From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.92.19.100]) by mx.groups.io with SMTP id smtpd.web11.7259.1687548729569985458 for ; Fri, 23 Jun 2023 12:32:09 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@outlook.com header.s=selector1 header.b=jMZJjRpN; spf=pass (domain: outlook.com, ip: 40.92.19.100, mailfrom: spbrogan@outlook.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ln9E1NgkscDPSjcHc3y7VdEj/2Sb82a0Sr36ywZPLMHK8t59yIPHoPLt40I6ySIuAhfz9jxURhd835N7O+COwHp1nENif91Kzjfm3hK0BTtHdl+i1AqsxPCpog0cIZfKk+BUdRlC1jgdC/2lJTSmcJRlolaUzumFlzsCkTBsCdbUdq7FhmcYg92ms10peP4puNBhg+zI9p6jUAiZl33I4pE7ibn1OiEYakAoGzHI2KYIS68kKgXWHOAMiR5Kyzh1fonRBNodiIPiK3+UUQzbEa7N0552jWKcXdOivx/eQVBdRfwIjKQ4pH4IQ6PTk3jiY+FIu5gc9qXSMDWBeT/L1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=usbGsfHl7BkAHevKhQE/tGlvtTNuNmacDFFlJBRVoTU=; b=Ec7//OPA9XdreYYTCkDjRGMGlfN1+hYAzT5/d1DwJmapSgYrSLNlfbnJknm5NPaxhJLskW/5fAtXHvoLXvIWdDx+aiVegxohUZTmJ9ROQfTCfvAQva4yOKxZYc5MrUh2zUsKMsm1bpi0eOxiGG+k4FKWeQJL7rylR8jCEAnpBsH+jW+xjZcuNFjlsxEcl5qAHdr3rZy2lsSKmQHVMcZHqwGmvi8SOQLjvSlpbyCEX0POZWPXEm6XyaDlVVTBL1o1m76fKQIZ8eWfzQ8vgVBwzG1Z1TH/Xg3In/sB/i/RIio0vgde5MqaqCXsiujWf7Q1hRh99fd+JZYoWDv3Vt57KA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=usbGsfHl7BkAHevKhQE/tGlvtTNuNmacDFFlJBRVoTU=; b=jMZJjRpNS3iIpeXynJh+k49HexiuO1AGky6BKcD8jMJRqM1yUOwkXuBt8z1akXfuU8rpGYPxYO3RUDCpI4wpO2Lh2wvnFvcZOK2HshVKiUDJ2jgbmyDLQOxaWXrkKovYOSGFK5/hr6cp+aapVU8tG9MwvehlxOk1hva1KTi4Cl8vATexjJ0uPRZF8ONEBf+VTr6akkDOM90Z9LQqOQwniILNDLCjVrSJb4D74uTBcHbeDxFuaSFeSfAqVlwGVP+Kp23SiqBl2opMPzM8VccrkGexVSfvbpBcibVJuGT2kmXaJJY33stPI2PB+oXxBmy3mCgOkN5gyusgtt7QcMaUcQ== Received: from BY3PR19MB4900.namprd19.prod.outlook.com (2603:10b6:a03:354::11) by CH3PR19MB8164.namprd19.prod.outlook.com (2603:10b6:610:1a7::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6521.26; Fri, 23 Jun 2023 19:32:07 +0000 Received: from BY3PR19MB4900.namprd19.prod.outlook.com ([fe80::3f34:d4b:3873:2cac]) by BY3PR19MB4900.namprd19.prod.outlook.com ([fe80::3f34:d4b:3873:2cac%5]) with mapi id 15.20.6521.026; Fri, 23 Jun 2023 19:32:07 +0000 Message-ID: Date: Fri, 23 Jun 2023 12:32:05 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0 Subject: Re: [edk2-devel] [PATCH 1/1] ArmPkg: Add Pcd to disable EFI_MEMORY_ATTRIBUTE_PROTOCOL To: Ard Biesheuvel CC: devel@edk2.groups.io, kraxel@redhat.com, Oliver Steffen , Ard Biesheuvel , Daniel Schaefer , Eric Dong , Leif Lindholm , Liming Gao , Michael D Kinney , Rahul Kumar , Ray Ni , Sami Mujawar , Sunil V L , Zhiguang Liu , Taylor Beebe , Oliver Smith-Denny , Michael Kubacki References: <20230619203244.228933-1-osteffen@redhat.com> From: "Sean" In-Reply-To: X-TMN: [iq+3JkPDpMvKA9JhNlErOnTV4yVuLfBt] X-ClientProxiedBy: MW4P222CA0010.NAMP222.PROD.OUTLOOK.COM (2603:10b6:303:114::15) To BY3PR19MB4900.namprd19.prod.outlook.com (2603:10b6:a03:354::11) Return-Path: spbrogan@outlook.com X-Microsoft-Original-Message-ID: MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BY3PR19MB4900:EE_|CH3PR19MB8164:EE_ X-MS-Office365-Filtering-Correlation-Id: 