From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:4864:20::d44; helo=mail-io1-xd44.google.com; envelope-from=ard.biesheuvel@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-io1-xd44.google.com (mail-io1-xd44.google.com [IPv6:2607:f8b0:4864:20::d44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 47A2321B02822 for ; Wed, 19 Sep 2018 06:55:17 -0700 (PDT) Received: by mail-io1-xd44.google.com with SMTP id 75-v6so4525673iou.11 for ; Wed, 19 Sep 2018 06:55:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=j+8+hGbFSLSZWceio/6d2n+d6z6LsbDsnWu1glRpkuA=; b=O+x3pmMzQp5z3i28LDEF9nTKB57sIqMSupLUJoxg+X9G/ScE1Y0CFq0fjti7wXgfS1 yccM9bO1docWaWNRTL4EBf+6V1J3AMuhDccng5UVXhqrruJxix9rksZXK/VS0nL5nyFD 0oG/3cO3W7KCv8HZpYiyj25y1FmoCZCEyUkW4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=j+8+hGbFSLSZWceio/6d2n+d6z6LsbDsnWu1glRpkuA=; b=tZRVGykQDmLcxDPjlM3DyEnVC+4IY6ochFqtUc+Moqn7ubJGljCgNwG1CvjNIe72L9 55+r8skZacElyjLtxl2rqBt3Nxar6MJpvovjHfl/f5TdIcsxZ52i4fka3Vtc4Ynf359S wgSZQMB0urQtR0Yx5Siu1mF3R4Dj9GF4SjNsmT13AWFV5BjfIMqol/FlZTmo7mzgRyIE qPdfeqaK1oAlX6Qx6c0tT2CQoQhkLzxlLXCbXpO2haiERoJ4SO2/o+fo2VMFRga3FAVE VZlk5Fm2etyILLFXs/2qck0jpeTJoNB1FagseE6OWFZ8kPuYqOtxafSCNQ9KrapBpEBj jCTw== X-Gm-Message-State: APzg51DgcAa6+7Y8alXkxhVamCzrJXf8IOJyXLm7dzIVYMvMjjOgehzi Ed0k8JPPjHApwtPC+MVcCcNghJ6gOMSTU98A7uoM0g== X-Google-Smtp-Source: ANB0VdbZ4A9sV08EXjAehMP+ZuzpCZ6siI6FhT8Io/1cNQRuak9mu3rWw8zEF4MXOLrySCySrRqIwQwfgpVkVaeB6PI= X-Received: by 2002:a6b:4516:: with SMTP id s22-v6mr30528824ioa.60.1537365317071; Wed, 19 Sep 2018 06:55:17 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a6b:2848:0:0:0:0:0 with HTTP; Wed, 19 Sep 2018 06:55:14 -0700 (PDT) In-Reply-To: References: <20180915132859.25727-1-ard.biesheuvel@linaro.org> <74D8A39837DF1E4DA445A8C0B3885C503AD62A6A@shsmsx102.ccr.corp.intel.com> From: Ard Biesheuvel Date: Wed, 19 Sep 2018 06:55:14 -0700 Message-ID: To: "Yao, Jiewen" Cc: "Ni, Ruiyu" , "Zimmer, Vincent" , "Dong, Eric" , "edk2-devel@lists.01.org" , Andrew Fish , "Gao, Liming" , "Kinney, Michael D" , "Richardson, Brian" , "Carsey, Jaben" , "Zeng, Star" Subject: Re: [PATCH v2 0/7] MdeModulePkg: add support for dispatching foreign arch PE/COFF images X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Sep 2018 13:55:18 -0000 Content-Type: text/plain; charset="UTF-8" On 19 September 2018 at 02:29, Yao, Jiewen wrote: > Thank you Ard. Good to know. > > Did you also try some security test, such as input a bad image to see if the code can return failure gracefully? > > Or enable secure boot to see if the image verification process still works well ? > > One more, did you enable tpm to see if tpm measurement still works well ? > > Also did defer image solution still takes effect with this change? > > Sorry to ask many questions, I want to make sure the current security design still work with this new capability. > Hello Jiewen, As far as I can tell, all the security checks are done *before* CoreLoadPeImage() is called, and the code flow has not changed at all before that point.