From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 4C22E740039 for ; Wed, 15 Nov 2023 17:54:21 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=UjxpptQNkpOfKHGYSFoddpIqhmqUy0Z4PJLruLvyhNw=; c=relaxed/simple; d=groups.io; h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:Received-SPF:MIME-Version:In-Reply-To:References:Subject:From:CC:To:Date:Message-ID:User-Agent:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; s=20140610; t=1700070859; v=1; b=bem7FkJxm4Y6TVu7I+xmut3GGbRc+Vr3yzEdMEB5Y75bM/yMGaCMglsm5cLGR9thNCQb3rBw 7n4W5M8AToe6eIC6IS12PhI3H4qJ534M1cv/SuLB8WaZkjHLoQviQIKMEJYJrNT2OmRTHV1NAxM oBPbfrzHCPjZj1w8rbBkQimo= X-Received: by 127.0.0.2 with SMTP id kfGVYY7687511xyzMbdieniJ; Wed, 15 Nov 2023 09:54:19 -0800 X-Received: from NAM04-MW2-obe.outbound.protection.outlook.com (NAM04-MW2-obe.outbound.protection.outlook.com [40.107.101.74]) by mx.groups.io with SMTP id smtpd.web11.20088.1700070859084607349 for ; Wed, 15 Nov 2023 09:54:19 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cPAIHFeF63mnkkL1B9QiRmvIZTMUVtPJ6rGi5nyJpisIBf07ZnDT3Z/bXnB9esRU082z5KAtRJy4wCBlrpI986hpQMnqo1asCGtbXDW9rgLE2uPW3BNbF3jlTA3UR3pq0REOB2cRATgyMz8QGVKc3U4UGKZXwP1aAOSmww65aHCaWqBN0c4thmtSe4HlUtKjEYSmbrDH2zDzdZsDZ127V4xJYYQAI47+h3X9lnxB3CdfuMoypXKUzOzLeLHZihxuQ+UDZYlGGzGb1evlVyCj6sH1CwYhBwKwlz4x2dWm0l5YVPqNvVdv/7h73FHQYoWr7vXmpxzHBN0fAR5UMFq3pw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AS5UimGiZckl1q9XYIV1Pc+2HE4/TU09ARIArGcO6r8=; b=Bij5kYvkI0CkHFyi1AdzjIFOdG6bIKBXfidZ/u6VI+PMx/ADBilOREsQT7RXzNJz1joVFvwO4maPeBS6xyWNmgfpJOdIQddzOJHSuFsLSD6++S6U7L531VczTjdHCsybBS307eOABCsDLakAWMdNKrkfzDj09H0MN+CTWXng5xC1t+fAvONy8nJgA+xMPBcVgUFKeH5Xc6nQhPSxZqYQXFNDTemQqGnVIsQs0xdcnYIewjfIvTpvY6xAqvD/b03KZTMYcDOvTOd7iVzGD5/trI6PRL+UbSp8DZwNtPgYwS4whPEL6cZTTwXjVvBGh3vnZ3uzlyjuDDVIZVwmAwGqvw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) X-Received: from DM6PR03CA0025.namprd03.prod.outlook.com (2603:10b6:5:40::38) by DS7PR12MB8347.namprd12.prod.outlook.com (2603:10b6:8:e5::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6977.31; Wed, 15 Nov 2023 17:54:15 +0000 X-Received: from DS2PEPF0000343D.namprd02.prod.outlook.com (2603:10b6:5:40:cafe::86) by DM6PR03CA0025.outlook.office365.com (2603:10b6:5:40::38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7002.18 via Frontend Transport; Wed, 15 Nov 2023 17:54:15 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343D.mail.protection.outlook.com (10.167.18.40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7002.20 via Frontend Transport; Wed, 15 Nov 2023 17:54:15 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.32; Wed, 15 Nov 2023 11:54:14 -0600 MIME-Version: 1.0 In-Reply-To: References: <20231111021439.554450-1-michael.roth@amd.com> Subject: Re: [edk2-devel] [PATCH] OvmfPkg/MemEncryptSevLib: Fix address overflow during PVALIDATE From: "Roth, Michael via groups.io" CC: , Ray Ni , Erdem Aktas , Jiewen Yao , Min Xu , Tom Lendacky To: Gerd Hoffmann Date: Wed, 15 Nov 2023 11:49:38 -0600 Message-ID: <170007057809.809417.2600675499931811644@amd.com> User-Agent: alot/0.9 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343D:EE_|DS7PR12MB8347:EE_ X-MS-Office365-Filtering-Correlation-Id: f89f07e3-69a0-4d5f-401c-08dbe603e229 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: u+yW9+Hso5tJC4fKWtxmmIP1QUf3NxxK5lN3S6qKFItu0wq/JWoEHRIfBdZQy+mHH8OA0KRnQZzKqbdRR02kSI5FTE1RPq2YdFTMY9CCSXh24kEjyKFgaV7BioEUtI60nkca0eDwo6JigJ6aPE8mbv3q9ULn4aCVmqJXaP8fKRswkg1R/UgTgtPRfHah+AhBkjaGznRiaB4kZT5RYLD1/I1x14wuObGc3kI4IbZStXo/cxi9GmjHJsqWS7n+SGjDQQxsHbtxYFC7pyGH4aNc+HyQ8vIGltSQ+wpA3N4/FV3oyEisbV5leS5rmY0D3Thqu5UDMazvTHtKHOc/SqE50eds2vdeG3cq4iHf7tNp8DM9n8mY7+VqMZuHz6gXZMi/ttaF7DR46lJR8QuRks89UFb2ibwAMbQhTXiM5tQqCst7m5SlnkGdwLLL2EI05s+7NOzTF6XuJKWutVIEOoit9bwlsjDNAw9glvG8YI6XKRW7pd7/3Q+q7tR0ZgOjHBeeuC50saJDRS6oXV7sO76aL0xntYifsILrZ78F142cJ1BJJnKHxD/Az4liyQ15pYmF9RplTa1mahwalMp+49xb1GLLwDjnUJqpiYDHBLUHobsDjZK3CNYAyFFFVgSAhR7GwE8BuSSh2lHnGarxgCWJSMIDfLniAFy2E36cFtsXvffaqV+z7Ah0+g3WrvpjtBGgG4aBviHTDlHbUnyrrrlIk8VqZyjd+BboAPDfItPVKrySOpmJP1CCqjLJLEYIoZ/M43RG7YTSUTYkXqWC62a7sA== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Nov 2023 17:54:15.5607 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f89f07e3-69a0-4d5f-401c-08dbe603e229 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343D.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR12MB8347 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: dIN36F1G7jp1VpUikHAdwlIxx7686176AA= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=bem7FkJx; dmarc=none; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}") Quoting Gerd Hoffmann (2023-11-13 04:48:10) > On Fri, Nov 10, 2023 at 08:14:39PM -0600, Michael Roth wrote: > > The struct used for GHCB-based page-state change requests uses a 40-bit > > bit-field for the GFN, which is shifted by PAGE_SHIFT to generate a > > 64-bit address. However, anything beyond 40-bits simply gets shifted of= f > > when doing this, which will cause issues when dealing with 1TB+ > > addresses. Fix this by casting the 40-bit GFN values to 64-bit ones > > prior to shifting it by PAGE_SHIFT. > >=20 > > Fixes: ade62c18f474 ("OvmfPkg/MemEncryptSevLib: add support to validate= system RAM") > > Signed-off-by: Michael Roth > > --- > > .../BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c | 5 +++-- > > 1 file changed, 3 insertions(+), 2 deletions(-) > >=20 > > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChang= eInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeIn= ternal.c > > index 85eb41585b..d52d2940e9 100644 > > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeIntern= al.c > > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeIntern= al.c > > @@ -78,13 +78,14 @@ PvalidateRange ( > > IN BOOLEAN Validate > > ) > > { > > - UINTN Address, RmpPageSize, Ret, i; > > + UINTN RmpPageSize, Ret, i; > > + EFI_PHYSICAL_ADDRESS Address; > > =20 > > for ( ; StartIndex <=3D EndIndex; StartIndex++) { > > // > > // Get the address and the page size from the Info. > > // > > - Address =3D Info->Entry[StartIndex].GuestFrameNumber << EFI_PA= GE_SHIFT; > > + Address =3D ((UINT64)Info->Entry[StartIndex].GuestFrameNumber)= << EFI_PAGE_SHIFT; >=20 > Minor nit: why cast to UINT64 not EFI_PHYSICAL_ADDRESS? My original thinking was that we were originally shifting a 40-bit bit-field of a UINT64, so the minimal change is to cast it to a normal UINT64 to fix the bit-field overflow. So I thought casting to another type might obfuscate the fix a bit. EFI_PHYSICAL_ADDRESS seems more correct all around though, so I've sent a v2 with the suggested change. Thanks! -Mike >=20 > Otherwise looks good to me. >=20 > take care, > Gerd > -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#111284): https://edk2.groups.io/g/devel/message/111284 Mute This Topic: https://groups.io/mt/102520474/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-