All of lore.kernel.org
 help / color / mirror / Atom feed
From: Laszlo Ersek <lersek@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
	Markus Armbruster <armbru@redhat.com>,
	Peter Maydell <peter.maydell@linaro.org>
Cc: Libvirt <libvir-list@redhat.com>,
	Peter Krempa <pkrempa@redhat.com>,
	QEMU Developers <qemu-devel@nongnu.org>,
	Qemu-block <qemu-block@nongnu.org>
Subject: Re: [Qemu-devel] Configuring pflash devices for OVMF firmware
Date: Wed, 30 Jan 2019 17:38:33 +0100	[thread overview]
Message-ID: <9dc7c83c-a63c-9cde-1267-43bc62e73436@redhat.com> (raw)
In-Reply-To: <300bdcd7-fbde-d7a3-12a0-eafdc0aa58f6@redhat.com>

On 01/30/19 15:33, Paolo Bonzini wrote:
> On 30/01/19 15:13, Markus Armbruster wrote:
>>     -global driver=cfi.pflash01,property=secure,value=on
>>
>> Affects *all* such devices, but fortunately we have at most two, and
>> the one we don't want to affect happens to ignore the property value.
>
> Is this true?  I think both need secure=on, at least on x86.

commit f71e42a5c98722d6faa5be84a34fbad90d27dc04
Author: Paolo Bonzini <pbonzini@redhat.com>
Date:   Wed Apr 8 14:09:43 2015 +0200

    pflash_cfi01: add secure property

    When this property is set, MMIO accesses are only allowed with the
    MEMTXATTRS_SECURE attribute.  This is used for secure access to UEFI
    variables stored in flash.

    Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

If you don't add "secure=on" to unit#0, then MMIO accesses will be
possible outside of SMM. From those, I'd hazard "MMIO reads" are
generally irrelevant. "MMIO writes" could succeed to the RAM image, but:

- they are never written back to the disk (due to readonly=on),

- the actual contents of unit#0 stops mattering as soon as the SEC phase
  decompresses the PEIFV and DXEFV firmware volumes from it, to DRAM.
  The SMM infrastructure is then constructed in SMRAM from DRAM. By the
  time a 3rd party UEFI application or driver, or an OS, is reached, the
  sensitive bits are all locked in SMRAM.

... But, I wonder if S3 resume would be under threat in this case. In
that case, SEC runs again (from pflash), and it re-decompresses
PEIFV/DXEFV from pflash to DRAM. If the in-memory image of pflash
doesn't revert to the (pristine, due to readonly=on) disk image at
platform reset, then I reckon there could be a problem; the SEC code and
the compressed FVs could have been tampered with in memory.

I guess it's best to apply secure=on to unit#0 as well, after all :)

Thanks!
Laszlo

  reply	other threads:[~2019-01-30 16:38 UTC|newest]

Thread overview: 45+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-01-25 15:03 [Qemu-devel] Configuring pflash devices for OVMF firmware Markus Armbruster
2019-01-28  7:58 ` Laszlo Ersek
2019-01-28 10:39 ` Peter Maydell
2019-01-28 12:40   ` [Qemu-devel] [libvirt] " Gerd Hoffmann
2019-01-28 13:06     ` Peter Maydell
2019-01-28 14:55       ` Laszlo Ersek
2019-01-28 14:58         ` Peter Maydell
2019-01-28 15:03           ` Laszlo Ersek
2019-01-30  7:36       ` Markus Armbruster
2019-01-30  8:00         ` Gerd Hoffmann
2019-01-30  7:24   ` [Qemu-devel] " Markus Armbruster
2019-01-30 15:24     ` Peter Maydell
2019-01-30 16:44       ` Laszlo Ersek
2019-01-30 17:24         ` Peter Maydell
2019-01-31  8:52           ` Markus Armbruster
2019-01-31 10:01             ` Peter Maydell
2019-01-31 10:24               ` Markus Armbruster
2019-01-31 10:34                 ` Peter Maydell
2019-01-31 12:05                   ` Markus Armbruster
2019-01-30 14:13   ` Markus Armbruster
2019-01-30 14:33     ` Paolo Bonzini
2019-01-30 16:38       ` Laszlo Ersek [this message]
2019-01-31  8:33         ` Markus Armbruster
2019-01-31  9:19           ` Paolo Bonzini
2019-01-31  9:37             ` Markus Armbruster
2019-01-31 12:02               ` Laszlo Ersek
2019-01-31 12:10               ` Paolo Bonzini
2019-01-31 12:51                 ` Markus Armbruster
2019-01-31  8:40       ` Markus Armbruster
2019-01-31  9:19         ` Paolo Bonzini
2019-01-31  9:41           ` Markus Armbruster
2019-01-31 10:12             ` Paolo Bonzini
2019-01-31 12:12               ` Markus Armbruster
2019-01-31 22:57                 ` Paolo Bonzini
2019-01-31 23:28                   ` Alexandro Sanchez Bach
2019-01-31 23:54                     ` Paolo Bonzini
2019-02-01  2:49                       ` Ning, Yu
2019-02-04 10:00                         ` Paolo Bonzini
2019-02-01  8:58                   ` Markus Armbruster
2019-01-31 11:57           ` Laszlo Ersek
2019-02-19  7:19       ` Markus Armbruster
2019-02-22 13:28         ` Markus Armbruster
2019-02-07  9:30 ` Markus Armbruster
2019-02-07 12:31   ` Laszlo Ersek
2019-02-07 13:49     ` Markus Armbruster

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=9dc7c83c-a63c-9cde-1267-43bc62e73436@redhat.com \
    --to=lersek@redhat.com \
    --cc=armbru@redhat.com \
    --cc=libvir-list@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=peter.maydell@linaro.org \
    --cc=pkrempa@redhat.com \
    --cc=qemu-block@nongnu.org \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.