The series aims to mitigate the Branch Target Injection (CVE-2017-5715) issues for 'RSM' instructions. Moreover, this series focuses on the UDK branches where .NASM file is not added for a module.
Patch 1/1 will be applied on the below UDK branches: UDK2015 A more detailed explanation of the purpose of commit is under the 'Branch target injection mitigation' section of the below link: https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation Cc: Jiewen Yao <jiewen....@intel.com> Cc: Laszlo Ersek <ler...@redhat.com> Cc: Michael D Kinney <michael.d.kin...@intel.com> Cc: Eric Dong <eric.d...@intel.com> Hao Wu (1): UefiCpuPkg: [CVE-2017-5715] Stuff RSB before RSM UefiCpuPkg/Include/StuffRsbAsm.inc | 60 ++++++++++++++++++++ UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.asm | 5 +- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmInit.asm | 5 +- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.asm | 5 +- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmInit.asm | 5 +- 5 files changed, 76 insertions(+), 4 deletions(-) create mode 100644 UefiCpuPkg/Include/StuffRsbAsm.inc -- 2.12.0.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
