From: Hao Wu <hao.a.wu@intel.com>
To: edk2-devel@lists.01.org
Cc: Hao Wu <hao.a.wu@intel.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Laszlo Ersek <lersek@redhat.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Michael D Kinney <michael.d.kinney@intel.com>,
Liming Gao <liming.gao@intel.com>
Subject: [PATCH v1 1/5] MdePkg/BaseLib: Add new LoadFence API
Date: Thu, 20 Sep 2018 14:40:59 +0800 [thread overview]
Message-ID: <20180920064103.14600-2-hao.a.wu@intel.com> (raw)
In-Reply-To: <20180920064103.14600-1-hao.a.wu@intel.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1193
This commit will add a new BaseLib API LoadFence(). This API will perform
a serializing operation on all load-from-memory instructions that were
issued prior to the call of this function.
The purpose of adding this API is to mitigate of the [CVE-2017-5753]
Bounds Check Bypass issue when untrusted data are being processed within
SMM. More details can be referred at the 'Bounds check bypass mitigation'
section at the below link:
https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
---
MdePkg/Include/Library/BaseLib.h | 12 +++++++
MdePkg/Library/BaseLib/Arm/LoadFence.c | 26 ++++++++++++++
MdePkg/Library/BaseLib/BaseLib.inf | 4 +++
MdePkg/Library/BaseLib/Ebc/CpuBreakpoint.c | 15 +++++++-
MdePkg/Library/BaseLib/Ia32/LoadFence.nasm | 37 +++++++++++++++++++
MdePkg/Library/BaseLib/X64/LoadFence.nasm | 38 ++++++++++++++++++++
6 files changed, 131 insertions(+), 1 deletion(-)
diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/BaseLib.h
index 123ae19dc2..194726ca35 100644
--- a/MdePkg/Include/Library/BaseLib.h
+++ b/MdePkg/Include/Library/BaseLib.h
@@ -4939,6 +4939,18 @@ MemoryFence (
/**
+ Performs a serializing operation on all load-from-memory instructions that
+ were issued prior to the call of this function.
+
+**/
+VOID
+EFIAPI
+LoadFence (
+ VOID
+ );
+
+
+/**
Saves the current CPU context that can be restored with a call to LongJump()
and returns 0.
diff --git a/MdePkg/Library/BaseLib/Arm/LoadFence.c b/MdePkg/Library/BaseLib/Arm/LoadFence.c
new file mode 100644
index 0000000000..69f0c3a07e
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Arm/LoadFence.c
@@ -0,0 +1,26 @@
+/** @file
+ LoadFence() function for ARM.
+
+ Copyright (C) 2018, Intel Corporation. All rights reserved.<BR>
+
+ This program and the accompanying materials are licensed and made available
+ under the terms and conditions of the BSD License which accompanies this
+ distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php.
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT
+ WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+**/
+
+/**
+ Performs a serializing operation on all load-from-memory instructions that
+ were issued prior to the call of this function.
+
+**/
+VOID
+EFIAPI
+LoadFence (
+ VOID
+ )
+{
+}
diff --git a/MdePkg/Library/BaseLib/BaseLib.inf b/MdePkg/Library/BaseLib/BaseLib.inf
index a1b5ec4b75..f028fbc75a 100644
--- a/MdePkg/Library/BaseLib/BaseLib.inf
+++ b/MdePkg/Library/BaseLib/BaseLib.inf
@@ -68,6 +68,7 @@
[Sources.Ia32]
Ia32/WriteTr.nasm
+ Ia32/LoadFence.nasm
Ia32/Wbinvd.c | MSFT
Ia32/WriteMm7.c | MSFT
@@ -346,6 +347,7 @@
X64/EnableCache.nasm
X64/DisableCache.nasm
X64/WriteTr.nasm
+ X64/LoadFence.nasm
X64/CpuBreakpoint.c | MSFT
X64/WriteMsr64.c | MSFT
@@ -580,6 +582,7 @@
[Sources.ARM]
Arm/InternalSwitchStack.c
Arm/Unaligned.c
+ Arm/LoadFence.c
Math64.c | RVCT
Math64.c | MSFT
@@ -613,6 +616,7 @@
[Sources.AARCH64]
Arm/InternalSwitchStack.c
Arm/Unaligned.c
+ Arm/LoadFence.c
Math64.c
AArch64/MemoryFence.S | GCC
diff --git a/MdePkg/Library/BaseLib/Ebc/CpuBreakpoint.c b/MdePkg/Library/BaseLib/Ebc/CpuBreakpoint.c
index 9b7d875664..a79461cfbf 100644
--- a/MdePkg/Library/BaseLib/Ebc/CpuBreakpoint.c
+++ b/MdePkg/Library/BaseLib/Ebc/CpuBreakpoint.c
@@ -1,7 +1,7 @@
/** @file
Base Library CPU Functions for EBC
- Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -52,6 +52,19 @@ MemoryFence (
}
/**
+ Performs a serializing operation on all load-from-memory instructions that
+ were issued prior to the call of this function.
