From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 5E52421148DC5 for ; Thu, 20 Sep 2018 06:22:03 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.24]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B25AD308ED64; Thu, 20 Sep 2018 13:22:02 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-255.rdu2.redhat.com [10.10.120.255]) by smtp.corp.redhat.com (Postfix) with ESMTP id 12966308BDA0; Thu, 20 Sep 2018 13:22:00 +0000 (UTC) To: Hao Wu , edk2-devel@lists.01.org Cc: Eric Dong , Liming Gao , Jiewen Yao , Michael D Kinney , Star Zeng References: <20180920064103.14600-1-hao.a.wu@intel.com> From: Laszlo Ersek Message-ID: <7a0117b7-da5b-4364-1686-1a64e0d76a20@redhat.com> Date: Thu, 20 Sep 2018 15:22:00 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <20180920064103.14600-1-hao.a.wu@intel.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.24 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Thu, 20 Sep 2018 13:22:02 +0000 (UTC) Subject: Re: [PATCH v1 0/5] [CVE-2017-5753] Bounds Check Bypass issue in SMI handlers X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Sep 2018 13:22:03 -0000 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 09/20/18 08:40, Hao Wu wrote: > The series aims to mitigate the Bounds Check Bypass (CVE-2017-5753) issues > within SMI handlers. > > A more detailed explanation of the purpose of the series is under the > 'Bounds check bypass mitigation' section of the below link: > https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation > > And the document at: > https://software.intel.com/security-software-guidance/api-app/sites/default/files/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf > > Cc: Ard Biesheuvel > Cc: Laszlo Ersek > Cc: Jiewen Yao > Cc: Michael D Kinney > Cc: Liming Gao > Cc: Star Zeng > Cc: Eric Dong I'd like to test this series, but before I do that, I'll wait a bit longer for other review feedback. Please ping me, should I forget. Thanks Laszlo