tboot no longer marks the TXT heap/SINIT/private config space as E820_UNUSABLE
in the e820 table, so Xen must explicitly disallow those regions from dom0.
Signed-off-by: Shane Wang <shane.wang@xxxxxxxxx>
Signed-off-by: Joseph Cihula <joseph.cihula@xxxxxxxxx>
diff -r 3d294dba4255 -r bde0fd053306 xen/arch/x86/domain_build.c
--- a/xen/arch/x86/domain_build.c Fri Jan 16 13:25:37 2009 -0800
+++ b/xen/arch/x86/domain_build.c Fri Jan 16 13:34:36 2009 -0800
@@ -29,6 +29,7 @@
#include <asm/paging.h>
#include <asm/p2m.h>
#include <asm/e820.h>
+#include <asm/tboot.h>
#include <public/version.h>
@@ -1038,6 +1039,20 @@ int __init construct_dom0(
rc |= iomem_deny_access(dom0, sfn, efn);
}
+ /* Remove access to TXT Heap/SINIT/Private Space. */
+ if ( tboot_in_measured_env() )
+ {
+ unsigned long sfn, efn;
+
+ for ( i = 0; i < ARRAY_SIZE(txt_protmem_range_starts); i++ )
+ {
+ sfn = paddr_to_pfn(txt_protmem_range_starts[i]);
+ efn = paddr_to_pfn(txt_protmem_range_ends[i]);
+ if ( sfn <= efn )
+ rc |= iomem_deny_access(dom0, sfn, efn);
+ }
+ }
+
BUG_ON(rc != 0);
return 0;
diff -r 3d294dba4255 -r bde0fd053306 xen/arch/x86/mm.c
--- a/xen/arch/x86/mm.c Fri Jan 16 13:25:37 2009 -0800
+++ b/xen/arch/x86/mm.c Fri Jan 16 13:34:36 2009 -0800
@@ -109,6 +109,7 @@
#include <asm/e820.h>
#include <asm/hypercall.h>
#include <asm/shared.h>
+#include <asm/tboot.h>
#include <public/memory.h>
#include <xsm/xsm.h>
#include <xen/trace.h>
@@ -216,7 +217,7 @@ void __init arch_init_memory(void)
{
extern void subarch_init_memory(void);
- unsigned long i, pfn, rstart_pfn, rend_pfn, iostart_pfn, ioend_pfn;
+ unsigned long i, pfn, rstart_pfn, rend_pfn, iostart_pfn, ioend_pfn, j;
/*
* Initialise our DOMID_XEN domain.
@@ -279,6 +280,19 @@ void __init arch_init_memory(void)
for ( ; pfn < rstart_pfn; pfn++ )
{
BUG_ON(!mfn_valid(pfn));
+ /* Ensure the TXT ranges are not marked as I/O since that memory */
+ /* can't be used in dom0. */
+ if ( tboot_in_measured_env() )
+ {
+ for ( j = 0; j < ARRAY_SIZE(txt_protmem_range_starts); j++ )
+ {
+ if ( (PFN_DOWN(txt_protmem_range_starts[j]) <= pfn)
+ && (pfn <= PFN_DOWN(txt_protmem_range_ends[j])) )
+ break;
+ }
+ if ( j != ARRAY_SIZE(txt_protmem_range_starts) )
+ continue;
+ }
share_xen_page_with_guest(
mfn_to_page(pfn), dom_io, XENSHARE_writable);
}
diff -r 3d294dba4255 -r bde0fd053306 xen/arch/x86/tboot.c
--- a/xen/arch/x86/tboot.c Fri Jan 16 13:25:37 2009 -0800
+++ b/xen/arch/x86/tboot.c Fri Jan 16 13:34:36 2009 -0800
@@ -15,12 +15,18 @@ string_param("tboot", opt_tboot);
/* Global pointer to shared data; NULL means no measured launch. */
tboot_shared_t *g_tboot_shared;
+/* TXT memory ranges which need to be protected from dom0 */
+uint64_t txt_protmem_range_starts[TXT_PROTMEM_RANGE_MAX];
+uint64_t txt_protmem_range_ends[TXT_PROTMEM_RANGE_MAX];
+
static const uuid_t tboot_shared_uuid = TBOOT_SHARED_UUID;
void __init tboot_probe(void)
{
tboot_shared_t *tboot_shared;
- unsigned long p_tboot_shared;
+ unsigned long p_tboot_shared, map_addr;
+ uint64_t base, size;
