sed in the function, it is better to check it before overwriting.
code: https://github.com/sunceping/edk2/tree/fixcoverityerrors.v1
Cc: Gerd Hoffmann
Cc: Jiewen Yao
Cc: Min Xu
Signed-off-by: Ceping Sun
Ceping Sun (2):
OvmfPkg/AcpiPlatformDxe: Avoid possible NULL pointer dereference
OvmfPkg
From: Ceping Sun
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4568
The function InstallCloudHvTablesTdx had an Assert when "DsdtTable == NULL",
but this comes into play only in DEBUG mode. In Release mode , there is
no handling if the pointer is NULL. To avoid the possible null pointer
de
From: Ceping Sun
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4568
The status of "AcpiProtocol->InstallAcpiTable" is overwritten
before it can be used, it is better to check it before overwriting.
Cc: Gerd Hoffmann
Cc: Jiewen Yao
Cc: Min Xu
Signed-off-by: Ceping Sun
---
OvmfPkg/Acpi
it before overwriting.
code: https://github.com/sunceping/edk2/tree/fixcoverityerrors.v2
Cc: Erdem Aktas
Cc: James Bottomley
Cc: Jiewen Yao
Cc: Min Xu
Cc: Tom Lendacky
Cc: Michael Roth
Cc: Gerd Hoffmann
Signed-off-by: Ceping Sun
---
OvmfPkg/AcpiPlatformDxe/CloudHvAcpi.c | 8 +++-
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572
According to section 3.2 of the [GHCI] documentation, if the result is
"TDG.VP.VMCALL_RETRY" for TDG.VP.VMCALL, TD must retry the mapping for
the pages in the region starting at the GPA specified in r11.
Currently, TDVF does not properly ha
From: Ceping Sun
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572
According to section 3.2 of the [GHCI] spec, if the return status
is "TDG.VP.VMCALL_RETRY", TD must retry this operation for the
pages in the region starting at the GPA specified in R11.
Currently, TDVF has not handled th
From: Ceping Sun
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572
According to section 3.2 of the [GHCI] document, if the result of MapGPA
is "TDG.VP.VMCALL_RETRY", TDVF must retry mapping for pages in that region,
starting with the GPA specified in R11.
Reference:
[GHCI]: TDX Guest-Hos
On Friday, October 27, 2023 7:05 PM, Gerd Hoffmann wrote:
> > + while (RetryCount < MAX_RETRIES_PER_PAGE) {
> > +TdStatus = TdVmCallMapGPA (PhysicalAddress, Length,
> &MapGpaRetryaddr);
> > +if (TdStatus != TDVMCALL_STATUS_RETRY) {
> > + break;
> > +}
> > +
> > +DEBUG ((DEBUG_
On Saturday, October 28, 2023 12:45 AM, Erdem Aktas wrote:
This should be the [PATCH V1 2/2] I assume?
Yes, the name is same with [PATCH v1 0/2] , may be confusion, I would update in
next version to avoid the same title name.
On Thu, Oct 26, 2023 at 5:58 PM sunceping
mailto:cepingx
ssume?
> > Yes, the name is same with [PATCH v1 0/2] , may be confusion, I would
> update in next version to avoid the same title name.
> >
> >
> > On Thu, Oct 26, 2023 at 5:58 PM sunceping
> > mailto:cepingx@intel.com>> wrote:
> > [Sources]
>
Guest-Host-Communication Interface v1.0
https://cdrdv2.intel.com/v1/dl/getContent/726790
v2 changes:
- Update the code based on the comments of v1 reviewer
- Update TdVmcall to instead of the extra API file
code: https://github.com/sunceping/edk2/tree/handleRetryMapGPA.v2
Cc: Liming Gao
Cc: Michae
From: Ceping Sun
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572
According to section 3.2 of the [GHCI] spec, if the return status
of MapGPA is "TDG.VP.VMCALL_RETRY", TD must retry this operation
for the pages in the region starting at the GPA specified in R11.
Currently, TDVF has not
From: Ceping Sun
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572
According to section 3.2 of the [GHCI] document, if the return status
of MapGPA is "TDG.VP.VMCALL_RETRY", TD must retry this operation for the
pages in the region starting at the GPA specified in R11.
