From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.85]) by mx.groups.io with SMTP id smtpd.web08.34425.1620052130132170762 for ; Mon, 03 May 2021 07:28:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=mmg5UJ9g; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.244.85, mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bvrIPR6jxXaKJ4UsQ26pFa9mErodsSWap29KcXrfv/QAPd7MaDDvTpV5gxeC9RePGJzHla5AjVopZa3zZGIldJrkDWIqsDElFgAIcmYW8rT2vskU0zDMbzjdT0hvsCIQ5gX0E+sz50lY0zzp53hYN6qyssEPZD2daAkfRTCwGUvQoVTB8Ul59EtIDs0NtNY4uOPzit6wQ2+lTyxLtjjB5mW6HEK5DvOri4Yl5mOi255OZhvEhlZQWhQVvexM1P17psAuzrMEvI6RJzLjRPuDRnzwlLI9Z4J+rWG0mOOUh5i5ktMA45YYewKO2gJ5ls3SmU/611S5RPEmXheNTpK1Tw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TXMC43xqGMenUQHHc889CUDLE+GvFRiEULW0ERnNNRE=; b=mTM0XuNWfR9157efx4ZKvShn/JV9yc8vbIeJjmyXbha+LeUIlg0Xr/B7kZ9qEuwSDYgcs8fP902qIMJlD2BvRCFWD8f4BQDXfS7RvrzQruki4v1lrEldMk+kNhoo4r8HWUHES6IYuAGoZ1z3skf57hQY+1ii0XoSeH0xsblUZPQnXt6AU+cRMn1fziljUn1wR0U3AwsWuL/S0diLSh4xZAMfHlx9dthoRs3S/H3NaklmnyQkg+I70Kkv4aRmAFen2ODX/c7qbp3j/jZEQYgJZ/IdEdj3Owgkeav243tDpuYMgvKLPpZ60TgPygLwgutIRFUDzPcPjEOMgVDGmg1fqg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TXMC43xqGMenUQHHc889CUDLE+GvFRiEULW0ERnNNRE=; b=mmg5UJ9gmkbNqx/Ukfrx1KUSlbxNVDsZLWM0lBJICPi2pxvgbskeXsPqfpv1pYe5mo7A8rATaqr1oqSJP4QZTezCewNZazvU4kSxx36a/0kz7OmTJI6asw/MpSYmHWcLWiBkInOPVOT4TkdMA4pIM1IAgHT9FGrMt5j9U7xvJE0= Authentication-Results: redhat.com; dkim=none (message not signed) header.d=none;redhat.com; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4592.namprd12.prod.outlook.com (2603:10b6:806:9b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4087.35; Mon, 3 May 2021 14:28:48 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4087.044; Mon, 3 May 2021 14:28:48 +0000 Cc: brijesh.singh@amd.com, devel@edk2.groups.io, James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Laszlo Ersek Subject: Re: [PATCH RFC v2 17/28] OvmfPkg/ResetVector: Invalidate the GHCB page To: Erdem Aktas References: <20210430115148.22267-1-brijesh.singh@amd.com> <20210430115148.22267-18-brijesh.singh@amd.com> From: "Brijesh Singh" Message-ID: <110372dd-058f-2c5f-f4d7-7f2cf9c48fb0@amd.com> Date: Mon, 3 May 2021 09:28:45 -0500 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.10.0 In-Reply-To: X-Originating-IP: [70.112.153.56] X-ClientProxiedBy: SN6PR08CA0035.namprd08.prod.outlook.com (2603:10b6:805:66::48) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from Brijeshs-MacBook-Pro.local (70.112.153.56) by SN6PR08CA0035.namprd08.prod.outlook.com (2603:10b6:805:66::48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4087.26 via Frontend Transport; Mon, 3 May 2021 14:28:47 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 86e3a3bc-ef89-4f19-7ee6-08d90e3fc409 X-MS-TrafficTypeDiagnostic: SA0PR12MB4592: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 