TL;DR
This paper analyzes security flaws in the UEFI EDK II image loader and proposes a formally verified, hardened alternative to improve security and integration with firmware systems.
Contribution
It identifies security issues in the existing UEFI image loader and introduces a formally verified, secure loader supporting PE and TE images with enhanced protections.
Findings
Existing EDK II image loader has multiple security flaws.
Proposed verified loader improves security and robustness.
Supports both PE and TE image formats.
Abstract
The Unified Extensible Firmware Interface (UEFI) is a standardised interface between the firmware and the operating system used in all x86-based platforms over the past ten years, which continues to spread to other architectures such as ARM and RISC-V. The UEFI incorporates a modular design based on images containing a driver or an application in a Common Object File Format (COFF) either as a Portable Executable (PE) or as a Terse Executable (TE). The de-facto standard generic UEFI services implementation, including the image loading functionality, is TianoCore EDK II. Its track of security issues shows numerous design and implementation flaws some of which are yet to be addressed. In this paper we outline both the requirements for a secure UEFI Image Loader and the issues of the existing implementation. As an alternative we propose a formally verified Image Loader supporting both PE…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