5ce04128-c041-449b-c441-08db742087e9 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 1DiabnmS+7efxYW8XtNCnKjE9NkCXGtJ3b/NAbzOp2TTQxBMC18Z/VOr0URCF1y1jgFZZyd6amT7VbuzQKjCH8VIlKPRdgCSD+PzBk+ShIyEwNCcJ3hDOVagmoefhx5N0LFnbTgiGjrexQkWXbu8VklQ/x1YdgmqVnSP4pQ13B4m9B9qTDV4xnLhgjU2b5O+P4dYlg8onUYo14gmZy8MdRBCwAbi6JH0s9QEk3z0kvPghzPGv9oMuCOLV1O0bKSEa09LtxONhGYplBFG0C87sXnFUUk7+RjPCfBxrggCWWYDzfe6+VtutQ9rknhtH3QNKKzcUqhfeetrmABKG9DhBkqJAWlyD/ztEfbLYojEUhW/hrgxv+cWb3B8X5pl2bq3qPNxwWQG4isxrW8xp+y2IGb2SKy4kyBTwav5Vt3GLWdJWOy1Xm/sAT1wSEcsV9bp7fZWA8BT+ngF0suzTzpgsGIfEgc2APpuZgeZ50cYnECDgSs63HXrvHG4GognMpObti1JSD1N2XMeuMIh/z2HubL9CtREhJSrzev+uEFxPUBydyVYmoZURAIsmjVDnVb/ X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?V9B6MMqQ+9GCAb5kDr8FZGozy+H2S6yy0Mhbo+Ql6VamBsFvLbYg8uaalsLw?= =?us-ascii?Q?PRGLahlV8KL/FAaiE/jFP91dVXiLjfKtZIm2js557/akSs7V/K2ehegaVHsz?= =?us-ascii?Q?eevBNY2HIaxwdjWhFTgY4QnvrjU71eMsg7neXBJsaMP8G+S7LBddiNpDfk0b?= =?us-ascii?Q?Ok9FZz+Lwr9riMJnlnV51Bv1jRwvLUnVdq8Ii8PABBVsHYdfJd0o60gH3olj?= =?us-ascii?Q?xnReI0fCicgfu/ZKdJy83oIymubSmpKnPnyBMFaoX6/GqWM3dDjTDsduzKae?= =?us-ascii?Q?yTUCf6R3nx6QAGqkxOd3cVLmpJUmW5btvSoCNd6dt3YiGeMywiLhgwVOKh9m?= =?us-ascii?Q?9UhKEpeppKpN6ZlMn9C1dWQhN9l0PJd/78h6olLc8jmQhmdLIlsrYFP7ibL2?= =?us-ascii?Q?086nSo3BV84+zpgiGSaOiGi4bXOuTvN6GO9r56wZd0c8if8vPylf59n+/tf2?= =?us-ascii?Q?rNH4Iw9n2hRCXQiEzztwS95stQBVprxJrJcD825XixnVZUUASCDTmM/FYTES?= =?us-ascii?Q?7F+Kko92x1boYdp7DVpNxSx0yemt6ZSFl3uUIedjjKF+CEFUHCWU7pr96J1s?= =?us-ascii?Q?r9rheBC/606uwcLyfhBYPyuHaxMwx49yyOPNWgStVfGR9BZloCRAVDTsLCh8?= =?us-ascii?Q?44lRQQ9tDuK3LR4rr70vfTfhACYDX3y4/gSQdUhF6ns194jxhEaGwliL7dOD?= =?us-ascii?Q?ADwM6Zi4jUTctaFwYNX+/rG2gahTu9EoEco1mFjvIM2H0Iuis0eAuWOrw5+H?= =?us-ascii?Q?7QGm0rWaYHCZ78empA3j/LHlWqyzpPX49s4l9zbB+CIAHiCxZAkzdtj0rDAg?= =?us-ascii?Q?Blnczsp6/OXl6o3+ozdGJOrTNlgpZ4TYdHsDp8w29OyKlhCIo3XfXTB7gR+H?= =?us-ascii?Q?UTci2oQvo0rLtbms5LOxiXtOEkp20VtKt9j7ePG1w0M+0OFbiWxMsp13YdF6?= =?us-ascii?Q?go/Xh83oqOob6TNNO+MsNpJpLe51kUw24SNWxmlQKGIIDQihSzg8iIYFpqeW?= =?us-ascii?Q?tTQeTCIbev8QQqEr97hYzds5/RHQlJ409nGR/h5g2FUuBucpB6heNWyQtOKv?= =?us-ascii?Q?ybNp1hYUsXeWZ9uGaKGidFKgQVrDglaTESILMl4lSL9ekE5Dh0DVxOkMCF4U?= =?us-ascii?Q?0sT41fCLiTq5qekX8ua5ZfeLjSLXNLitWclQz21R1nuI2g3eRktop5dmvb1a?= =?us-ascii?Q?OUdnRmIT3F2cVk3CIp+s7W45aet0miglqM9yQQ=3D=3D?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5ce04128-c041-449b-c441-08db742087e9 X-MS-Exchange-CrossTenant-AuthSource: BY3PR19MB4900.namprd19.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jun 2023 19:32:07.5188 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR19MB8164 Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable I think that is an interesting idea but I would expect some push back=20 from OS loader maintainers. I would expect they don't want to be=20 constrained by the lowest common capabilities of the platforms they=20 still support/run on in the ecosystem.=C2=A0=C2=A0 Not to mention the chall= enges=20 around servicing and/or updating for bugs or features. Example: Shim would not have been able to implement their version of=20 SBAT in said scenario. I know the Windows Boot team has been cautious about taking a dependency=20 on the platform's UEFI and I would expect strong push back on them=20 moving to using the platform's provided UEFI loader. But I do agree with your goals.=C2=A0 Is there a better way using open=20 source?=C2=A0 Could the PE loader/authenticode be a library managed as it's= =20 own project and be integrated into other pre-boot applications?=C2=A0=C2=A0= Would=20 that help to eliminate bugs like this one and provide a better=20 infrastructure to build on? Thanks Sean On 6/23/2023 9:26 AM, Ard Biesheuvel wrote: > On Tue, 20 Jun 2023 at 19:07, Sean Brogan wrote: >> I don't think a MemoryAttributes2Protocol with a single API would have a= voided the errors. >> >> The programming pattern that triggered this would still need multiple ca= lls to any API and in the future where all memory is allocated as NX this p= ossibility would still exist. >> >> A short term effort to minimize the compatibility problem in the ecosyst= em is documented here Memory Protections: Document compatibility challenges= =C2=B7 Issue #18 =C2=B7 tianocore/projects (github.com) It does not addre= ss (and i don't see any reason to try to) a loader that uses the protocol i= ncorrectly. >> >> We have provided virtual reference platforms with these features enabled= (both arm and x86) and have been working with the relevant communities for= multiple years now. The UEFI CA for option roms already have compliance r= equirements (UPDATED: UEFI Signing Requirements - Microsoft Community Hub).= But there are and will continue to be compatibility challenges when enabl= ing a more restrictive execution environment in uefi and the uefi ecosystem= . The more things we make optional the longer this transition period will = take. "Memory Mitigations" were proposed and mostly coded over a decade = ago. The code changes are not that difficult. To change our vast and unwie= ldy ecosystem is the hard part. Please help to "stay the course" for this= very necessary industry change. If a production platform has requirement= s that force such a configuration option that is understandable but it is c= ounter productive in open-source industry standard reference Edk2 code. >> > Fair enough. > > But I will note that the only reason we are in this situation in the > first place is because shim has to re-implement the PE loader, cert > handling and all related crypto, and needs the memory attributes > protocol to manipulate the RO/NX permissions. > > Now that we are taking these things seriously, wouldn't it be *much* > better to get rid of all this cruft, and specify a method by which a > loader can provide an ephemeral DB that the system firmware will > authenticate against? That way, we can reduce shim to a single > SetVariable() call that creates the ephemeral DB (and perhaps a call > into the TPM code to measure it), which is arguably a lot easier to > audit than the code we have today.