Reviewed-by: Min Xu <min.m...@intel.com> > -----Original Message----- > From: Sun, CepingX <cepingx....@intel.com> > Sent: Tuesday, February 27, 2024 5:19 AM > To: devel@edk2.groups.io > Cc: Sun, CepingX <cepingx....@intel.com>; Aktas, Erdem > <erdemak...@google.com>; James Bottomley <j...@linux.ibm.com>; Yao, > Jiewen <jiewen....@intel.com>; Xu, Min M <min.m...@intel.com>; Tom > Lendacky <thomas.lenda...@amd.com>; Michael Roth > <michael.r...@amd.com>; Gerd Hoffmann <kra...@redhat.com>; > Yamahata, Isaku <isaku.yamah...@intel.com> > Subject: [PATCH V1 3/3] OvmfPkg/TdxDxe: Clear the registers before tdcall > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4696 > > Refer to the [GHCI] spec, TDVF should clear the BIT5 for RBP in the mask. > And TDVF should clear the regitsers to avoid leaking secrets to VMM. > > Reference: > [GHCI]: TDX Guest-Host-Communication Interface v1.5 > https://cdrdv2.intel.com/v1/dl/getContent/726792 > > Cc: Erdem Aktas <erdemak...@google.com> > Cc: James Bottomley <j...@linux.ibm.com> > Cc: Jiewen Yao <jiewen....@intel.com> > Cc: Min Xu <min.m...@intel.com> > Cc: Tom Lendacky <thomas.lenda...@amd.com> > Cc: Michael Roth <michael.r...@amd.com> > Cc: Gerd Hoffmann <kra...@redhat.com> > Cc: Erdem Aktas <erdemak...@google.com> > Cc: Isaku Yamahata <isaku.yamah...@intel.com> > Signed-off-by: Ceping Sun <cepingx....@intel.com> > --- > OvmfPkg/TdxDxe/X64/ApRunLoop.nasm | 30 > ++++++++++++++++++++++++++---- > 1 file changed, 26 insertions(+), 4 deletions(-) > > diff --git a/OvmfPkg/TdxDxe/X64/ApRunLoop.nasm > b/OvmfPkg/TdxDxe/X64/ApRunLoop.nasm > index 0bef89c48552..57560015f491 100644 > --- a/OvmfPkg/TdxDxe/X64/ApRunLoop.nasm > +++ b/OvmfPkg/TdxDxe/X64/ApRunLoop.nasm > @@ -20,7 +20,7 @@ SECTION .text > > BITS 64 > > -%define TDVMCALL_EXPOSE_REGS_MASK 0xffec > +%define TDVMCALL_EXPOSE_REGS_MASK 0xffcc > %define TDVMCALL 0x0 > %define EXIT_REASON_CPUID 0xa > > @@ -28,6 +28,30 @@ BITS 64 > db 0x66, 0x0f, 0x01, 0xcc > %endmacro > > +%macro tdcall_regs_preamble 2 > + mov rax, %1 > + > + xor rcx, rcx > + mov ecx, %2 > + > + ; R10 = 0 (standard TDVMCALL) > + > + xor r10d, r10d > + > + ; Zero out unused (for standard TDVMCALL) registers to avoid leaking > + ; secrets to the VMM. > + > + xor esi, esi > + xor edi, edi > + > + xor edx, edx > + xor ebp, ebp > + xor r8d, r8d > + xor r9d, r9d > + xor r14, r14 > + xor r15, r15 > +%endmacro > + > ; > ; Relocated Ap Mailbox loop > ; > @@ -40,11 +64,9 @@ global ASM_PFX(AsmRelocateApMailBoxLoop) > ASM_PFX(AsmRelocateApMailBoxLoop): > AsmRelocateApMailBoxLoopStart: > > - mov rax, TDVMCALL > - mov rcx, TDVMCALL_EXPOSE_REGS_MASK > - xor r10, r10 > mov r11, EXIT_REASON_CPUID > mov r12, 0xb > + tdcall_regs_preamble TDVMCALL, TDVMCALL_EXPOSE_REGS_MASK > tdcall > test r10, r10 > jnz Panic > -- > 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#116294): https://edk2.groups.io/g/devel/message/116294 Mute This Topic: https://groups.io/mt/104577524/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
