On Tue, 2021-11-23 at 14:36 +0000, Yao, Jiewen wrote: > > This strict isolation between DXE and PEI means that once we're in > > DXE, any bugs in PEI can't be exploited to attack the DXE > > environment. > > [jiewen] I would disagree the statement above. > There is not strict isolation. Actually no isolation at all. > The DXE is loaded by PEI.
Not in OVMF ... DXE and PEI are actually loaded by SEC. PEI eventually jumps to execute DXE but that's after all its own tasks are completed. > A bug in PEI has global impact and it can definitely be used to > attack the DXE. Only if it can be exploited. Moving things to PEI is mitigating the exploitability not the bugs. The point about exploitability and PEI is that it doesn't read any config files, it can't execute any EFI binaries and it has no Human Interface modules so can't be influenced even by a physically present attacker. No ability to influence is what removes the ability to exploit. James -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#83949): https://edk2.groups.io/g/devel/message/83949 Mute This Topic: https://groups.io/mt/86739864/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-