From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 64A8B9417B0 for ; Tue, 27 Feb 2024 12:25:56 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=yxOnQhs4nJfTkYLkHKfQlc1wRcG4HOCIJYIEhXnrLjc=; c=relaxed/simple; d=groups.io; h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1709036754; v=1; b=KhjVa4jo7/so+32RQm4Xee02+uZr9uC3ZAYh6VSwMNAXHWmmoI/krgcSqp5KVPCvb8czk7J+ T0LnwLcZ0VJc1Zg8CNm39cdNzvRyBSiRKYpE306lCL5i1UQ6ueO36/7vR/Mv0rRPAHbqbA2Qa2R Lz+KSz0ePmbYiv/UVHaMJAKc= X-Received: by 127.0.0.2 with SMTP id R7eiYY7687511x6BRT2yIanp; Tue, 27 Feb 2024 04:25:54 -0800 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.18]) by mx.groups.io with SMTP id smtpd.web11.10816.1709036754125777619 for ; Tue, 27 Feb 2024 04:25:54 -0800 X-IronPort-AV: E=McAfee;i="6600,9927,10996"; a="3245648" X-IronPort-AV: E=Sophos;i="6.06,187,1705392000"; d="scan'208";a="3245648" X-Received: from fmviesa006.fm.intel.com ([10.60.135.146]) by fmvoesa112.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Feb 2024 04:25:53 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.06,187,1705392000"; d="scan'208";a="7236044" X-Received: from orsmsx603.amr.corp.intel.com ([10.22.229.16]) by fmviesa006.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 27 Feb 2024 04:25:53 -0800 X-Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Tue, 27 Feb 2024 04:25:52 -0800 X-Received: from orsmsx601.amr.corp.intel.com (10.22.229.14) by ORSMSX611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Tue, 27 Feb 2024 04:25:52 -0800 X-Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Tue, 27 Feb 2024 04:25:52 -0800 X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.101) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Tue, 27 Feb 2024 04:25:52 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=i7fGaBkhX539WGkSlDJdzkNL+Gfr0Wu3cNPmWVmzuZW+ueTEJKe8km3d+d+banj7NTpLVgNtx8c31jqn4NfbkRMn81cntX5suk6tgZJkDdbMiIqqZTvJs0joeGhSzTI+fMQT/caMOaQT4R5HAF/RKcn/X310NPCwxv7YbvrH3dawdyfF0v1phsIETv/5oQT4M4tYklrspe98yAJcWnsDIM7emSXeHO5GUybHFFmyvdWCrWffKMGRSsVyzOvKtQdhXhVX4Kd3leDm6q0W6DxgtS9rZRGpowYWg7H5/+l4qoieUn8b8pdp+RaIaMXPuzA3sKbFswCfmd4CIi1txfrKJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YnHyapvE9Cf5OTxtjz4PW6ZZJw5N+wzj8xGeIdXXlpI=; b=atCke4u1t7gdwgUXghYXiCcKRK3utCw6ixd+8U8aJ1mbu/L7FtzXmQ+qokvytE1Q1lEVkKG8ixxcQAmOi20yd05Z71FQji7cS8aDYJbm3oXNQndbsdWjww+Jly7n5yp6eJzzaMJtnKyUBx51S8u2hFIQBcvcxvw1XY+WkStc2N+9CJ+F0TtwNKhKYYtrcda8BuAuAQWVeiDuQ3jkZrgD2bzLManyCCB8aC9/mWNIHABLsVl/Imcru5YY3UPwyFVGMqatu6Gg2tHZukYl4/xSy/knw9PnmB95SPLCC0O3WppWrscN/6wk7ALC/aoaJU7Dq5qiS0WccMLQtGWJ6FVDcw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none X-Received: from SA1PR11MB5921.namprd11.prod.outlook.com (2603:10b6:806:22a::15) by CY8PR11MB6844.namprd11.prod.outlook.com (2603:10b6:930:5f::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7339.23; Tue, 27 Feb 2024 12:25:49 +0000 X-Received: from SA1PR11MB5921.namprd11.prod.outlook.com ([fe80::e8f:a571:d1b8:9639]) by SA1PR11MB5921.namprd11.prod.outlook.com ([fe80::e8f:a571:d1b8:9639%5]) with mapi id 15.20.7339.024; Tue, 27 Feb 2024 12:25:49 +0000 From: "Isaku Yamahata" To: "Sun, CepingX" , "devel@edk2.groups.io" CC: "Aktas, Erdem" , James Bottomley , "Yao, Jiewen" , "Xu, Min M" , Tom Lendacky , Michael Roth , Gerd Hoffmann , "Yamahata, Isaku" Subject: Re: [edk2-devel] [PATCH V1 3/3] OvmfPkg/TdxDxe: Clear the registers before tdcall Thread-Topic: [PATCH V1 3/3] OvmfPkg/TdxDxe: Clear the registers before tdcall Thread-Index: AQHaaHNZKieY6tlvB06eat7SYqwEjrEeHiEw Date: Tue, 27 Feb 2024 12:25:49 +0000 Message-ID: References: <20240226211833.3156606-1-cepingx.sun@intel.com> <20240226211833.3156606-4-cepingx.sun@intel.com> In-Reply-To: <20240226211833.3156606-4-cepingx.sun@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SA1PR11MB5921:EE_|CY8PR11MB6844:EE_ x-ms-office365-filtering-correlation-id: 55e94ea0-56a6-47ce-71df-08dc378f3b41 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: /xmTfXPNGNh5dXe4QlKejf3IhteaoxDgihNTw2HbLLmWEGp00XOwRslxUuM3yTliz5BDE7Dvwu6faGvV3ckawG+IOVS/fvCcvMXDDIfjawoqlCteqQ0PIe3CSzbAcFAM/iuG3yPFEB2/S5JjCVDur3Bq5pjMyoZ5LD3UKzaBfXKbvcvcHv+0WSyGaTaoOKhqSwRkyuIfBjV3jvewTQtlDR6EEpT/AGoCpWRbDY4RR4wvWZ6IZazDJpd9DwG+SXKHV8/7oFLt3fH5q1LY97ABLhNZCxLeG7PBMKErGH/kNw0OsxhAgB8YVBddqApDh28DWIHLsspVGyCsQLUgwXXGwxfEB1/UFEpbTEcyA8P4YbQYQHZ9GXSS1sLiWYdKx6yIUsSVl+RMMYEbIIgGfsnHalXluKDepILJlOWDtFoMo1BXNSIPuk84bQ6JSTzbcp2ZXbxoLnc767U07tuDteOAsyLBD2fhLUfRu6bi5uG7LBKOXmoXmGawUl7tWHJDmKWSwtnAEc4m+eoEclfySQTaQuo7Qd1Fj0pj7h6AIZkbp1gqRoqNthNdR5NSn5EGx5hPxsSo2gA8Pnfrbzf37Cn7o4yJODCUfjPxSXOnDp7n85GqeOC6Rli/3Cqfd14zemFF7wX5N5229uJk8FXedRljZVLpBudb1vqvlzgch66+BpvTpUtkhpxNo+gOPNCZtGIwCFS3FWbAiFv/UOr7rbVtkA== x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?PrqCh4IWseb6WKbnReZS52WwlFVr0V2/OKCkfzVwwcKv5w4FFoglyPujGy28?= =?us-ascii?Q?bDxOlFkJIfoX3+vjW1grE8K7+b+nDxKu4NRoGN+zdMXLv0npPOqGujqlchTn?= =?us-ascii?Q?Rx3M7IbqMGakX/Mu0CuANxxsDzEZQdokS2t7pkE9sawFuL7krL0L4ypN0AsA?= =?us-ascii?Q?AzG+Vd/ubHnXeWvEfbgwqtPv5+iy2RBc0ZMOLH0uxOHzNr/Hx46K186qXvEN?= =?us-ascii?Q?mBUlDyBZQBAlKC1v//gh4AHHM+VQAu1A+o1rZb7Yrx3ECNVlftjvuswEo47B?= =?us-ascii?Q?97eWcUtdFvLMtYeRecFobrLaZIm5t7VR/+BDLesMaLnWfs7KYFnSXaQzSGED?= =?us-ascii?Q?X1Z6IyIQMm/1OA1hO37uocFfq2pQaILlNWZj/DiJwFumlpd9pA0XZbbbDAaj?= =?us-ascii?Q?6k+RHqPRcRmZLV9tLShS2Txuc1SoeBuEfsd0oHF8FKZX4w8X6m+YFxc8/eS7?= =?us-ascii?Q?7lVL2g2HvPdvFF/jnrNrQ7lnbQFQQ3q42jPw9D2CTUhEdcD4Oxmm4akxdOKa?= =?us-ascii?Q?7SLyYAbLBg6bXLdrlDJ2OIG+9iJ9BgL4iilGp2VtMmgosBj5bm0ENzRL4R46?= =?us-ascii?Q?keeaPr8xDRVu1CnsxYj6mVd49EyWJomYeVz0AmBV0zs7lzB1Xrep0/pRwZEZ?= =?us-ascii?Q?/Wu0Z9kI7wpZoXPQ7fE+2nCPWwDXtSm8osp03h6biiTs6K0luFCcH5lMiOZg?= =?us-ascii?Q?aa7VgSffeICEToiLJw4OPOSd2ujKh4DT2PGNEbYFEJYnzu4RXhGXVwilVKiU?= =?us-ascii?Q?3CXuq1FBso2I1SvP9ytrMwXWVVBUMeFP94NPSINUyvhEsc1KxysIaiYANpHA?= =?us-ascii?Q?BvOgNA2PGFJxKJE3HhyPJrotOs+aOW+ey8qGpuXL2HL8xm4QVf1oEWTKKINs?= =?us-ascii?Q?L9msAtE//4IfwyPQcDjmiI3wX5Z+L2+MgTqVTiX0iX5TxuZuHS9gm+Ju8/iU?= =?us-ascii?Q?4qis1DCCXgTNz2TvGjvApe5/ebiPFM7mVgKK2gCdSLst7U7qk+8MKROy6DpH?= =?us-ascii?Q?sjcXd3DdT9tred6h9prQSjMDar8bb2V1ys2rmfx7ok+Yr8yNtOs7m3Ba4Kkg?= =?us-ascii?Q?sXXdY5HpysZCJtfd5i7a08l+aQmmsUN4Jx3TvBQCpELhbXywm9aUiIPc6H/k?= =?us-ascii?Q?PK5yAJK8Wc8QDDsHf/K4NLOOqyewfs1STSi+ea35oz5bQi7wOYJ5qDmHdTn3?= =?us-ascii?Q?51cHhNCKH7XTxj+tdzVBVwCfsxmah05U5hf/7ZGOGUo/5TSDTken5lVk7zwS?= =?us-ascii?Q?6lJCm83XHmib/AfkTVMqkkbSEQqmnoQQQmrHl54yeMC1np0NjV6xD8I/3rfx?= =?us-ascii?Q?o+Jm+CakFyYiFxGbb9+u4lGP91jIzZUG4q+tn5P3Kql27K0wz9ElNC56Xbtb?= =?us-ascii?Q?NUJrMjuN2SsPyocUmB2jvMIZrtrr95KnyTTIUXcbvvAOYdwwtAhobCjtASej?= =?us-ascii?Q?ahaWbpfbMMp6sTYOTus/066LCpfAWKRK7i6jagMIv2Bp24DNvFnrW3OGM33B?= =?us-ascii?Q?SM0rqa6Ys5btN22i353E/1Cacx/EDXaKgJV1ukay8vI5hZKXI8wCVMv5IJz0?= =?us-ascii?Q?73NiGy2swyp3GQQhtr3XuONOsBnLWjVv6g2yZIdm?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SA1PR11MB5921.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 55e94ea0-56a6-47ce-71df-08dc378f3b41 X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Feb 2024 12:25:49.3647 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: guxOOz8zRuG0VonYfIfPccWxhqK4SPZK+kq86M9JPgOALoHDnmMfy9CBdPlqm26dlxHVswqD4y+duLbF4V269elB1N4bkZecicOwA4uVCEM= X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR11MB6844 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,isaku.yamahata@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: HZqXXNwnLZRACAHKq34hcq1Cx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=KhjVa4jo; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4696 >=20 > Refer to the [GHCI] spec, TDVF should clear the BIT5 for RBP in the mask. > And TDVF should clear the regitsers to avoid leaking secrets to VMM. >=20 > Reference: > [GHCI]: TDX Guest-Host-Communication Interface v1.5 > https://cdrdv2.intel.com/v1/dl/getContent/726792 >=20 > Cc: Erdem Aktas > Cc: James Bottomley > Cc: Jiewen Yao > Cc: Min Xu > Cc: Tom Lendacky > Cc: Michael Roth > Cc: Gerd Hoffmann > Cc: Erdem Aktas > Cc: Isaku Yamahata > Signed-off-by: Ceping Sun > --- > OvmfPkg/TdxDxe/X64/ApRunLoop.nasm | 30 ++++++++++++++++++++++++++---- > 1 file changed, 26 insertions(+), 4 deletions(-) >=20 > diff --git a/OvmfPkg/TdxDxe/X64/ApRunLoop.nasm b/OvmfPkg/TdxDxe/X64/ApRun= Loop.nasm > index 0bef89c48552..57560015f491 100644 > --- a/OvmfPkg/TdxDxe/X64/ApRunLoop.nasm > +++ b/OvmfPkg/TdxDxe/X64/ApRunLoop.nasm > @@ -20,7 +20,7 @@ SECTION .text >=20 > BITS 64 >=20 > -%define TDVMCALL_EXPOSE_REGS_MASK 0xffec > +%define TDVMCALL_EXPOSE_REGS_MASK 0xffcc > %define TDVMCALL 0x0 > %define EXIT_REASON_CPUID 0xa >=20 > @@ -28,6 +28,30 @@ BITS 64 > db 0x66, 0x0f, 0x01, 0xcc > %endmacro >=20 > +%macro tdcall_regs_preamble 2 > + mov rax, %1 > + > + xor rcx, rcx > + mov ecx, %2 > + > + ; R10 =3D 0 (standard TDVMCALL) > + > + xor r10d, r10d > + > + ; Zero out unused (for standard TDVMCALL) registers to avoid leaking > + ; secrets to the VMM. > + > + xor esi, esi > + xor edi, edi > + > + xor edx, edx > + xor ebp, ebp > + xor r8d, r8d > + xor r9d, r9d > + xor r14, r14 > + xor r15, r15 We can just clear the corresponding bit of TDVMCALL_EXPOSE_REGS_MASK in add= ition to RBP. Same to 1/3 and 3/3. We can eliminate tdcall_regs_postamble. Any reason to bother to zero those registers and pass them to VMM? Thanks, -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#116035): https://edk2.groups.io/g/devel/message/116035 Mute This Topic: https://groups.io/mt/104577524/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-