audk/MdeModulePkg/Universal
Hao Wu e83d841fdc MdeModulePkg/Variable: [CVE-2017-5753] Fix bounds check bypass
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1194

Speculative execution is used by processor to avoid having to wait for
data to arrive from memory, or for previous operations to finish, the
processor may speculate as to what will be executed.

If the speculation is incorrect, the speculatively executed instructions
might leave hints such as which memory locations have been brought into
cache. Malicious actors can use the bounds check bypass method (code
gadgets with controlled external inputs) to infer data values that have
been used in speculative operations to reveal secrets which should not
otherwise be accessed.

This commit will focus on the SMI handler(s) registered within the
Variable\RuntimeDxe driver and insert AsmLfence API to mitigate the
bounds check bypass issue.

For SMI handler SmmVariableHandler():

Under "case SMM_VARIABLE_FUNCTION_GET_VARIABLE:",
'SmmVariableHeader->NameSize' can be a potential cross boundary access of
the 'CommBuffer' (controlled external input) during speculative execution.

This cross boundary access is later used as the index to access array
'SmmVariableHeader->Name' by code:
"SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1]"
One can observe which part of the content within array was brought into
cache to possibly reveal the value of 'SmmVariableHeader->NameSize'.

Hence, this commit adds a AsmLfence() after the boundary/range checks of
'CommBuffer' to prevent the speculative execution.

And there are 2 similar cases under
"case SMM_VARIABLE_FUNCTION_SET_VARIABLE:" and
"case SMM_VARIABLE_FUNCTION_VAR_CHECK_VARIABLE_PROPERTY_GET:" as well.
This commits also handles them.

Also, under "case SMM_VARIABLE_FUNCTION_SET_VARIABLE:",
'(UINT8 *)SmmVariableHeader->Name + SmmVariableHeader->NameSize' points to
the 'CommBuffer' (with some offset) and then passed as parameter 'Data' to
function VariableServiceSetVariable().

Within function VariableServiceSetVariable(), there is a sanity check for
EFI_VARIABLE_AUTHENTICATION_2 descriptor for the data pointed by 'Data'.
If this check is speculatively bypassed, potential cross-boundary data
access for 'Data' is possible to be revealed via the below function calls
sequence during speculative execution:

AuthVariableLibProcessVariable()
ProcessVarWithPk() or ProcessVarWithKek()

Within function ProcessVarWithPk() or ProcessVarWithKek(), for the code
"PayloadSize = DataSize - AUTHINFO2_SIZE (Data);", 'AUTHINFO2_SIZE (Data)'
can be a cross boundary access during speculative execution.

Then, 'PayloadSize' is possible to be revealed by the function call
sequence:

AuthServiceInternalUpdateVariableWithTimeStamp()
mAuthVarLibContextIn->UpdateVariable()
VariableExLibUpdateVariable()
UpdateVariable()
CopyMem()

Hence, this commit adds a AsmLfence() after the sanity check for
EFI_VARIABLE_AUTHENTICATION_2 descriptor upon 'Data' within function
VariableServiceSetVariable() to prevent the speculative execution.

Also, please note that the change made within function
VariableServiceSetVariable() will affect DXE as well. However, since we
only focuses on the SMM codes, the commit will introduce a new module
internal function called VariableLoadFence() to handle this. This internal
function will have 2 implementations (1 for SMM, 1 for DXE). For the SMM
implementation, it is a wrapper to call the AsmLfence() API; for the DXE
implementation, it is empty.

A more detailed explanation of the purpose of commit is under the
'Bounds check bypass mitigation' section of the below link:
https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation

And the document at:
https://software.intel.com/security-software-guidance/api-app/sites/default/files/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf

Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
2018-09-30 13:06:42 +08:00
..
Acpi MdeModulePkg/FirmwarePerformanceDataTableDxe: Remove an unused PCD 2018-09-29 17:49:03 +08:00
BdsDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
BootManagerPolicyDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
CapsulePei MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
CapsuleRuntimeDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
Console MdeModulePkg: Avoid key notification called more than once 2018-09-14 10:18:31 +08:00
DebugPortDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
DebugSupportDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
DevicePathDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
Disk MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
DisplayEngineDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
DriverHealthManagerDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
DriverSampleDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
EbcDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
EsrtDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
EsrtFmpDxe MdeModulePkg: Remove trailing white space 2018-09-06 09:17:03 +08:00
FaultTolerantWriteDxe MdeModulePkg/FaultTolerantWrite:[CVE-2017-5753]Fix bounds check bypass 2018-09-30 13:06:42 +08:00
FaultTolerantWritePei MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
FileExplorerDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
FvSimpleFileSystemDxe MdeModulePkg FvSimpleFileSystemDxe: Fix memory leak in Read function 2018-07-27 08:54:40 +08:00
HiiDatabaseDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
HiiResourcesSampleDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
LegacyRegion2Dxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
LoadFileOnFv2 MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
LockBox/SmmLockBox MdeModulePkg/SmmLockBox: [CVE-2017-5753] Fix bounds check bypass 2018-09-30 13:06:42 +08:00
MemoryTest MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
Metronome MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
MonotonicCounterRuntimeDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
Network MdeModulePkg/UefiPxeBcDxe: Add the clarification compared to UefiPxeBcDxe in NetworkPkg. 2018-09-27 09:00:05 +08:00
PCD MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
PcatSingleSegmentPciCfg2Pei MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
PlatformDriOverrideDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
PrintDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
PropertiesTableAttributesDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
RegularExpressionDxe MdeModulePkg/RegularExpressionDxe: modify inf to pass vs 2012 build 2018-09-28 12:48:43 +08:00
ReportStatusCodeRouter MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
ResetSystemPei MdeModulePkg: Clean up source files 2018-06-28 11:19:45 +08:00
ResetSystemRuntimeDxe MdeModulePkg: Remove redundant library classes and GUIDs 2018-08-20 14:53:45 +08:00
SectionExtractionDxe MdeModulePkg: Clean up source files 2018-06-28 11:19:45 +08:00
SectionExtractionPei MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
SecurityStubDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
SerialDxe MdeModulePkg: Clean up source files 2018-06-28 11:19:45 +08:00
SetupBrowserDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
SmbiosDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
SmbiosMeasurementDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
SmmCommunicationBufferDxe MdeModulePkg: Remove redundant library classes and GUIDs 2018-08-20 14:53:45 +08:00
StatusCodeHandler MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
TimestampDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00
Variable MdeModulePkg/Variable: [CVE-2017-5753] Fix bounds check bypass 2018-09-30 13:06:42 +08:00
WatchdogTimerDxe MdeModulePkg: Removing ipf which is no longer supported from edk2. 2018-09-06 15:25:16 +08:00