Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP3:Update
ovmf.27278
ovmf-bsc1188371-UefiCpuPkg-Move-MigrateGdt-from...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ovmf-bsc1188371-UefiCpuPkg-Move-MigrateGdt-from-DiscoverMemory-to-Te.patch of Package ovmf.27278
From f6ec1dd34fb6b9757b5ead465ee2ea20c182b0ac Mon Sep 17 00:00:00 2001 From: Guomin Jiang <guomin.jiang@intel.com> Date: Wed, 13 Jan 2021 18:08:09 +0800 Subject: [PATCH] UefiCpuPkg: Move MigrateGdt from DiscoverMemory to TempRamDone. (CVE-2019-11098) REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1614 REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3160 The GDT still in flash with commit 60b12e69fb1c8c7180fdda92f008248b9ec83db1 after TempRamDone So move the action to TempRamDone event to avoid reading GDT from flash. Signed-off-by: Guomin Jiang <guomin.jiang@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Cc: Debkumar De <debkumar.de@intel.com> Cc: Harry Han <harry.han@intel.com> Cc: Catharine West <catharine.west@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> --- UefiCpuPkg/CpuMpPei/CpuMpPei.c | 37 -------------------------- UefiCpuPkg/CpuMpPei/CpuMpPei.inf | 1 - UefiCpuPkg/CpuMpPei/CpuPaging.c | 8 ------ UefiCpuPkg/SecCore/SecCore.inf | 1 + UefiCpuPkg/SecCore/SecMain.c | 45 ++++++++++++++++++++++++++++++++ 5 files changed, 46 insertions(+), 46 deletions(-) Index: edk2-edk2-stable202008/UefiCpuPkg/CpuMpPei/CpuMpPei.c =================================================================== --- edk2-edk2-stable202008.orig/UefiCpuPkg/CpuMpPei/CpuMpPei.c +++ edk2-edk2-stable202008/UefiCpuPkg/CpuMpPei/CpuMpPei.c @@ -430,43 +430,6 @@ GetGdtr ( } /** - Migrates the Global Descriptor Table (GDT) to permanent memory. - - @retval EFI_SUCCESS The GDT was migrated successfully. - @retval EFI_OUT_OF_RESOURCES The GDT could not be migrated due to lack of available memory. - -**/ -EFI_STATUS -MigrateGdt ( - VOID - ) -{ - EFI_STATUS Status; - UINTN GdtBufferSize; - IA32_DESCRIPTOR Gdtr; - VOID *GdtBuffer; - - AsmReadGdtr ((IA32_DESCRIPTOR *) &Gdtr); - GdtBufferSize = sizeof (IA32_SEGMENT_DESCRIPTOR) -1 + Gdtr.Limit + 1; - - Status = PeiServicesAllocatePool ( - GdtBufferSize, - &GdtBuffer - ); - ASSERT (GdtBuffer != NULL); - if (EFI_ERROR (Status)) { - return EFI_OUT_OF_RESOURCES; - } - - GdtBuffer = ALIGN_POINTER (GdtBuffer, sizeof (IA32_SEGMENT_DESCRIPTOR)); - CopyMem (GdtBuffer, (VOID *) Gdtr.Base, Gdtr.Limit + 1); - Gdtr.Base = (UINTN) GdtBuffer; - AsmWriteGdtr (&Gdtr); - - return EFI_SUCCESS; -} - -/** Initializes CPU exceptions handlers for the sake of stack switch requirement. This function is a wrapper of InitializeCpuExceptionHandlersEx. It's mainly Index: edk2-edk2-stable202008/UefiCpuPkg/CpuMpPei/CpuMpPei.inf =================================================================== --- edk2-edk2-stable202008.orig/UefiCpuPkg/CpuMpPei/CpuMpPei.inf +++ edk2-edk2-stable202008/UefiCpuPkg/CpuMpPei/CpuMpPei.inf @@ -66,7 +66,6 @@ gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList ## SOMETIMES_CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize ## SOMETIMES_CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize ## SOMETIMES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdMigrateTemporaryRamFirmwareVolumes ## CONSUMES [Depex] TRUE Index: edk2-edk2-stable202008/UefiCpuPkg/CpuMpPei/CpuPaging.c =================================================================== --- edk2-edk2-stable202008.orig/UefiCpuPkg/CpuMpPei/CpuPaging.c +++ edk2-edk2-stable202008/UefiCpuPkg/CpuMpPei/CpuPaging.c @@ -605,17 +605,9 @@ MemoryDiscoveredPpiNotifyCallback ( { EFI_STATUS Status; BOOLEAN InitStackGuard; - BOOLEAN InterruptState; EDKII_MIGRATED_FV_INFO *MigratedFvInfo; EFI_PEI_HOB_POINTERS Hob; - if (PcdGetBool (PcdMigrateTemporaryRamFirmwareVolumes)) { - InterruptState = SaveAndDisableInterrupts (); - Status = MigrateGdt (); - ASSERT_EFI_ERROR (Status); - SetInterruptState (InterruptState); - } - // // Paging must be setup first. Otherwise the exception TSS setup during MP // initialization later will not contain paging information and then fail Index: edk2-edk2-stable202008/UefiCpuPkg/SecCore/SecCore.inf =================================================================== --- edk2-edk2-stable202008.orig/UefiCpuPkg/SecCore/SecCore.inf +++ edk2-edk2-stable202008/UefiCpuPkg/SecCore/SecCore.inf @@ -77,6 +77,7 @@ [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdPeiTemporaryRamStackSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMigrateTemporaryRamFirmwareVolumes ## CONSUMES [UserExtensions.TianoCore."ExtraFiles"] SecCoreExtra.uni Index: edk2-edk2-stable202008/UefiCpuPkg/SecCore/SecMain.c =================================================================== --- edk2-edk2-stable202008.orig/UefiCpuPkg/SecCore/SecMain.c +++ edk2-edk2-stable202008/UefiCpuPkg/SecCore/SecMain.c @@ -35,6 +35,43 @@ EFI_PEI_PPI_DESCRIPTOR mPeiSe } }; +/** + Migrates the Global Descriptor Table (GDT) to permanent memory. + + @retval EFI_SUCCESS The GDT was migrated successfully. + @retval EFI_OUT_OF_RESOURCES The GDT could not be migrated due to lack of available memory. + +**/ +EFI_STATUS +MigrateGdt ( + VOID + ) +{ + EFI_STATUS Status; + UINTN GdtBufferSize; + IA32_DESCRIPTOR Gdtr; + VOID *GdtBuffer; + + AsmReadGdtr ((IA32_DESCRIPTOR *) &Gdtr); + GdtBufferSize = sizeof (IA32_SEGMENT_DESCRIPTOR) -1 + Gdtr.Limit + 1; + + Status = PeiServicesAllocatePool ( + GdtBufferSize, + &GdtBuffer + ); + ASSERT (GdtBuffer != NULL); + if (EFI_ERROR (Status)) { + return EFI_OUT_OF_RESOURCES; + } + + GdtBuffer = ALIGN_POINTER (GdtBuffer, sizeof (IA32_SEGMENT_DESCRIPTOR)); + CopyMem (GdtBuffer, (VOID *) Gdtr.Base, Gdtr.Limit + 1); + Gdtr.Base = (UINTN) GdtBuffer; + AsmWriteGdtr (&Gdtr); + + return EFI_SUCCESS; +} + // // These are IDT entries pointing to 10:FFFFFFE4h. // @@ -410,6 +447,14 @@ SecTemporaryRamDone ( State = SaveAndDisableInterrupts (); // + // Migrate GDT before NEM near down + // + if (PcdGetBool (PcdMigrateTemporaryRamFirmwareVolumes)) { + Status = MigrateGdt (); + ASSERT_EFI_ERROR (Status); + } + + // // Disable Temporary RAM after Stack and Heap have been migrated at this point. // SecPlatformDisableTemporaryMemory ();
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor