ccc-linux-guest-hardening [Hardening aspect] EFI boot stub audit & hardening

[Hardening aspect] EFI boot stub audit & hardening

Open ereshetova opened this issue 11 months ago • 0 comments

Problem

If a CoCo guest is booted using drivers/firmware/efi/libstub, this code needs to be audited, fuzzed and hardened to withstand malicious inputs from host/VMM. In particular some components of efi boot stub are actively receiving inputs from the host, such as Graphics Output Protocol.

Solution

Audit, fuzz & harden the code.

Mar 13 '24 08:03 ereshetova

ccc-linux-guest-hardening ccc-linux-guest-hardening copied to clipboard

[Hardening aspect] EFI boot stub audit & hardening

ccc-linux-guest-hardening
ccc-linux-guest-hardening copied to clipboard