* [Patch 0/2] MdeModulePkg PeiCore: Signed GUIDED section may not be dispatched
@ 2017-02-09 4:14 Liming Gao
2017-02-09 4:14 ` [Patch 1/2] MdeModulePkg PeiCore: Reset PeimNeedingDispatch when its security violation Liming Gao
2017-02-09 4:14 ` [Patch 2/2] MdeModulePkg PeiCore: Don't cache GUIDED section with AUTH_NOT_TESTED Liming Gao
0 siblings, 2 replies; 5+ messages in thread
From: Liming Gao @ 2017-02-09 4:14 UTC (permalink / raw)
To: edk2-devel
https://bugzilla.tianocore.org/show_bug.cgi?id=365
When RSA2048 GUIDED section has SIGNED attribute only without PROCESSED_REQUIRED
attribute, it will not be processed correctly once RSA2048 GUIDED extraction
service is dispatcher later, because PeiCore cache GUIDED section with
EFI_AUTH_STATUS_NOT_TESTED.
Here is the failure case. RSA Extraction Service is compressed. DxeIpl installs
the decompress service. On the first round dispatcher, FVMAIN is cached with
EFI_AUTH_STATUS_NOT_TESTED. It can't be dispatched again.
INF RuleOverride = LzmaCompress MdeModulePkg/../SectionExtractionPei.inf
FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 {
SECTION GUIDED A7717414-C616-4977-9420-844712A735BF AUTH_STATUS_VALID = TRUE
SECTION FV_IMAGE = FVMAIN
}
}
INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
Liming Gao (2):
MdeModulePkg PeiCore: Reset PeimNeedingDispatch when its security
violation
MdeModulePkg PeiCore: Don't cache GUIDED section with AUTH_NOT_TESTED
MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c | 9 ++++++++-
MdeModulePkg/Core/Pei/FwVol/FwVol.c | 24 +++++++++++++-----------
2 files changed, 21 insertions(+), 12 deletions(-)
--
2.8.0.windows.1
^ permalink raw reply [flat|nested] 5+ messages in thread* [Patch 1/2] MdeModulePkg PeiCore: Reset PeimNeedingDispatch when its security violation 2017-02-09 4:14 [Patch 0/2] MdeModulePkg PeiCore: Signed GUIDED section may not be dispatched Liming Gao @ 2017-02-09 4:14 ` Liming Gao 2017-02-09 4:44 ` Zeng, Star 2017-02-09 4:14 ` [Patch 2/2] MdeModulePkg PeiCore: Don't cache GUIDED section with AUTH_NOT_TESTED Liming Gao 1 sibling, 1 reply; 5+ messages in thread From: Liming Gao @ 2017-02-09 4:14 UTC (permalink / raw) To: edk2-devel; +Cc: Star Zeng When PEIM is security violation, its matched extraction ppi may not be installed. So, its PeimNeedingDispatch will still reset to TRUE. Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> --- MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c b/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c index 3934ed0..ff43a90 100644 --- a/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c +++ b/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c @@ -1,7 +1,7 @@ /** @file EFI PEI Core dispatch services -Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -1111,6 +1111,13 @@ PeiDispatcher ( PeimEntryPoint = (EFI_PEIM_ENTRY_POINT2)(UINTN)EntryPoint; PeimEntryPoint (PeimFileHandle, (const EFI_PEI_SERVICES **) PeiServices); Private->PeimDispatchOnThisPass = TRUE; + } else { + // + // The related GuidedSectionExtraction PPI for the + // signed PEIM image section may be installed in the rest + // of this do-while loop, so need to make another pass. + // + Private->PeimNeedingDispatch = TRUE; } REPORT_STATUS_CODE_WITH_EXTENDED_DATA ( -- 2.8.0.windows.1 ^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [Patch 1/2] MdeModulePkg PeiCore: Reset PeimNeedingDispatch when its security violation 2017-02-09 4:14 ` [Patch 1/2] MdeModulePkg PeiCore: Reset PeimNeedingDispatch when its security violation Liming Gao @ 2017-02-09 4:44 ` Zeng, Star 0 siblings, 0 replies; 5+ messages in thread From: Zeng, Star @ 2017-02-09 4:44 UTC (permalink / raw) To: Gao, Liming, edk2-devel@lists.01.org; +Cc: Zeng, Star Reviewed-by: Star Zeng <star.zeng@intel.com> to this change. How about to also move the code blocks below into the "if (Status != EFI_SECURITY_VIOLATION) {" to follow PI Spec? PERF_START (PeimFileHandle, "PEIM", NULL, 0); REPORT_STATUS_CODE_WITH_EXTENDED_DATA ( EFI_PROGRESS_CODE, (EFI_SOFTWARE_PEI_CORE | EFI_SW_PC_INIT_BEGIN), (VOID *)(&PeimFileHandle), sizeof (PeimFileHandle) ); REPORT_STATUS_CODE_WITH_EXTENDED_DATA ( EFI_PROGRESS_CODE, (EFI_SOFTWARE_PEI_CORE | EFI_SW_PC_INIT_END), (VOID *)(&PeimFileHandle), sizeof (PeimFileHandle) ); PERF_END (PeimFileHandle, "PEIM", NULL, 0); PI Spec: EFI_SW_PC_INIT_BEGIN Initializing software module by using StartImage() or an equivalent PEI service. Thanks, Star -----Original Message----- From: Gao, Liming Sent: Thursday, February 9, 2017 12:15 PM To: edk2-devel@lists.01.org Cc: Zeng, Star <star.zeng@intel.com> Subject: [Patch 1/2] MdeModulePkg PeiCore: Reset PeimNeedingDispatch when its security violation When PEIM is security violation, its matched extraction ppi may not be installed. So, its PeimNeedingDispatch will still reset to TRUE. Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> --- MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c b/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c index 3934ed0..ff43a90 100644 --- a/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c +++ b/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c @@ -1,7 +1,7 @@ /** @file EFI PEI Core dispatch services -Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -1111,6 +1111,13 @@ PeiDispatcher ( PeimEntryPoint = (EFI_PEIM_ENTRY_POINT2)(UINTN)EntryPoint; PeimEntryPoint (PeimFileHandle, (const EFI_PEI_SERVICES **) PeiServices); Private->PeimDispatchOnThisPass = TRUE; + } else { + // + // The related GuidedSectionExtraction PPI for the + // signed PEIM image section may be installed in the rest + // of this do-while loop, so need to make another pass. + // + Private->PeimNeedingDispatch = TRUE; } REPORT_STATUS_CODE_WITH_EXTENDED_DATA ( -- 2.8.0.windows.1 ^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Patch 2/2] MdeModulePkg PeiCore: Don't cache GUIDED section with AUTH_NOT_TESTED 2017-02-09 4:14 [Patch 0/2] MdeModulePkg PeiCore: Signed GUIDED section may not be dispatched Liming Gao 2017-02-09 4:14 ` [Patch 1/2] MdeModulePkg PeiCore: Reset PeimNeedingDispatch when its security violation Liming Gao @ 2017-02-09 4:14 ` Liming Gao 2017-02-09 4:40 ` Zeng, Star 1 sibling, 1 reply; 5+ messages in thread From: Liming Gao @ 2017-02-09 4:14 UTC (permalink / raw) To: edk2-devel; +Cc: Star Zeng If GUIDED section authentication has EFI_AUTH_STATUS_NOT_TESTED, its matched extraction ppi may not be installed. So, don't cache its data. Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> --- MdeModulePkg/Core/Pei/FwVol/FwVol.c | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/MdeModulePkg/Core/Pei/FwVol/FwVol.c b/MdeModulePkg/Core/Pei/FwVol/FwVol.c index 8d07bd0..0bbb86d 100644 --- a/MdeModulePkg/Core/Pei/FwVol/FwVol.c +++ b/MdeModulePkg/Core/Pei/FwVol/FwVol.c @@ -2,7 +2,7 @@ Pei Core Firmware File System service routines. Copyright (c) 2015 HP Development Company, L.P. -Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -913,17 +913,19 @@ ProcessSection ( } if (!EFI_ERROR (Status)) { - // - // Update cache section data. - // - if (PrivateData->CacheSection.AllSectionCount < CACHE_SETION_MAX_NUMBER) { - PrivateData->CacheSection.AllSectionCount ++; + if ((Authentication & EFI_AUTH_STATUS_NOT_TESTED) == 0) { + // + // Update cache section data. + // + if (PrivateData->CacheSection.AllSectionCount < CACHE_SETION_MAX_NUMBER) { + PrivateData->CacheSection.AllSectionCount ++; + } + PrivateData->CacheSection.Section [PrivateData->CacheSection.SectionIndex] = Section; + PrivateData->CacheSection.SectionData [PrivateData->CacheSection.SectionIndex] = PpiOutput; + PrivateData->CacheSection.SectionSize [PrivateData->CacheSection.SectionIndex] = PpiOutputSize; + PrivateData->CacheSection.AuthenticationStatus [PrivateData->CacheSection.SectionIndex] = Authentication; + PrivateData->CacheSection.SectionIndex = (PrivateData->CacheSection.SectionIndex + 1)%CACHE_SETION_MAX_NUMBER; } - PrivateData->CacheSection.Section [PrivateData->CacheSection.SectionIndex] = Section; - PrivateData->CacheSection.SectionData [PrivateData->CacheSection.SectionIndex] = PpiOutput; - PrivateData->CacheSection.SectionSize [PrivateData->CacheSection.SectionIndex] = PpiOutputSize; - PrivateData->CacheSection.AuthenticationStatus [PrivateData->CacheSection.SectionIndex] = Authentication; - PrivateData->CacheSection.SectionIndex = (PrivateData->CacheSection.SectionIndex + 1)%CACHE_SETION_MAX_NUMBER; TempAuthenticationStatus = 0; Status = ProcessSection ( -- 2.8.0.windows.1 ^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [Patch 2/2] MdeModulePkg PeiCore: Don't cache GUIDED section with AUTH_NOT_TESTED 2017-02-09 4:14 ` [Patch 2/2] MdeModulePkg PeiCore: Don't cache GUIDED section with AUTH_NOT_TESTED Liming Gao @ 2017-02-09 4:40 ` Zeng, Star 0 siblings, 0 replies; 5+ messages in thread From: Zeng, Star @ 2017-02-09 4:40 UTC (permalink / raw) To: Gao, Liming, edk2-devel@lists.01.org; +Cc: Zeng, Star Reviewed-by: Star Zeng <star.zeng@intel.com> -----Original Message----- From: Gao, Liming Sent: Thursday, February 9, 2017 12:15 PM To: edk2-devel@lists.01.org Cc: Zeng, Star <star.zeng@intel.com> Subject: [Patch 2/2] MdeModulePkg PeiCore: Don't cache GUIDED section with AUTH_NOT_TESTED If GUIDED section authentication has EFI_AUTH_STATUS_NOT_TESTED, its matched extraction ppi may not be installed. So, don't cache its data. Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> --- MdeModulePkg/Core/Pei/FwVol/FwVol.c | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/MdeModulePkg/Core/Pei/FwVol/FwVol.c b/MdeModulePkg/Core/Pei/FwVol/FwVol.c index 8d07bd0..0bbb86d 100644 --- a/MdeModulePkg/Core/Pei/FwVol/FwVol.c +++ b/MdeModulePkg/Core/Pei/FwVol/FwVol.c @@ -2,7 +2,7 @@ Pei Core Firmware File System service routines. Copyright (c) 2015 HP Development Company, L.P. -Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -913,17 +913,19 @@ ProcessSection ( } if (!EFI_ERROR (Status)) { - // - // Update cache section data. - // - if (PrivateData->CacheSection.AllSectionCount < CACHE_SETION_MAX_NUMBER) { - PrivateData->CacheSection.AllSectionCount ++; + if ((Authentication & EFI_AUTH_STATUS_NOT_TESTED) == 0) { + // + // Update cache section data. + // + if (PrivateData->CacheSection.AllSectionCount < CACHE_SETION_MAX_NUMBER) { + PrivateData->CacheSection.AllSectionCount ++; + } + PrivateData->CacheSection.Section [PrivateData->CacheSection.SectionIndex] = Section; + PrivateData->CacheSection.SectionData [PrivateData->CacheSection.SectionIndex] = PpiOutput; + PrivateData->CacheSection.SectionSize [PrivateData->CacheSection.SectionIndex] = PpiOutputSize; + PrivateData->CacheSection.AuthenticationStatus [PrivateData->CacheSection.SectionIndex] = Authentication; + PrivateData->CacheSection.SectionIndex = + (PrivateData->CacheSection.SectionIndex + 1)%CACHE_SETION_MAX_NUMBER; } - PrivateData->CacheSection.Section [PrivateData->CacheSection.SectionIndex] = Section; - PrivateData->CacheSection.SectionData [PrivateData->CacheSection.SectionIndex] = PpiOutput; - PrivateData->CacheSection.SectionSize [PrivateData->CacheSection.SectionIndex] = PpiOutputSize; - PrivateData->CacheSection.AuthenticationStatus [PrivateData->CacheSection.SectionIndex] = Authentication; - PrivateData->CacheSection.SectionIndex = (PrivateData->CacheSection.SectionIndex + 1)%CACHE_SETION_MAX_NUMBER; TempAuthenticationStatus = 0; Status = ProcessSection ( -- 2.8.0.windows.1 ^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2017-02-09 4:44 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2017-02-09 4:14 [Patch 0/2] MdeModulePkg PeiCore: Signed GUIDED section may not be dispatched Liming Gao 2017-02-09 4:14 ` [Patch 1/2] MdeModulePkg PeiCore: Reset PeimNeedingDispatch when its security violation Liming Gao 2017-02-09 4:44 ` Zeng, Star 2017-02-09 4:14 ` [Patch 2/2] MdeModulePkg PeiCore: Don't cache GUIDED section with AUTH_NOT_TESTED Liming Gao 2017-02-09 4:40 ` Zeng, Star
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox