From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM04-BN8-obe.outbound.protection.outlook.com (NAM04-BN8-obe.outbound.protection.outlook.com [40.107.100.61])
 by mx.groups.io with SMTP id smtpd.web10.1142.1610045437581597826
 for <devel@edk2.groups.io>;
 Thu, 07 Jan 2021 10:50:37 -0800
Authentication-Results: mx.groups.io;
 dkim=fail reason="body hash did not verify" header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=FCPUH7HW;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.100.61, mailfrom: thomas.lendacky@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=hDgE93REs6BK4oCS0+uX19X34c3CRywPoRbvNuLpTYnuLRhW7ZkNmH8g7rcfzpc1uQGyB+SQIotoup877ReGkZ3tQt68EWTLJdI4PvN0dNNDWteoiJCMitvHGRdjv29RFoBo7LEKBWeEzEUUKqQ2/DoBkSmWhQW/FZP2Df5J7Oznq6DO9jwuOyMAJLD6I7ok7D6XlkT66cH4isdP114ssQUab8f6t9pYDB0MlWViCJyHnFQkqRGk2wx04LxchNct+UtRmH+xT+CuEEOc1ZkyXnh+ffmYdEbwgQWDjeBFIf5XdLxJBuP161cAzZ5OK0AlLWm9Voj1duhewFElsiD9bg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=8kFpyzoO8wbsDOFAoVQRLo3+seYYNZM3lE1pSLkD3+8=;
 b=dqAaZLAQZGLaTYJu3Dnunv5dEVrPD5E4ae2V8QyjzxX4qedQKCBZMcn50pUZePzFxUd+l4SUZbiy7CjgieEWG/qKz8BT9NfzRk8xrEQJ9qNQxxgDyNOfmF7pAMrRjKJPeuMPJBNvP7WMwAPsFpVg31yXb9u1GV1/g7aWSTJojshmS5pTpCCYowMVvydUSa6e6LLWKikXD5ChUXUmMVh5T2Ot/9Q44pVZrkMjo1MijvNxe2N6+xnSjFxgSeoTVWbvMD0IvFq0Rdzl8VppvgS/n0+A76+pyNFQU+qcjQZi0aVCFEUTFhiskq97Km5qQCUzy8VppUVIv2DWX3bYFxsX3Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=8kFpyzoO8wbsDOFAoVQRLo3+seYYNZM3lE1pSLkD3+8=;
 b=FCPUH7HW2u1dR/MUZv2EVmh0SMBjadV/UlnL/aeeKwOHqHMP9KpZHzeSTTX9TIbrlAOHSutO9g2Pd9A7leZk3+k+K/WAqzjp3mRy7Dg9zIyahRIqLDoMh3UclBoNcU/7QoakcBJ4a7wXve2+ZYSFX2Z1Qe4iJM68kbrwWlZvouw=
Authentication-Results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com;
Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by
 DM5PR1201MB0121.namprd12.prod.outlook.com (2603:10b6:4:56::9) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.3721.23; Thu, 7 Jan 2021 18:50:34 +0000
Received: from DM5PR12MB1355.namprd12.prod.outlook.com
 ([fe80::d95e:b9d:1d6a:e845]) by DM5PR12MB1355.namprd12.prod.outlook.com
 ([fe80::d95e:b9d:1d6a:e845%12]) with mapi id 15.20.3721.024; Thu, 7 Jan 2021
 18:50:34 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
CC: Brijesh Singh <brijesh.singh@amd.com>,
	James Bottomley <jejb@linux.ibm.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@arm.com>
Subject: [PATCH v3 09/15] OvmfPkg/VmgExitLib: Check for an explicit DR7 cached value
Date: Thu,  7 Jan 2021 12:48:19 -0600
Message-ID: <65157c1155a9c058c43678400dfc0b486e327a3e.1610045305.git.thomas.lendacky@amd.com>
