From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ard.biesheuvel@linaro.org>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=2a00:1450:4864:20::541; helo=mail-ed1-x541.google.com;
 envelope-from=ard.biesheuvel@linaro.org; receiver=edk2-devel@lists.01.org 
Received: from mail-ed1-x541.google.com (mail-ed1-x541.google.com
 [IPv6:2a00:1450:4864:20::541])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 81C052119BAC9
 for <edk2-devel@lists.01.org>; Sun,  6 Jan 2019 23:15:22 -0800 (PST)
Received: by mail-ed1-x541.google.com with SMTP id b3so37028255ede.1
 for <edk2-devel@lists.01.org>; Sun, 06 Jan 2019 23:15:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=ym3HCbWnebZkZogeGxEhQyYMaJDsMynjVeOMWSFFg0s=;
 b=ZzBzR79Zw7IAI5SAJEDRHuHDHJJpMEDpDsNDOuQzvjjOywPljctlIUdsxsBQGLY1mj
 9CHAXOkd81JkmWnciQD8nyEcn9UXd31iX02LwvpxAEqdFRbREk0HSV344ibilXFtsByN
 jwfup2et7PxaSE6T8MEOAMQoyBiKQSUDAq+vc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=ym3HCbWnebZkZogeGxEhQyYMaJDsMynjVeOMWSFFg0s=;
 b=szHcp1WqbYPmUsVHEE8wUeHvk3wgtJODIRUCdRXrW9WYLcy2BloQY6WWFNTPf5AYYi
 E9V2pYUGZ74m8ARzg8NCEFBYpF0Vo5dr1lNnMK8xhAmzEWHCbM9xVsKp+M5H91hPDXbE
 MGp/Vis4rTsbCD36EH/zYPdKHnCO1P1uYQs/ro//TMvviFU/Gd06uCd7K7KqLMRh5bcF
 6HzIOjTwe9PDnHSc1rY0yj0C9S6fJqI0Znqzf2xPwdK7MKb777cuG4nkdvvk9wTxUK2u
 Y3U95hudnA5wsSfaMbdSN0B3Vr+ILc+ceYYQvLsZOffVZYXi2XkoNQ54iTRpy2ZyxUE5
 UWgA==
X-Gm-Message-State: AA+aEWa5jF3Pvs7b/MRwsWC4y/wrwsc8r6Oi8BHZlXbleRKGhEElBZ05
 0D2x4Q7hORVFT44Pvt+gNuhoDMZAXzEaYQ==
X-Google-Smtp-Source: AFSGD/UBimF8GuFeVLItKn+eNQdbW/yx83k9AZOVW0+5Zf7kSkb/twPYfDiIvGREWB4WAZXOtNF/JA==
X-Received: by 2002:a17:906:798e:: with SMTP id
 c14-v6mr46517860ejo.123.1546845320457; 
 Sun, 06 Jan 2019 23:15:20 -0800 (PST)
Received: from chuckie.home ([2a01:cb1d:112:6f00:58f2:776e:9e23:a7ca])
 by smtp.gmail.com with ESMTPSA id t9sm30263693edd.25.2019.01.06.23.15.19
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Sun, 06 Jan 2019 23:15:19 -0800 (PST)
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: edk2-devel@lists.01.org
Date: Mon,  7 Jan 2019 08:14:59 +0100
Message-Id: <20190107071504.2431-1-ard.biesheuvel@linaro.org>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Subject: [PATCH 0/5] memory/MMU hardening for AArch64
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jan 2019 07:15:22 -0000
Content-Transfer-Encoding: 8bit

Now that we are getting more serious about implementing secure boot
on ARM systems, by putting the code that manipulated the variable
store in a secure partition, it makes sense to give some attention
to the non-secure side as well, since having secure authenticated
variables is moot if we can just nop out the authentication check
in the image loader.

Patch #1 fixes an issue in ArmMmuLib that is triggered when HeapGuard
is enabled.

Patch #2 optimizes TLB management so that we don't flush all of it
every time. This is a performance optimization as well as a hardening
measure, since it makes it more difficult to trigger a flush of all
TLBs, which is needed when abusing a write exploit to change memory
permissions.

Patch #3 is a prerequisite for enabling StackGuard and HeapGuard, which
make use of the EFI_MEMORY_RP attribute and this wasn't wired up yet.

Patch #4 adds support to ArmMmuLib to remap all page tables read-only,
so that they are no longer vulnerable to rogue writes.

Patch #5 enables the feature added in #4 at EndOfDxe.

Ard Biesheuvel (5):
  ArmPkg/ArmMmuLib AARCH64: fix out of bounds access
  ArmPkg/ArmMmuLib AARCH64: get rid of needless TLB invalidation
  ArmPkg/ArmMmuLib AARCH64: implement support for EFI_MEMORY_RP
    permissions
  ArmPkg/ArmMmuLib AARCH64: add support for read-only page tables
  ArmPkg/CpuDxe: switch to read-only page tables at EndOfDxe

 ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c                      |   5 +-
 ArmPkg/Drivers/CpuDxe/CpuDxe.c                           |  23 +++
 ArmPkg/Drivers/CpuDxe/CpuDxe.inf                         |   1 +
 ArmPkg/Include/Library/ArmMmuLib.h                       |   9 +-
 ArmPkg/Library/ArmLib/AArch64/ArmLibSupport.S            |   6 +-
 ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c         | 149 +++++++++++++++++---
 ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S |  14 +-
 ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c             |   8 ++
 8 files changed, 181 insertions(+), 34 deletions(-)

-- 
2.20.1