From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 536D67803CD for ; Fri, 19 Apr 2024 15:13:03 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=Y0xvXOdAYIlDYRhWGCLjv/0nYxmlNXxc9bAQMxAfj64=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:User-Agent:Subject:To:References:From:In-Reply-To:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1713539581; v=1; b=vnP5S5Bkf+JMNK1ea6XvuCqQpf7oGGNNDuPrJyuV7v0br6K6Rr5IcffAcBrv9CmCfN6L+OXo NoWuXfHUFPpriFI62YXuDrZbfIErID604Est8pZk5w9cRA15E9y8/6BLBDcOq5BAMy7H0Kbi7R/ kwuSo0v3rhLSBjS1E6moAsc2wjF2CK6VDhGHvlaDBLRxFFqeH6LY+I+hB4JnyZWRqLmOoJpGKu1 CTm42nDOmvZg2olQygmrFy9eZIIPV64SqC4KmyuSWF3mWJ06u/+8aNZRc7YBZFCWOvPjGruaS5z PSyGejkSG6fuPnookFl97iAuSSkdpabTp+j8lfsU9NYkg== X-Received: by 127.0.0.2 with SMTP id AfzOYY7687511xEDuVgZ3fTJ; Fri, 19 Apr 2024 08:13:01 -0700 X-Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.47]) by mx.groups.io with SMTP id smtpd.web11.23779.1713539580822413212 for ; Fri, 19 Apr 2024 08:13:01 -0700 X-Received: from BL1PR12MB5732.namprd12.prod.outlook.com (2603:10b6:208:387::17) by PH7PR12MB6977.namprd12.prod.outlook.com (2603:10b6:510:1b7::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.41; Fri, 19 Apr 2024 15:12:56 +0000 X-Received: from BL1PR12MB5732.namprd12.prod.outlook.com ([fe80::bf0:d462:345b:dc52]) by BL1PR12MB5732.namprd12.prod.outlook.com ([fe80::bf0:d462:345b:dc52%7]) with mapi id 15.20.7472.042; Fri, 19 Apr 2024 15:12:56 +0000 Message-ID: Date: Fri, 19 Apr 2024 10:12:54 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.15.1 Subject: Re: [edk2-devel] [PATCH] OvmfPkg: Harden #VC instruction emulation somewhat (CVE-2024-25742) To: Adam Dunlap , devel@edk2.groups.io, Borislav Petkov , Peter Gonda References: <20240417165400.3615824-1-acdunlap@google.com> From: "Lendacky, Thomas via groups.io" In-Reply-To: <20240417165400.3615824-1-acdunlap@google.com> X-ClientProxiedBy: SN1PR12CA0047.namprd12.prod.outlook.com (2603:10b6:802:20::18) To BL1PR12MB5732.namprd12.prod.outlook.com (2603:10b6:208:387::17) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL1PR12MB5732:EE_|PH7PR12MB6977:EE_ X-MS-Office365-Filtering-Correlation-Id: dd78d22f-17a6-46e7-29d7-08dc6083312b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: R1prghbuISkdecYbdmuC+j5gCrWLvnzIIJU6OWhJExXCvROW2Ye4hdfc7ciS7UbzVqESbtC4cXko5OkcTLjiunas1FjnNAOu6eZiv0py7RO/TEFI3eX8XbzwOxRf5xdYdmT/cUgrMxZJHCf1dSg+PcwfBAJ0T8lz8C9vAYd+GdNRLXncQJiT3FeAcTX5YCT1arDuYyODneo+N1JxoL3JZ2yV6XdhF04LvpK+Ts600CqDpaouu0vhzw/nhIgxogM1WrL24nYVr7rPWV+CCR0Xg74F1aYz0ek4b/a7ZkYJVYmZ7mvQJX2ZoLtlWqRKtTdV7fWJ02z8q72me8nl2tzgm4d2IHWqvg16L5LaUib7SR079drzyvX1D+3mhDD6z08uE5X78WLearA2po4uTBrphnUJ8lst//rpYHg1+y7mTYdXSPsZxTwcjjU8JMRNfkNouincwEj/AS7PzuyKP67qMYOfF42OHAuLpcGaVI5eyHk0fNxByf2m8xbUV830e0f/m7G+95yzS+05RWB0h0FIwaM5HAKZ/6zrTE+ks/LbhWUZ2wzLgsKZK3hFFSsa64bNgrbHwD7jkA28MD9EBpf9quE6ly3EG9I+AEfWuphoWDQ= X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?dWs5RWFXSjhMcHFJK1NXSm1taWxLUDBISHhpSzlKQzRVRkNHRTlzbGNMS1ox?= =?utf-8?B?aUdhOThaaHV0M0JsWHZCV0JvUUtNcHhadytZWU96c0lINCtNNDRpNHF6OWxu?= =?utf-8?B?YlhHR0c2YW9aL0RNdmVFcDRuTDNxL3NEZlBNcDcyTmh1c3JxdjYveXVPMXVD?= =?utf-8?B?K1hUMFR3OGFTZUtuVWNwNURuVzBjaWc2Zzg5MGlQNkFHdTg3Wm9od2YreFp4?= =?utf-8?B?MlZqM2sxd3BTK1BOVU1obmhnMmxyVXFQWnp3VnJ1QVdMUzdsZWhQZ25XbDdX?= =?utf-8?B?bXBka0xMMU1BY3FldlFsa3gvYW5HSUFYallCZlBUQVd6QXJtUzVlRlpyWDlF?= =?utf-8?B?OTR0dE5qREpFWmRXQWhrWm44MmVLWmk4MkhDai95aDR6WVlqRHkrLzFrNnAy?= =?utf-8?B?Y1ltakZvdHM2Q0s0eG01bVA4T2Q4QUVzTnRwaFRkRlpxMmd6SDhqVlRQUUM2?= =?utf-8?B?U1NRZUpNaDV0MG1zWjhyZkJSaXlDc2t0WEpyaG5Ia3NFUjFiRmxZQ0JkbjJJ?= =?utf-8?B?S2xuWGhIeVE2SjBxUWVudjRQZHAwdldhZURtV1h5bWtwMThNR3JHdlhjZHdU?= =?utf-8?B?ZkhYS09JbytrRnFFUHBOMlZMMEdwL09qSUZaaG91bFVxN29MV0JHM1pjVjJ3?= =?utf-8?B?amhQZWdWSTl6aGJsbTh1L3lLWS95K3FXOWo1NmJHK3hiZXNRU1ZtRXdiYTNG?= =?utf-8?B?WXdySXJrSjV2MTUvY2V2cTBHVWRRTmNDcjhHVElSdm10MjFVUDF5N1VabVhm?= =?utf-8?B?ZVh3Kzd1aHpBeEdLVDB3d2pISWFwS1BnM1BDYWUxT0J5dHR2ZVI1ZnZTRHBp?= =?utf-8?B?VmdMTk82YnZWZ2w0RFkxSEZtZFdrU2NDU09KM0ZDYTd4M05PK0c4d2Z1UlNp?= =?utf-8?B?aXA5QVRIMVZ3QVVQK2RWZXdvSE8wU05pN3ZFcUI4S3Zvd2VyVGY1VTlUSENm?= =?utf-8?B?end5NnFoT1NlNnF4T2tkT3FsMUFaajdiN3ZNNFpacUxUMk1VZmRiTFJXVTlz?= =?utf-8?B?alFqMnBhYmM2SXM2eTU2ZUVBeVZ2ZS9RTzQvRmdKTC8yNjdEUkVoM2hpSkhF?= =?utf-8?B?V240NUM2Mm1JTXlOdEtRR2VBdHBFZGNBenlPVDdvV283UU9udFBzT2RMVmw1?= =?utf-8?B?VXFLY3B2ZjFGbVlEOGlvOEc3TGdMZFJ4dGlrM0YzRS9JTmpUN01pQ0Zyckly?= =?utf-8?B?SGlYYWIxMUFmS3lNN2hKR0dKSi94UWxQM2JQbkFqR2wyZmZTb2kxSnBaRXhM?= =?utf-8?B?ZHZ0WmsxODBJYkxkaE1vZnlmWlJsMi9uMEpIOXkyZmhhY2Q4czlTUVUwRksy?= =?utf-8?B?OHV1TkJ0VFRaMXVsUFB5SHUzYXhXOE9JUGs5bWthM0cwb2JlNkY3S3VOUFV1?= =?utf-8?B?VjVKaHFSV2F6UjdiZk9YUzhrb2V0cUlFMFZ0L0IwMytXcVNrYjBJNk80eXhX?= =?utf-8?B?RENQdUtZZFBVS1RHdytLNllVSmZnYm44UHJKd2pOQ0pGUnNEOTcwc0NwblFB?= =?utf-8?B?bFRSS2VtTUt2QnVQRHpZdVFVZERiV21GdTZWYm5aU0VFU3ROcnhOYzE0eHZS?= =?utf-8?B?UTNkSXR1N3Zmazc4cUV0SmpNcVI4eE5IRUZ6bkEyT1k1UXhCVU5FeHFhOCtm?= =?utf-8?B?eEhidk00cys1c0I3VzZWUVFzaWlXb2UrWWZkVDg3RWhJNkYyQWpnZkk3N0My?= =?utf-8?B?WTBPKzVBaDljR3hZRE5nU3ZpK2ROVlhXakNKeG9raFdkaUtseXRCZWtldkVW?= =?utf-8?B?WWhrMk92Q0p0ZkdKT0hvenZnWXJBUStMQmJuRXV2RzR5bkl0OTc0RTNDUUdt?= =?utf-8?B?b0NOeHIrbTVDbittWXVkeEExd1ZBQnV0ZnBudWFqNXNTR1NLb2QySkZzZjNP?= =?utf-8?B?OEhPVjFRNHBjOXhHN0tCazRjZEF0RjVLMGZTQ2k2aHN1WWZackxJa3IrN3N5?= =?utf-8?B?dExkdlNlUDN5MU5hMzk2a2JnUDJFM1YzY2JFQmhBZHFsZW5Nd3FzWVNKR3J5?= =?utf-8?B?eFJFMnNhMnlZNlNEVFdncUxQZGVEbEgxd21LQ1RkdkN3Sk1rZUJpNk9ZT0xI?= =?utf-8?B?QUcrQ1JCWktpMGpzOXhETkoyakdXVmdEWFhMSVVjZTVuUno5NGRUemcycWNh?= =?utf-8?Q?Sc5ZINAn3tNHTDfuxAQ87uDpn?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: dd78d22f-17a6-46e7-29d7-08dc6083312b X-MS-Exchange-CrossTenant-AuthSource: BL1PR12MB5732.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 15:12:56.3005 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: nPpmfMy0fFtEPmmbmL/zVBNOPkSheJfWfwyDzVYywcKt0lbIQf4KV/iqBEn9bIubzYBWZGk2iRMLGKdB0TS8+A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB6977 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Fri, 19 Apr 2024 08:13:01 -0700 Resent-From: thomas.lendacky@amd.com Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: PCOhzV5eZpCUWlFbDIpynb8Ux7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=vnP5S5Bk; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io On 4/17/24 11:54, Adam Dunlap wrote: > Ensure that when a #VC exception happens, the instruction at the > instruction pointer matches the instruction that is expected given the > error code. This is to mitigate the ahoi WeSee attack [1] that could > allow hypervisors to breach integrity and confidentiality of the > firmware by maliciously injecting interrupts. This change is a > translated version of a linux patch e3ef461af35a ("x86/sev: Harden #VC > instruction emulation somewhat") >=20 > [1] https://ahoi-attacks.github.io/wesee/ >=20 > Cc: Borislav Petkov (AMD) > Cc: Tom Lendacky > Signed-off-by: Adam Dunlap > --- > OvmfPkg/Library/CcExitLib/CcExitVcHandler.c | 171 ++++++++++++++++++-- > 1 file changed, 160 insertions(+), 11 deletions(-) >=20 > diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c b/OvmfPkg/Librar= y/CcExitLib/CcExitVcHandler.c > index 0fc30f7bc4..bd3e9f304a 100644 > --- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c > +++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c > @@ -532,8 +532,6 @@ MwaitExit ( > IN CC_INSTRUCTION_DATA *InstructionData > ) > { > - CcDecodeModRm (Regs, InstructionData); > - > Ghcb->SaveArea.Rax =3D Regs->Rax; > CcExitVmgSetOffsetValid (Ghcb, GhcbRax); > Ghcb->SaveArea.Rcx =3D Regs->Rcx; > @@ -564,8 +562,6 @@ MonitorExit ( > IN CC_INSTRUCTION_DATA *InstructionData > ) > { > - CcDecodeModRm (Regs, InstructionData); > - > Ghcb->SaveArea.Rax =3D Regs->Rax; // Identity mapped, so VA =3D PA > CcExitVmgSetOffsetValid (Ghcb, GhcbRax); > Ghcb->SaveArea.Rcx =3D Regs->Rcx; > @@ -670,8 +666,6 @@ VmmCallExit ( > { > UINT64 Status; > =20 > - CcDecodeModRm (Regs, InstructionData); > - > Ghcb->SaveArea.Rax =3D Regs->Rax; > CcExitVmgSetOffsetValid (Ghcb, GhcbRax); > Ghcb->SaveArea.Cpl =3D (UINT8)(Regs->Cs & 0x3); > @@ -1603,8 +1597,6 @@ Dr7WriteExit ( > Ext =3D &InstructionData->Ext; > SevEsData =3D (SEV_ES_PER_CPU_DATA *)(Ghcb + 1); > =20 > - CcDecodeModRm (Regs, InstructionData); > - > // > // MOV DRn always treats MOD =3D=3D 3 no matter how encoded > // > @@ -1655,8 +1647,6 @@ Dr7ReadExit ( > Ext =3D &InstructionData->Ext; > SevEsData =3D (SEV_ES_PER_CPU_DATA *)(Ghcb + 1); > =20 > - CcDecodeModRm (Regs, InstructionData); > - > // > // MOV DRn always treats MOD =3D=3D 3 no matter how encoded > // > @@ -1671,6 +1661,160 @@ Dr7ReadExit ( > return 0; > } > =20 > +/** > + Check that the opcode matches the exit code for a #VC. > + > + Each exit code should only be raised while executing certain instructi= ons. > + Verify that rIP points to a correct instruction based on the exit code= to > + protect against maliciously injected interrupts via the hypervisor. If= it does > + not, report an unsupported event to the hypervisor. > + > + Decodes the ModRm byte into InstructionData if necessary. > + > + @param[in, out] Ghcb Pointer to the Guest-Hypervisor Commu= nication > + Block > + @param[in, out] Regs x64 processor context > + @param[in, out] InstructionData Instruction parsing context > + @param[in] ExitCode Exit code given by #VC. > + > + @retval 0 No problems detected. > + @return New exception value to propagate > + > + > +**/ > +STATIC > +UINT64 > +VcCheckOpcodeBytes ( > + IN OUT GHCB *Ghcb, > + IN OUT EFI_SYSTEM_CONTEXT_X64 *Regs, > + IN OUT CC_INSTRUCTION_DATA *InstructionData, > + IN UINT64 ExitCode > + ) > +{ > + UINT8 OpCode; > + > + // > + // Expected opcodes are either 1 or 2 bytes. If they are 2 bytes, they= always > + // start with TWO_BYTE_OPCODE_ESCAPE (0x0f), so skip over that. > + // > + OpCode =3D *(InstructionData->OpCodes); > + if (OpCode =3D=3D TWO_BYTE_OPCODE_ESCAPE) { > + OpCode =3D *(InstructionData->OpCodes + 1); > + } > + > + switch (ExitCode) { > + case SVM_EXIT_IOIO_PROT: > + case SVM_EXIT_NPF: > + /* handled separately */ > + return 0; > + > + case SVM_EXIT_CPUID: > + if (OpCode =3D=3D 0xa2) { > + return 0; > + } > + > + break; > + > + case SVM_EXIT_INVD: > + break; This changes the current behavior today, but I'm ok with that. > + > + case SVM_EXIT_MONITOR: > + CcDecodeModRm (Regs, InstructionData); > + > + if ((OpCode =3D=3D 0x01) && (InstructionData->ModRm.Uint8 =3D=3D 0= xc8)) { This should also handle the MONITORX opcode (hmmm... I need to send a=20 patch to the kernel). > + return 0; > + } > + > + break; > + > + case SVM_EXIT_MWAIT: > + CcDecodeModRm (Regs, InstructionData); > + > + if ((OpCode =3D=3D 0x01) && (InstructionData->ModRm.Uint8 =3D=3D 0= xc9)) { Same here for MWAITX. Thanks, Tom > + return 0; > + } > + > + break; > + > + case SVM_EXIT_MSR: > + /* RDMSR */ > + if ((OpCode =3D=3D 0x32) || > + /* WRMSR */ > + (OpCode =3D=3D 0x30)) > + { > + return 0; > + } > + > + break; > + > + case SVM_EXIT_RDPMC: > + if (OpCode =3D=3D 0x33) { > + return 0; > + } > + > + break; > + > + case SVM_EXIT_RDTSC: > + if (OpCode =3D=3D 0x31) { > + return 0; > + } > + > + break; > + > + case SVM_EXIT_RDTSCP: > + CcDecodeModRm (Regs, InstructionData); > + > + if ((OpCode =3D=3D 0x01) && (InstructionData->ModRm.Uint8 =3D=3D 0= xf9)) { > + return 0; > + } > + > + break; > + > + case SVM_EXIT_DR7_READ: > + CcDecodeModRm (Regs, InstructionData); > + > + if ((OpCode =3D=3D 0x21) && > + (InstructionData->Ext.ModRm.Reg =3D=3D 7)) > + { > + return 0; > + } > + > + break; > + > + case SVM_EXIT_VMMCALL: > + CcDecodeModRm (Regs, InstructionData); > + > + if ((OpCode =3D=3D 0x01) && (InstructionData->ModRm.Uint8 =3D=3D 0= xd9)) { > + return 0; > + } > + > + break; > + > + case SVM_EXIT_DR7_WRITE: > + CcDecodeModRm (Regs, InstructionData); > + > + if ((OpCode =3D=3D 0x23) && > + (InstructionData->Ext.ModRm.Reg =3D=3D 7)) > + { > + return 0; > + } > + > + break; > + > + case SVM_EXIT_WBINVD: > + if (OpCode =3D=3D 0x9) { > + return 0; > + } > + > + break; > + > + default: > + break; > + } > + > + return UnsupportedExit (Ghcb, Regs, InstructionData); > +} > + > /** > Handle a #VC exception. > =20 > @@ -1773,7 +1917,12 @@ InternalVmgExitHandleVc ( > =20 > CcInitInstructionData (&InstructionData, Ghcb, Regs); > =20 > - Status =3D NaeExit (Ghcb, Regs, &InstructionData); > + Status =3D VcCheckOpcodeBytes (Ghcb, Regs, &InstructionData, ExitCode)= ; > + > + if (Status =3D=3D 0) { > + Status =3D NaeExit (Ghcb, Regs, &InstructionData); > + } > + > if (Status =3D=3D 0) { > Regs->Rip +=3D CcInstructionLength (&InstructionData); > } else { -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118031): https://edk2.groups.io/g/devel/message/118031 Mute This Topic: https://groups.io/mt/105581633/7686176 Mute #vc:https://edk2.groups.io/g/devel/mutehashtag/vc Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-