diff options
| author | Tom Lendacky <thomas.lendacky@amd.com> | 2021-01-07 12:48:25 -0600 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2021-01-07 19:34:39 +0000 |
| commit | 85b8eac59b8c5bd9c7eb9afdb64357ce1aa2e803 (patch) | |
| tree | 4309a053d2d9041c749e1dac64eaf3832160681e /MdePkg | |
| parent | 362654246ae886e11287f44c6aaa53f17e1f2867 (diff) | |
| download | edk2-85b8eac59b8c5bd9c7eb9afdb64357ce1aa2e803.tar.gz edk2-85b8eac59b8c5bd9c7eb9afdb64357ce1aa2e803.tar.bz2 edk2-85b8eac59b8c5bd9c7eb9afdb64357ce1aa2e803.zip | |
OvfmPkg/VmgExitLib: Validate #VC MMIO is to un-encrypted memory
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3108
When SEV-ES is active, and MMIO operation will trigger a #VC and the
VmgExitLib exception handler will process this MMIO operation.
A malicious hypervisor could try to extract information from encrypted
memory by setting a reserved bit in the guests nested page tables for
a non-MMIO area. This can result in the encrypted data being copied into
the GHCB shared buffer area and accessed by the hypervisor.
Prevent this by ensuring that the MMIO source/destination is un-encrypted
memory. For the APIC register space, access is allowed in general.
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <0cf28470ad5e694af45f7f0b35296628f819567d.1610045305.git.thomas.lendacky@amd.com>
Diffstat (limited to 'MdePkg')
0 files changed, 0 insertions, 0 deletions