Re: [RFC PATCH 04/31] lmb: remove local instances of the lmb structure variable

[Tom Rini <trini@konsulko.com>]

[-- Attachment #1: Type: text/plain, Size: 3590 bytes --]

On Thu, Jun 13, 2024 at 09:22:15AM -0600, Simon Glass wrote:
> Hi Tom,
> 
> On Wed, 12 Jun 2024 at 15:40, Tom Rini <trini@konsulko.com> wrote:
> >
> > On Wed, Jun 12, 2024 at 02:24:25PM -0600, Simon Glass wrote:
> > > Hi Tom,
> > >
> > > On Wed, 12 Jun 2024 at 11:22, Tom Rini <trini@konsulko.com> wrote:
> > > >
> > > > On Tue, Jun 11, 2024 at 08:41:39PM -0600, Simon Glass wrote:
> > > >
> > > > [snip]
> > > > > Also IMO there is only really one LMB list today. We create it at the
> > > > > start of bootm and then it is done when we boot. The file-loading
> > > > > stuff is what makes all this confusing...and with bootstd that is
> > > > > under control as well.
> > > > >
> > > > > At lot of this effort seems to be about dealing with random scripts
> > > > > which load things. We want to make sure we complain if something
> > > > > overlaps. But we should be making the bootstd case work nicely and
> > > > > doing things within that framework. Also EFI sort-of has its own
> > > > > thing, which it is very-much in control of.
> > > > >
> > > > > Overall I think this is a bit more subtle that just combining allocators.
> > > >
> > > > I think this gets to the main misunderstanding. The problem isn't
> > > > handling bootstd, or EFI boot, or even assorted scripts. Those are all
> > > > cases where things are otherwise (sufficiently) well-defined. The
> > > > problem is "security" and that a "carefully crafted payload" could do
> > > > something malicious. That's why we have to do all of this stuff sooner
> > > > rather than later in our boot process.
> > >
> > > That's the first I have heard of this, actually, but a bit more detail
> > > would help. How does the payload get loaded? I'm just not sure about
> > > the overall goals. It seems that everyone else is already familiar -
> > > can someone please take the time to point me to the details?
> >
> > Well, the short version I believe of the first CVE we got (and so
> > started abusing LMB) was along the lines of "load an image near where
> > the U-Boot stack is, smash things for fun and exploits".
> 
> OK. I am surprised that LMB does not catch that. It is supposed to add
> the stack and various other things right at the start before loading
> any file. So even if it clears the LMB each time, it should not be
> able to do that. Having said this, the code may be buggy as I don't
> think we have tests for U-Boot's overall functional behaviour in these
> situations.

Right, LMB does catch the example I gave (because we made all of the
load from storage/network functions init an lmb and we always make sure
a new lmb gets U-Boot stack/etc). The next thing we didn't catch was
"what if EFI does the loading?" and we've kludged around that, and in
turn had some of the thorny questions. Some of that is what I think
you're asking about in this part of the thread, to which the answer is
"EFI spec says you need to place X in memory", so we just need to
reserve it when it's asked for, so that something else can't come along
and smash it maliciously.

But that also raised the more general problem, and why we need a
persistent reservation list, of allowing boards/SoCs to say they want to
reserve a block of memory for whatever, and have that obeyed, for real.
For example, the mach-apple logic of "just pick some memory locations to
use for kernel/dtb/initrd" isn't really as safe as it should be since
those reservations aren't really seen anywhere once the function
returns, it's just setting some environment variables.

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]