* [edk2-wiki][PATCH v3] Update the Boot Guard TOCTOU wiki page.
@ 2020-08-12 7:20 Guomin Jiang
2020-08-14 3:10 ` Liming Gao
2020-08-18 1:39 ` [edk2-devel] " Wang, Jian J
0 siblings, 2 replies; 3+ messages in thread
From: Guomin Jiang @ 2020-08-12 7:20 UTC (permalink / raw)
To: devel; +Cc: Jian J Wang, Liming Gao
The Boot Guard TOCTOU have been migrated into edk2/master.
Update the document to meet the change.
Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
---
Boot-Guard-TOCTOU-Vulnerability-Mitigation.md | 30 +++++++------------
1 file changed, 10 insertions(+), 20 deletions(-)
diff --git a/Boot-Guard-TOCTOU-Vulnerability-Mitigation.md b/Boot-Guard-TOCTOU-Vulnerability-Mitigation.md
index e59c7b1..3fce589 100644
--- a/Boot-Guard-TOCTOU-Vulnerability-Mitigation.md
+++ b/Boot-Guard-TOCTOU-Vulnerability-Mitigation.md
@@ -45,32 +45,22 @@ references must be updated. In this mitigation, the process of performing these
The changes described in this mitigation are intended to simply integrate into firmware solutions. For the changes to
function as intended, the platform firmware implementation should follow these guidelines.
-The changes are currently being staged in the following EDK II fork for additional validation before being
-sent to the EDK II mailing list: https://github.com/makubacki/edk2/tree/btg_toctou_mitigation_staging
-
-The changes should not be considered final or production ready until they are reviewed and pushed onto edk2/master.
-
-1. Always ensure PcdShadowPeimOnBoot and PcdShadowPeimOnS3Boot
- (if platform supports S3) are set to TRUE if Boot Guard is
- enabled and V=1 or M=1.
-2. Always ensure PcdMigrateTemporaryRamFirmwareVolumes is set to TRUE.
-3. Ensure that all PEIMs are relocatable. Relocation tables should
+1. Always ensure PcdMigrateTemporaryRamFirmwareVolumes is set to TRUE
+ if Boot Guard is enabled and V=1 or M=1.
+2. Ensure that all PEIMs are relocatable. Relocation tables should
not be stripped.
-4. If an Intel® Firmware Support Package (FSP) binary solution is
+3. If an Intel® Firmware Support Package (FSP) binary solution is
used, the binary must have these mitigation changes integrated.
-5. Avoid maintaining pointers to pre-memory addresses inside embedded
+4. Avoid maintaining pointers to pre-memory addresses inside embedded
structures or other non-standard structures that the automatic
migration code introduced in this change cannot identify.
-6. Migrate the FIT table based on platform requirements for FIT
+5. Migrate the FIT table based on platform requirements for FIT
access in post-memory.
+6. Add the SecMigrationPei.inf component to migrate the pointer from
+ the SEC phase.
-**Very Important**
-
-7. Enable paging after memory initialization and mark the IBB range
- as Not Present (NP).
-
- This will cause a page fault on access to the IBB region. This CR2 register can be used to identify the address
- accessed and the IP.
+Notes: IBB will be set Not Present, you will see a page fault if any code access to the IBB region after migration.
+ the address where the code access can be identified in the CR2 register.
# High-Level Migration Required
Resources that must be migrated can be categorized as code or data.
--
2.25.1.windows.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [edk2-wiki][PATCH v3] Update the Boot Guard TOCTOU wiki page.
2020-08-12 7:20 [edk2-wiki][PATCH v3] Update the Boot Guard TOCTOU wiki page Guomin Jiang
@ 2020-08-14 3:10 ` Liming Gao
2020-08-18 1:39 ` [edk2-devel] " Wang, Jian J
1 sibling, 0 replies; 3+ messages in thread
From: Liming Gao @ 2020-08-14 3:10 UTC (permalink / raw)
To: Jiang, Guomin, devel@edk2.groups.io; +Cc: Wang, Jian J
Reviewed-by: Liming Gao <liming.gao@intel.com>
-----Original Message-----
From: Jiang, Guomin <guomin.jiang@intel.com>
Sent: 2020年8月12日 15:21
To: devel@edk2.groups.io
Cc: Wang, Jian J <jian.j.wang@intel.com>; Gao, Liming <liming.gao@intel.com>
Subject: [edk2-wiki][PATCH v3] Update the Boot Guard TOCTOU wiki page.
The Boot Guard TOCTOU have been migrated into edk2/master.
Update the document to meet the change.
Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
---
Boot-Guard-TOCTOU-Vulnerability-Mitigation.md | 30 +++++++------------
1 file changed, 10 insertions(+), 20 deletions(-)
diff --git a/Boot-Guard-TOCTOU-Vulnerability-Mitigation.md b/Boot-Guard-TOCTOU-Vulnerability-Mitigation.md
index e59c7b1..3fce589 100644
--- a/Boot-Guard-TOCTOU-Vulnerability-Mitigation.md
+++ b/Boot-Guard-TOCTOU-Vulnerability-Mitigation.md
@@ -45,32 +45,22 @@ references must be updated. In this mitigation, the process of performing these The changes described in this mitigation are intended to simply integrate into firmware solutions. For the changes to function as intended, the platform firmware implementation should follow these guidelines.
-The changes are currently being staged in the following EDK II fork for additional validation before being -sent to the EDK II mailing list: https://github.com/makubacki/edk2/tree/btg_toctou_mitigation_staging
-
-The changes should not be considered final or production ready until they are reviewed and pushed onto edk2/master.
-
-1. Always ensure PcdShadowPeimOnBoot and PcdShadowPeimOnS3Boot
- (if platform supports S3) are set to TRUE if Boot Guard is
- enabled and V=1 or M=1.
-2. Always ensure PcdMigrateTemporaryRamFirmwareVolumes is set to TRUE.
-3. Ensure that all PEIMs are relocatable. Relocation tables should
+1. Always ensure PcdMigrateTemporaryRamFirmwareVolumes is set to TRUE
+ if Boot Guard is enabled and V=1 or M=1.
+2. Ensure that all PEIMs are relocatable. Relocation tables should
not be stripped.
-4. If an Intel® Firmware Support Package (FSP) binary solution is
+3. If an Intel® Firmware Support Package (FSP) binary solution is
used, the binary must have these mitigation changes integrated.
-5. Avoid maintaining pointers to pre-memory addresses inside embedded
+4. Avoid maintaining pointers to pre-memory addresses inside embedded
structures or other non-standard structures that the automatic
migration code introduced in this change cannot identify.
-6. Migrate the FIT table based on platform requirements for FIT
+5. Migrate the FIT table based on platform requirements for FIT
access in post-memory.
+6. Add the SecMigrationPei.inf component to migrate the pointer from
+ the SEC phase.
-**Very Important**
-
-7. Enable paging after memory initialization and mark the IBB range
- as Not Present (NP).
-
- This will cause a page fault on access to the IBB region. This CR2 register can be used to identify the address
- accessed and the IP.
+Notes: IBB will be set Not Present, you will see a page fault if any code access to the IBB region after migration.
+ the address where the code access can be identified in the CR2 register.
# High-Level Migration Required
Resources that must be migrated can be categorized as code or data.
--
2.25.1.windows.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [edk2-devel] [edk2-wiki][PATCH v3] Update the Boot Guard TOCTOU wiki page.
2020-08-12 7:20 [edk2-wiki][PATCH v3] Update the Boot Guard TOCTOU wiki page Guomin Jiang
2020-08-14 3:10 ` Liming Gao
@ 2020-08-18 1:39 ` Wang, Jian J
1 sibling, 0 replies; 3+ messages in thread
From: Wang, Jian J @ 2020-08-18 1:39 UTC (permalink / raw)
To: devel@edk2.groups.io, Jiang, Guomin; +Cc: Gao, Liming
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Regards,
Jian
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Guomin
> Jiang
> Sent: Wednesday, August 12, 2020 3:21 PM
> To: devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Gao, Liming <liming.gao@intel.com>
> Subject: [edk2-devel] [edk2-wiki][PATCH v3] Update the Boot Guard TOCTOU
> wiki page.
>
> The Boot Guard TOCTOU have been migrated into edk2/master.
> Update the document to meet the change.
>
> Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> ---
> Boot-Guard-TOCTOU-Vulnerability-Mitigation.md | 30 +++++++------------
> 1 file changed, 10 insertions(+), 20 deletions(-)
>
> diff --git a/Boot-Guard-TOCTOU-Vulnerability-Mitigation.md b/Boot-Guard-
> TOCTOU-Vulnerability-Mitigation.md
> index e59c7b1..3fce589 100644
> --- a/Boot-Guard-TOCTOU-Vulnerability-Mitigation.md
> +++ b/Boot-Guard-TOCTOU-Vulnerability-Mitigation.md
> @@ -45,32 +45,22 @@ references must be updated. In this mitigation, the
> process of performing these
> The changes described in this mitigation are intended to simply integrate into
> firmware solutions. For the changes to
> function as intended, the platform firmware implementation should follow
> these guidelines.
>
> -The changes are currently being staged in the following EDK II fork for
> additional validation before being
> -sent to the EDK II mailing list:
> https://github.com/makubacki/edk2/tree/btg_toctou_mitigation_staging
> -
> -The changes should not be considered final or production ready until they are
> reviewed and pushed onto edk2/master.
> -
> -1. Always ensure PcdShadowPeimOnBoot and PcdShadowPeimOnS3Boot
> - (if platform supports S3) are set to TRUE if Boot Guard is
> - enabled and V=1 or M=1.
> -2. Always ensure PcdMigrateTemporaryRamFirmwareVolumes is set to TRUE.
> -3. Ensure that all PEIMs are relocatable. Relocation tables should
> +1. Always ensure PcdMigrateTemporaryRamFirmwareVolumes is set to TRUE
> + if Boot Guard is enabled and V=1 or M=1.
> +2. Ensure that all PEIMs are relocatable. Relocation tables should
> not be stripped.
> -4. If an Intel® Firmware Support Package (FSP) binary solution is
> +3. If an Intel® Firmware Support Package (FSP) binary solution is
> used, the binary must have these mitigation changes integrated.
> -5. Avoid maintaining pointers to pre-memory addresses inside embedded
> +4. Avoid maintaining pointers to pre-memory addresses inside embedded
> structures or other non-standard structures that the automatic
> migration code introduced in this change cannot identify.
> -6. Migrate the FIT table based on platform requirements for FIT
> +5. Migrate the FIT table based on platform requirements for FIT
> access in post-memory.
> +6. Add the SecMigrationPei.inf component to migrate the pointer from
> + the SEC phase.
>
> -**Very Important**
> -
> -7. Enable paging after memory initialization and mark the IBB range
> - as Not Present (NP).
> -
> - This will cause a page fault on access to the IBB region. This CR2 register can
> be used to identify the address
> - accessed and the IP.
> +Notes: IBB will be set Not Present, you will see a page fault if any code access
> to the IBB region after migration.
> + the address where the code access can be identified in the CR2 register.
>
> # High-Level Migration Required
> Resources that must be migrated can be categorized as code or data.
> --
> 2.25.1.windows.1
>
>
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-08-18 1:39 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-08-12 7:20 [edk2-wiki][PATCH v3] Update the Boot Guard TOCTOU wiki page Guomin Jiang
2020-08-14 3:10 ` Liming Gao
2020-08-18 1:39 ` [edk2-devel] " Wang, Jian J
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox