From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "Wu, Hao A" <hao.a.wu@intel.com>,
"edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Subject: Re: [PATCH v1][edk2-platforms/devel-MinPlatform] MinPlatformPkg/Test: [CVE-2017-5753] Fix bounds check bypass
Date: Sun, 30 Sep 2018 10:12:06 +0000 [thread overview]
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503ADA7ECC@shsmsx102.ccr.corp.intel.com> (raw)
In-Reply-To: <20180930052843.13840-1-hao.a.wu@intel.com>
Reviewed-by: jiewen.yao@intel.com
> -----Original Message-----
> From: Wu, Hao A
> Sent: Sunday, September 30, 2018 1:29 PM
> To: edk2-devel@lists.01.org
> Cc: Wu, Hao A <hao.a.wu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>
> Subject: [PATCH v1][edk2-platforms/devel-MinPlatform]
> MinPlatformPkg/Test: [CVE-2017-5753] Fix bounds check bypass
>
> Speculative execution is used by processor to avoid having to wait for
> data to arrive from memory, or for previous operations to finish, the
> processor may speculate as to what will be executed.
>
> If the speculation is incorrect, the speculatively executed instructions
> might leave hints such as which memory locations have been brought into
> cache. Malicious actors can use the bounds check bypass method (code
> gadgets with controlled external inputs) to infer data values that have
> been used in speculative operations to reveal secrets which should not
> otherwise be accessed.
>
> This commit will focus on the SMI handler(s) registered within
> TestPointCheckLib & TestPointLib and insert AsmLfence API to mitigate the
> bounds check bypass issue.
>
> A. For SMI handler TestPointSmmHandler() within TestPointCheckLib:
>
> Under "case
> TEST_POINT_SMM_COMMUNICATION_FUNC_ID_UEFI_GCD_MAP_INFO:",
> 'CommBuffer' (controlled external inputs) is passed into function
> TestPointSmmReadyToBootSmmPageProtectionHandler().
>
> Within function TestPointSmmReadyToBootSmmPageProtectionHandler(),
> the
> contents in 'CommBuffer' will be copied into 'CommData'. But if the size
> and sanity checks for the communication buffer is speculatively bypassed,
> '(UINTN)CommData + CommData->UefiMemoryMapOffset)' can potentially
> point
> to cross boundary area of 'CommData'. This pointer is then passed into
> function TestPointCheckSmmCommunicationBuffer() as 'UefiMemoryMap'.
>
> Within function TestPointCheckSmmCommunicationBuffer(),
> 'MemoryMap->PhysicalStart' can be a potential cross boundary access. And
> its value can be inferred by function calls sequence:
>
> TestPointCheckPageTable() via 'BaseAddress'
> GetPageTableEntry() via 'BaseAddress'. Then one can observe which part of
> the content within arrays 'L4PageTable', 'L3PageTable', 'L2PageTable' or
> 'L1PageTable', was brought into cache to possibly reveal the value.
>
> B. For SMI handler SmmTestPointSmiHandler() within TestPointLib:
>
> Under "case
> SMI_HANDLER_TEST_POINT_COMMAND_GET_DATA_BY_OFFSET:",
> 'CommBuffer' (controlled external inputs) is passed into function
> SmmTestPointSmiHandlerGetDataByOffset().
>
> Within function SmmTestPointSmiHandlerGetDataByOffset(), the contents in
> 'CommBuffer' will be copied into 'SmiHandlerTestPointGetDataByOffset'. But
> if the size and sanity checks for the communication buffer is
> speculatively bypassed, 'SmiHandlerTestPointGetDataByOffset.DataSize' can
> be a potential cross boundary access.
>
> Then in function SmiHandlerTestPointCopyData(), this value can be inferred
> by code:
> CopyMem(
> DataBuffer,
> (UINT8 *)InputData + *DataOffset,
> (UINTN)*DataSize
> );
> One can observe which part of the content within 'DataBuffer' was brought
> into cache to possibly reveal the cross bounary access value.
>
> Hence, this commit adds AsmLfence() calls after the boundary/range checks
> of the communication buffer to prevent the speculative execution.
>
> A more detailed explanation of the purpose of commit is under the
> 'Bounds check bypass mitigation' section of the below link:
> https://software.intel.com/security-software-guidance/insights/host-firmw
> are-speculative-execution-side-channel-mitigation
>
> And the document at:
> https://software.intel.com/security-software-guidance/api-app/sites/defaul
> t/files/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf
>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Hao Wu <hao.a.wu@intel.com>
> ---
>
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/SmmTestPoi
> ntCheckLib.c | 7 +++++++
>
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointLib/SmmTestPointCo
> mmunication.c | 8 +++++++-
> 2 files changed, 14 insertions(+), 1 deletion(-)
>
> diff --git
> a/Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/SmmTestP
> ointCheckLib.c
> b/Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/SmmTestP
> ointCheckLib.c
> index b40469b278..dc40dae6d5 100644
> ---
> a/Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/SmmTestP
> ointCheckLib.c
> +++
> b/Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/SmmTestP
> ointCheckLib.c
> @@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF
> ANY KIND, EITHER EXPRESS OR IMPLIED.
> #include <PiSmm.h>
> #include <Library/TestPointCheckLib.h>
> #include <Library/TestPointLib.h>
> +#include <Library/BaseLib.h>
> #include <Library/DebugLib.h>
> #include <Library/BaseMemoryLib.h>
> #include <Library/MemoryAllocationLib.h>
> @@ -374,6 +375,12 @@
> TestPointSmmReadyToBootSmmPageProtectionHandler (
> }
>
> if (CommData->UefiMemoryMapSize != 0) {
> + //
> + // The AsmLfence() call here is to ensure the previous range/content
> checks
> + // for the CommBuffer (copied in to CommData) have been completed
> before
> + // calling into TestPointCheckSmmCommunicationBuffer().
> + //
> + AsmLfence ();
> Result = TRUE;
>
> Status = TestPointCheckSmmCommunicationBuffer (
> diff --git
> a/Platform/Intel/MinPlatformPkg/Test/Library/TestPointLib/SmmTestPointC
> ommunication.c
> b/Platform/Intel/MinPlatformPkg/Test/Library/TestPointLib/SmmTestPointC
> ommunication.c
> index cce0538832..b4757da046 100644
> ---
> a/Platform/Intel/MinPlatformPkg/Test/Library/TestPointLib/SmmTestPointC
> ommunication.c
> +++
> b/Platform/Intel/MinPlatformPkg/Test/Library/TestPointLib/SmmTestPointC
> ommunication.c
> @@ -251,7 +251,13 @@ SmmTestPointSmiHandlerGetDataByOffset (
>
> SmiHandlerTestPointParameterGetDataByOffset->Header.ReturnStatus =
> (UINT64)(INT64)(INTN)Status;
> goto Done;
> }
> -
> +
> + //
> + // The AsmLfence() call here is to ensure the previous range/content
> checks
> + // for the CommBuffer have been completed before calling into
> + // SmiHandlerTestPointCopyData().
> + //
> + AsmLfence ();
> SmiHandlerTestPointCopyData (
> Data,
> DataSize,
> --
> 2.12.0.windows.1
prev parent reply other threads:[~2018-09-30 10:12 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-30 5:28 [PATCH v1][edk2-platforms/devel-MinPlatform] MinPlatformPkg/Test: [CVE-2017-5753] Fix bounds check bypass Hao Wu
2018-09-30 10:12 ` Yao, Jiewen [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=74D8A39837DF1E4DA445A8C0B3885C503ADA7ECC@shsmsx102.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox