tboot, xen: Update for Trusted Boot v20071128.

This patch updates the Xen to work with the latest version (20071128)
of Trusted Boot (tboot).  This version of tboot now resides at 16MB
(instead of the previous <1MB), in addition to several other
enhancements.  By residing at 16MB, this version of tboot will be
protected from access by dom0.

This patch allows Xen to correctly map the tboot shutdown code that it
must trampoline into for a clean shutdown (without this patch Xen will
fault on shutdown).  This patch will also work with the previous
version of tboot.

Signed-off-by: Joseph Cihula <joseph.cihula@intel.com>

diff --git a/Makefile b/Makefile
index 4e79a448141704613bef3cd4d596d06fbefe3217..696b7dadd6170302c54842ae916b70d6eb815a4a 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -211,7 +211,7 @@ linux26:
 # tboot targets
 #
 
-TBOOT_TARFILE = tboot-20071029.tar.gz
+TBOOT_TARFILE = tboot-20071128.tar.gz
 TBOOT_BASE_URL = http://downloads.sourceforge.net/tboot
 
 .PHONY: build-tboot
@@ -222,6 +222,10 @@ build-tboot: download_tboot
 install-tboot: download_tboot
        $(MAKE) -C tboot install
 
+.PHONY: dist-tboot
+dist-tboot: download_tboot
+       $(MAKE) DESTDIR=$(DISTDIR)/install -C tboot dist
+
 .PHONY: clean-tboot
 clean-tboot:
        [ ! -d tboot ] || $(MAKE) -C tboot clean

diff --git a/xen/arch/x86/tboot.c b/xen/arch/x86/tboot.c
index dbc9b8e407a83b7313325240eb2d2e8c6bdcef70..697ca9f4613a116e224aad3935136bdd17f79730 100644 (file)
--- a/xen/arch/x86/tboot.c
+++ b/xen/arch/x86/tboot.c
@@ -43,16 +43,43 @@ void __init tboot_probe(void)
     printk("  s3_tb_wakeup_entry: 0x%08x\n", tboot_shared->s3_tb_wakeup_entry);
     printk("  s3_k_wakeup_entry: 0x%08x\n", tboot_shared->s3_k_wakeup_entry);
     printk("  &acpi_sinfo: 0x%p\n", &tboot_shared->acpi_sinfo);
+    if ( tboot_shared->version >= 0x02 )
+    {
+        printk("  tboot_base: 0x%08x\n", tboot_shared->tboot_base);
+        printk("  tboot_size: 0x%x\n", tboot_shared->tboot_size);
+    }
 }
 
 void tboot_shutdown(uint32_t shutdown_type)
 {
+    uint32_t map_base, map_size;
+    int err;
+
     g_tboot_shared->shutdown_type = shutdown_type;
 
     local_irq_disable();
 
-    /* Create identity map for 0-640k to include tboot code. */
-    map_pages_to_xen(0, 0, PFN_UP(0xa0000), __PAGE_HYPERVISOR);
+    /* Create identity map for tboot shutdown code. */
+    if ( g_tboot_shared->version >= 0x02 )
+    {
+        map_base = PFN_DOWN(g_tboot_shared->tboot_base);
+        map_size = PFN_UP(g_tboot_shared->tboot_size);
+    }
+    else
+    {
+        map_base = 0;
+        map_size = PFN_UP(0xa0000);
+    }
+
+    err = map_pages_to_xen(map_base << PAGE_SHIFT, map_base, map_size,
+                           __PAGE_HYPERVISOR);
+    if ( err != 0 )
+    {
+        printk("error (0x%x) mapping tboot pages (mfns) @ 0x%x, 0x%x\n", err,
+               map_base, map_size);
+        return;
+    }
+
     write_ptbase(idle_vcpu[0]);
 
 #ifdef __x86_64__
@@ -68,3 +95,13 @@ int tboot_in_measured_env(void)
 {
     return (g_tboot_shared != NULL);
 }
+
+/*
+ * Local variables:
+ * mode: C
+ * c-set-style: "BSD"
+ * c-basic-offset: 4
+ * tab-width: 4
+ * indent-tabs-mode: nil
+ * End:
+ */

diff --git a/xen/include/asm-x86/tboot.h b/xen/include/asm-x86/tboot.h
index 3393b57aeda35e9d04a2529bf980ef55e23ee207..80c8c9068e167ab833e52595b11a656588d0625e 100644 (file)
--- a/xen/include/asm-x86/tboot.h
+++ b/xen/include/asm-x86/tboot.h
@@ -49,8 +49,9 @@ typedef struct __attribute__ ((__packed__)) {
 #define MAX_TB_ACPI_SINFO_SIZE   64
 
 typedef struct __attribute__ ((__packed__)) {
+    /* version 0x01+ fields: */
     uuid_t    uuid;              /* {663C8DFF-E8B3-4b82-AABF-19EA4D057A08} */
-    uint32_t  version;           /* 0x01 */
+    uint32_t  version;           /* Version number: 0x01, 0x02, ... */
     uint32_t  log_addr;          /* physical addr of tb_log_t log */
     uint32_t  shutdown_entry32;  /* entry point for tboot shutdown from 32b */
     uint32_t  shutdown_entry64;  /* entry point for tboot shutdown from 64b */
@@ -59,6 +60,9 @@ typedef struct __attribute__ ((__packed__)) {
     uint32_t  s3_k_wakeup_entry; /* entry point for xen s3 wake up */
     uint8_t   acpi_sinfo[MAX_TB_ACPI_SINFO_SIZE];
                                  /* where kernel put acpi sleep info in Sx */
+    /* version 0x02+ fields: */
+    uint32_t  tboot_base;        /* starting addr for tboot */
+    uint32_t  tboot_size;        /* size of tboot */
 } tboot_shared_t;
 
 #define TB_SHUTDOWN_REBOOT      0