diff options
| author | Guomin Jiang <guomin.jiang@intel.com> | 2020-07-08 09:33:46 +0800 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2020-07-28 01:43:16 +0000 |
| commit | 1facb8fdef6389f390b66da6d8304f54cc93104a (patch) | |
| tree | 0b09b4df978e8ebc995b6a7df545c84f367c8cd2 /MdeModulePkg/Core | |
| parent | a44f558a84c67cd88b8215d4c076123cf58438f4 (diff) | |
| download | edk2-1facb8fdef6389f390b66da6d8304f54cc93104a.tar.gz edk2-1facb8fdef6389f390b66da6d8304f54cc93104a.tar.bz2 edk2-1facb8fdef6389f390b66da6d8304f54cc93104a.zip | |
MdeModulePkg: Add new PCD to control the evacuate temporary memory feature (CVE-2019-11098)
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1614
The security researcher found that we can get control after NEM disable.
The reason is that the flash content reside in NEM at startup and the
code will get the content from flash directly after disable NEM.
To avoid this vulnerability, the feature will copy the PEIMs from
temporary memory to permanent memory and only execute the code in
permanent memory.
The vulnerability is exist in physical platform and haven't report in
virtual platform, so the virtual can disable the feature currently.
When enable the PcdMigrateTemporaryRamFirmwareVolumes, always shadow
all PEIMs no matter the condition of PcdShadowPeimOnBoot or
PcdShadowPeimOnS3Boot.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Diffstat (limited to 'MdeModulePkg/Core')
0 files changed, 0 insertions, 0 deletions