;
devel@edk2.groups.io; Johnson, Michael ; Kubacki,
Michael A
Subject: RE: [edk2-devel] [edk2-rfc] [edk2-devel] UEFI Variable SMI Reduction
Nate
I believe this SMI reduction work only handle GetVariable.
VarCheckLib only handles SetVariable.
VarCheckLib does not handle GetVaraible.
Thank you
Yao
, Michael ; Kubacki,
Michael A
Subject: RE: [edk2-devel] [edk2-rfc] [edk2-devel] UEFI Variable SMI Reduction
Nate
I believe this SMI reduction work only handle GetVariable.
VarCheckLib only handles SetVariable.
VarCheckLib does not handle GetVaraible.
Thank you
Yao Jiewen
From: Desimone
; Kubacki, Michael A
Subject: RE: [edk2-devel] [edk2-rfc] [edk2-devel] UEFI Variable SMI Reduction
Hi All,
There is a security issue with regard to the way VarCheckLib works. There are
plenty of usages of VarCheckLib that are intended to prevent ring0 from reading
a variable after ReadyToBoot
, Michael ;
Kubacki, Michael A
Subject: Re: [edk2-devel] [edk2-rfc] [edk2-devel] UEFI Variable SMI Reduction
Hey, from security perspective, I am not clear what is difference on below 2
scenario – TPM or read-modify-write.
Whenever we return some data from SMM, we are in ring0, any program in ring0
buffer.
Thank you
Yao Jiewen
From: devel@edk2.groups.io On Behalf Of Johnson, Michael
Sent: Saturday, September 7, 2019 5:52 AM
To: Kubacki, Michael A ; devel@edk2.groups.io
Subject: Re: [edk2-devel] [edk2-rfc] [edk2-devel] UEFI Variable SMI Reduction
Yes - both things I bring up are just
: Johnson, Michael ; devel@edk2.groups.io
Subject: RE: [edk2-devel] [edk2-rfc] [edk2-devel] UEFI Variable SMI Reduction
My understanding is both of your points return to the issue of a ring 0 entity
potentially modifying the runtime cache. As the SetVariable ( ) API is already
accessible to ring 0
secure boot related keys.
From: Johnson, Michael
Sent: Thursday, September 5, 2019 1:59 PM
To: Kubacki; Kubacki, Michael A ;
devel@edk2.groups.io
Subject: Re: [edk2-devel] [edk2-rfc] [edk2-devel] UEFI Variable SMI Reduction
Your primary concern is my primary concern. I can think of two scenarios
Your primary concern is my primary concern. I can think of two scenarios where
a runtime memory varstore would hurt.
The less severe one is that any variables measured into a TPM could appear to
be modified when read back so that if/when some entity wants to verify or
unseal something, they wo