X-Mailer: git-send-email 2.30.0
In-Reply-To: <cover.1610045305.git.thomas.lendacky@amd.com>
References: <cover.1610045305.git.thomas.lendacky@amd.com>
X-Originating-IP: [165.204.77.1]
X-ClientProxiedBy: DM5PR05CA0012.namprd05.prod.outlook.com
 (2603:10b6:3:d4::22) To DM5PR12MB1355.namprd12.prod.outlook.com
 (2603:10b6:3:6e::7)
Return-Path: thomas.lendacky@amd.com
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from tlendack-t1.amd.com (165.204.77.1) by DM5PR05CA0012.namprd05.prod.outlook.com (2603:10b6:3:d4::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3763.2 via Frontend Transport; Thu, 7 Jan 2021 18:50:33 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 6e9ab722-4cda-45df-c1fd-08d8b33d1d8d
X-MS-TrafficTypeDiagnostic: DM5PR1201MB0121:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<DM5PR1201MB0121E66F85D6B9112C963852ECAF0@DM5PR1201MB0121.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:5797;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	pvud6hZFtcLZQyylol7mncp9fa1mRa6jmTzbNovRWIFnYjB0KwP3Jf+xhfa7udElGjIMeEs31WUJ/YGBbt/F6bbd6fQqfDSI5lykC51AilO0wX515wOcDaUkNrTleDwXUNSDaySD/9VFU1IxFXTuuZ8V1ogiMGMp6rBEMfyFTz5ox9C8o76a9sr4/sj8NK3vSDT8nmsw/jP97WTma5VfcO2RdupxLCINDWBrR4+h3pE6QUaD0R5d/Vezh+6arKjR0kIWdO+nJp1UslB2Ak+aeCr9kfIsrbzauF9xTBdat1nD8StWRN4/WOBikX2zqrK6vFXkPQnN1eNlpeMi7wxtIezSzmHgqnDMRyEmKPOXBLpQrp4XwRwh4S41o7ymKc833/pTnrIVQDWqp9PdB0RrXRYcEnx0df3bxl/BqRRWqgNcnOhZ2EPuNmj05a9rLTJVLjH5FosQOTtidKhqtF095Q==
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(136003)(366004)(346002)(376002)(396003)(54906003)(36756003)(316002)(52116002)(16526019)(186003)(6666004)(7696005)(4326008)(83380400001)(66556008)(66946007)(6916009)(956004)(2906002)(8936002)(5660300002)(6486002)(66476007)(8676002)(86362001)(478600001)(966005)(2616005)(26005);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: 
	=?us-ascii?Q?Tbj1/JobasbsLs5S8/dOS3SXX795UG1QzQnziX7b5OslrXaQxJLPv4dAx7BQ?=
 =?us-ascii?Q?7Qwiam7ucy6gm4GSsoxSf0XcaE1abdgmy0JFLT0uDKAUjrM812Ms8aaXyl7i?=
 =?us-ascii?Q?ecQJPjPXZzv5//9OtwVcYX2OYsEk5rHDJuCcn0gSQgZuYaC4CJnDgMcke48o?=
 =?us-ascii?Q?Pes3EITiToiOWhgrvC4NuG56HfknrhspQT2O9Oo0crK/UAOOc3k0NMB4iJjz?=
 =?us-ascii?Q?Vl2OrNlncTnBtxHkTAfEwmPeHctjI6dI6GfXypUGo3e1L9qzBjf7kkD3RZ7I?=
 =?us-ascii?Q?ZkUr6P5lPXWG+saOMXXY7JNc/MZ/Tliib4y/CnIciSXUTWIQrc6qgfRaH9Ve?=
 =?us-ascii?Q?8FHKbAq80C4TBbb/XtNcfPkYuSLWwryiKUeDkOiP7ZITm3duA5eAPzenx9bO?=
 =?us-ascii?Q?+GvLRb34SW99IXqiOYsj2AD5I02CegGbeXDjcHc+oXVViZTgYhhVJhuaOovJ?=
 =?us-ascii?Q?L+x3jsmwRL+jWAg7oRLl3S8FMWdnQoL0N6tl2RTU6hn7CSbgAWqQ5PWaGyGA?=
 =?us-ascii?Q?RApSeg3RQgl+kwdsxVGnMNJXp4UfQb16tY/MsynxbGCdz4IIiE0fivBkdUFE?=
 =?us-ascii?Q?ZdAnXx35/BGBGpmonrAeqHlDGaA05PVRaYas8F8rjEPsHjXUhH1UlRsLQ9OA?=
 =?us-ascii?Q?7/pzkWcqPKK30bkVN74yIoyXR8HQxu8bo3doglxAkTk6e2dGx0bXRDwgke/a?=
 =?us-ascii?Q?t5jU4VARqRhVn2D7IouYDam3d6HC67x7WYV8X18FaVJ3hFbOioGPTsIjL5cy?=
 =?us-ascii?Q?V4R2PvapTcqiVzrfe8rtOnK05nAIqcclvYa/jYL9joIZt0RqGPA91NPc1T+S?=
 =?us-ascii?Q?B6jT2GBJG1Khpy6fd0d9ND9V3Esa+eVW9vYXx1VtckR2X5wIsgJOq1Bjmc8a?=
 =?us-ascii?Q?LkEbZuLmQ6jZQ9yvCJdz+QkjeZ25l8gpmfZSNDwIlUFGj+5GfgkX1O+ANXX5?=
 =?us-ascii?Q?e2kDRQfcBcqgv+4R2aMXuK16yMKuWxiBIrh7mJYI3/BYf2IPrggPGZuaeXlr?=
 =?us-ascii?Q?Drmh?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jan 2021 18:50:34.2591
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-Network-Message-Id: 6e9ab722-4cda-45df-c1fd-08d8b33d1d8d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: P39UDS+O9MpDBUUSGkzZsySwHMQXuII4IV0VT7DQI4BHFjwHgrg5hIqHB+L71xKguw+Pcjju9kRSHW7d3GUE9A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR1201MB0121
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

From: Tom Lendacky <thomas.lendacky@amd.com>

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3108

Check the DR7 cached indicator against a specific value. This makes it
harder for a hypervisor to just write random data into that field in an
attempt to use an invalid DR7 value.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c b/OvmfPkg/Librar=
y/VmgExitLib/VmgExitVcHandler.c
index 1671db3a01b1..5149ab2bc989 100644
--- a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c
+++ b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c
@@ -128,10 +128,13 @@ UINT64
=20
 //
 // Per-CPU data mapping structure
+//   Use UINT32 for cached indicators and compare to a specific value
+//   so that the hypervisor can't indicate a value is cached by just
+//   writing random data to that area.
 //
 typedef struct {
-  BOOLEAN  Dr7Cached;
-  UINT64   Dr7;
+  UINT32  Dr7Cached;
+  UINT64  Dr7;
 } SEV_ES_PER_CPU_DATA;
=20
=20
@@ -1489,7 +1492,7 @@ Dr7WriteExit (
   }
=20
   SevEsData->Dr7 =3D *Register;
-  SevEsData->Dr7Cached =3D TRUE;
+  SevEsData->Dr7Cached =3D 1;
=20
   return 0;
 }
@@ -1533,7 +1536,7 @@ Dr7ReadExit (
   // If there is a cached valued for DR7, return that. Otherwise return th=
e
   // DR7 standard reset value of 0x400 (no debug breakpoints set).
   //
-  *Register =3D (SevEsData->Dr7Cached) ? SevEsData->Dr7 : 0x400;
+  *Register =3D (SevEsData->Dr7Cached =3D=3D 1) ? SevEsData->Dr7 : 0x400;
=20
   return 0;
 }
--=20
2.30.0