|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen staging] x86/tboot: include all valid frame table entries in S3 integrity check
commit 8701f68d26afc641527c775d2e56a8709f535ffd
Author: Jan Beulich <jbeulich@xxxxxxxx>
AuthorDate: Mon May 31 12:45:51 2021 +0200
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Mon May 31 12:45:51 2021 +0200
x86/tboot: include all valid frame table entries in S3 integrity check
The difference of two pdx_to_page() return values is a number of pages,
not the number of bytes covered by the corresponding frame table entries.
Fixes: 3cb68d2b59ab ("tboot: fix S3 issue for Intel Trusted Execution
Technology.")
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
Reviewed-by: Lukasz Hawrylko <lukasz.hawrylko@xxxxxxxxxxxxxxx>
---
xen/arch/x86/tboot.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/xen/arch/x86/tboot.c b/xen/arch/x86/tboot.c
index aadcce591f..f394bd33b1 100644
--- a/xen/arch/x86/tboot.c
+++ b/xen/arch/x86/tboot.c
@@ -323,12 +323,12 @@ static void tboot_gen_frametable_integrity(const uint8_t
key[TB_KEY_SIZE],
if ( nidx >= max_idx )
break;
vmac_update((uint8_t *)pdx_to_page(sidx * PDX_GROUP_COUNT),
- pdx_to_page(eidx * PDX_GROUP_COUNT)
- - pdx_to_page(sidx * PDX_GROUP_COUNT), &ctx);
+ (eidx - sidx) * PDX_GROUP_COUNT * sizeof(*frame_table),
+ &ctx);
}
vmac_update((uint8_t *)pdx_to_page(sidx * PDX_GROUP_COUNT),
- pdx_to_page(max_pdx - 1) + 1
- - pdx_to_page(sidx * PDX_GROUP_COUNT), &ctx);
+ (max_pdx - sidx * PDX_GROUP_COUNT) * sizeof(*frame_table),
+ &ctx);
*mac = vmac(NULL, 0, nonce, NULL, &ctx);
--
generated by git-patchbot for /home/xen/git/xen.git#staging
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |