[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen master] x86/tboot: drop failed attempt to hash shadow page tables



commit f00ad745cfa774a269b28e88951b56b7001d4fe0
Author:     Jan Beulich <jbeulich@xxxxxxxx>
AuthorDate: Mon Dec 12 12:17:07 2022 +0100
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Mon Dec 12 12:17:07 2022 +0100

    x86/tboot: drop failed attempt to hash shadow page tables
    
    While plausible to do what was intended based on the name of the flag
    (PGC_page_table), that name was misleading and is going to be changed.
    It marks page tables pages _having_ a shadow, not shadows of page table
    pages. The attempt also didn't cover the HAP case at all, and it
    constituted a potentially very long loop doing nothing when
    !SHADOW_PAGING. Instead leave a comment of what actually wants doing
    there (which then also may need to account for e.g. the risk of A/D bits
    becoming set behind our backs).
    
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Jason Andryuk <jandryuk@xxxxxxxxx>
---
 xen/arch/x86/tboot.c | 26 +-------------------------
 1 file changed, 1 insertion(+), 25 deletions(-)

diff --git a/xen/arch/x86/tboot.c b/xen/arch/x86/tboot.c
index 03098450f7..569732cffe 100644
--- a/xen/arch/x86/tboot.c
+++ b/xen/arch/x86/tboot.c
@@ -177,29 +177,6 @@ static void update_iommu_mac(vmac_ctx_t *ctx, uint64_t 
pt_maddr, int level)
 #define is_page_in_use(page) \
     (page_state_is(page, inuse) || page_state_is(page, offlining))
 
-static void update_pagetable_mac(vmac_ctx_t *ctx)
-{
-    unsigned long mfn;
-
-    for ( mfn = 0; mfn < max_page; mfn++ )
-    {
-        struct page_info *page = mfn_to_page(_mfn(mfn));
-
-        if ( !mfn_valid(_mfn(mfn)) )
-            continue;
-        if ( is_page_in_use(page) && !is_special_page(page) )
-        {
-            if ( page->count_info & PGC_page_table )
-            {
-                void *pg = map_domain_page(_mfn(mfn));
-
-                vmac_update(pg, PAGE_SIZE, ctx);
-                unmap_domain_page(pg);
-            }
-        }
-    }
-}
- 
 static void tboot_gen_domain_integrity(const uint8_t key[TB_KEY_SIZE],
                                        vmac_t *mac)
 {
@@ -233,8 +210,7 @@ static void tboot_gen_domain_integrity(const uint8_t 
key[TB_KEY_SIZE],
         }
     }
 
-    /* MAC all shadow page tables */
-    update_pagetable_mac(&ctx);
+    /* TODO: MAC all shadow / HAP page tables */
 
     *mac = vmac(NULL, 0, nonce, NULL, &ctx);
 
--
generated by git-patchbot for /home/xen/git/xen.git#master



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.