[edk2-devel] Regarding MOR Secure feature

[edk2-devel] Regarding MOR Secure feature

[Ni, Ray]

[-- Attachment #1: Type: text/plain, Size: 1755 bytes --]

Ard,

7 years ago, Laszlo added this commit (https://github.com/tianocore/edk2/commit/fda8f631edbbf3823760542a06f12bd60fd39181) to support some OS kernels that incorrectly "create" the MOR variable.
The OS kernel bug is captured in this bugzilla (bugzilla.redhat.com/show_bug.cgi?id=1498159<https://bugzilla.redhat.com/show_bug.cgi?id=1498159>). It seems to me the OS kernel bugs only exist in Fedora 24 and 25 which are all EOL today. Fedora 26 has the correct implementation that does NOT "create" the MOR variable. The implementation is done by you here (https://lore.kernel.org/all/20170825155019.6740-2-ard.biesheuvel@linaro.org/T/#u).

5 years ago, you added StandaloneMm variable driver and VariableHaveTcgProtocols() returns FALSE always in the standalone MM version. (Commit: https://github.com/tianocore/edk2/commit/a855f63e2fdd990837391b0e61e78b3f06b56916)
As a result, MorLock variable is not created. It causes a bug that the BIOS does not report the MOR Secure feature to OS.

My questions are:

  1.
can we revert Laszlo's commit? As the bug that commit fixes only exists in Fedora 24/25 which are all EOL today.
  2.
why is the MOR secure bug not found in ARM platform?

I think you are the best person to answer the questions because you not only fixed the kernel, but also know details on the ARM standalone MM.
I am so happy with that:)

Thanks,
Ray


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119666): https://edk2.groups.io/g/devel/message/119666
Mute This Topic: https://groups.io/mt/106795434/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



[-- Attachment #2: Type: text/html, Size: 6576 bytes --]

Re: [edk2-devel] Regarding MOR Secure feature

[Ard Biesheuvel]

Hi Ray,


On Fri, 21 Jun 2024 at 10:03, Ni, Ray <ray.ni@intel.com> wrote:
>
> Ard,
>
> 7 years ago, Laszlo added this commit (https://github.com/tianocore/edk2/commit/fda8f631edbbf3823760542a06f12bd60fd39181) to support some OS kernels that incorrectly "create" the MOR variable.
> The OS kernel bug is captured in this bugzilla (bugzilla.redhat.com/show_bug.cgi?id=1498159). It seems to me the OS kernel bugs only exist in Fedora 24 and 25 which are all EOL today. Fedora 26 has the correct implementation that does NOT "create" the MOR variable. The implementation is done by you here (https://lore.kernel.org/all/20170825155019.6740-2-ard.biesheuvel@linaro.org/T/#u).
>
> 5 years ago, you added StandaloneMm variable driver and VariableHaveTcgProtocols() returns FALSE always in the standalone MM version. (Commit: https://github.com/tianocore/edk2/commit/a855f63e2fdd990837391b0e61e78b3f06b56916)
> As a result, MorLock variable is not created. It causes a bug that the BIOS does not report the MOR Secure feature to OS.
>
> My questions are:
>
> can we revert Laszlo's commit? As the bug that commit fixes only exists in Fedora 24/25 which are all EOL today.

Yes, I think we can revert it, although it is not clear from the
commit log what the erroneous behavior is.

> why is the MOR secure bug not found in ARM platform?
>

This is definitely a bug on ARM (and likely other users of standalone MM).

The problem is, of course, that standalone MM is standalone, and
cannot know for certain which EFI protocols are exposed by the DXE
core, nor invoke them directly.

>
> I think you are the best person to answer the questions because you not only fixed the kernel, but also know details on the ARM standalone MM.
> I am so happy with that:)
>

:-)

To be honest, I need some time to page this all back into my brain,
but I am happy to help out.

MOR does not really rely on the TCG protocols, right? If standalone MM
can implement it without its ability to invoke those protocols, we
should just separate those. I guess that is what you are doing at the
moment?


