tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/OvmfPkg/Library/CcExitLib
History
Adam Dunlap e3fa6986ae OvmfPkg: Harden #VC instruction emulation somewhat (CVE-2024-25742) 
Ensure that when a #VC exception happens, the instruction at the
instruction pointer matches the instruction that is expected given the
error code. This is to mitigate the ahoi WeSee attack [1] that could
allow hypervisors to breach integrity and confidentiality of the
firmware by maliciously injecting interrupts. This change is a
translated version of a linux patch e3ef461af35a ("x86/sev: Harden #VC
instruction emulation somewhat")

[1] https://ahoi-attacks.github.io/wesee/

Cc: Borislav Petkov (AMD) <bp@alien8.de>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Adam Dunlap <acdunlap@google.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
 		2024-04-23 17:29:55 +00:00
..
X64 OvmfPkg/CcExitLib: Update TDVMCALL_EXPOSE_REGS_MASK 2024-03-19 09:42:06 +00:00
CcExitLib.c
CcExitLib.inf Ovmfpkg/CcExitLib: Provide SVSM discovery support 2024-04-17 20:04:41 +00:00
CcExitTd.h
CcExitVcHandler.c OvmfPkg: Harden #VC instruction emulation somewhat (CVE-2024-25742) 2024-04-23 17:29:55 +00:00
CcExitVcHandler.h
CcExitVeHandler.c OvmfPkg: Update code to be more C11 compliant by using __func__ 2023-04-10 14:19:57 +00:00
CcInstruction.c OvmfPkg/CcExitLib: Move common X86 instruction code to separate file 2023-01-18 03:47:31 +00:00
CcInstruction.h OvmfPkg/CcExitLib: Move common X86 instruction code to separate file 2023-01-18 03:47:31 +00:00
PeiDxeCcExitVcHandler.c
SecCcExitLib.inf Ovmfpkg/CcExitLib: Provide SVSM discovery support 2024-04-17 20:04:41 +00:00
SecCcExitVcHandler.c