From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <hao.a.wu@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.115; helo=mga14.intel.com;
 envelope-from=hao.a.wu@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 2E0142114845B
 for <edk2-devel@lists.01.org>; Wed, 19 Sep 2018 23:41:11 -0700 (PDT)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga004.jf.intel.com ([10.7.209.38])
 by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 19 Sep 2018 23:41:11 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.53,397,1531810800"; d="scan'208";a="234436634"
Received: from shwdeopenpsi014.ccr.corp.intel.com ([10.239.9.19])
 by orsmga004.jf.intel.com with ESMTP; 19 Sep 2018 23:41:09 -0700
From: Hao Wu <hao.a.wu@intel.com>
To: edk2-devel@lists.01.org
Cc: Hao Wu <hao.a.wu@intel.com>, Ard Biesheuvel <ard.biesheuvel@linaro.org>,
 Laszlo Ersek <lersek@redhat.com>, Jiewen Yao <jiewen.yao@intel.com>,
 Michael D Kinney <michael.d.kinney@intel.com>,
 Liming Gao <liming.gao@intel.com>
Date: Thu, 20 Sep 2018 14:40:59 +0800
Message-Id: <20180920064103.14600-2-hao.a.wu@intel.com>
X-Mailer: git-send-email 2.12.0.windows.1
In-Reply-To: <20180920064103.14600-1-hao.a.wu@intel.com>
References: <20180920064103.14600-1-hao.a.wu@intel.com>
Subject: [PATCH v1 1/5] MdePkg/BaseLib: Add new LoadFence API
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Sep 2018 06:41:11 -0000

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1193

This commit will add a new BaseLib API LoadFence(). This API will perform
a serializing operation on all load-from-memory instructions that were
issued prior to the call of this function.

The purpose of adding this API is to mitigate of the [CVE-2017-5753]
Bounds Check Bypass issue when untrusted data are being processed within
SMM. More details can be referred at the 'Bounds check bypass mitigation'
section at the below link:

https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
---
 MdePkg/Include/Library/BaseLib.h           | 12 +++++++
 MdePkg/Library/BaseLib/Arm/LoadFence.c     | 26 ++++++++++++++
 MdePkg/Library/BaseLib/BaseLib.inf         |  4 +++
 MdePkg/Library/BaseLib/Ebc/CpuBreakpoint.c | 15 +++++++-
 MdePkg/Library/BaseLib/Ia32/LoadFence.nasm | 37 +++++++++++++++++++
 MdePkg/Library/BaseLib/X64/LoadFence.nasm  | 38 ++++++++++++++++++++
 6 files changed, 131 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/BaseLib.h
index 123ae19dc2..194726ca35 100644
--- a/MdePkg/Include/Library/BaseLib.h
+++ b/MdePkg/Include/Library/BaseLib.h
@@ -4939,6 +4939,18 @@ MemoryFence (
 
 
 /**
+  Performs a serializing operation on all load-from-memory instructions that
+  were issued prior to the call of this function.
+
+**/
+VOID
+EFIAPI
+LoadFence (
+  VOID
+  );
+
+
+/**
   Saves the current CPU context that can be restored with a call to LongJump()
   and returns 0.
 
diff --git a/MdePkg/Library/BaseLib/Arm/LoadFence.c b/MdePkg/Library/BaseLib/Arm/LoadFence.c
new file mode 100644
index 0000000000..69f0c3a07e
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Arm/LoadFence.c
@@ -0,0 +1,26 @@
+/** @file
+  LoadFence() function for ARM.
+
+  Copyright (C) 2018, Intel Corporation. All rights reserved.<BR>
+
+  This program and the accompanying materials are licensed and made available
+  under the terms and conditions of the BSD License which accompanies this
+  distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php.
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT
+  WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+**/
+
+/**
+  Performs a serializing operation on all load-from-memory instructions that
+  were issued prior to the call of this function.
+
+**/
+VOID
+EFIAPI
+LoadFence (
+  VOID
+  )
+{
+}
diff --git a/MdePkg/Library/BaseLib/BaseLib.inf b/MdePkg/Library/BaseLib/BaseLib.inf
index a1b5ec4b75..f028fbc75a 100644
--- a/MdePkg/Library/BaseLib/BaseLib.inf
+++ b/MdePkg/Library/BaseLib/BaseLib.inf
@@ -68,6 +68,7 @@
 
 [Sources.Ia32]
   Ia32/WriteTr.nasm
+  Ia32/LoadFence.nasm
 
   Ia32/Wbinvd.c | MSFT
   Ia32/WriteMm7.c | MSFT
@@ -346,6 +347,7 @@
   X64/EnableCache.nasm
   X64/DisableCache.nasm
   X64/WriteTr.nasm
+  X64/LoadFence.nasm
 
   X64/CpuBreakpoint.c | MSFT
   X64/WriteMsr64.c | MSFT
@@ -580,6 +582,7 @@
 [Sources.ARM]
   Arm/InternalSwitchStack.c
   Arm/Unaligned.c
+  Arm/LoadFence.c
   Math64.c                   | RVCT
   Math64.c                   | MSFT
 
@@ -613,6 +616,7 @@
 [Sources.AARCH64]
   Arm/InternalSwitchStack.c
   Arm/Unaligned.c
+  Arm/LoadFence.c
   Math64.c
 
   AArch64/MemoryFence.S             | GCC
diff --git a/MdePkg/Library/BaseLib/Ebc/CpuBreakpoint.c b/MdePkg/Library/BaseLib/Ebc/CpuBreakpoint.c
index 9b7d875664..a79461cfbf 100644
--- a/MdePkg/Library/BaseLib/Ebc/CpuBreakpoint.c
+++ b/MdePkg/Library/BaseLib/Ebc/CpuBreakpoint.c
@@ -1,7 +1,7 @@
 /** @file
   Base Library CPU Functions for EBC
 
-  Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD License
   which accompanies this distribution.  The full text of the license may be found at
@@ -52,6 +52,19 @@ MemoryFence (
 }
 
 /**
+  Performs a serializing operation on all load-from-memory instructions that
+  were issued prior to the call of this function.
+
+**/
+VOID
+EFIAPI
+LoadFence (
+  VOID
+  )
+{
+}
+
+/**
   Disables CPU interrupts.
 
 **/
diff --git a/MdePkg/Library/BaseLib/Ia32/LoadFence.nasm b/MdePkg/Library/BaseLib/Ia32/LoadFence.nasm
new file mode 100644
index 0000000000..11600bea76
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Ia32/LoadFence.nasm
@@ -0,0 +1,37 @@
+;------------------------------------------------------------------------------ ;
+; Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+; This program and the accompanying materials
+; are licensed and made available under the terms and conditions of the BSD License
+; which accompanies this distribution.  The full text of the license may be found at
+; http://opensource.org/licenses/bsd-license.php.
+;
+; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+;
+; Module Name:
+;
+;   LoadFence.nasm
+;
+; Abstract:
+;
+;   Performs a serializing operation on all load-from-memory instructions that
+;   were issued prior to the call of this function.
+;
+; Notes:
+;
+;------------------------------------------------------------------------------
+
+    SECTION .text
+
+;------------------------------------------------------------------------------
+; VOID
+; EFIAPI
+; LoadFence (
+;   VOID
+;   );
+;------------------------------------------------------------------------------
+global ASM_PFX(LoadFence)
+ASM_PFX(LoadFence):
+    lfence
+    ret
+
diff --git a/MdePkg/Library/BaseLib/X64/LoadFence.nasm b/MdePkg/Library/BaseLib/X64/LoadFence.nasm
new file mode 100644
index 0000000000..c076d9789d
--- /dev/null
+++ b/MdePkg/Library/BaseLib/X64/LoadFence.nasm
@@ -0,0 +1,38 @@
+;------------------------------------------------------------------------------ ;
+; Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+; This program and the accompanying materials
+; are licensed and made available under the terms and conditions of the BSD License
+; which accompanies this distribution.  The full text of the license may be found at
+; http://opensource.org/licenses/bsd-license.php.
+;
+; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+;
+; Module Name:
+;
+;   LoadFence.nasm
+;
+; Abstract:
+;
+;   Performs a serializing operation on all load-from-memory instructions that
+;   were issued prior to the call of this function.
+;
+; Notes:
+;
+;------------------------------------------------------------------------------
+
+    DEFAULT REL
+    SECTION .text
+
+;------------------------------------------------------------------------------
+; VOID
+; EFIAPI
+; LoadFence (
+;   VOID
+;   );
+;------------------------------------------------------------------------------
+global ASM_PFX(LoadFence)
+ASM_PFX(LoadFence):
+    lfence
+    ret
+
-- 
2.12.0.windows.1