From nobody Sun Feb 8 17:14:34 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+68907+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+68907+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one); dmarc=fail(p=none dis=none) header.from=amd.com Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1608065546488188.19991583534295; Tue, 15 Dec 2020 12:52:26 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id SrpIYY1788612x1qqBVDDB0C; Tue, 15 Dec 2020 12:52:26 -0800 X-Received: from NAM12-BN8-obe.outbound.protection.outlook.com (NAM12-BN8-obe.outbound.protection.outlook.com [40.107.237.45]) by mx.groups.io with SMTP id smtpd.web11.2912.1608065545569225455 for ; Tue, 15 Dec 2020 12:52:25 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MeUNGspQBrID7act+C1w5mJBfpioND5Pev1QqBeQeCnMopRKRaeluMCyda4LiAN7ijT39GjpO1/hsNzuDEoQYEUvbKDRRMrk3FVc/UciEIUVtB+d139fnSnKYJSlLQwcW8cHkDO3Ka6n0Fb0PNEyLhriZNMRGmNRUhC9aBN0kysw2iLlbr0v2FvnB3d9Giu/8r5pFEP77Rf1FsAkW6vEf0aoIKNS8fimZ+i8nFGfaHKGJw+eBP0VSrYoZNxH8G2cZLTBN1EWZaMI9mgL6Yk0bENBIZK/DQkIG6oZYjZTHo37iYj1u0bzQ5cmTZ5zT6zcZG3y7LnDSaQZGz51DIi6tg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fwLaKo04rC62Q/hRfjO8x9MU763zHqc18Fo0iL+767E=; b=VfGAp6svSdNcSDonZ7jParow0tOWUfPs7Khi73e8Ub6r+a3FuJ1XsQ0JdFBHnkJ378vqe8lcTl3U4k4x3uiZNngFbQyG46DkaGdMeSWpIyWANA34gU5zwlrEVPrhBOoSREsczB/DjO9K/CuA0eOdaH2ek2YnIYjqmoYv/TfNfPCdNNL4BhYjyjRGTyAxH4stlOkX6ElSNlnhUcYFnVs/SQVcwRFvWV6ihkKY+5t3G4/UsAG3fhcZAq3GffPh4Ugof/AXJGyK76DK62cqE4dLoqmlyI11DSYgFKj88/2WZRf0HagR7/cV09AEJzz3/Ur1qViZPbiSJWJPtl90SfCFQw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none X-Received: from DM5PR12MB1355.namprd12.prod.outlook.com (10.168.234.7) by DM6PR12MB4155.namprd12.prod.outlook.com (10.141.8.79) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.15; Tue, 15 Dec 2020 20:52:22 +0000 X-Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::d95e:b9d:1d6a:e845]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::d95e:b9d:1d6a:e845%12]) with mapi id 15.20.3654.025; Tue, 15 Dec 2020 20:52:22 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io CC: Brijesh Singh , James Bottomley , Jordan Justen , Laszlo Ersek , Ard Biesheuvel Subject: [edk2-devel] [PATCH 07/12] OvmfPkg/VmgExitLib: Check for an explicit DR7 cached value Date: Tue, 15 Dec 2020 14:51:06 -0600 Message-ID: <69448e7f1e1ad25b2ff4890dd64e96ae14bb54e5.1608065471.git.thomas.lendacky@amd.com> In-Reply-To: References: X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: CH2PR03CA0018.namprd03.prod.outlook.com (2603:10b6:610:59::28) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-Received: from tlendack-t1.amd.com (165.204.77.1) by CH2PR03CA0018.namprd03.prod.outlook.com (2603:10b6:610:59::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.12 via Frontend Transport; Tue, 15 Dec 2020 20:52:22 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: a6c068ac-93d0-4d83-f8d0-08d8a13b5254 X-MS-TrafficTypeDiagnostic: DM6PR12MB4155: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5797; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Message-Info: QXhcuivT/W0HPq7ilAQ7zw8JetqlaQ2a6Ersy9i4U2enVNIxLgHZgbkepEujXxa1w0t7wKdpKc8XCtzILDO0vxACuoYbLiDqpeQleV8m+rKx9+ttKOzm9Hfp55XKwPRkJtijz2pRac+SPEgDKF0x58mg79HDkNOs5xsoQwBGapmwO4ZyySYTogO+l9tXAzWVZLtjlI0hzpCqPa1zTH8ICKySfiXXyvxxlFUHmDGmeboS6cFPZlBCkhNrqAIGcAQDaqVYvR+hKt/mSk8/IPPZlJRNF1bbXVeGOfOAJCV2uakZdplVTLYWyy8I2hi1rOvl64HJ5RNhYkdxO0kJIzeh5haUORgUQNI46hUg/Zdp0+gkedLseSRXbgcUkZunDeqPb2NMePXuM9bDQYQ92jN1cDjYpZZcNbnbv8Daf6TjsR/KI02j80ddxaJgaPClDIdduyG5rqxhutFMVftvmqJP3w== X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?C3Uz8p8HLfOa6pNKF5CL99zUWEiWIWcR2MB9swAahYoystDrEBUzZfs9N/1T?= =?us-ascii?Q?XkMavVD1Jvvx7ACzBz+J6tIU/63Kc0cgaL+mpJTHP+3UgzYdnd3yvf2sobfb?= =?us-ascii?Q?7IrN1pbCUQEQaiaHTtCQbkgob58R2ok+PzQ4AvXiPyOMw7jLSD4DtQJfh3zf?= =?us-ascii?Q?vXvTZKCeoS4qkXF2MDkyj2zulfTfHsdjD/dJNJeuX5ZwI3FlK/IYN2Rd2cdW?= =?us-ascii?Q?BerL2uLi3TwliDCTiaFkRtJwWFAARiMBcDIQesO+NweT2RrKdEV0U6RxyhpV?= =?us-ascii?Q?vKEC1odzWFylhAyzCc0ASlkpkn+K+gHLWCiHPbnT8h2hD7deAEGKoA6YnJiV?= =?us-ascii?Q?iXsd80VeQu0iA/PmTwkw8RFtLrtyY4jydZ1C9vZ3Fkrd6IN/e94Qz5gDltOB?= =?us-ascii?Q?Bve3ktOwQWvbJ6tNCdpZH90UeAotswxEZ9aE3mo1MKGNGqzKa9b9QQx3soLh?= =?us-ascii?Q?I4AUqcCdpnz6Rkj85SFJvn/l7gnks7iK4ZoXusG4QyOXPs1Zx2SlfocpDrjJ?= =?us-ascii?Q?pyD1t2l3FliF3j2AL/PjER0xHvLb3n1EC/FibAaZGwKiA+6RNEND1E8vZh1N?= =?us-ascii?Q?R/XWSOdw0i1f4lcKmPLDjb2/hj71nzS1Cp1VE9aGbyHAmxUvIH7IaTaroV2S?= =?us-ascii?Q?17Nar5WWKSW08DLf5upo5gDxSNBalKTi1cwNJzjAQPFQsTOMqkhnuqerJlYI?= =?us-ascii?Q?R3BMiI4ZdRd4pTJ+ztotD50qo6pFvZoRWOh4XFz/dRCDXvfZeF5qOGmxvKcc?= =?us-ascii?Q?GfVl49iSAFkaqZDX14Vz8XYeO61eWkEVErvCUfeov8OLJM3QTMVNc6U3Rgsv?= =?us-ascii?Q?wb7zroG+BoUQwQcLbcfLqnU5pKuE9rvEVpXawPdIfZxgZ3Fvr1tHmg9FXIn9?= =?us-ascii?Q?xmNppn4evskDe3QgkD0M62vEioRw121Y+UEyqmfPEv13B6JvEgGhre5GfxGG?= =?us-ascii?Q?Vgbc2TVtMTvtV527dJAqjn1J1WhsfRmFoCVipCUWCIcBiheZtnYn5qk4feuc?= =?us-ascii?Q?UntI?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Dec 2020 20:52:22.8008 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-Network-Message-Id: a6c068ac-93d0-4d83-f8d0-08d8a13b5254 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: K20eIosix2ecs4MgeiZrBk7Ns/ONAPjw9KSLgsJf0iLhM0A7R2bkv55N+x2tLKsHZqJGbe9511xgidAv0ggzZQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4155 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com X-Gm-Message-State: JfJ7Yxw4eprYM40VOo2L1JvHx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1608065546; bh=HzhbTiKspJBQC0CFWoMt2KxCja0ssN0iC9XRW2+sgno=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=ht2m3aMWIMpht8QsbgXuC5PLaDYnRSbQCPVjJkEXxnr6dz428RWDdk8gshhHeVsV2ui EiKd4YS+6l4bBIe5qmNGdcqaCa96fmbCoPCuedRCiEftZk9r7wPijhLo/bYvXafLhP8BY DHODvblxL8iEoJfIfSW77Sr5ZfMXQi9XpBk= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Tom Lendacky BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3108 Check the DR7 cached indicator against a specific value. This makes it harder for a hypervisor to just write random data into that field in an attempt to use an invalid DR7 value. Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Brijesh Singh Signed-off-by: Tom Lendacky Reviewed-by: Laszlo Ersek --- OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c b/OvmfPkg/Librar= y/VmgExitLib/VmgExitVcHandler.c index 1671db3a01b1..5149ab2bc989 100644 --- a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c +++ b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c @@ -128,10 +128,13 @@ UINT64 =20 // // Per-CPU data mapping structure +// Use UINT32 for cached indicators and compare to a specific value +// so that the hypervisor can't indicate a value is cached by just +// writing random data to that area. // typedef struct { - BOOLEAN Dr7Cached; - UINT64 Dr7; + UINT32 Dr7Cached; + UINT64 Dr7; } SEV_ES_PER_CPU_DATA; =20 =20 @@ -1489,7 +1492,7 @@ Dr7WriteExit ( } =20 SevEsData->Dr7 =3D *Register; - SevEsData->Dr7Cached =3D TRUE; + SevEsData->Dr7Cached =3D 1; =20 return 0; } @@ -1533,7 +1536,7 @@ Dr7ReadExit ( // If there is a cached valued for DR7, return that. Otherwise return the // DR7 standard reset value of 0x400 (no debug breakpoints set). // - *Register =3D (SevEsData->Dr7Cached) ? SevEsData->Dr7 : 0x400; + *Register =3D (SevEsData->Dr7Cached =3D=3D 1) ? SevEsData->Dr7 : 0x400; =20 return 0; } --=20 2.28.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#68907): https://edk2.groups.io/g/devel/message/68907 Mute This Topic: https://groups.io/mt/78986167/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-