+
+**/
+VOID
+EFIAPI
+LoadFence (
+ VOID
+ )
+{
+}
+
+/**
Disables CPU interrupts.
**/
diff --git a/MdePkg/Library/BaseLib/Ia32/LoadFence.nasm b/MdePkg/Library/BaseLib/Ia32/LoadFence.nasm
new file mode 100644
index 0000000000..11600bea76
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Ia32/LoadFence.nasm
@@ -0,0 +1,37 @@
+;------------------------------------------------------------------------------ ;
+; Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+; This program and the accompanying materials
+; are licensed and made available under the terms and conditions of the BSD License
+; which accompanies this distribution. The full text of the license may be found at
+; http://opensource.org/licenses/bsd-license.php.
+;
+; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+;
+; Module Name:
+;
+; LoadFence.nasm
+;
+; Abstract:
+;
+; Performs a serializing operation on all load-from-memory instructions that
+; were issued prior to the call of this function.
+;
+; Notes:
+;
+;------------------------------------------------------------------------------
+
+ SECTION .text
+
+;------------------------------------------------------------------------------
+; VOID
+; EFIAPI
+; LoadFence (
+; VOID
+; );
+;------------------------------------------------------------------------------
+global ASM_PFX(LoadFence)
+ASM_PFX(LoadFence):
+ lfence
+ ret
+
diff --git a/MdePkg/Library/BaseLib/X64/LoadFence.nasm b/MdePkg/Library/BaseLib/X64/LoadFence.nasm
new file mode 100644
index 0000000000..c076d9789d
--- /dev/null
+++ b/MdePkg/Library/BaseLib/X64/LoadFence.nasm
@@ -0,0 +1,38 @@
+;------------------------------------------------------------------------------ ;
+; Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+; This program and the accompanying materials
+; are licensed and made available under the terms and conditions of the BSD License
+; which accompanies this distribution. The full text of the license may be found at
+; http://opensource.org/licenses/bsd-license.php.
+;
+; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+;
+; Module Name:
+;
+; LoadFence.nasm
+;
+; Abstract:
+;
+; Performs a serializing operation on all load-from-memory instructions that
+; were issued prior to the call of this function.
+;
+; Notes:
+;
+;------------------------------------------------------------------------------
+
+ DEFAULT REL
+ SECTION .text
+
+;------------------------------------------------------------------------------
+; VOID
+; EFIAPI
+; LoadFence (
+; VOID
+; );
+;------------------------------------------------------------------------------
+global ASM_PFX(LoadFence)
+ASM_PFX(LoadFence):
+ lfence
+ ret
+
--
2.12.0.windows.1
next prev parent reply other threads:[~2018-09-20 6:41 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-20 6:40 [PATCH v1 0/5] [CVE-2017-5753] Bounds Check Bypass issue in SMI handlers Hao Wu
2018-09-20 6:40 ` Hao Wu [this message]
2018-09-20 13:13 ` [PATCH v1 1/5] MdePkg/BaseLib: Add new LoadFence API Laszlo Ersek
2018-09-21 2:14 ` Wu, Hao A
2018-09-21 2:21 ` Yao, Jiewen
2018-09-21 2:38 ` Wu, Hao A
2018-09-20 6:41 ` [PATCH v1 2/5] MdeModulePkg/FaultTolerantWrite:[CVE-2017-5753]Fix bounds check bypass Hao Wu
2018-09-20 6:41 ` [PATCH v1 3/5] MdeModulePkg/SmmLockBox: [CVE-2017-5753] Fix " Hao Wu
2018-09-20 6:41 ` [PATCH v1 4/5] MdeModulePkg/Variable: " Hao Wu
2018-09-20 6:41 ` [PATCH v1 5/5] UefiCpuPkg/PiSmmCpuDxeSmm: " Hao Wu
2018-09-20 13:22 ` [PATCH v1 0/5] [CVE-2017-5753] Bounds Check Bypass issue in SMI handlers Laszlo Ersek
2018-09-20 13:59 ` Kinney, Michael D
2018-09-21 2:14 ` Wu, Hao A
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180920064103.14600-2-hao.a.wu@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox