProtocol()) and SMM(using Smst->InstallProtocol()), when we try to add the same guid dependency in other SMM driver, the dependency is evaluated with DXE instance not SMM instance. Because of this, the dependent SMM driver is getting dispatched before the SMM driver which produces the the protocol GUID. > > Is there any other way by which we can refer to SMM instance for the same GUID ? > > I think this should be supported by EDKII INF component but do not know exactly how to use this. If EDKII INF supports, can you please give an example ? > > Please give your suggestions on it. > > Thanks, > Naresh > > ---------------------------------------------------------------------- > -------- > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. > Discussions will include endpoint security, mobile security and the > latest in malware threats. > http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/edk2-devel -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ ------------------------------------------------------------------------ ------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ------------------------------ _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel End of edk2-devel Digest, Vol 31, Issue 41 ****************************************** ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