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119669): https://edk2.groups.io/g/devel/message/119669
Mute This Topic: https://groups.io/mt/106795434/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] Regarding MOR Secure feature

[Ni, Ray]

[-- Attachment #1: Type: text/plain, Size: 3171 bytes --]

Ard,
Thank you very much for your willingness to think about this topic.

Yes. we found the TCG MOR secure feature does not work in standalone MM env and want to fix it.
That leads the review of the code change history.

If you can confirm my understanding (F24/F25 are EOL today and Laszlo's fix is not needed), I can create a PR to remove that change.

Thanks,
Ray

________________________________
From: Ard Biesheuvel <ardb@kernel.org>
Sent: Friday, June 21, 2024 16:35
To: devel@edk2.groups.io <devel@edk2.groups.io>; Ni, Ray <ray.ni@intel.com>
Cc: Yao, Jiewen <jiewen.yao@intel.com>; Xu, Wei6 <wei6.xu@intel.com>
Subject: Re: [edk2-devel] Regarding MOR Secure feature

Hi Ray,


On Fri, 21 Jun 2024 at 10:03, Ni, Ray <ray.ni@intel.com> wrote:
>
> Ard,
>
> 7 years ago, Laszlo added this commit (https://github.com/tianocore/edk2/commit/fda8f631edbbf3823760542a06f12bd60fd39181) to support some OS kernels that incorrectly "create" the MOR variable.
> The OS kernel bug is captured in this bugzilla (bugzilla.redhat.com/show_bug.cgi?id=1498159). It seems to me the OS kernel bugs only exist in Fedora 24 and 25 which are all EOL today. Fedora 26 has the correct implementation that does NOT "create" the MOR variable. The implementation is done by you here (https://lore.kernel.org/all/20170825155019.6740-2-ard.biesheuvel@linaro.org/T/#u).
>
> 5 years ago, you added StandaloneMm variable driver and VariableHaveTcgProtocols() returns FALSE always in the standalone MM version. (Commit: https://github.com/tianocore/edk2/commit/a855f63e2fdd990837391b0e61e78b3f06b56916)
> As a result, MorLock variable is not created. It causes a bug that the BIOS does not report the MOR Secure feature to OS.
>
> My questions are:
>
> can we revert Laszlo's commit? As the bug that commit fixes only exists in Fedora 24/25 which are all EOL today.

Yes, I think we can revert it, although it is not clear from the
commit log what the erroneous behavior is.

> why is the MOR secure bug not found in ARM platform?
>

This is definitely a bug on ARM (and likely other users of standalone MM).

The problem is, of course, that standalone MM is standalone, and
cannot know for certain which EFI protocols are exposed by the DXE
core, nor invoke them directly.

>
> I think you are the best person to answer the questions because you not only fixed the kernel, but also know details on the ARM standalone MM.
> I am so happy with that:)
>

:-)

To be honest, I need some time to page this all back into my brain,
but I am happy to help out.

MOR does not really rely on the TCG protocols, right? If standalone MM
can implement it without its ability to invoke those protocols, we
should just separate those. I guess that is what you are doing at the
moment?


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119683): https://edk2.groups.io/g/devel/message/119683
Mute This Topic: https://groups.io/mt/106795434/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



[-- Attachment #2: Type: text/html, Size: 7078 bytes --]

Re: [edk2-devel] Regarding MOR Secure feature

[Gerd Hoffmann]

On Mon, Jun 24, 2024 at 08:49:52AM GMT, Ni, Ray wrote:
> If you can confirm my understanding (F24/F25 are EOL today and Laszlo's fix is not needed), I can create a PR to remove that change.

Yes, F24/F25 are long EOL.

Fedora releases come roughly every 6 months and are supported for ~13-14
months.  Right now F39 and F40 supported, F38 went EOL last month.

take care,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119685): https://edk2.groups.io/g/devel/message/119685
Mute This Topic: https://groups.io/mt/106795434/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] Regarding MOR Secure feature

[Xu, Wei6]

[-- Attachment #1: Type: text/plain, Size: 4035 bytes --]

Hi Ard,

Regarding the PR: MdeModulePkg/Variable: Revert 'delete and lock OS-created MOR variable' by xuweiintel * Pull Request #5902 * tianocore/edk2 (github.com)<https://github.com/tianocore/edk2/pull/5902>
Thanks a lot for reviewing the patch.

