Reviewed-by: jiewen....@intel.com > -----Original Message----- > From: Wu, Hao A > Sent: Tuesday, September 25, 2018 2:13 PM > To: edk2-devel@lists.01.org > Cc: Wu, Hao A <hao.a...@intel.com>; Ard Biesheuvel > <ard.biesheu...@linaro.org>; Leif Lindholm <leif.lindh...@linaro.org>; > Laszlo Ersek <ler...@redhat.com>; Yao, Jiewen <jiewen....@intel.com>; > Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming > <liming....@intel.com>; Zeng, Star <star.z...@intel.com>; Dong, Eric > <eric.d...@intel.com> > Subject: [PATCH v2 0/5] [CVE-2017-5753] Bounds Check Bypass issue in SMI > handlers > > V2 changes: > A. Rename the newly introduced BaseLib API to 'AsmLfence', and makes it > IA32/X64 specific. > > B. Add brief comments before calls of the AsmLfence() to state the > purpose. > > C. Refine the patch for Variable/RuntimeDxe driver and make the change > focus on the SMM code. > > V1 history: > The series aims to mitigate the Bounds Check Bypass (CVE-2017-5753) issues > within SMI handlers. > > A more detailed explanation of the purpose of the series is under the > 'Bounds check bypass mitigation' section of the below link: > https://software.intel.com/security-software-guidance/insights/host-firmw > are-speculative-execution-side-channel-mitigation > > And the document at: > https://software.intel.com/security-software-guidance/api-app/sites/defaul > t/files/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf > > Cc: Ard Biesheuvel <ard.biesheu...@linaro.org> > Cc: Leif Lindholm <leif.lindh...@linaro.org> > Cc: Laszlo Ersek <ler...@redhat.com> > Cc: Jiewen Yao <jiewen....@intel.com> > Cc: Michael D Kinney <michael.d.kin...@intel.com> > Cc: Liming Gao <liming....@intel.com> > Cc: Star Zeng <star.z...@intel.com> > Cc: Eric Dong <eric.d...@intel.com> > > Hao Wu (5): > MdePkg/BaseLib: Add new AsmLfence API > MdeModulePkg/FaultTolerantWrite:[CVE-2017-5753]Fix bounds check > bypass > MdeModulePkg/SmmLockBox: [CVE-2017-5753] Fix bounds check bypass > MdeModulePkg/Variable: [CVE-2017-5753] Fix bounds check bypass > UefiCpuPkg/PiSmmCpuDxeSmm: [CVE-2017-5753] Fix bounds check > bypass > > > MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c > | 7 ++++ > > MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.in > f | 1 + > MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c > | 10 ++++++ > MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c > | 31 ++++++++++++++++ > MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c > | 30 ++++++++++++++++ > MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h > | 13 ++++++- > MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c > | 6 ++++ > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf > | 1 + > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c > | 18 ++++++++++ > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf > | 1 + > MdePkg/Include/Library/BaseLib.h > | 13 +++++++ > MdePkg/Library/BaseLib/BaseLib.inf > | 2 ++ > MdePkg/Library/BaseLib/Ia32/Lfence.nasm > | 37 +++++++++++++++++++ > MdePkg/Library/BaseLib/X64/Lfence.nasm > | 38 ++++++++++++++++++++ > UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c > | 5 +++ > 15 files changed, 212 insertions(+), 1 deletion(-) > create mode 100644 > MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c > create mode 100644 > MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c > create mode 100644 MdePkg/Library/BaseLib/Ia32/Lfence.nasm > create mode 100644 MdePkg/Library/BaseLib/X64/Lfence.nasm > > -- > 2.12.0.windows.1
_______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel