Skip to content

Latest commit

 

History

History
215 lines (116 loc) · 10.3 KB

Summary.md

File metadata and controls

215 lines (116 loc) · 10.3 KB
Raw

UEFI/EDKII Security Enhancement summary

Code Integrity Guard (CIG)

UEFI Secure Boot

Technology: UEFI image signature verification

Status: Production

The platform variable region need use EFI_AUTHENTICATED_VARIABLE_GUID format.

The variable driver need link AuthVariableLib instance.

UEFI secure boot enable/disable is controlled by variable EFI_SECURE_BOOT_ENABLE_NAME:gEfiSecureBootEnableDisableGuid.

PI FV verified boot

Technology: PI firmware volume verification

Status: Production

The platform PEI (initial boot block) need verify the OEM boot block (OBB) by using FvReportPei, after memory is discovered.

The platform need install EDKII_PEI_FIRMWARE_VOLUME_INFO_STORED_HASH_FV_PPI to convey FVs and hash information of a specific platform.

Data Execution Protection (DEP) & Arbitrary Code Guard (ACG)

Image Protection

Technology: Set PE image code region to readonly, data region to be non-executable.

Status: Production

DXE controlled by: gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy in MdeModulePkg.dec, SMM enabled by default.

Non-Executable Memory protection

Technology: Set data region to be non-executable

Status: Production

DXE controlled by: gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy in MdeModulePkg.dec, SMM enabled by default.

OS Loader Protection

Technology: BIOS publishes the mem_attribute_protocol. OS loader can use it to protect the image.

Status: Prototype

DXE driver is CpuDxe. See Bugzilla 3519

SMM Code Access Check

Technology: Only the SMM code covered by SMRAM Range Register (SMRR) can be executable.

Status: Production

SMM controlled by: gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmCodeAccessCheckEnable in UefiCpuPkg.dec.

NULL pointer detection

Technology: mark the first 4K page to be not present to detect NULL pointer dereference

Status: Production

Controlled by: gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask in MdeModulePkg.dec.

Address Space Layout Randomization (ASLR)

Image Shuffle

Technology: Shuffle the loaded image

Status: Prototype

ImageShuffle is configured by PcdImageShuffleEnable. DXE prototype is at DxeCore, SMM prototype is at PiSmmCore.

Data Buffer Shift

Technology: Shift the data buffer - heap and stack

Status: Prototype

Randomization is configured by PcdASLRMinimumEntropyBits, DXE prototype is at DxeCore and DxeIpl, SMM prototype is at PiSmmCore.

Buffer Overflow Detection

Stack Guard

Technology: Use guard page to detect global stack overflow.

Status: Production

DXE controlled by: gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard in MdeModulePkg.dec, SMM controlled by: gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackGuard in UefiCpuPkg.dec.

Heap Guard

Technology: Use guard page to detect heap overflow.

Status: Debug

Controlled by: gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask in MdeModulePkg.dec, gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType in MdeModulePkg.dec, gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType in MdeModulePkg.dec.

Stack Canary

Technology: Use compiler to insert cookie to detect local stack overflow (need compiler support)

Status: Prototype

MSVC compiler stub (/GS) prototype is at GSStub.c, GCC/LLVM compiler stub (-fstack-protector-strong) prototype is at StackProtectorStub.c.

Address Sanitizer

Technology: Use compiler to insert redzone to detect buffer overflow (need compiler support)

Status: Prototype, Debug

MSVC compiler stub (/RTCs) prototype is at RTCsStub.c, LLVM compiler stub (-fsanitize=address) prototype is at ASanStub.c.

Misc Runtime Check

Undefined Behavior Sanitizer (Type Cast)

Technology: Use compiler to insert runtime check for undefined behavior such as type cast. (need compiler support)

Status: Prototype, Debug

MSVC compiler stub (/RTCc) prototype is at RTCcStub.c, LLVM compiler stub (-fsanitize=undefined) protype is at UBSanStub.c.

Memory Sanitizer (Uninitialized Access)

Technology: Use compiler to insert check to detect uninitialized data read. (need compiler support)

Status: Prototype, Debug

MSVC compiler stub (/RTCu) prototype is at RTCuStub.c, LLVM (-fsanitize=memory) cannot be enabled because it does not support windows platform yet.

Control Flow

Shadow Stack (Intel CET-SS)

Technology : return address protection to defend against Return Oriented Programming

Status: SMM production, DXE prototype

SMM shadow stack is controlled by gEfiMdePkgTokenSpaceGuid.PcdControlFlowEnforcementPropertyMask in MdePkg.c, DXE shadow stack prototype is at DxeCet.

Indirect Branch Tracking (Intel CET-IBT)

Technology : free branch protection to defend against Jump/Call Oriented Programming (need compiler support)

Status: Prototype

Prototype is at Ibt. The IBT cannot be enabled in MSVC, because the compiler does NOT support it yet.

Software Control Flow Integrity/Guard (CFI/CFG)

Technology : Use compiler to insert control flow check to detect control flow attack (need compiler support)

Status: Prototype

MSVC compiler stub (/guard:cf) prototype is at CfgStub.c, LLVM compiler stub (-fsanitize=cfi) prototype is at CfiStub.c.

PreBoot DMA Prevention

IOMMU Engine Based Protection (Intel VTd)

Technology : Enable IOMMU in BIOS to prevent DMA attack from device.

Status: Production

DXE enabled by: IntelVTdDxe, PEI enabled by: IntelVTdDmarPei.

Silicon specific DMA Protection (Intel VTd PMR)

Technology : Enable Protected Memory Region (PMR) in PEI phase as a lightweight solution.

Status: Production

PEI enabled by: IntelVTdPmrPei.

Reference

A list of security whitepaper can be found at EDK II Security White Papers.

  1. A Tour Beyond BIOS - Security Enhancement to Mitigate Buffer Overflow in UEFI

  2. A Tour Beyond BIOS - Memory Map And Practices in UEFI BIOS

  3. SMM protection in EDKII

  4. CET-in-SMM

  5. A Tour Beyond BIOS - Using IOMMU for DMA Protection in UEFI firmware

  6. Windows DMA Protection

  7. Intel 64 and IA-32 Architectures Software Developer Manuals