From: Markus Armbruster <armbru@redhat.com>
To: Laszlo Ersek <lersek@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Peter Maydell <peter.maydell@linaro.org>,
Libvirt <libvir-list@redhat.com>,
Peter Krempa <pkrempa@redhat.com>,
QEMU Developers <qemu-devel@nongnu.org>,
Qemu-block <qemu-block@nongnu.org>
Subject: Re: [Qemu-devel] Configuring pflash devices for OVMF firmware
Date: Thu, 31 Jan 2019 09:33:16 +0100 [thread overview]
Message-ID: <87imy5dy5v.fsf@dusky.pond.sub.org> (raw)
In-Reply-To: <9dc7c83c-a63c-9cde-1267-43bc62e73436@redhat.com> (Laszlo Ersek's message of "Wed, 30 Jan 2019 17:38:33 +0100")
Laszlo Ersek <lersek@redhat.com> writes:
> On 01/30/19 15:33, Paolo Bonzini wrote:
>> On 30/01/19 15:13, Markus Armbruster wrote:
>>> -global driver=cfi.pflash01,property=secure,value=on
>>>
>>> Affects *all* such devices, but fortunately we have at most two, and
>>> the one we don't want to affect happens to ignore the property value.
>>
>> Is this true? I think both need secure=on, at least on x86.
>
> commit f71e42a5c98722d6faa5be84a34fbad90d27dc04
> Author: Paolo Bonzini <pbonzini@redhat.com>
> Date: Wed Apr 8 14:09:43 2015 +0200
>
> pflash_cfi01: add secure property
>
> When this property is set, MMIO accesses are only allowed with the
> MEMTXATTRS_SECURE attribute. This is used for secure access to UEFI
> variables stored in flash.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
>
> If you don't add "secure=on" to unit#0, then MMIO accesses will be
> possible outside of SMM. From those, I'd hazard "MMIO reads" are
> generally irrelevant. "MMIO writes" could succeed to the RAM image, but:
>
> - they are never written back to the disk (due to readonly=on),
>
> - the actual contents of unit#0 stops mattering as soon as the SEC phase
> decompresses the PEIFV and DXEFV firmware volumes from it, to DRAM.
> The SMM infrastructure is then constructed in SMRAM from DRAM. By the
> time a 3rd party UEFI application or driver, or an OS, is reached, the
> sensitive bits are all locked in SMRAM.
>
> ... But, I wonder if S3 resume would be under threat in this case. In
> that case, SEC runs again (from pflash), and it re-decompresses
> PEIFV/DXEFV from pflash to DRAM. If the in-memory image of pflash
> doesn't revert to the (pristine, due to readonly=on) disk image at
> platform reset, then I reckon there could be a problem; the SEC code and
> the compressed FVs could have been tampered with in memory.
>
> I guess it's best to apply secure=on to unit#0 as well, after all :)
I thought secure=on affected only writes (and so wouldn't matter with
readonly=on), but I was wrong:
static MemTxResult pflash_mem_read_with_attrs(void *opaque, hwaddr addr, uint64_t *value,
unsigned len, MemTxAttrs attrs)
{
pflash_t *pfl = opaque;
bool be = !!(pfl->features & (1 << PFLASH_BE));
if ((pfl->features & (1 << PFLASH_SECURE)) && !attrs.secure) {
*value = pflash_data_read(opaque, addr, len, be);
} else {
*value = pflash_read(opaque, addr, len, be);
}
return MEMTX_OK;
}
pflash_data_read() is what pflash_read() does when pfl->cmd is 0.
Hmm, why is it okay to treat all pfl->cmd values the same when
secure=on?
next prev parent reply other threads:[~2019-01-31 8:33 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-25 15:03 [Qemu-devel] Configuring pflash devices for OVMF firmware Markus Armbruster
2019-01-28 7:58 ` Laszlo Ersek
2019-01-28 10:39 ` Peter Maydell
2019-01-28 12:40 ` [Qemu-devel] [libvirt] " Gerd Hoffmann
2019-01-28 13:06 ` Peter Maydell
2019-01-28 14:55 ` Laszlo Ersek
2019-01-28 14:58 ` Peter Maydell
2019-01-28 15:03 ` Laszlo Ersek
2019-01-30 7:36 ` Markus Armbruster
2019-01-30 8:00 ` Gerd Hoffmann
2019-01-30 7:24 ` [Qemu-devel] " Markus Armbruster
2019-01-30 15:24 ` Peter Maydell
2019-01-30 16:44 ` Laszlo Ersek
2019-01-30 17:24 ` Peter Maydell
2019-01-31 8:52 ` Markus Armbruster
2019-01-31 10:01 ` Peter Maydell
2019-01-31 10:24 ` Markus Armbruster
2019-01-31 10:34 ` Peter Maydell
2019-01-31 12:05 ` Markus Armbruster
2019-01-30 14:13 ` Markus Armbruster
2019-01-30 14:33 ` Paolo Bonzini
2019-01-30 16:38 ` Laszlo Ersek
2019-01-31 8:33 ` Markus Armbruster [this message]
2019-01-31 9:19 ` Paolo Bonzini
2019-01-31 9:37 ` Markus Armbruster
2019-01-31 12:02 ` Laszlo Ersek
2019-01-31 12:10 ` Paolo Bonzini
2019-01-31 12:51 ` Markus Armbruster
2019-01-31 8:40 ` Markus Armbruster
2019-01-31 9:19 ` Paolo Bonzini
2019-01-31 9:41 ` Markus Armbruster
2019-01-31 10:12 ` Paolo Bonzini
2019-01-31 12:12 ` Markus Armbruster
2019-01-31 22:57 ` Paolo Bonzini
2019-01-31 23:28 ` Alexandro Sanchez Bach
2019-01-31 23:54 ` Paolo Bonzini
2019-02-01 2:49 ` Ning, Yu
2019-02-04 10:00 ` Paolo Bonzini
2019-02-01 8:58 ` Markus Armbruster
2019-01-31 11:57 ` Laszlo Ersek
2019-02-19 7:19 ` Markus Armbruster
2019-02-22 13:28 ` Markus Armbruster
2019-02-07 9:30 ` Markus Armbruster
2019-02-07 12:31 ` Laszlo Ersek
2019-02-07 13:49 ` Markus Armbruster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87imy5dy5v.fsf@dusky.pond.sub.org \
--to=armbru@redhat.com \
--cc=lersek@redhat.com \
--cc=libvir-list@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=pkrempa@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.