Xen devel - Jan 2009 - [Xense-devel] [PATCH] txt: 6/6 - hypervisor integrity on S3

When launched from tboot, utilise tboot interface to provide integrity
protection to the hypervisor during S3

Signed-off-by: Joseph Cihula <joseph.cihula@intel.com>
ACKed-by: Shane Wang <shane.wang@intel.com>

diff -r bc2e19b70b3d -r 6b9033a1e376 xen/arch/x86/tboot.c
--- a/xen/arch/x86/tboot.c      Fri Jan 16 13:45:37 2009 -0800
+++ b/xen/arch/x86/tboot.c      Fri Jan 16 13:46:44 2009 -0800
@@ -99,6 +99,19 @@ void tboot_shutdown(uint32_t shutdown_ty

     local_irq_disable();

+    /* if this is S3 then set regions to MAC */
+    if ( shutdown_type == TB_SHUTDOWN_S3 ) {
+        g_tboot_shared->num_mac_regions = 2;
+        /* S3 resume code (and other real mode trampoline code) */
+        g_tboot_shared->mac_regions[0].start +           
(uint64_t)bootsym_phys(trampoline_start);
+        g_tboot_shared->mac_regions[0].end +           
(uint64_t)bootsym_phys(trampoline_end);
+        /* hypervisor code + data */
+        g_tboot_shared->mac_regions[1].start = (uint64_t)xen_phys_start;
+        g_tboot_shared->mac_regions[1].end = (uint64_t)xenheap_phys_end;
+    }
+
     /* Create identity map for tboot shutdown code. */
     map_base = PFN_DOWN(g_tboot_shared->tboot_base);
     map_size = PFN_UP(g_tboot_shared->tboot_size);
diff -r bc2e19b70b3d -r 6b9033a1e376 xen/include/asm-x86/tboot.h
--- a/xen/include/asm-x86/tboot.h       Fri Jan 16 13:45:37 2009 -0800
+++ b/xen/include/asm-x86/tboot.h       Fri Jan 16 13:46:44 2009 -0800
@@ -53,6 +53,12 @@ typedef struct __packed {

 /* used to communicate between tboot and the launched kernel (i.e. Xen) */

+#define MAX_TB_MAC_REGIONS      32
+typedef struct __packed {
+    uint64_t  start;
+    uint64_t  end;
+} tboot_mac_region_t;
+
 typedef struct acpi_generic_address tboot_acpi_generic_address_t;

 typedef struct __packed {
@@ -77,6 +83,9 @@ typedef struct __packed {
               acpi_sinfo;        /* where kernel put acpi sleep info in Sx */
     uint32_t  tboot_base;        /* starting addr for tboot */
     uint32_t  tboot_size;        /* size of tboot */
+    uint8_t   num_mac_regions;   /* number mem regions to MAC on S3 */
+                                 /* contig regions memory to MAC on S3 */
+    tboot_mac_region_t mac_regions[MAX_TB_MAC_REGIONS];
 } tboot_shared_t;

 #define TB_SHUTDOWN_REBOOT      0


_______________________________________________
Xense-devel mailing list
Xense-devel@lists.xensource.com
http://lists.xensource.com/xense-devel

On 20/01/2009 05:50, "Cihula, Joseph" <joseph.cihula@intel.com>
wrote:
> When launched from tboot, utilise tboot interface to provide integrity
> protection to the hypervisor during S3
> 
> Signed-off-by: Joseph Cihula <joseph.cihula@intel.com>
> ACKed-by: Shane Wang <shane.wang@intel.com>
> 
> +        g_tboot_shared->mac_regions[1].start =
(uint64_t)xen_phys_start;
> +        g_tboot_shared->mac_regions[1].end =
(uint64_t)xenheap_phys_end;
> +    }
Looks like the only place you use the xen_phys_start and xenheap_phys_end.
Of course xenheap_phys_* no longer even exist on x86/64. The best you can do
I think is [__pa(&_start), __pa(&_end)]. If you want to do better for
i386
(though frankly hardly anyone uses that build) then you can use
[xenheap_phys_start, xenheap_phys_end] and update xenheap_phys_start to
(1ul<<20) in setup.c. Please leave xen_phys_start alone and don''t
use it.

 -- Keir



_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel