diff options
| author | Tom Lendacky <thomas.lendacky@amd.com> | 2025-07-15 10:07:24 -0500 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2025-07-21 06:20:59 +0000 |
| commit | 046ba401c29618e2065aad10db20f62a974f1439 (patch) | |
| tree | fe36ef25b1d92ff7c529964051961cb211e2b2c9 /BaseTools/Source/Python | |
| parent | 0bb4cf0228fce0b6aaedc0bfc1d79147aebf16f3 (diff) | |
| download | edk2-046ba401c29618e2065aad10db20f62a974f1439.zip edk2-046ba401c29618e2065aad10db20f62a974f1439.tar.gz edk2-046ba401c29618e2065aad10db20f62a974f1439.tar.bz2 | |
UefiCpuPkg/MpInitLib: Fix random SEV-ES guest boot crash
The SevSnpKnownInitApicId field within the MP_CPU_EXCHANGE_INFO structure
is not guaranteed to be zero when booting an SEV-ES guest. While the check
in SevSnpGetInitCpuNumber() is conditionally guarded by verifying if the
guest is an SEV-SNP guest, the check in SevEsGetApicId() is not similarly
guarded.
This lack of protection can cause SevEsGetApicId() to return to the wrong
location. If the value of the SevSnpKnownInitApicId field contains the
exact random value of 1, the guest will be treated as an SEV-SNP guest
rather than an SEV-ES guest and return to the wrong location in the code
which will lead to a crash.
Ensure that all SEV related fields in MP_CPU_EXCHANGE_INFO structure are
properly initialized, thus removing the need for guarding access to the
SevSnpKnownInitApicId field.
Fixes: dca5d26bc57e ("UefiCpuPkg/MpInitLib: Fix SNP AP creation when using known APIC IDs")
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Diffstat (limited to 'BaseTools/Source/Python')
0 files changed, 0 insertions, 0 deletions