MdeModulePkg/Core: Create Migrated FV Info Hob for calculating hash (CVE-2019-11098) (4b68cef0) · Commits · Infra Solutions / Reference Design / platsw / edk2

Commit 4b68cef0 authored Jun 29, 2020 by Guomin Jiang Committed by mergify[bot] Jul 28, 2020

MdeModulePkg/Core: Create Migrated FV Info Hob for calculating hash (CVE-2019-11098)

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1614



When we allocate pool to save the rebased PEIMs, the address will change
randomly, therefore the hash will change and result PCR0 change as well.
To avoid this, we save the raw PEIMs and use it to calculate hash.

The MigratedFvInfo HOB will never produce when
PcdMigrateTemporaryRamFirmwareVolumes is FALSE, because the PCD control
the total feature.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Debkumar De <debkumar.de@intel.com>
Cc: Harry Han <harry.han@intel.com>
Cc: Catharine West <catharine.west@intel.com>
Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

parent 479613bd

Hide whitespace changes

Inline Side-by-side

Please register or to comment