From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-vs1-f49.google.com (mail-vs1-f49.google.com [209.85.217.49]) by mx.groups.io with SMTP id smtpd.web10.2371.1649875611587148922 for ; Wed, 13 Apr 2022 11:46:51 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=Z5t3qX+m; spf=pass (domain: gmail.com, ip: 209.85.217.49, mailfrom: pedro.falcato@gmail.com) Received: by mail-vs1-f49.google.com with SMTP id l11so2421245vsi.8; Wed, 13 Apr 2022 11:46:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RHSKiT9Lcvi9zqecHtzA4u+qFKFEVfM5AxpFbPoKneo=; b=Z5t3qX+mHxrEW4ZYPIIJhzt29rIjg148WCeEYzyqPFB7BxbCMfwccaYG6l58DK3GT+ wbdyFfTJHdddu/48iAJmaOFm9xxZO4AxMh+I/6dI++2FOVNoP9oYnFgg+FOPLY2COf74 FQI6ZlPnP73CK+s4+veL15Y7puV0UVzsw5bK/dBNunL1ubhID4JBOO7jyr2RcVCYPoZp tES5xb/zt8aTyFyB+/rOfs7dmzROu9J79GY3l2KPliRe0jHDQCWfFF7pgP9TlrjkelkV OwemOQuCixAh2Wnchu9Ds+YjGKPiS2weA8FZOpqrY5wilx0Xo81v2DDlTpJeYGn8oB6D 3GOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RHSKiT9Lcvi9zqecHtzA4u+qFKFEVfM5AxpFbPoKneo=; b=o2K4CjhXxNDfYSvuRyuJveFblPkWXXvs1YTLMqaPwih45574jUQJStQME/WTO1ZA+u HIbt5upuunN8FVfnXQaDQELa8cajGbXUHPe3oMksKnCC4y5ILW+lmOv+T6NTlgkepc7N QALLNg5gbjppR3pix0JJ1dgtvgXkr7FVA09Aq6g7pQ+d3reeyqKegbh6pMZlfXo/HdrR vxIGfd0nSH7awougIYY9kwuQwmzdVYsS7hMPVF/bM1aDoVzLxnq8qNZSAHi3qwiDHsMg I06wM1Wt0w4fWflno0kXR9TMIY9/iKR9+EolTTVCvaaWLtTaqb3wng8ljllsAX2fmqnV Txrg== X-Gm-Message-State: AOAM532dvqv2UdCq3o0E/Q/k0m3zqs8M3Clk1ft77R+x5nzsFOk2awVs /rinJxKqCTWjYX6qJ0bXp8E+szgVxYJa8Ow4hMXP4gNgtZY= X-Google-Smtp-Source: ABdhPJz77bERFXHz602yZXvziGHsuDQFw/lPyMOT1slYF8N8p+b95G3JlyS0BDaLpU4lqQjadRClj6g3Z+KEDX1i+uQ= X-Received: by 2002:a67:bd04:0:b0:329:157:6731 with SMTP id y4-20020a67bd04000000b0032901576731mr1000vsq.75.1649875610548; Wed, 13 Apr 2022 11:46:50 -0700 (PDT) MIME-Version: 1.0 References: <4EC8A9B4-A4BE-45E0-B599-C21552251D54@posteo.de> In-Reply-To: From: "Pedro Falcato" Date: Wed, 13 Apr 2022 19:46:39 +0100 Message-ID: Subject: Re: [edk2-devel] [edk2-discuss] GSoC Proposal To: edk2-devel-groups-io , adachristine18@gmail.com Cc: =?UTF-8?Q?Marvin_H=C3=A4user?= , discuss@edk2.groups.io, Nate DeSimone , steven.shi@intel.com Content-Type: multipart/alternative; boundary="000000000000b0bbfb05dc8d99d4" --000000000000b0bbfb05dc8d99d4 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable GSoC tip: Try to spread your proposals out. If we don't have enough project slots for you, all your 3 proposals get rejected and your GSoC participation goes out the window. Take a look at our project ideas and ask questions, and take a look at other orgs if you want. Also, don't forget that these project ideas are just suggestions, and you're free (and encouraged) to build on top of them, or write your own proposal from scratch. Best regards, Pedro On Wed, Apr 13, 2022 at 6:53 PM Ada Christine wrote: > i can submit up to three proposals. I'll give all of this some thought an= d > a little research and start putting at least two proposals together > starting Friday. :) > > On Wed, Apr 13, 2022, 15:15 Marvin H=C3=A4user wrote= : > >> >> On 13. Apr 2022, at 16:38, Ada Christine >> wrote: >> >> =EF=BB=BFi was replying via the groups.io web interface, I'm guessing th= at >> messed up >> the thread? i haven't used mailing lists before and don't know how they >> work. I'll use my mail client from here on. >> >> I'm on board with not treating EFI as an operating system. the more i >> think >> about it the more it looks like scope creep. >> >> >> Agreed. >> >> I'm not quite as enthusiastic >> about it as i was at first glance. >> >> I'm still keen on doing my gsoc proposal for edk, though, and even if th= is >> task and the acpica application are decided to be out of scope unit >> testing, >> >> >> How about fuzz-testing? This is also something edk2 needs quite badly. A= t >> Acidanthera, we compile edk2 code in userspace outside the edk2 build >> system and fuzz with dummy applications. >> >> clang integration >> >> >> Pedro and Vitaly are looking for someone to finish ASan: >> https://edk2.groups.io/g/devel/topic/90010978#87991 >> There are working UBSan concepts, but they also need to be mainlined. >> >> and source-level debugging are all relevant to >> my interests. >> >> how about your ideas for security stuff? >> >> >> I want the entirety of MM to leverage SmmMemLib and to support SMAP. >> SmmMemLib would then handle UEFI->MMRAM and BaseMemoryLib would only wor= k >> on MMRAM. Also evaluation of how to best avoid pointers in MM communicat= ion >> buffers would be nice. >> >> There also is a bunch of other