From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (NAM12-BN8-obe.outbound.protection.outlook.com [40.107.237.45]) by mx.groups.io with SMTP id smtpd.web11.2912.1608065545569225455 for ; Tue, 15 Dec 2020 12:52:25 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=MU2E43sc; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.237.45, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MeUNGspQBrID7act+C1w5mJBfpioND5Pev1QqBeQeCnMopRKRaeluMCyda4LiAN7ijT39GjpO1/hsNzuDEoQYEUvbKDRRMrk3FVc/UciEIUVtB+d139fnSnKYJSlLQwcW8cHkDO3Ka6n0Fb0PNEyLhriZNMRGmNRUhC9aBN0kysw2iLlbr0v2FvnB3d9Giu/8r5pFEP77Rf1FsAkW6vEf0aoIKNS8fimZ+i8nFGfaHKGJw+eBP0VSrYoZNxH8G2cZLTBN1EWZaMI9mgL6Yk0bENBIZK/DQkIG6oZYjZTHo37iYj1u0bzQ5cmTZ5zT6zcZG3y7LnDSaQZGz51DIi6tg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fwLaKo04rC62Q/hRfjO8x9MU763zHqc18Fo0iL+767E=; b=VfGAp6svSdNcSDonZ7jParow0tOWUfPs7Khi73e8Ub6r+a3FuJ1XsQ0JdFBHnkJ378vqe8lcTl3U4k4x3uiZNngFbQyG46DkaGdMeSWpIyWANA34gU5zwlrEVPrhBOoSREsczB/DjO9K/CuA0eOdaH2ek2YnIYjqmoYv/TfNfPCdNNL4BhYjyjRGTyAxH4stlOkX6ElSNlnhUcYFnVs/SQVcwRFvWV6ihkKY+5t3G4/UsAG3fhcZAq3GffPh4Ugof/AXJGyK76DK62cqE4dLoqmlyI11DSYgFKj88/2WZRf0HagR7/cV09AEJzz3/Ur1qViZPbiSJWJPtl90SfCFQw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fwLaKo04rC62Q/hRfjO8x9MU763zHqc18Fo0iL+767E=; b=MU2E43scohjxBdjoHupQeZ9IlDdS8ul9f5McYOSXIDH+XFOGnK329T8YF0mtRLhWnyDO08CYTfTR1pdBzEbuFTBnVmmBXKnBzhwBl3ogC9P8871L3f/z8DJXKLvpFHfcfzX7THnQ6QNc1Qk5CeafPO/CFLDTJGmyWIJTYx79K9Y= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (10.168.234.7) by DM6PR12MB4155.namprd12.prod.outlook.com (10.141.8.79) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.15; Tue, 15 Dec 2020 20:52:22 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::d95e:b9d:1d6a:e845]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::d95e:b9d:1d6a:e845%12]) with mapi id 15.20.3654.025; Tue, 15 Dec 2020 20:52:22 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io CC: Brijesh Singh , James Bottomley , Jordan Justen , Laszlo Ersek , Ard Biesheuvel Subject: [PATCH 07/12] OvmfPkg/VmgExitLib: Check for an explicit DR7 cached value Date: Tue, 15 Dec 2020 14:51:06 -0600 Message-ID: <69448e7f1e1ad25b2ff4890dd64e96ae14bb54e5.1608065471.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: References: X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: CH2PR03CA0018.namprd03.prod.outlook.com (2603:10b6:610:59::28) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from tlendack-t1.amd.com (165.204.77.1) by CH2PR03CA0018.namprd03.prod.outlook.com (2603:10b6:610:59::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.12 via Frontend Transport; Tue, 15 Dec 2020 20:52:22 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: a6c068ac-93d0-4d83-f8d0-08d8a13b5254 X-MS-TrafficTypeDiagnostic: DM6PR12MB4155: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5797; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: QXhcuivT/W0HPq7ilAQ7zw8JetqlaQ2a6Ersy9i4U2enVNIxLgHZgbkepEujXxa1w0t7wKdpKc8XCtzILDO0vxACuoYbLiDqpeQleV8m+rKx9+ttKOzm9Hfp55XKwPRkJtijz2pRac+SPEgDKF0x58mg79HDkNOs5xsoQwBGapmwO4ZyySYTogO+l9tXAzWVZLtjlI0hzpCqPa1zTH8ICKySfiXXyvxxlFUHmDGmeboS6cFPZlBCkhNrqAIGcAQDaqVYvR+hKt/mSk8/IPPZlJRNF1bbXVeGOfOAJCV2uakZdplVTLYWyy8I2hi1rOvl64HJ5RNhYkdxO0kJIzeh5haUORgUQNI46hUg/Zdp0+gkedLseSRXbgcUkZunDeqPb2NMePXuM9bDQYQ92jN1cDjYpZZcNbnbv8Daf6TjsR/KI02j80ddxaJgaPClDIdduyG5rqxhutFMVftvmqJP3w== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(366004)(136003)(346002)(66946007)(26005)(4326008)(16526019)(6916009)(8676002)(36756003)(508600001)(52116002)(6666004)(83380400001)(5660300002)(8936002)(966005)(186003)(54906003)(956004)(2616005)(66476007)(2906002)(86362001)(34490700003)(6486002)(66556008)(7696005);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?C3Uz8p8HLfOa6pNKF5CL99zUWEiWIWcR2MB9swAahYoystDrEBUzZfs9N/1T?