In this patch, when
2/2] I assume?
> > Yes, the name is same with [PATCH v1 0/2] , may be confusion, I would
> update in next version to avoid the same title name.
> >
> >
> > On Thu, Oct 26, 2023 at 5:58 PM sunceping
> > mailto:cepingx@intel.com>> wrote:
&g
github.com/sunceping/edk2/tree/handleRetryMapGPA.v3
Cc: Liming Gao
Cc: Michael D Kinney
Cc: Erdem Aktas
Cc: James Bottomley
Cc: Jiewen Yao
Cc: Min Xu
Cc: Tom Lendacky
Cc: Michael Roth
Acked-by: Gerd Hoffmann
Signed-off-by: Ceping Sun
Ceping Sun (2):
MdePkg/BaseLib: Update TdVmcall to always
From: Ceping Sun
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572
According to section 3.2 of the [GHCI] spec, if the return status
of MapGPA is "TDG.VP.VMCALL_RETRY", TD must retry this operation
for the pages in the region starting at the GPA specified in R11.
Currently, TDVF has not
From: Ceping Sun
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572
According to section 3.2 of the [GHCI] document, if the return status
of MapGPA is "TDG.VP.VMCALL_RETRY", TD must retry this operation for the
pages in the region starting at the GPA specified in R11.
In this patch, when
the patch to MdePkg update and OvmfPkg update.
code: https://github.com/sunceping/edk2/tree/handleRetryMapGPA.v4
Cc: Liming Gao
Cc: Michael D Kinney
Cc: Erdem Aktas
Cc: James Bottomley
Cc: Min Xu
Cc: Tom Lendacky
Cc: Michael Roth
Cc: Jiewen Yao
Acked-by: Gerd Hoffmann
Signed-off-by:
From: Ceping Sun
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572
According to section 3.2 of the [GHCI] spec, if the return status
of MapGPA is "TDG.VP.VMCALL_RETRY", TD must retry this operation
for the pages in the region starting at the GPA specified in R11.
Currently, TDVF has not
From: Ceping Sun
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572
TDVMCALL_STATUS_RETRY is defined in GHCI spec section 2.4.1.
Reference:
[GHCI]: TDX Guest-Host-Communication Interface v1.0
https://cdrdv2.intel.com/v1/dl/getContent/726790
Cc: Liming Gao
Cc: Michael D Kinney
Cc: Erdem
From: Ceping Sun
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572
According to section 3.2 of the [GHCI] document, if the return status
of MapGPA is "TDG.VP.VMCALL_RETRY", TD must retry this operation for the
pages in the region starting at the GPA specified in R11.
In this patch, when
From: Ceping Sun
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4604
Fields of NumberOfPartitionEntries and SizeOfPartitionEntry in
PrimaryHeader are both UINT32. UINT32 * UINT32 produce UINT32
but it may overflow. So The result should be checked if it is
overflow.
Cc: Jiewen Yao
Signed-o
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4696
According to section 2.4.1 of [GHCI] spec,
RBP register is usually used as a frame pointer according to the C language
calling convention.
The software should not use RBP as an input/output parameter and should clear
BIT5 (RBP) in
the GPR
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4696
Refer to the [GHCI] spec, TDVF should clear the BIT5 for RBP in the mask.
Reference:
[GHCI]: TDX Guest-Host-Communication Interface v1.5
https://cdrdv2.intel.com/v1/dl/getContent/726792
Cc: Liming Gao
Cc: Michael D Kinney
Cc: Erdem Aktas
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4696
Refer to the [GHCI] spec, TDVF should clear the BIT5 for RBP in the mask.
Reference:
[GHCI]: TDX Guest-Host-Communication Interface v1.5
https://cdrdv2.intel.com/v1/dl/getContent/726792
Cc: Erdem Aktas
Cc: James Bottomley
Cc: Jiewen Yao
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4696
Refer to the [GHCI] spec, TDVF should clear the BIT5 for RBP in the mask.
And TDVF should clear the regitsers to avoid leaking secrets to VMM.
Reference:
[GHCI]: TDX Guest-Host-Communication Interface v1.5
https://cdrdv2.intel.com/v1/dl/get
On Tuesday, February 27, 2024 8:26 PM Yamahata, Isaku wrote:
> > +%macro tdcall_regs_preamble 2
> > +mov rax, %1
> > +
> > +xor rcx, rcx
> > +mov ecx, %2
> > +
> > +; R10 = 0 (standard TDVMCALL)
> > +
> > +xor r10d, r10d
> > +
> > +; Zero out unused (for standard TDVMCALL) r
Ping @Gao, Liming, @Kinney, Michael D
Hi Liming and Mike
Would you please review the MdePkg update?
Thanks
Ceping
> -Original Message-
> From: Sun, CepingX
> Sent: Tuesday, February 27, 2024 5:19 AM
> To: devel@edk2.groups.io
> Cc: Sun, CepingX ; Liming Gao
> ; Kinney, Michael D
> ; Akta
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4415
Refer to the section 8.3.4 of tdx-virtual-firmware-design-guide spec,
OVMF would uses FW_CFG_IO_SELECTOR(0x510) and FW_CFG_IO_DATA(0x511)
to get configuration data from QEMU. From the security perspective,
if TDVF uses this method, configura
@Liming Gao @Kinney, Michael D
This patch has been submitted for review over two weeks.
May I have your comments about the patch?
Thanks
Ceping
> -Original Message-
> From: Sun, CepingX
> Sent: Monday, March 4, 2024 11:23 AM
> To: Liming Gao ; Kinney, Michael D
> ; devel@edk2.groups.io;
On Tuesday, March 12, 2024 3:58 PM Yao, Jiewen wrote:
> Subject: RE: [PATCH V1 1/1] OvmfPkg/QemuBootOrderLib: Measure the
> etc/boot-menu-wait
>
> Thanks for the patch.
>
> Is this the only missing configuration data?
> Or do you have more on the way?
>
This is not the only missing configuratio
On Tuesday, March 12, 2024 7:04 PM Gerd Hoffmann wrote:
> On Wed, Mar 13, 2024 at 07:51:46AM +0800, Ceping Sun wrote:
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4415
> >
> > Refer to the section 8.3.4 of tdx-virtual-firmware-design-guide
> > spec, OVMF would uses FW_CFG_IO_SELECTOR(0x
On Thursday, March 14, 2024 5:31 PM Gerd Hoffmann wrote:
> Load, measure and cache all fw_cfg entries we care about early in the PEI
> phase
> (or SEC phase for pei-less builds), so we can
> (a) easily have a fixed order, and
> (b) store them all in HOBs?
>
> Which implies SEC/PEI must read a
On Wednesday, March 20, 2024 6:05 PM Gerd Hoffmann wrote:
>
> We don't need to read + cache all fw_cfg data. We only need to cache the
> entries which (a) must be measured, and (b) will not be measured in some
> other way.
>
I am afraid that it is difficult to determine which fw_cfg items
are n
On Thursday, March 21, 2024 8:25 PM Gerd Hoffmann wrote:
> Well, just try to read them. If present they can just be measured.
> If not present we can either skip them, or measure with an empty data
> field to indicate it is not present.
My understanding :
If the fw_cfg is present, it must be mea
On Friday, March 22, 2024 5:06 PM Gerd Hoffmann wrote:
>
> > > But then you have to find and update all callsites (or at least the
> > > ones where we care about measurement).
> > In your solution, if we cache all items that need to be measured, we
> > would have to add a new API (example: QemuFw
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4364
Currently, the length of type EFI_HOB_TYPE_GUID_EXTENSION is not checked
because it is variable length data. This might give a chance to an buffer
overflow issue.
Fix this by checking the HobLength of EFI_HOB_GUID_TYPE to make sure that
it
SECURE_BOOT_FEATURE_ENABLED was dropped by the commit(92da8a154f), but the
PeilessStartupLib was not updated with PcdSecureBootSupported, that made
SecureBoot no longer work in IntelTdxX64.
Fix this by replacing SECURE_BOOT_FEATURE_ENABLED with
PcdSecureBootSupported in PeilessStartupLib.
Cc: Erd
38 matches
Mail list logo
