From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: Laszlo Ersek <lersek@redhat.com>
Cc: edk2-devel-groups-io <devel@edk2.groups.io>,
"Ni, Ray" <ray.ni@intel.com>
Subject: Re: WSMT bits
Date: Wed, 11 Mar 2020 02:01:06 +0000 [thread overview]
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503F97B579@shsmsx102.ccr.corp.intel.com> (raw)
In-Reply-To: <3c32815c-3ee9-261a-b473-1be341bdfb0c@redhat.com>
Thanks Laszlo. I am glad that you like the whitepaper.
Right. The platform should assert the WSMT bit, because the platform need make sure that all SMI handlers do right thing for SMM communication buffer.
Using PcdCpuSmmRestrictedMemoryAccess is a good way to ensure any violation can be caught. It is highly recommend, unless it conflicts with some other features such as heap guard debug, or server memory hotplug.
I recommend we keep MemoryTypeInfo as a separate topic for https://bugzilla.tianocore.org/show_bug.cgi?id=1086
I still think memory type information should be used - 1.3.2.
I just do not understand well enough on your comment - " OVMF can be booted with 128 MiB RAM and 1 TiB RAM just the same, and so a platform PEIM cannot tell, in advance, what is a valid Memory Type Information variable that the DXE core will accept ..."
You are right that OVMF can boot with 128MB or 1TB. But that is all DRAM, right?
BIN size should be same, because BIN only includes Runtime/ACPI/Reserved memory. That is no reason to make them different between 128MB and 1TB.
Or do I misunderstand something? Would you please educate me why they are different?
Thank you
Yao Jiewen
> -----Original Message-----
> From: Laszlo Ersek <lersek@redhat.com>
> Sent: Tuesday, March 10, 2020 9:48 PM
> To: Yao, Jiewen <jiewen.yao@intel.com>
> Cc: edk2-devel-groups-io <devel@edk2.groups.io>; Ni, Ray <ray.ni@intel.com>
> Subject: Re: WSMT bits
>
> Hi again Jiewen,
>
> On 03/10/20 10:36, Laszlo Ersek wrote:
> > Hi Jiewen,
> >
> > reading the following chapter:
> >
> > https://edk2-docs.gitbooks.io/a-tour-beyond-bios-memory-protection-in-
> uefi-bios/content/memory-protection-in-SMM.html
> >
> > I'm having trouble associating the protection features implemented in
> > edk2 with the various bits in the WSMT (per
> > "MdePkg/Include/IndustryStandard/WindowsSmmSecurityMitigationTable.h").
> >
> > For example, it seems like the bits a platform sets in the WSMT *might*
> > depend on "PcdCpuSmmRestrictedMemoryAccess".
> >
> > Can someone clarify these please?
> >
> >
> > FWIW, in the edk2-platforms tree, the
> > "Platform/Intel/Vlv2TbltDevicePkg/AcpiPlatform/AcpiPlatform.c" source
> > file sets EFI_WSMT_PROTECTION_FLAGS_FIXED_COMM_BUFFERS and
> >
> EFI_WSMT_PROTECTION_FLAGS_COMM_BUFFER_NESTED_PTR_PROTECTION.
> It does not
> > set EFI_WSMT_PROTECTION_FLAGS_SYSTEM_RESOURCE_PROTECTION.
> >
> > Is this bitmask (from Vlv2TbltDevicePkg) the general pattern that other
> > edk2 platforms with SMM support should expose too, as a starting point?
>
> I have now read another whitepaper from you:
>
> A Tour Beyond BIOS
> Secure SMM Communication in the EFI Developer Kit II
>
> It's a great whitepaper, it answers all my questions. Based on it, I
> think that OVMF should enable all three bits in the WSMT:
>
> (1) BIT0 -- FIXED_COMM_BUFFERS:
>
> (1.1) OVMF uses the standard edk2 SMM infrastructure. Drivers in that
> infrastructure verify that the communication buffers that they receive
> are in permitted regions (no overlap with SMRAM, and resident in
> permitted memory types), via SmmIsBufferOutsideSmmValid().
>
> (1.2) OVMF contains only one custom SMI handler (which is for CPU
> hotplug). This handler does use normal RAM for a bit of communication
> with hot-added CPUs, but the RAM used for this purpose is allocated as
> reserved memory, and before End-of-Dxe.
>
> Furthermore, TOC-TOU is actively considered and mitigated, as the
> "communication area" is a single byte (a boolean flag), and the design
> considers the OS actively attacking that byte.
>
> (2) BIT1 -- COMM_BUFFER_NESTED_PTR_PROTECTION:
>
> OVMF uses the standard edk2 SMM infra, which validates the targets of
> nested pointers.
>
> The custom SMI handler (for CPU hotplug) does not process pointers that
> arrive from an untrusted context.
>
> (3) BIT2 -- SYSTEM_RESOURCE_PROTECTION:
>
> This bit is defined somewhat unclearly, but OVMF does lock both TSEG,
> and the QEMU-specific "SMRAM at default SMBASE", at SmmReadyToLock. See
> e.g. commit 9108fc17b09c ("OvmfPkg/SmmAccess: close and lock SMRAM at
> default SMBASE", 2020-02-05).
>
> So I think OVMF should install the WSMT, and set all three bits.
>
>
> However, there's a catch, for (1) FIXED_COMM_BUFFERS:
>
> (1.3) While OVMF produces a Memory Type Information HOB, it is not
> *adaptive*.
>
> I'm not sure what the whitepaper suggests:
>
> (1.3.1) that the HOB exist (because then released / unused BINs will
> never become usable memory in the final memory map),
>
> (1.3.2) or that BINs should actually accommodate all the allocations (so
> that no runtime memory is reallocated *ever*).
>
> Because, in the non-adaptive approach (1.3.1), what happens if there is
> a RuntimeData reallocation after End-of-Dxe, but even the *previous*
> allocation (that's now getting released) used to live outside of a BIN?
>
> Unfortunately, enabling the adaptive Memory Type Information (1.3.2) for
> OVMF is challenging, due to
> <https://bugzilla.tianocore.org/show_bug.cgi?id=1086>. OVMF can be
> booted with 128 MiB RAM and 1 TiB RAM just the same, and so a platform
> PEIM cannot tell, in advance, what is a valid Memory Type Information
> variable that the DXE core will accept, vs. an invalid Memory Type
> Information variable that the DXE core will reject (and hang upon, due
> to BIN priming failure).
>
> Thanks
> Laszlo
next prev parent reply other threads:[~2020-03-11 2:01 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-10 9:36 WSMT bits Laszlo Ersek
2020-03-10 13:48 ` Laszlo Ersek
2020-03-11 2:01 ` Yao, Jiewen [this message]
2020-03-11 10:23 ` Laszlo Ersek
2020-03-11 12:00 ` Yao, Jiewen
2020-03-11 13:02 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=74D8A39837DF1E4DA445A8C0B3885C503F97B579@shsmsx102.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox