Re: [edk2-devel] [PATCH V1 0/3] OvmfPkg: Update TDVMCALL to avoid leaking secrets to the VMM

Mon, 26 Feb 2024 22:49:00 -0800 

Reviewed-by: Min Xu <min.m...@intel.com>

> -----Original Message-----
> From: Sun, CepingX <cepingx....@intel.com>
> Sent: Tuesday, February 27, 2024 5:19 AM
> To: devel@edk2.groups.io
> Cc: Sun, CepingX <cepingx....@intel.com>; Liming Gao
> <gaolim...@byosoft.com.cn>; Kinney, Michael D
> <michael.d.kin...@intel.com>; Aktas, Erdem <erdemak...@google.com>;
> James Bottomley <j...@linux.ibm.com>; Yao, Jiewen
> <jiewen....@intel.com>; Xu, Min M <min.m...@intel.com>; Tom Lendacky
> <thomas.lenda...@amd.com>; Michael Roth <michael.r...@amd.com>;
> Gerd Hoffmann <kra...@redhat.com>; Yamahata, Isaku
> <isaku.yamah...@intel.com>
> Subject: [PATCH V1 0/3] OvmfPkg: Update TDVMCALL to avoid leaking secrets
> to the VMM
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4696
> 
> According to section 2.4.1 of [GHCI] spec, RBP register is usually used as a
> frame pointer according to the C language calling convention.
> The software should not use RBP as an input/output parameter and should
> clear BIT5 (RBP) in the GPR mask in RCX.
> 
> Reference:
> [GHCI]: TDX Guest-Host-Communication Interface v1.5
> https://cdrdv2.intel.com/v1/dl/getContent/726792
> 
> 
> Cc: Liming Gao <gaolim...@byosoft.com.cn>
> Cc: Michael D Kinney <michael.d.kin...@intel.com>
> Cc: Erdem Aktas <erdemak...@google.com>
> Cc: James Bottomley <j...@linux.ibm.com>
> Cc: Jiewen Yao <jiewen....@intel.com>
> Cc: Min Xu <min.m...@intel.com>
> Cc: Tom Lendacky <thomas.lenda...@amd.com>
> Cc: Michael Roth <michael.r...@amd.com>
> Cc: Gerd Hoffmann <kra...@redhat.com>
> Cc: Isaku Yamahata <isaku.yamah...@intel.com>
> Signed-off-by: Ceping Sun <cepingx....@intel.com>
> 
> Ceping Sun (3):
>   MdePkg/BaseLib: Update TDVMCALL_EXPOSE_REGS_MASK
>   OvmfPkg/CcExitLib: Update TDVMCALL_EXPOSE_REGS_MASK
>   OvmfPkg/TdxDxe: Clear the registers before tdcall
> 
>  MdePkg/Library/BaseLib/X64/TdVmcall.nasm      |  2 +-
>  .../Library/CcExitLib/X64/TdVmcallCpuid.nasm  |  2 +-
>  OvmfPkg/TdxDxe/X64/ApRunLoop.nasm             | 30 ++++++++++++++++---
>  3 files changed, 28 insertions(+), 6 deletions(-)
> 
> --
> 2.34.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116006): https://edk2.groups.io/g/devel/message/116006
Mute This Topic: https://groups.io/mt/104577516/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to