From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <star.zeng@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=134.134.136.24; helo=mga09.intel.com;
 envelope-from=star.zeng@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga09.intel.com (mga09.intel.com [134.134.136.24])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id B7ABC2115C317
 for <edk2-devel@lists.01.org>; Fri, 28 Sep 2018 23:11:35 -0700 (PDT)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga001.fm.intel.com ([10.253.24.23])
 by orsmga102.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 28 Sep 2018 23:11:34 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.54,318,1534834800"; d="scan'208";a="94512988"
Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204])
 by fmsmga001.fm.intel.com with ESMTP; 28 Sep 2018 23:11:26 -0700
Received: from fmsmsx123.amr.corp.intel.com (10.18.125.38) by
 FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Fri, 28 Sep 2018 23:11:26 -0700
Received: from shsmsx101.ccr.corp.intel.com (10.239.4.153) by
 fmsmsx123.amr.corp.intel.com (10.18.125.38) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Fri, 28 Sep 2018 23:11:26 -0700
Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.140]) by
 SHSMSX101.ccr.corp.intel.com ([169.254.1.220]) with mapi id 14.03.0319.002;
 Sat, 29 Sep 2018 14:11:23 +0800
From: "Zeng, Star" <star.zeng@intel.com>
To: "Wu, Hao A" <hao.a.wu@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
CC: "Yao, Jiewen" <jiewen.yao@intel.com>, "Zeng, Star" <star.zeng@intel.com>
Thread-Topic: [PATCH v2 2/5]
 MdeModulePkg/FaultTolerantWrite:[CVE-2017-5753]Fix bounds check bypass
Thread-Index: AQHUVJbXhTNuuCJOcUuh/zTrTRjGcKUGzSKA
Date: Sat, 29 Sep 2018 06:11:23 +0000
Message-ID: <0C09AFA07DD0434D9E2A0C6AEB0483103BBF5E78@shsmsx102.ccr.corp.intel.com>
References: <20180925061259.31680-1-hao.a.wu@intel.com>
 <20180925061259.31680-3-hao.a.wu@intel.com>
In-Reply-To: <20180925061259.31680-3-hao.a.wu@intel.com>
Accept-Language: zh-CN, en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [PATCH v2 2/5] MdeModulePkg/FaultTolerantWrite:[CVE-2017-5753]Fix bounds check bypass
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Sep 2018 06:11:35 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Please double check whether the AsmLfence calling should be before the line=
 below.

        PrivateData =3D (VOID *)&SmmFtwWriteHeader->Data[Length];


Thanks,
Star
-----Original Message-----
From: Wu, Hao A=20
Sent: Tuesday, September 25, 2018 2:13 PM
To: edk2-devel@lists.01.org
Cc: Wu, Hao A <hao.a.wu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Zen=
g, Star <star.zeng@intel.com>
Subject: [PATCH v2 2/5] MdeModulePkg/FaultTolerantWrite:[CVE-2017-5753]Fix =
bounds check bypass

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D1194

Speculative execution is used by processor to avoid having to wait for data=
 to arrive from memory, or for previous operations to finish, the processor=
 may speculate as to what will be executed.

If the speculation is incorrect, the speculatively executed instructions mi=
ght leave hints such as which memory locations have been brought into cache=
. Malicious actors can use the bounds check bypass method (code gadgets wit=
h controlled external inputs) to infer data values that have been used in s=
peculative operations to reveal secrets which should not otherwise be acces=
sed.

This commit will focus on the SMI handler(s) registered within the FaultTol=
erantWriteDxe driver and insert AsmLfence API to mitigate the bounds check =
bypass issue.

For SMI handler SmmFaultTolerantWriteHandler():

Under "case FTW_FUNCTION_WRITE:", 'SmmFtwWriteHeader->Length' can be a pote=
ntial cross boundary access of the 'CommBuffer' (controlled external
inputs) during speculative execution. This cross boundary access is later p=
assed as parameter 'Length' into function FtwWrite().

Within function FtwWrite(), the value of 'Length' can be inferred by code:
"CopyMem (MyBuffer + Offset, Buffer, Length);". One can observe which part =
of the content within 'Buffer' was brought into cache to possibly reveal th=
e value of 'Length'.

Hence, this commit adds a AsmLfence() after the boundary/range checks of 'C=
ommBuffer' to prevent the speculative execution.

A more detailed explanation of the purpose of commit is under the 'Bounds c=
heck bypass mitigation' section of the below link:
https://software.intel.com/security-software-guidance/insights/host-firmwar=
e-speculative-execution-side-channel-mitigation

And the document at:
https://software.intel.com/security-software-guidance/api-app/sites/default=
/files/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
---
 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c   | 7=
 +++++++
 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf | 1=
 +
 2 files changed, 8 insertions(+)

diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrit=
eSmm.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm=
.c
index 632313f076..27fcab19b6 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm
+++ .c
@@ -57,6 +57,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER=
 EXPRESS OR IMPLIED.
 #include <PiSmm.h>
 #include <Library/SmmServicesTableLib.h>  #include <Library/SmmMemLib.h>
+#include <Library/BaseLib.h>
 #include <Protocol/SmmSwapAddressRange.h>  #include "FaultTolerantWrite.h"
 #include "FaultTolerantWriteSmmCommon.h"
@@ -417,6 +418,12 @@ SmmFaultTolerantWriteHandler (
                  &SmmFvbHandle
                  );
       if (!EFI_ERROR (Status)) {
+        //
+        // The AsmLfence() call here is to ensure the previous range/conte=
nt
+        // checks for the CommBuffer have been completed before calling in=
to
+        // FtwWrite().
+        //
+        AsmLfence ();
         Status =3D FtwWrite(
                    &mFtwDevice->FtwInstance,
                    SmmFtwWriteHeader->Lba, diff --git a/MdeModulePkg/Unive=
rsal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf b/MdeModulePkg/Univers=
al/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
index 85d109e8d9..606cc2266b 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.in=
f
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm
+++ .inf
@@ -55,6 +55,7 @@
   PcdLib
   ReportStatusCodeLib
   SmmMemLib
+  BaseLib
=20
 [Guids]
   #
--
2.12.0.windows.1