I update it according to your comments. Could you please help to review it again? Thanks.

BR,
Wei
From: Ni, Ray <ray.ni@intel.com>
Sent: Monday, June 24, 2024 4:50 PM
To: Ard Biesheuvel <ardb@kernel.org>; devel@edk2.groups.io
Cc: Yao, Jiewen <jiewen.yao@intel.com>; Xu, Wei6 <wei6.xu@intel.com>; Ni, Ray <ray.ni@intel.com>; Wu, Jiaxin <jiaxin.wu@intel.com>
Subject: Re: [edk2-devel] Regarding MOR Secure feature

Ard,
Thank you very much for your willingness to think about this topic.

Yes. we found the TCG MOR secure feature does not work in standalone MM env and want to fix it.
That leads the review of the code change history.

If you can confirm my understanding (F24/F25 are EOL today and Laszlo's fix is not needed), I can create a PR to remove that change.

Thanks,
Ray

________________________________
From: Ard Biesheuvel <ardb@kernel.org<mailto:ardb@kernel.org>>
Sent: Friday, June 21, 2024 16:35
To: devel@edk2.groups.io<mailto:devel@edk2.groups.io> <devel@edk2.groups.io<mailto:devel@edk2.groups.io>>; Ni, Ray <ray.ni@intel.com<mailto:ray.ni@intel.com>>
Cc: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; Xu, Wei6 <wei6.xu@intel.com<mailto:wei6.xu@intel.com>>
Subject: Re: [edk2-devel] Regarding MOR Secure feature

Hi Ray,


On Fri, 21 Jun 2024 at 10:03, Ni, Ray <ray.ni@intel.com<mailto:ray.ni@intel.com>> wrote:
>
> Ard,
>
> 7 years ago, Laszlo added this commit (https://github.com/tianocore/edk2/commit/fda8f631edbbf3823760542a06f12bd60fd39181) to support some OS kernels that incorrectly "create" the MOR variable.
> The OS kernel bug is captured in this bugzilla (bugzilla.redhat.com/show_bug.cgi?id=1498159). It seems to me the OS kernel bugs only exist in Fedora 24 and 25 which are all EOL today. Fedora 26 has the correct implementation that does NOT "create" the MOR variable. The implementation is done by you here (https://lore.kernel.org/all/20170825155019.6740-2-ard.biesheuvel@linaro.org/T/#u).
>
> 5 years ago, you added StandaloneMm variable driver and VariableHaveTcgProtocols() returns FALSE always in the standalone MM version. (Commit: https://github.com/tianocore/edk2/commit/a855f63e2fdd990837391b0e61e78b3f06b56916)
> As a result, MorLock variable is not created. It causes a bug that the BIOS does not report the MOR Secure feature to OS.
>
> My questions are:
>
> can we revert Laszlo's commit? As the bug that commit fixes only exists in Fedora 24/25 which are all EOL today.

Yes, I think we can revert it, although it is not clear from the
commit log what the erroneous behavior is.

> why is the MOR secure bug not found in ARM platform?
>

This is definitely a bug on ARM (and likely other users of standalone MM).

The problem is, of course, that standalone MM is standalone, and
cannot know for certain which EFI protocols are exposed by the DXE
core, nor invoke them directly.

>
> I think you are the best person to answer the questions because you not only fixed the kernel, but also know details on the ARM standalone MM.
> I am so happy with that:)
>

:-)

To be honest, I need some time to page this all back into my brain,
but I am happy to help out.

MOR does not really rely on the TCG protocols, right? If standalone MM
can implement it without its ability to invoke those protocols, we
should just separate those. I guess that is what you are doing at the
moment?


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#120358): https://edk2.groups.io/g/devel/message/120358
Mute This Topic: https://groups.io/mt/106795434/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



[-- Attachment #2: Type: text/html, Size: 11365 bytes --]