UefiCpuPkg/CpuMpPei: Enable paging and set NP flag to avoid TOCTOU (CVE-2019-11098) (d7c9de51) · Commits · Infra Solutions / Reference Design / platsw / edk2

Commit d7c9de51 authored Jul 02, 2020 by Guomin Jiang Committed by mergify[bot] Jul 28, 2020

UefiCpuPkg/CpuMpPei: Enable paging and set NP flag to avoid TOCTOU (CVE-2019-11098)

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1614



To avoid the TOCTOU, enable paging and set Not Present flag so when
access any code in the flash range, it will trigger #PF exception.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

parent 012809cd

Hide whitespace changes

Inline Side-by-side

Please register or to comment