Re: [PATCH EDK2 v2 1/1] SecurityPkg/DxeImageVerificationLib:Enhanced verification of Offset


Laszlo Ersek
 

On 08/18/20 12:24, Marvin Häuser wrote:
Good day everyone,

First off, for your information, I'm sending from my new e-mail address
from now on.
Thanks -- can you please update your email in bugzilla too? (Before
sending my email, I made sure I'd include your email address as seen in
bugzilla.)

Please excuse me, I cannot read your entire thread right now, I will
definitely make sure to catch up as soon as time permits, but I just
wanted to confirm we are indeed working on a reimplementation of the PE
loader.
Awesome, thank you.

It involves correcting several security issues (which will be detailed
as the patches are sent as anything else would be too much work for us
right now), reducing code duplication (how often is the hashing
algorithm duplicated across edk2? :) ) and a more or less experimental
approach to formal verification. We plan to submit it this year, however
please note that this is a low priority project and is not being worked
on on a full-time basis.
OK.

Please let us know about your own plans so we do not end up duplicating
work.
I got no plans; I'm just happy that you can work on this (even if with
low priority) where I had to give up.

Thanks!
Laszlo

Join devel@edk2.groups.io to automatically receive all group messages.