# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1274269120 -3600
# Node ID aef767c15098a3b93cbeaf1486b061c386277d97
# Parent 95d531fe5ef4679c0a0b9f0851c5c442454d9462
intel_txt: to fix intel txt S3 resume failure since c/s 21108
This patch is to fix S3 resume failure with Intel TXT/tboot launched,
brought by c/s 21108. Don't printk anything between two
tboot_gen_xenheap_integrity() calls for release build or debug build.
Or else xen heap will be changed, which causes that memory integrity
will be lost on S3 resume.
Signed-off-by: Shane Wang <shane.wang@xxxxxxxxx>
xen-unstable changeset: 21403:102dca3f485b
xen-unstable date: Mon May 17 11:05:21 2010 +0100
---
xen/arch/x86/tboot.c | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
diff -r 95d531fe5ef4 -r aef767c15098 xen/arch/x86/tboot.c
--- a/xen/arch/x86/tboot.c Wed May 19 12:38:15 2010 +0100
+++ b/xen/arch/x86/tboot.c Wed May 19 12:38:40 2010 +0100
@@ -230,8 +230,6 @@ static void tboot_gen_domain_integrity(c
*mac = vmac(NULL, 0, nonce, NULL, &ctx);
- printk("MAC for domains is: 0x%08"PRIx64"\n", *mac);
-
/* wipe ctx to ensure key is not left in memory */
memset(&ctx, 0, sizeof(ctx));
}
@@ -294,8 +292,6 @@ static void tboot_gen_xenheap_integrity(
}
*mac = vmac(NULL, 0, nonce, NULL, &ctx);
- printk("MAC for xenheap is: 0x%08"PRIx64"\n", *mac);
-
/* wipe ctx to ensure key is not left in memory */
memset(&ctx, 0, sizeof(ctx));
}
@@ -324,8 +320,6 @@ static void tboot_gen_frametable_integri
- pdx_to_page(sidx * PDX_GROUP_COUNT), &ctx);
*mac = vmac(NULL, 0, nonce, NULL, &ctx);
-
- printk("MAC for frametable is: 0x%08"PRIx64"\n", *mac);
/* wipe ctx to ensure key is not left in memory */
memset(&ctx, 0, sizeof(ctx));
@@ -505,14 +499,20 @@ int tboot_s3_resume(void)
/* need to do these in reverse order of shutdown */
tboot_gen_xenheap_integrity(g_tboot_shared->s3_key, &mac);
+ printk("MAC for xenheap before S3 is: 0x%08"PRIx64"\n", xenheap_mac);
+ printk("MAC for xenheap after S3 is: 0x%08"PRIx64"\n", mac);
if ( mac != xenheap_mac )
return -1;
tboot_gen_frametable_integrity(g_tboot_shared->s3_key, &mac);
+ printk("MAC for frametable before S3 is: 0x%08"PRIx64"\n", frametable_mac);
+ printk("MAC for frametable after S3 is: 0x%08"PRIx64"\n", mac);
if ( mac != frametable_mac )
return -2;
tboot_gen_domain_integrity(g_tboot_shared->s3_key, &mac);
+ printk("MAC for domains before S3 is: 0x%08"PRIx64"\n", domain_mac);
+ printk("MAC for domains after S3 is: 0x%08"PRIx64"\n", mac);
if ( mac != domain_mac )
return -3;
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|