tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/OvmfPkg/Library
History
Laszlo Ersek d431d8339e OvmfPkg/QemuFwCfgDxeLib: SEV: zero FW_CFG_DMA_ACCESS before decrypting it 
There's a small window between

- AllocFwCfgDmaAccessBuffer() mapping the new FW_CFG_DMA_ACCESS object for
  common buffer operation (i.e., decrypting it), and

- InternalQemuFwCfgDmaBytes() setting the fields of the object.

In this window, earlier garbage in the object is "leaked" to the
hypervisor. So zero the object before we decrypt it.

(This commit message references AMD SEV directly, because QemuFwCfgDxeLib
is not *generally* enabled for IOMMU operation just yet, unlike our goal
for the virtio infrastructure. Instead, QemuFwCfgDxeLib uses
MemEncryptSevLib explicitly to detect SEV, and then relies on IOMMU
protocol behavior that is specific to SEV. At this point, this is by
design.)

Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
 		2017-08-29 22:44:33 +02:00
..
AcpiTimerLib OvmfPkg: determine PMBA value dependent on host bridge device ID 2016-05-17 20:48:39 +02:00
BaseMemEncryptSevLib OvmfPkg/BaseMemcryptSevLib: Add SEV helper library 2017-07-10 21:17:27 -07:00
DxePciLibI440FxQ35 OvmfPkg: add DxePciLibI440FxQ35 2016-03-10 21:28:29 +01:00
EmuVariableFvbLib OvmfPkg EMU FVB: Add 2 functions to PlatformFvbLib 2011-01-09 03:51:16 +00:00
LoadLinuxLib OvmfPkg: Make more use of ARRAY_SIZE() 2016-10-27 18:21:06 +02:00
LockBoxLib ArmVirtPkg, OvmfPkg: retire QemuFwCfgS3Enabled() from QemuFwCfgLib 2017-03-14 21:49:16 +01:00
NvVarsFileLib OvmfPkg: Remove superfluous return statements. 2017-01-19 10:28:40 +01:00
PciHostBridgeLib OvmfPkg: Make more use of ARRAY_SIZE() 2016-10-27 18:21:06 +02:00
PlatformBootManagerLib ArmVirtPkg, OvmfPkg: retire QemuFwCfgS3Enabled() from QemuFwCfgLib 2017-03-14 21:49:16 +01:00
PlatformDebugLibIoPort OvmfPkg: PlatformDebugLibIoPort: fix AsciiSPrint() format string 2015-08-06 10:13:33 +00:00
PlatformFvbLibNull OvmfPkg EMU FVB: Add 2 functions to PlatformFvbLib 2011-01-09 03:51:16 +00:00
PlatformHasIoMmuLib OvmfPkg: Add PlatformHasIoMmuLib 2017-07-10 21:17:28 -07:00
PlatformSecureLib OvmfPkg: Add custom mode setup if the Secure Boot build option is specified. 2012-04-04 17:35:06 +00:00
QemuBootOrderLib OvmfPkg/QemuBootOrderLib: Fix NOOPT build failure 2017-02-10 09:59:29 +08:00
QemuFwCfgLib OvmfPkg/QemuFwCfgDxeLib: SEV: zero FW_CFG_DMA_ACCESS before decrypting it 2017-08-29 22:44:33 +02:00
QemuFwCfgS3Lib OvmfPkg/QemuFwCfgS3Lib: Fix VS tool chain build failure 2017-03-15 21:18:40 -07:00
ResetSystemLib OvmfPkg/ResetSystemLib: Implement ResetPlatformSpecific 2016-09-02 10:07:15 +08:00
SerializeVariablesLib OvmfPkg/SerializeVariablesLib: Relax check for the read-only variable 2016-05-26 13:21:36 +02:00
SmbiosVersionLib OvmfPkg/SmbiosVersionLib: eliminate unchecked PcdSetXX() calls 2016-10-25 10:46:19 +02:00
SmmCpuFeaturesLib OvmfPkg: SmmCpuFeaturesLib: customize state save map format 2015-11-30 18:46:42 +00:00
VirtioLib OvmfPkg/VirtioLib: change the parameter of VirtioAppendDesc() to UINT64 2017-08-25 10:42:19 +02:00
VirtioMmioDeviceLib OvmfPkg/Virtio: take RingBaseShift in SetQueueAddress() 2017-08-25 10:42:19 +02:00
XenConsoleSerialPortLib OvmfPkg/XenConsoleSerialPortLib: don't include <Uefi/UefiBaseType.h> 2016-10-26 12:03:39 +02:00
XenHypercallLib OvmfPkg/XenHypercallLib: Add EFIAPI 2016-12-06 18:00:32 +01:00
XenIoMmioLib OvmfPkg/XenIoMmioLib: add missing MemoryAllocationLib dependency to INF 2016-04-13 17:26:06 +02:00