public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Michael D Kinney" <michael.d.kinney@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>,
	"dougflick@microsoft.com" <dougflick@microsoft.com>,
	"Kasbekar, Saloni" <saloni.kasbekar@intel.com>,
	Leif Lindholm <llindhol@qti.qualcomm.com>,
	"Andrew Fish (afish@apple.com)" <afish@apple.com>,
	"Gao, Liming" <gaoliming@byosoft.com.cn>
Cc: "Kinney, Michael D" <michael.d.kinney@intel.com>
Subject: Re: [edk2-devel] [PATCH v2 1/4] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Related Patch
Date: Wed, 14 Feb 2024 03:32:09 +0000	[thread overview]
Message-ID: <CO1PR11MB49290DABE6F6A0EF7EFE485BD24E2@CO1PR11MB4929.namprd11.prod.outlook.com> (raw)
In-Reply-To: <CO1PR11MB49299D7531AF9E274AE1BA2FD24E2@CO1PR11MB4929.namprd11.prod.outlook.com>

[-- Attachment #1: Type: text/plain, Size: 2785 bytes --]

Merged: https://github.com/tianocore/edk2/pull/5372

From: Kinney, Michael D <michael.d.kinney@intel.com>
Sent: Tuesday, February 13, 2024 6:41 PM
To: devel@edk2.groups.io; dougflick@microsoft.com; Kasbekar, Saloni <saloni.kasbekar@intel.com>; Leif Lindholm <llindhol@qti.qualcomm.com>; Andrew Fish (afish@apple.com) <afish@apple.com>; Gao, Liming <gaoliming@byosoft.com.cn>
Cc: Kinney, Michael D <michael.d.kinney@intel.com>
Subject: RE: [edk2-devel] [PATCH v2 1/4] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Related Patch

Thanks for the details Doug.

I have applied the Rb tags and opened a PR: https://github.com/tianocore/edk2/pull/5372

Mike

From: devel@edk2.groups.io<mailto:devel@edk2.groups.io> <devel@edk2.groups.io<mailto:devel@edk2.groups.io>> On Behalf Of Doug Flick via groups.io
Sent: Tuesday, February 13, 2024 3:31 PM
To: Kasbekar, Saloni <saloni.kasbekar@intel.com<mailto:saloni.kasbekar@intel.com>>; devel@edk2.groups.io<mailto:devel@edk2.groups.io>
Subject: Re: [edk2-devel] [PATCH v2 1/4] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Related Patch


Saloni,

Yeah there was never any tests that showed this bug exists mostly it was brought up through static analysis since it's related to a known CVE. I have written some unit tests (that I'm not particularly satisfied with) that show that I'm hitting the desired code paths that can trigger the issue. However this code path is not particularly nice to unit tests because the first option I have for a status code that isn't EFI_DEVICE_ERROR occurs in Dhcp6GenerateIaCb and I had to do some gross things to satisfy Dhcp6ParseAddrOption. Regardless through that testing I can confirm that I can hit the code paths that I need to be testing for this change. The Dhcp6SeekInnerOptionSafe function is well unit tested, and the code pattern is used elsewhere and is unit tested. So, I feel confident with the unit testing I have done that this change is successful, and I would like to follow up with unit tests / more code cleanup once we're out of code cleanup.

Further, I've performed a PxeBoot to ensure the device still boots - but that test generally doesn't feel like it's good enough for any confidence since I have no control over the code path.

If you would like I can upload the Unit tests, but they're likely to undergo more changes and I wouldn't recommend getting them in right now.

  *   Doug



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#115426): https://edk2.groups.io/g/devel/message/115426
Mute This Topic: https://groups.io/mt/104339706/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



[-- Attachment #2: Type: text/html, Size: 10447 bytes --]

  reply	other threads:[~2024-02-14  3:32 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-02-13 18:45 [edk2-devel] [PATCH v2 0/4] Corrects additional concern in NetworkPkg Doug Flick via groups.io
2024-02-13 18:46 ` [edk2-devel] [PATCH v2 1/4] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Related Patch Doug Flick via groups.io
2024-02-13 21:51   ` Saloni Kasbekar
2024-02-13 23:31     ` Doug Flick via groups.io
2024-02-14  2:40       ` Michael D Kinney
2024-02-14  3:32         ` Michael D Kinney [this message]
2024-02-13 18:46 ` [edk2-devel] [PATCH v2 2/4] NetworkPkg: Dhcp6Dxe: Removes duplicate check and replaces with macro Doug Flick via groups.io
2024-02-13 18:46 ` [edk2-devel] [PATCH v2 3/4] NetworkPkg: Dhcp6Dxe: Packet-Length is not updated before appending Doug Flick via groups.io
2024-02-13 20:16   ` Leif Lindholm
2024-02-13 18:46 ` [edk2-devel] [PATCH v2 4/4] NetworkPkg: : Updating SecurityFixes.yaml Doug Flick via groups.io
2024-02-15 13:54   ` Rebecca Cran
2024-02-15 18:14     ` Doug Flick via groups.io
2024-02-13 20:18 ` [edk2-devel] [PATCH v2 0/4] Corrects additional concern in NetworkPkg Leif Lindholm

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CO1PR11MB49290DABE6F6A0EF7EFE485BD24E2@CO1PR11MB4929.namprd11.prod.outlook.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox