Attention is currently required from: Michał Żygowski, Martin L Roth, Patrick Rudolph, Benjamin Doron, Paul Menzel, Arthur Heymans.
1 comment:
Patchset:
We considered moving the variable stack into coreboot, but it would be a lot of work: multiple modules, many libraries, all of it assuming the presence of a UEFI environment.
Into boot-time coreboot or into its SMI handler? And what would be the benefit?
Or are you referring to CB:64072?
Not specifically, don't know what they are doing there. I'm not talking about FSP.
I mean the very general concept of writing something in flash or memory that the
firmware can pick up on the next boot. I've been told once that this would be the
proper strategy to validate variables in smmstore.
People have been trying to secure updates to firmware or variables by SMM means
for more than two decades and failed. There are better concepts now and I don't
see a reason to retrofit failed ones into coreboot.
One example would be vboot. There's a writable space in the firmware flash but
its content is only considered by firmware when its signature verifies. The same
could be done with efivars, I suppose. Your UEFI payload would have to ignore
entries with invalid signatures.
Something like validating the signatures once and then migrating the data into
a secured part of the flash would be possible too, but needs a more complex
implementation.
To view, visit change 70378. To unsubscribe, or for help writing mail filters, visit settings.