On Fri, Apr 19, 2024 at 8:13 AM Tom Lendacky wrote:
>
> On 4/17/24 11:54, Adam Dunlap wrote:
> > +
> > +case SVM_EXIT_INVD:
> > + break;
>
> This changes the current behavior today, but I'm ok with that.
>
Whoops, I should've checked that. Should we delete InvdExit() then, if
it's dead
On 4/17/24 11:54, Adam Dunlap wrote:
Ensure that when a #VC exception happens, the instruction at the
instruction pointer matches the instruction that is expected given the
error code. This is to mitigate the ahoi WeSee attack [1] that could
allow hypervisors to breach integrity and
On 4/18/24 07:15, Gerd Hoffmann via groups.io wrote:
On Wed, Apr 17, 2024 at 09:54:00AM -0700, Adam Dunlap via groups.io wrote:
Ensure that when a #VC exception happens, the instruction at the
instruction pointer matches the instruction that is expected given the
error code. This is to mitigate
On Thu, Apr 18, 2024 at 08:39:20AM -0700, Adam Dunlap wrote:
> On Thu, Apr 18, 2024 at 5:15 AM Gerd Hoffmann wrote:
> >
> > On Wed, Apr 17, 2024 at 09:54:00AM -0700, Adam Dunlap via groups.io wrote:
> > > + UINT8 OpCode;
> >
> > The linux kernel patch uses "unsigned int opcode" and apparently
>
On Thu, Apr 18, 2024 at 9:39 AM Adam Dunlap wrote:
>
> On Thu, Apr 18, 2024 at 5:15 AM Gerd Hoffmann wrote:
> >
> > On Wed, Apr 17, 2024 at 09:54:00AM -0700, Adam Dunlap via groups.io wrote:
> > > + UINT8 OpCode;
> >
> > The linux kernel patch uses "unsigned int opcode" and apparently
> >
On Thu, Apr 18, 2024 at 5:15 AM Gerd Hoffmann wrote:
>
> On Wed, Apr 17, 2024 at 09:54:00AM -0700, Adam Dunlap via groups.io wrote:
> > + UINT8 OpCode;
>
> The linux kernel patch uses "unsigned int opcode" and apparently
> checks more than just the first byte for multi-byte opcodes. Why
> do
On Wed, Apr 17, 2024 at 09:54:00AM -0700, Adam Dunlap via groups.io wrote:
> Ensure that when a #VC exception happens, the instruction at the
> instruction pointer matches the instruction that is expected given the
> error code. This is to mitigate the ahoi WeSee attack [1] that could
> allow
Cc: devel@edk2.groups.io; Yao, Jiewen ; Borislav Petkov
> ; Peter Gonda ; Tom Lendacky
> ; Aktas, Erdem ; Gerd
> Hoffmann ; Michael Roth ; Xu,
> Min M
> Subject: Re: [edk2-devel] [PATCH] OvmfPkg: Harden #VC instruction emulation
> somewhat (CVE-2024-25742)
>
> On Wed,
On Wed, Apr 17, 2024 at 10:08 AM Ard Biesheuvel wrote:
>
> (cc Jiewen)
>
> Please cc the OVMF maintainers when you send edk2 patches. (There is a
> Maintainers file in the root of the repo)
Thanks, I added everyone returned from the GetMaintainer.py script.
> On Wed, 17 Apr 2024 at 18:54, Adam
(cc Jiewen)
Please cc the OVMF maintainers when you send edk2 patches. (There is a
Maintainers file in the root of the repo)
On Wed, 17 Apr 2024 at 18:54, Adam Dunlap via groups.io
wrote:
>
> Ensure that when a #VC exception happens, the instruction at the
> instruction pointer matches the
Ensure that when a #VC exception happens, the instruction at the
instruction pointer matches the instruction that is expected given the
error code. This is to mitigate the ahoi WeSee attack [1] that could
allow hypervisors to breach integrity and confidentiality of the
firmware by maliciously
11 matches
Mail list logo
