lersek / edk2

Clone
Source Code
GIT

85b8eac OvfmPkg/VmgExitLib: Validate #VC MMIO is to un-encrypted memory

6 files Authored by Tom Lendacky 3 years ago, Committed by mergify[bot] 3 years ago,
raw patch tree parent
6 files changed. 88 lines added. 1 lines removed.
OvmfPkg/AmdSev/AmdSevX64.dsc
file modified
+1 -0
OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
file modified
+1 -1
OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf
file modified
+2 -0
OvmfPkg/Library/VmgExitLib/VmgExitLib.inf
file modified
+2 -0
OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c
file modified
+81 -0
OvmfPkg/OvmfPkgX64.dsc
file modified
+1 -0 
    OvfmPkg/VmgExitLib: Validate #VC MMIO is to un-encrypted memory
    
    BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3108
    
    When SEV-ES is active, and MMIO operation will trigger a #VC and the
    VmgExitLib exception handler will process this MMIO operation.
    
    A malicious hypervisor could try to extract information from encrypted
    memory by setting a reserved bit in the guests nested page tables for
    a non-MMIO area. This can result in the encrypted data being copied into
    the GHCB shared buffer area and accessed by the hypervisor.
    
    Prevent this by ensuring that the MMIO source/destination is un-encrypted
    memory. For the APIC register space, access is allowed in general.
    
    Cc: Jordan Justen <jordan.l.justen@intel.com>
    Cc: Laszlo Ersek <lersek@redhat.com>
    Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
    Cc: Brijesh Singh <brijesh.singh@amd.com>
    Acked-by: Laszlo Ersek <lersek@redhat.com>
    Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
    Message-Id: <0cf28470ad5e694af45f7f0b35296628f819567d.1610045305.git.thomas.lendacky@amd.com>
file modified
+1 -0
file modified
+1 -1
file modified
+2 -0
file modified
+2 -0
file modified
+81 -0
file modified
+1 -0
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.