+ uint32_t map_base, map_size;
/* Look for valid page-aligned address for shared page. */
p_tboot_shared = simple_strtoul(opt_tboot, NULL, 0);
@@ -48,6 +54,34 @@ void __init tboot_probe(void)
printk(" tboot_base: 0x%08x\n", tboot_shared->tboot_base);
printk(" tboot_size: 0x%x\n", tboot_shared->tboot_size);
}
+
+ /* Get TXT heaps/SINIT/Private Space addresses. */
+ map_base = PFN_DOWN(TXT_PUB_CONFIG_REGS_BASE);
+ map_size = PFN_UP(NR_TXT_CONFIG_PAGES * PAGE_SIZE);
+
+ map_addr = (unsigned long)__va(map_base << PAGE_SHIFT);
+ if ( map_pages_to_xen(map_addr, map_base, map_size, __PAGE_HYPERVISOR) )
+ panic("Could not get TXT heaps/SINIT/Private Space addresses\n");
+
+ /* TXT Heap */
+ base = *(uint64_t *)__va(TXT_PUB_CONFIG_REGS_BASE + TXTCR_HEAP_BASE);
+ size = *(uint64_t *)__va(TXT_PUB_CONFIG_REGS_BASE + TXTCR_HEAP_SIZE);
+ txt_protmem_range_starts[0] = base;
+ txt_protmem_range_ends[0] = base + size - 1;
+
+ /* SINIT */
+ base = *(uint64_t *)__va(TXT_PUB_CONFIG_REGS_BASE + TXTCR_SINIT_BASE);
+ size = *(uint64_t *)__va(TXT_PUB_CONFIG_REGS_BASE + TXTCR_SINIT_SIZE);
+ txt_protmem_range_starts[1] = base;
+ txt_protmem_range_ends[1] = base + size - 1;
+
+ /* TXT Private Space */
+ txt_protmem_range_starts[2] = TXT_PRIV_CONFIG_REGS_BASE;
+ txt_protmem_range_ends[2] = TXT_PRIV_CONFIG_REGS_BASE
+ + NR_TXT_CONFIG_PAGES * PAGE_SIZE - 1;
+
+ destroy_xen_mappings((unsigned long)__va(map_base << PAGE_SHIFT),
+ (unsigned long)__va((map_base + map_size) <<
PAGE_SHIFT));
}
void tboot_shutdown(uint32_t shutdown_type)
diff -r 3d294dba4255 -r bde0fd053306 xen/include/asm-x86/tboot.h
--- a/xen/include/asm-x86/tboot.h Fri Jan 16 13:25:37 2009 -0800
+++ b/xen/include/asm-x86/tboot.h Fri Jan 16 13:34:36 2009 -0800
@@ -2,7 +2,7 @@
* tboot.h: shared data structure with MLE and kernel and functions
* used by kernel for runtime support
*
- * Copyright (c) 2006-2007, Intel Corporation
+ * Copyright (c) 2006-2009, Intel Corporation
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -90,6 +90,26 @@ void tboot_shutdown(uint32_t shutdown_ty
void tboot_shutdown(uint32_t shutdown_type);
int tboot_in_measured_env(void);
+/*
+ * TXT configuration registers (offsets from TXT_{PUB, PRIV}_CONFIG_REGS_BASE)
+ */
+
+#define TXT_PUB_CONFIG_REGS_BASE 0xfed30000
+#define TXT_PRIV_CONFIG_REGS_BASE 0xfed20000
+
+/* # pages for each config regs space - used by fixmap */
+#define NR_TXT_CONFIG_PAGES ((TXT_PUB_CONFIG_REGS_BASE - \
+ TXT_PRIV_CONFIG_REGS_BASE) >> \
+ PAGE_SHIFT)
+#define TXTCR_SINIT_BASE 0x0270
+#define TXTCR_SINIT_SIZE 0x0278
+#define TXTCR_HEAP_BASE 0x0300
+#define TXTCR_HEAP_SIZE 0x0308
+
+#define TXT_PROTMEM_RANGE_MAX 3
+extern uint64_t txt_protmem_range_starts[TXT_PROTMEM_RANGE_MAX];
+extern uint64_t txt_protmem_range_ends[TXT_PROTMEM_RANGE_MAX];
+
#endif /* __TBOOT_H__ */
/*
xen-txt-02-protect_txt_ranges.patch
Description: xen-txt-02-protect_txt_ranges.patch
_______________________________________________
Xense-devel mailing list
Xense-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xense-devel
|
Home