[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 1/5] x86/tboot: drop failed attempt to hash shadow page tables

  • To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Tue, 6 Dec 2022 14:53:18 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=RJ9MikagtSu0p0ylnNCQKQnatGD4lZkmVnVsnHpUchQ=; b=dBhp9OxWY85ifQn4uoSdw0/1WDvLfaKmxpEJAYg9Q+rO3izV2Tlpn9wh3yHOqgXTMJDlBDOO0ZLWQbeKiAKdYhjq0cjmGqfdE1t0RV7WFglVliweK7Mt7+0rftAM85NjqEbyMeLE6wQwLf97lq//6QOr90OM28V1eKOYs4TdwHeH/wEIrTypWa1X6BdtmkGRAm1JFOgTyUulBN2ApL2E8TrFWAxfJuB88a9JirKowiJS6Nst9uzGSGIHBJcBQ2jZ/nnde/e81uL5xSmxeRNqMcMwEBMzj/Abq8/XiIFcrKEaY4ZgneFPhr1a9qEpO3RZIEspubzO+NKu3EGgHi+pRw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YlhwWD2Xjv1f9wf5oMlKDKGvS2O82vBvJMMHNC4Bqh7E02qyr+6ogqfpndaNa+vVhorjvJgdPgDu/89tbRSicq63zVRHdGP9E80GfS8JCXP4/+uLouT8sj1YOF2BEdY3x+kFw7hWkfIxONHJd5uQ0ybTpq1ZrQwiJYYlBF2HqaxdfKhywsrxYKGMy0nF06G0rEuoScyX6tSap3S0DMkbKQs2BE+6m45qT/Z6M9Mcpz/E+gaRwjyor6ovn1Opz+0+VNPG+n9RLJiLEGPbUQNKYxtP935Miho7r/jLhotbIkNMRTjypOuiaBH48X5RuUALGT+Gukn71W8G1G376J/sNg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>
  • Delivery-date: Tue, 06 Dec 2022 13:53:28 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
While plausible to do what was intended based on the name of the flag
(PGC_page_table), that name was misleading and is going to be changed.
It marks page tables pages _having_ a shadow, not shadows of page table
pages. The attempt also didn't cover the HAP case at all, and it
constituted a potentially very long loop doing nothing when
!SHADOW_PAGING. Instead leave a comment of what actually wants doing
there (which then also may need to account for e.g. the risk of A/D bits
becoming set behind our backs).

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

--- a/xen/arch/x86/tboot.c
+++ b/xen/arch/x86/tboot.c
@@ -177,29 +177,6 @@ static void update_iommu_mac(vmac_ctx_t
 #define is_page_in_use(page) \
     (page_state_is(page, inuse) || page_state_is(page, offlining))
 
-static void update_pagetable_mac(vmac_ctx_t *ctx)
-{
-    unsigned long mfn;
-
-    for ( mfn = 0; mfn < max_page; mfn++ )
-    {
-        struct page_info *page = mfn_to_page(_mfn(mfn));
-
-        if ( !mfn_valid(_mfn(mfn)) )
-            continue;
-        if ( is_page_in_use(page) && !is_special_page(page) )
-        {
-            if ( page->count_info & PGC_page_table )
-            {
-                void *pg = map_domain_page(_mfn(mfn));
-
-                vmac_update(pg, PAGE_SIZE, ctx);
-                unmap_domain_page(pg);
-            }
-        }
-    }
-}
- 
 static void tboot_gen_domain_integrity(const uint8_t key[TB_KEY_SIZE],
                                        vmac_t *mac)
 {
@@ -233,8 +210,7 @@ static void tboot_gen_domain_integrity(c
         }
     }
 
-    /* MAC all shadow page tables */
-    update_pagetable_mac(&ctx);
+    /* TODO: MAC all shadow / HAP page tables */
 
     *mac = vmac(NULL, 0, nonce, NULL, &ctx);

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.