stuff, like working out moving a part of >> CpuDxe into DxeCore to have memory protection live immediately, memory >> protection in PEI, a replacement for the TE format (it=E2=80=99s buggy a= nd most >> platforms mostly abandoned it over various issues), and alternatives to >> guarding critical code with SMM (like allowing NVRAM commits only as par= t >> of a reboot). >> >> I personally find all of those projects very important, but I cannot >> promise many people agree. Especially those that impose global changes >> (most notably the TE replacement) may be very tedious to submit. Gladly,= I >> believe you can submit multiple proposals (?) >> >> Best regards, >> Marvin >> >> I'm not very knowledgeable about >> trusted platform or secure boot but I'm willing to learn whatever is >> necessary to get something spun up for my proposal. >> >> On Wed, Apr 13, 2022, 12:05 Marvin H=C3=A4user wrot= e: >> >> Do you use the =E2=80=9Creply all=E2=80=9D option in your mail client? L= ooks like my CCs >> >> have been dropped again. Comments inline. >> >> >> On 13. Apr 2022, at 12:54, Ada Christine >> >> wrote: >> >> =EF=BB=BFHi, Marvin >> >> >> Its similarity to my own latest experiment is the key to what grabbed my >> >> attention. I have no particular use case in mind for it, but I see its >> >> potential for anybody developing larger applications in that when a >> library >> >> is changed there's no need to distribute a new version of the whole >> binary, >> >> just the relevant library module. >> >> >> I really do not like the trend of treating UEFI as a full-fledged OS - i= t >> >> is not. The most used UEFI applications, OS loaders, are really not that >> >> huge and are distributed as part of the OS image anyway. Even for less >> used >> >> applications, you will always get a full snapshot anyhow. Gladly we don= =E2=80=99t >> >> have auto-update and package management yet. :) >> >> >> >> I slept on it and it occurred to me that the whole thing could operate >> >> similarly to the shell protocol in that the linker/loader is itself an >> >> application that does a LoadImage() on the application needing dynamic >> >> linking facilities. >> >> >> That would mean the linker itself is shipped with every application that >> >> requires it? Otherwise it doesn=E2=80=99t make much sense for it to be a= n app and >> >> below=E2=80=99s problems apply. >> >> >> If however the whole plan is making the linker as a DXE and including it >> >> with the firmware, that I'm not quite as sure about. That would >> necessarily >> >> tie any applications using dynamic linking to TianoCore or any firmware >> >> distribution that derives from it. >> >> >> I think that was the idea referred to as =E2=80=9Cedk2 core=E2=80=9D by = Steven, but I=E2=80=99d >> >> like to hear his proposal to be sure. Virtually everyone uses edk2, so >> that >> >> itself is not the problem, but versioning is. Vendors are slow to update >> >> their snapshots or have just given up doing that entirely. Distributing = it >> >> for external applications like OS loaders would mean this can be leverag= ed >> >> probably no earlier than 10 years from now. And for in-firmware things, = I >> >> have a hard time thinking about a use-case that outweighs the drawbacks. >> >> >> >> To shift the topic slightly back to GSoC, however, I'm willing to work >> >> on other items on the task list. Unit testing and an ACPICA application >> are >> >> the alternative projects I had thought about. I need to choose fairly so= on >> >> as the proposal deadline is next Tuesday. I know a tiny bit about portin= g >> >> ACPICA as I also have plans to incorporate it into my own project. >> >> >> I have a few more ideas for security stuff, but Nate did not confirm the= m >> >> as appropriate yet and I=E2=80=99m not here to drive you away from this = specific >> >> task (or the others). However, I=E2=80=99m still curious and concerned. = :) >> >> >> Best regards, >> >> Marvin >> >> >> >> >> >> >> >>=20 > > --=20 Pedro Falcato --000000000000b0bbfb05dc8d99d4 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
GSoC tip: Try to spread your proposals out. If we don= 't have enough project slots for you, all your 3 proposals get rejected= and your GSoC participation goes out the window.
Take a look= at our project ideas and ask questions, and take a look at other orgs if y= ou want. Also, don't forget that these project ideas are just suggestio= ns, and you're free (and encouraged) to
build on top of them,= or write your own proposal from scratch.

Best reg= ards,
Pedro

On Wed, Apr 13, 2022 at 6:53 PM Ada Christin= e <adachristine18@gmail.com<= /a>> wrote:
<= div dir=3D"auto">i can submit up to three proposals. I'll give all of t= his some thought and a little research and start putting at least two propo= sals together starting Friday. :)

On Wed, Apr 13, 2022, 15:15 Marvin H=C3=A4= user <mhaeuser@p= osteo.de> wrote:

On 13. Apr 2022, at 16:38, Ada Christine <adachristine18@gmail.= com> wrote:

=EF=BB=BFi was replying via the groups.io web interface, I= 9;m guessing that messed up
the thread? i haven't used = mailing lists before and don't know how they
work. I= 9;ll use my mail client from here on.

I= 9;m on board with not treating EFI as an operating system. the more i think=
about it the more it looks like scope creep.
<= /blockquote>

Agreed.

=
I'm not quite as enthusiastic
ab= out it as i was at first glance.

I'm s= till keen on doing my gsoc proposal for edk, though, and even if this
task and the acpica application are decided to be out of scope u= nit
testing,

= How about fuzz-testing? This is also something edk2 needs quite badly. At A= cidanthera, we compile edk2 code in userspace outside the edk2 build system= and fuzz with dummy applications.

clang integration

Pedro and Vitaly are looking for someone to finish ASan:=C2=A0https://edk2.groups.io/g/devel/topic/90010978#87991<= /div>
There are working UBSan concepts, but they also need to be mainli= ned.

and source-l= evel debugging are all relevant to
my interests.
=
how about your ideas for security stuff?

