From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.88; helo=mga01.intel.com; envelope-from=ruiyu.ni@intel.com; receiver=edk2-devel@lists.01.org Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 354DD2118DC21 for ; Mon, 12 Nov 2018 23:43:07 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 12 Nov 2018 23:43:06 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.54,498,1534834800"; d="scan'208";a="99805678" Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204]) by orsmga003.jf.intel.com with ESMTP; 12 Nov 2018 23:43:06 -0800 Received: from fmsmsx157.amr.corp.intel.com (10.18.116.73) by FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS) id 14.3.408.0; Mon, 12 Nov 2018 23:43:06 -0800 Received: from shsmsx102.ccr.corp.intel.com (10.239.4.154) by FMSMSX157.amr.corp.intel.com (10.18.116.73) with Microsoft SMTP Server (TLS) id 14.3.408.0; Mon, 12 Nov 2018 23:43:05 -0800 Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.117]) by shsmsx102.ccr.corp.intel.com ([169.254.2.84]) with mapi id 14.03.0415.000; Tue, 13 Nov 2018 15:43:03 +0800 From: "Ni, Ruiyu" To: "edk2-devel@lists.01.org" , "'Andrew Fish (afish@apple.com)'" , Leif Lindholm , "Kinney, Michael D" , Laszlo Ersek CC: "Dong, Eric" Thread-Topic: [edk2] [PATCH] UefiCpuPkg/CommonFeature: Always set FEATURE_CONTROL.Lock Thread-Index: AQHUeyNKrsTK0YRXW0K+qP93I9NqC6VNUnBw Date: Tue, 13 Nov 2018 07:43:02 +0000 Message-ID: <734D49CCEBEEF84792F5B80ED585239D5BF03AF8@SHSMSX104.ccr.corp.intel.com> References: <20181113073510.31208-1-ruiyu.ni@intel.com> In-Reply-To: <20181113073510.31208-1-ruiyu.ni@intel.com> Accept-Language: en-US, zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH] UefiCpuPkg/CommonFeature: Always set FEATURE_CONTROL.Lock X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Nov 2018 07:43:07 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable All Tianocore stewards, I'd like to include the below patch (a revert patch) in this stable tag rel= ease. It's to fix a potential security hole when platform mis-configures the PcdCpuFeaturesUserConfiguration. Thanks/Ray > -----Original Message----- > From: edk2-devel On Behalf Of Ruiyu Ni > Sent: Tuesday, November 13, 2018 3:35 PM > To: edk2-devel@lists.01.org > Cc: Kinney, Michael D ; Laszlo Ersek > ; Dong, Eric > Subject: [edk2] [PATCH] UefiCpuPkg/CommonFeature: Always set > FEATURE_CONTROL.Lock >=20 > The patch reverts commit 1ed6498c4a0210204bf4b95cc0c0cd6623ad6a0b > * UefiCpuPkg/CommonFeature: Skip locking when the feature is disabled >=20 > FEATURE_CONTROL.Lock bit is controlled by feature > CPU_FEATURE_LOCK_FEATURE_CONTROL_REGISTER. The commit 1ed649 > fixes > a bug that when the feature is disabled, the Lock bit is cleared. > But it's a security hole if the bit is cleared when booting OS. > We can argue that platform needs to make sure the value > of PcdCpuFeaturesUserConfiguration should be set properly to make > sure feature CPU_FEATURE_LOCK_FEATURE_CONTROL_REGISTER is enabled. >=20 > But it's better to guarantee this in the generic core code. >=20 > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Ruiyu Ni > Cc: Eric Dong > Cc: Laszlo Ersek > Cc: Andrew Fish > Cc: Leif Lindholm > Cc: Michael D Kinney > --- > UefiCpuPkg/Library/CpuCommonFeaturesLib/FeatureControl.c | 11 +-------- > -- > 1 file changed, 1 insertion(+), 10 deletions(-) >=20 > diff --git a/UefiCpuPkg/Library/CpuCommonFeaturesLib/FeatureControl.c > b/UefiCpuPkg/Library/CpuCommonFeaturesLib/FeatureControl.c > index 631c836857..8c1eb5eb4f 100644 > --- a/UefiCpuPkg/Library/CpuCommonFeaturesLib/FeatureControl.c > +++ b/UefiCpuPkg/Library/CpuCommonFeaturesLib/FeatureControl.c > @@ -1,7 +1,7 @@ > /** @file > Features in MSR_IA32_FEATURE_CONTROL register. >=20 > - Copyright (c) 2017 - 2018, Intel Corporation. All rights reserved.
> + Copyright (c) 2017, Intel Corporation. All rights reserved.
> This program and the accompanying materials > are licensed and made available under the terms and conditions of the = BSD > License > which accompanies this distribution. The full text of the license may= be > found at > @@ -184,15 +184,6 @@ LockFeatureControlRegisterInitialize ( > { > MSR_IA32_FEATURE_CONTROL_REGISTER *MsrRegister; >=20 > - // > - // When Lock Feature Control Register feature is disabled, > - // just skip the MSR lock bit setting. > - // The MSR lock bit is cleared by default and write-once in a boot. > - // > - if (!State) { > - return RETURN_SUCCESS; > - } > - > // > // The scope of Lock bit in the MSR_IA32_FEATURE_CONTROL is core for > // below processor type, only program MSR_IA32_FEATURE_CONTROL for > thread 0 in each > -- > 2.16.1.windows.1 >=20 > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel