[edk2-devel] [PATCH v2 15/15] OvfmPkg/VmgExitLib: Validate #VC MMIO is to un-encrypted memory

Lendacky, Thomas thomas.lendacky at amd.com
Thu Jan 7 18:37:10 UTC 2021 

On 1/7/21 11:48 AM, Laszlo Ersek wrote:
> On 01/07/21 18:33, Tom Lendacky wrote:
>> On 1/7/21 11:27 AM, Laszlo Ersek via groups.io wrote:
>>> On 01/06/21 22:21, Lendacky, Thomas wrote:
>>>> From: Tom Lendacky <thomas.lendacky at amd.com>
>>>>
>>>> BZ:
>>>> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3108&data=04%7C01%7Cthomas.lendacky%40amd.com%7C453c7f11dc9644b6d4da08d8b3347fe4%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637456385366877210%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Cult780PSvxJzDcU7nDt9USCtQxffzjLgEAzsBtzmhA%3D&reserved=0
>>>>
>>>>
>>>> When SEV-ES is active, and MMIO operation will trigger a #VC and the
>>>> VmgExitLib exception handler will process this MMIO operation.
>>>>
>>>> A malicious hypervisor could try to extract information from encrypted
>>>> memory by setting a reserved bit in the guests nested page tables for
>>>> a non-MMIO area. This can result in the encrypted data being copied into
>>>> the GHCB shared buffer area and accessed by the hypervisor.
>>>>
>>>> Prevent this by ensuring that the MMIO source/destination is
>>>> un-encrypted
>>>> memory. For the APIC register space, access is allowed in general.
>>>>
>>>> Cc: Jordan Justen <jordan.l.justen at intel.com>
>>>> Cc: Laszlo Ersek <lersek at redhat.com>
>>>> Cc: Ard Biesheuvel <ard.biesheuvel at arm.com>
>>>> Cc: Brijesh Singh <brijesh.singh at amd.com>
>>>> Acked-by: Laszlo Ersek <lersek at redhat.com>
>>>> Signed-off-by: Tom Lendacky <thomas.lendacky at amd.com>
>>>> ---
>>>>    OvmfPkg/AmdSev/AmdSevX64.dsc                                 |  1 +
>>>>    OvmfPkg/OvmfPkgX64.dsc                                       |  1 +
>>>>    OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf |  2 +-
>>>>    OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf                 |  2 +
>>>>    OvmfPkg/Library/VmgExitLib/VmgExitLib.inf                    |  2 +
>>>>    OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c                | 81
>>>> ++++++++++++++++++++
>>>>    6 files changed, 88 insertions(+), 1 deletion(-)
>>>
>>> Looks OK, thanks.
>>
>> Thanks for the review, Laszlo! I've applied all of your comments for
>> this series should a v3 need to be submitted.
> 
> Actually, I'd prefer that, if you have v3 handy already! If you post v3
> at once, I might be able to merge it today.

Will do, I'll send it out very soon.

Thanks,
Tom

> 
> Thanks
> Laszlo
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#69948): https://edk2.groups.io/g/devel/message/69948
Mute This Topic: https://groups.io/mt/79485098/1813853
Mute #vc:https://edk2.groups.io/g/devel/mutehashtag/vc
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list