[edk2-devel] [PATCH v2 15/15] OvfmPkg/VmgExitLib: Validate #VC MMIO is to un-encrypted memory

Laszlo Ersek lersek at redhat.com
Thu Jan 7 17:48:44 UTC 2021 

On 01/07/21 18:33, Tom Lendacky wrote:
> On 1/7/21 11:27 AM, Laszlo Ersek via groups.io wrote:
>> On 01/06/21 22:21, Lendacky, Thomas wrote:
>>> From: Tom Lendacky <thomas.lendacky at amd.com>
>>>
>>> BZ:
>>> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3108&data=04%7C01%7Cthomas.lendacky%40amd.com%7Cbb067ba9ec7d47a785b108d8b33192f1%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637456372789618447%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=4gBvuWLwJxtPwahzl%2BjC6sNb%2FEgb0WmGscSwSdKBPOQ%3D&reserved=0
>>>
>>>
>>> When SEV-ES is active, and MMIO operation will trigger a #VC and the
>>> VmgExitLib exception handler will process this MMIO operation.
>>>
>>> A malicious hypervisor could try to extract information from encrypted
>>> memory by setting a reserved bit in the guests nested page tables for
>>> a non-MMIO area. This can result in the encrypted data being copied into
>>> the GHCB shared buffer area and accessed by the hypervisor.
>>>
>>> Prevent this by ensuring that the MMIO source/destination is
>>> un-encrypted
>>> memory. For the APIC register space, access is allowed in general.
>>>
>>> Cc: Jordan Justen <jordan.l.justen at intel.com>
>>> Cc: Laszlo Ersek <lersek at redhat.com>
>>> Cc: Ard Biesheuvel <ard.biesheuvel at arm.com>
>>> Cc: Brijesh Singh <brijesh.singh at amd.com>
>>> Acked-by: Laszlo Ersek <lersek at redhat.com>
>>> Signed-off-by: Tom Lendacky <thomas.lendacky at amd.com>
>>> ---
>>>   OvmfPkg/AmdSev/AmdSevX64.dsc                                 |  1 +
>>>   OvmfPkg/OvmfPkgX64.dsc                                       |  1 +
>>>   OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf |  2 +-
>>>   OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf                 |  2 +
>>>   OvmfPkg/Library/VmgExitLib/VmgExitLib.inf                    |  2 +
>>>   OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c                | 81
>>> ++++++++++++++++++++
>>>   6 files changed, 88 insertions(+), 1 deletion(-)
>>
>> Looks OK, thanks.
> 
> Thanks for the review, Laszlo! I've applied all of your comments for
> this series should a v3 need to be submitted.

Actually, I'd prefer that, if you have v3 handy already! If you post v3
at once, I might be able to merge it today.

Thanks
Laszlo



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#69946): https://edk2.groups.io/g/devel/message/69946
Mute This Topic: https://groups.io/mt/79485098/1813853
Mute #vc:https://edk2.groups.io/g/devel/mutehashtag/vc
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list