68DLeDO5QwvgQHC8Q3ys8iaDRvoQXsaw01hIKovzaM2agEx9QukmaiIu2COtkw+80Poq5aDXXxe/9761nJh3wZMGVMtG9kPVvG5rQDvZJRp04nZxUojYOBK6NPeFKKjrKkTqAy9FdHbVGMVYFHlnY255dyFCzm2d9asYo4lqlW8jYA/lOp7ybIRhdWpB+zmlwL5PsV55mpkz2kJTxD7DCEWCUwnTO4W3km/UZGoKATD2uzoZK+kDI/c4eM2K0I5ub0LdsVvK2BX9j/kruYoIDVoHbb6Cu44MQEYwAQ5yjpRsrI9OXcUp67Ibq62Rfc0HrNoEK4tTPx+b4VU6rAieOsZoxJrh4M4P+E3T5mL3yiC6zRto+pie/aTuMzGDV6C7u4/D/Xkz2u1+lWV8EFwPjbIwa5pEfRJc/NlWgrOgIJc665nIHw7LtJPCAfviBRWRCmHJewrwqN6P3opdpdUg8VCtVUxUfBTbEIVByDDSGKK7167e8mjoDscZN1zvSxhHvhtsyV2PgIsYO7oxCfDduAPv659InR+4IAZ98oqbupqtb+CWMaeNWrnyf9tFdXRFYKaKuBldDyHOWywj7bq6XVNjLsZMevzCV7MXrcno+vy1D7Hhj5/V6KKA6mz3w6Vp9XIoKnaCMqtEjoU5p50i98m4bIBIfB6slpsswZmu5GQ1Xga84YG3z6QInHyG6Q1T80bWMmB1Kuo5+LPO7bgHumoVKaBCXab66fBVs5bZGRc= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(366004)(376002)(346002)(136003)(396003)(6916009)(83380400001)(8936002)(186003)(31686004)(86362001)(44832011)(36756003)(2616005)(52116002)(6506007)(53546011)(6512007)(16526019)(8676002)(478600001)(956004)(316002)(54906003)(38100700002)(38350700002)(6486002)(66946007)(4326008)(66556008)(66476007)(26005)(2906002)(31696002)(5660300002)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?B?ZVhSbVhYL29pUHI4b0t3Y0svUUcyTFpHM2w1WFRZM1V6VFR3dHdUdktvTlZT?= =?utf-8?B?WkJtYkVWdXBPanJ6WUcxVnd3N2R4dWNJZnlERWxBUFJsL1BNTURGenJZUXNO?= =?utf-8?B?YytDQTJnRTlQYXI3YmROOEo4WXBkOHcwSjRsOUQ0S2llamI1RktJaXJ4eTVD?= =?utf-8?B?ZE1EMXpVdVpzWHdHMzgvTEZuTlJtbTRpaDVrd2lDNFdHazIvQnN4VThkVHg0?= =?utf-8?B?L2E5SFA2ZThpTWlaOU52QmRnT3pTTHB6dUNwNXVCWU5JdEVpckJ1RDU4S2Qw?= =?utf-8?B?ZFp1aHU0TVRBbndHbnlZSnB1cm1nZ1QrSm5QOEVDenB0Z0h4UG5xWnM2TVpm?= =?utf-8?B?bDkzNXJnM0FIQmtuSElTYjEwYzhLaUxSL2I3em9XRmh5UnVYVmdRb3A3Ym05?= =?utf-8?B?R3NYRHNZajZQaEVlMFJubmQ3cVRzekZ2WmlnR0tTZG5VcGJWL2VKTWU0NmVr?= =?utf-8?B?cVJsVlJzQU5OT1NlY0ZGVmVYdS9TNWxUWS9VcCt1L2NkSXVkWStRNlJrSFpm?= =?utf-8?B?ZjN4TWhIdDdPZlAySXFmL00wSDJidmp6dnVqcGRndjhXYjVpTTY1WWg5ZG5n?= =?utf-8?B?MjhCK1ZkT1FEVzJReFJURXFuVjQ3NUlFVnIweW04ZWt6N2NvYUZBWklqSVd6?= =?utf-8?B?R0lvU2pYSkZ3enYyREtoTFRXdnN2VnFnTVVLYlFoeTVOZUpRbFVFY1prWFVS?= =?utf-8?B?T0hPL01UV2hMbVdkbU9xNlBpQ1QwQk1sdk1ZTFZyZW5TejIveThnaDNKRVhp?= =?utf-8?B?dGF6WXdORTlyTWNkZHZQMlhxYUs5b3BWTmNVL3VSS1V4UDBPWUN0QmVIMEJV?= =?utf-8?B?RVBOcnhaa1p1MHhYOXpCYk90UmRubHorODhEK0YzRDArMUYrNGFESWJaNy9G?= =?utf-8?B?b3JteEpCcnJCQTJON3hHWmhZQklBcXhMZFpFbWVvZmUvYURJUHlQa3JscWNo?= =?utf-8?B?VXJxZjhFTVVwdm5hSkt2QThnOXlNc0NrNkhTT3huZUxIWC9pa3RrZTM1RjBv?= =?utf-8?B?blowUXBsempXVWJGRWFvcytBejBjSUM3bGtSeDZCTnFRZjV3VDJYQXJVb3F6?= =?utf-8?B?eDFGU2d3ZS81OHpjaEF4YWNCa2FUMVI1cm9GODZ6eTlURW83L1duS0Q1Wktl?= =?utf-8?B?MUhERU1jeXlKa0pEdGJyK2NzTnVDdUI2QkUvenRha3ExYUtLZDZjSytIcDVM?= =?utf-8?B?N2o0Q2c1WWo2b3pZWmQ2SnJJMXdMdzJYSy80MzBRZmQxQllYeTV5dFowcktU?= =?utf-8?B?MEZHUElRZU5lOHFHR3ljaDIzdmJWM2VyMVoxT0xHVEtMLzBFWFNlcDRCVTh3?= =?utf-8?B?NmxaWVljQTFMUlRScE56TW45Kzl4WWpvY3BzZU1rRGp2THVvbXVWZ1J0M0ZV?= =?utf-8?B?SUlzWlh2MHQ5V2kwdkhiTm94ZU1abmxnRU5VRlhZZG1Vd3FkL2NyTG1qNlFz?= =?utf-8?B?S0hiTWtySmZ6RE5rUStsMTdCbnFOVlpyOWh1VWU1S3RxSmtEUGlra012dXA5?= =?utf-8?B?WEdUeE5EaElxYWlBSVNMZk1kbVBwWThtUlhna3A4UmR2OXRQQ2VGOVpHazda?= =?utf-8?B?RDZRcFkvTU5vL0NKb1lHYzh6WExpak56Z3I5MUlMLzltdUtlTlBaTzlWRm1s?= =?utf-8?B?bEd0cmdoNW5VS1NFVitSdWNRUlB4R25sWUNOeElCeUJVU2gwcWkzK3k0RzZq?= =?utf-8?B?dUxtTTVBQUcrL21kTHlBWElrQVE1OHZwS3V0Q0Jha1lXRU41S0xleWlWNkwv?= =?utf-8?Q?hqmplXk77edjT0Nh94+2S2oMaTy6g+iHUlKDruU?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 86e3a3bc-ef89-4f19-7ee6-08d90e3fc409 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 May 2021 14:28:48.5980 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: RBBKZB4Saj0wstLShbXbmQWtr8Jqpgb220mHvBmZwluV9WpK1iWD94qSdSg9K/8PmY+kiAqq8MqRr41t8STZCQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4592 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Content-Language: en-US On 5/3/21 8:05 AM, Erdem Aktas wrote: > Hi Brijesh, > I have few naive questions inlined: > > On Fri, Apr 30, 2021 at 4:52 AM Brijesh Singh wrote: >> + ; Use PVALIDATE instruction to invalidate the page >> + mov eax, GHCB_BASE >> + mov ecx, 0 >> + mov edx, 0 >> + DB 0xF2, 0x0F, 0x01, 0xFF >> + cmp eax, 0 >> + jnz TerminateSevGuestLaunch > Any reason why the PVALIDATE return value (EFLAGS.CF) is not checked > here? IMO, this might lead some page replay attacks. Ah, good catch. I will add this in next rev. > >> + ; >> + ; The page table built above cleared the memory encryption mask from the >> + ; GHCB_BASE (aka made it shared). When SEV-SNP is enabled, to maintain >> + ; the security guarantees, the page state transition from private to >> + ; shared must go through the page invalidation steps. Invalidate the >> + ; memory range before loading the page table below. >> + ; >> + ; NOTE: the invalidation must happen after zeroing the GHCB memory. This >> + ; is because, in the 32-bit mode all the access are considered private. >> + ; The invalidation before the zero'ing will cause a #VC. >> + ; >> + OneTimeCall InvalidateGHCBPage > I am not sure if this is a great idea. > 1. Zeroing page content before paging is enabled. We are actually > writing 0s encrypted with a guest key. > 2. invalidating the page and making it shared. > Doesn't this reveal a mapping of what 0's look like when a specific > page is encrypted? And when the page is marked as shared, from the > guest and host perspective, it is not zeroed but filled with some data > that looks random. So what is the purpose of zeroing the page before > invalidation? I don't know why zeroing of the GHCB page is done here. The code to zero'ing was added in ES. I will check with Tom to get a bit of histroy. The GHCB is not established until we reach to Sec/SecMain.c, so, theoretically we can remove the zero'ing and push it to Sec/SecMain.c.