I want the entirety of MM to leverage Smm= MemLib and to support SMAP. SmmMemLib would then handle UEFI->MMRAM and = BaseMemoryLib would only work on MMRAM. Also evaluation of how to best avoi= d pointers in MM communication buffers would be nice.

<= div>There also is a bunch of other stuff, like working out moving a part of= CpuDxe into DxeCore to have memory protection live immediately, memory pro= tection in PEI, a replacement for the TE format (it=E2=80=99s buggy and mos= t platforms mostly abandoned it over various issues), and alternatives to g= uarding critical code with SMM (like allowing NVRAM commits only as part of= a reboot).

I personally find all of those project= s very important, but I cannot promise many people agree. Especially those = that impose global changes (most notably the TE replacement) may be very te= dious to submit. Gladly, I believe you can submit multiple proposals (?)

Best regards,
Marvin

I'm not very knowledgeable about<= /span>
trusted platform or secure boot but I'm willing to lear= n whatever is
necessary to get something spun up for my pro= posal.

On Wed, Apr 13, 2022, 12:05 Marvin = H=C3=A4user <mhaeuser@posteo.de> wrote:
Do you use the =E2=80=9Creply all=E2=80= =9D option in your mail client? Looks like my CCs
have been dropped again. Comments inline.

On 13. Apr 2022,= at 12:54, Ada Christine <adachristine18@gmail.com><= br>
wrote:<= br>
= =EF=BB=BFHi, Marvin

Its similarity t= o my own latest experiment is the key to what grabbed my
attention. I have no part= icular use case in mind for it, but I see its
potential for anybody developing larger applicati= ons in that when a library
is changed there's no need to distribute a new version of the wh= ole binary,
just the= relevant library module.
=
I really do n= ot like the trend of treating UEFI as a full-fledged OS - it
is not. The most used UEFI applica= tions, OS loaders, are really not that
huge and are distributed as part of the OS image anyway.= Even for less used
= applications, you will always get a full snapshot anyhow. Gladly we don=E2= =80=99t
have auto-up= date and package management yet. :)


I slept on it and it occurred to= me that the whole thing could operate
=
similarly to the shell protocol in that the= linker/loader is itself an
application that does a LoadImage() on the application needing dyna= mic
linking faciliti= es.

That would mean the linker itself i= s shipped with every application that
requires it? Otherwise it doesn=E2=80=99t make much sense= for it to be an app and
<= span>below=E2=80=99s problems apply.

If however the whole plan is making the linker as a= DXE and including it
with the firmware, that I'm not quite as sure about. Th= at would necessarily
tie any applications using dynamic linking to TianoCore or any firmware
distribution that deri= ves from it.
=
I think that was the idea = referred to as =E2=80=9Cedk2 core=E2=80=9D by Steven, but I=E2=80=99d
like to hear his proposal= to be sure. Virtually everyone uses edk2, so that
<= blockquote type=3D"cite">itself is not the problem, but versioning is= . Vendors are slow to update
their snapshots or have just given up doing that entirely. Distrib= uting it
for externa= l applications like OS loaders would mean this can be leveraged
<= /blockquote>
probably no earlier than 10 yea= rs from now. And for in-firmware things, I
have a hard time thinking about a use-case that outw= eighs the drawbacks.


To shift the topic slightly back to GSoC, howev= er, I'm willing to work
on other items on the task list. Unit testing and an A= CPICA application are
the alternative projects I had thought about. I need to choose fairly soo= n
as the proposal de= adline is next Tuesday. I know a tiny bit about porting
ACPICA as I also have plans to incorpor= ate it into my own project.

I have a fe= w more ideas for security stuff, but Nate did not confirm them
as appropriate yet and I=E2=80= =99m not here to drive you away from this specific
<= blockquote type=3D"cite">task (or the others). However, I=E2=80=99m s= till curious and concerned. :)

Best reg= ards,
Marvin<= br>






=20



--
Pedro Falcato
--000000000000b0bbfb05dc8d99d4--