On Tuesday, February 27, 2024 8:26 PM Yamahata, Isaku wrote: > > +%macro tdcall_regs_preamble 2 > > + mov rax, %1 > > + > > + xor rcx, rcx > > + mov ecx, %2 > > + > > + ; R10 = 0 (standard TDVMCALL) > > + > > + xor r10d, r10d > > + > > + ; Zero out unused (for standard TDVMCALL) registers to avoid leaking > > + ; secrets to the VMM. > > + > > + xor esi, esi > > + xor edi, edi > > + > > + xor edx, edx > > + xor ebp, ebp > > + xor r8d, r8d > > + xor r9d, r9d > > + xor r14, r14 > > + xor r15, r15 > > We can just clear the corresponding bit of TDVMCALL_EXPOSE_REGS_MASK in > addition to RBP. > Same to 1/3 and 3/3. We can eliminate tdcall_regs_postamble. > Any reason to bother to zero those registers and pass them to VMM? > Zero out these registers to avoid leaking secrets to the VMM. There are also some registers (e.g., r10, r14...... etc.) are output operands and should be cleared. The tdcall_regs_preamble was already using in the TdVmcall.nasm and TdVmcallCpuid.nasm . For the ApRunLoop.nasm , it is fixed now.
Thanks Ceping -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#116096): https://edk2.groups.io/g/devel/message/116096 Mute This Topic: https://groups.io/mt/104577524/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