= =?us-ascii?Q?XkMavVD1Jvvx7ACzBz+J6tIU/63Kc0cgaL+mpJTHP+3UgzYdnd3yvf2sobfb?= =?us-ascii?Q?7IrN1pbCUQEQaiaHTtCQbkgob58R2ok+PzQ4AvXiPyOMw7jLSD4DtQJfh3zf?= =?us-ascii?Q?vXvTZKCeoS4qkXF2MDkyj2zulfTfHsdjD/dJNJeuX5ZwI3FlK/IYN2Rd2cdW?= =?us-ascii?Q?BerL2uLi3TwliDCTiaFkRtJwWFAARiMBcDIQesO+NweT2RrKdEV0U6RxyhpV?= =?us-ascii?Q?vKEC1odzWFylhAyzCc0ASlkpkn+K+gHLWCiHPbnT8h2hD7deAEGKoA6YnJiV?= =?us-ascii?Q?iXsd80VeQu0iA/PmTwkw8RFtLrtyY4jydZ1C9vZ3Fkrd6IN/e94Qz5gDltOB?= =?us-ascii?Q?Bve3ktOwQWvbJ6tNCdpZH90UeAotswxEZ9aE3mo1MKGNGqzKa9b9QQx3soLh?= =?us-ascii?Q?I4AUqcCdpnz6Rkj85SFJvn/l7gnks7iK4ZoXusG4QyOXPs1Zx2SlfocpDrjJ?= =?us-ascii?Q?pyD1t2l3FliF3j2AL/PjER0xHvLb3n1EC/FibAaZGwKiA+6RNEND1E8vZh1N?= =?us-ascii?Q?R/XWSOdw0i1f4lcKmPLDjb2/hj71nzS1Cp1VE9aGbyHAmxUvIH7IaTaroV2S?= =?us-ascii?Q?17Nar5WWKSW08DLf5upo5gDxSNBalKTi1cwNJzjAQPFQsTOMqkhnuqerJlYI?= =?us-ascii?Q?R3BMiI4ZdRd4pTJ+ztotD50qo6pFvZoRWOh4XFz/dRCDXvfZeF5qOGmxvKcc?= =?us-ascii?Q?GfVl49iSAFkaqZDX14Vz8XYeO61eWkEVErvCUfeov8OLJM3QTMVNc6U3Rgsv?= =?us-ascii?Q?wb7zroG+BoUQwQcLbcfLqnU5pKuE9rvEVpXawPdIfZxgZ3Fvr1tHmg9FXIn9?= =?us-ascii?Q?xmNppn4evskDe3QgkD0M62vEioRw121Y+UEyqmfPEv13B6JvEgGhre5GfxGG?= =?us-ascii?Q?Vgbc2TVtMTvtV527dJAqjn1J1WhsfRmFoCVipCUWCIcBiheZtnYn5qk4feuc?= =?us-ascii?Q?UntI?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Dec 2020 20:52:22.8008 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-Network-Message-Id: a6c068ac-93d0-4d83-f8d0-08d8a13b5254 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: K20eIosix2ecs4MgeiZrBk7Ns/ONAPjw9KSLgsJf0iLhM0A7R2bkv55N+x2tLKsHZqJGbe9511xgidAv0ggzZQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4155 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable From: Tom Lendacky BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3108 Check the DR7 cached indicator against a specific value. This makes it harder for a hypervisor to just write random data into that field in an attempt to use an invalid DR7 value. Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Brijesh Singh Signed-off-by: Tom Lendacky --- OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c b/OvmfPkg/Librar= y/VmgExitLib/VmgExitVcHandler.c index 1671db3a01b1..5149ab2bc989 100644 --- a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c +++ b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c @@ -128,10 +128,13 @@ UINT64 =20 // // Per-CPU data mapping structure +// Use UINT32 for cached indicators and compare to a specific value +// so that the hypervisor can't indicate a value is cached by just +// writing random data to that area. // typedef struct { - BOOLEAN Dr7Cached; - UINT64 Dr7; + UINT32 Dr7Cached; + UINT64 Dr7; } SEV_ES_PER_CPU_DATA; =20 =20 @@ -1489,7 +1492,7 @@ Dr7WriteExit ( } =20 SevEsData->Dr7 =3D *Register; - SevEsData->Dr7Cached =3D TRUE; + SevEsData->Dr7Cached =3D 1; =20 return 0; } @@ -1533,7 +1536,7 @@ Dr7ReadExit ( // If there is a cached valued for DR7, return that. Otherwise return th= e // DR7 standard reset value of 0x400 (no debug breakpoints set). // - *Register =3D (SevEsData->Dr7Cached) ? SevEsData->Dr7 : 0x400; + *Register =3D (SevEsData->Dr7Cached =3D=3D 1) ? SevEsData->Dr7 : 0x400; =20 return 0; } --=20 2.28.0