[edk2-devel] [PATCH 00/14] Implement Dynamic Memory Protections
Ni, Ray
ray.ni at intel.com
Tue Jul 18 06:11:46 UTC 2023
> -----Original Message-----
> From: Ard Biesheuvel <ardb at kernel.org>
> Sent: Tuesday, July 18, 2023 12:26 AM
> To: Pedro Falcato <pedro.falcato at gmail.com>
> Cc: devel at edk2.groups.io; t at taylorbeebe.com; Wang, Jian J
> <jian.j.wang at intel.com>; Gao, Liming <gaoliming at byosoft.com.cn>; Bi,
> Dandan <dandan.bi at intel.com>; Ard Biesheuvel
> <ardb+tianocore at kernel.org>; Yao, Jiewen <jiewen.yao at intel.com>; Justen,
> Jordan L <jordan.l.justen at intel.com>; Gerd Hoffmann <kraxel at redhat.com>;
> Leif Lindholm <quic_llindhol at quicinc.com>; Sami Mujawar
> <sami.mujawar at arm.com>; Andrew Fish <afish at apple.com>; Ni, Ray
> <ray.ni at intel.com>; Dong, Eric <eric.dong at intel.com>; Kumar, Rahul R
> <rahul.r.kumar at intel.com>; Dong, Guo <guo.dong at intel.com>; Rhodes, Sean
> <sean at starlabs.systems>; Lu, James <james.lu at intel.com>; Guo, Gua
> <gua.guo at intel.com>
> Subject: Re: [edk2-devel] [PATCH 00/14] Implement Dynamic Memory
> Protections
>
> On Mon, 17 Jul 2023 at 18:15, Pedro Falcato <pedro.falcato at gmail.com>
> wrote:
> >
> > On Wed, Jul 12, 2023 at 12:53 AM Taylor Beebe <t at taylorbeebe.com>
> wrote:
> > >
> > > In the past, memory protection settings were configured via FixedAtBuild
> PCDs,
> > > which resulted in a build-time configuration of memory mitigations. This
> > > approach limited the flexibility of applying mitigations to the
> > > system and made it difficult to update or adjust the settings post-build.
> >
> > How do you mitigate the possibility of an attack overwriting the
> > dynamic configuration data (the HOBs)?
> > It seems most dangerous to me to publish this sort of
> > security-sensitive configuration knobs dynamically such that an
> > attacker can change them.
> >
>
> That is a very good point. One of the things I have on my TODO list
> for the memory attributes PEI work is to remap HOB memory read-only
> before entering DXE. They are conceptually read-only anyway when PEI
> completes, so they should never be modified afterwards.
DXE Core migrates the HOB to a new location. So the protection needs to be re-done
after that.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#106980): https://edk2.groups.io/g/devel/message/106980
Mute This Topic: https://groups.io/mt/100090629/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/leave/3943202/1813853/130120423/xyzzy [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list