Here is the real patch 2/2.
Patch [2/2]
Signed-off-by: Charles Fisher <charles.fis...@gdc4s.com
There are a couple of problems that occur with tboot. The first is on
some Dell
laptops, it is necessary to disable the legacy usb interrupts. This
patch
provides a mechanism to enable a developer to do so.
The second problem is that in certain circumstances, data owners
consider the
contents of memory to be sensitive. In these cases, they require that
the e820
map be scrubbed. The other portion of this patch provides a capability
to do
that scrub.
Both options are invoked via the command line, and both default to the
current
behavior - i.e. don't disable the usb interrupts, and don't scrub the
memory.
+bool get_scrub_e820(void)
+{
+ const char *clean_map = get_option_val(g_tboot_cmdline_options,
+ g_tboot_param_values,
"scrub_e820");
+ if ( clean_map == NULL || ( strcmp(clean_map, "true") != 0 ))
+ return false;
+ return true;
+}
+
bool get_tboot_prefer_da(void)
{
const char *value = get_option_val(g_tboot_cmdline_options,
diff -up tboot-1.7.2/tboot/common/e820.c.orig
tboot-1.7.2/tboot/common/e820.c
--- tboot-1.7.2/tboot/common/e820.c.orig 2012-10-09 14:27:01.578660000
-0700
+++ tboot-1.7.2/tboot/common/e820.c 2012-10-09 14:28:48.030072000 -0700
@@ -36,10 +36,14 @@
#include <config.h>
#include <types.h>
#include <stdbool.h>
+#include <compiler.h>
+#include <string.h>
#include <printk.h>
+#include <processor.h>
#include <cmdline.h>
#include <multiboot.h>
#include <stdarg.h>
+#include <paging.h>
#include <misc.h>
#include <pci_cfgreg.h>
#include <e820.h>
@@ -553,6 +557,118 @@ bool e820_reserve_ram(uint64_t base, uin
return true;
}
+/* Define the virtual address page used to scrub memory */
+/* tboot data is in page 0 of virtual and physical memory */
+/* tboot code is on page 4 of virtual an physical memory */
+/* These are the only pages that can't be used. */
+/* Define a page that provides a little distance from these */
+/* ALL usable memory is erased by calling memset with */
+/* the same virtual address. The virtual address is mapped */
+/* to the proper physical address prior calling memset */
+/* Page 8 is used for this version */
+/* This page is virtual address space 0x01000000 */
+/* With this address, the address space being erased is */
+/* always in the range 0x01000000 - 0x011FFFFF */
+#define SCRUB_VIRUTAL_ADDRESS 0x01000000
+#define SCRUB_BLOCK_SIZE (1 << TB_L1_PAGETABLE_SHIFT)
+#define SCRUB_BLOCK_OFFSET (SCRUB_BLOCK_SIZE - 1)
+
+/*
+ * e820_scrub_usable
+ *
+ * Scrub all e820 memory marked as usable.
+ *
+ */
+void e820_scrub_usable(void)
+{
+ printk("scrubbing memory\n");
+
+ /* Enable paging */
+ enable_paging();
+
+ /* Iterate the e820 map */
+ for ( unsigned int i = 0; i < g_nr_map; i++ ) {
+ /* Get the block start and length */
+ memory_map_t *entry = &g_copy_e820_map[i];
+ uint64_t block_start = e820_base_64(entry);
+ uint64_t block_length = e820_length_64(entry);
+
+ /* Is block a usable block? */
+ if(entry->type == E820_RAM) {
+ /* Erase the block */
+ printk("%016Lx - %016Lx\n",
+ (unsigned long long)block_start,
+ (unsigned long long)(block_start + block_length));
+
+ /* Loop over block by physical 'page' */
+ while(block_length > 0) {
+ /*
+ *
+ * Map the physical address at block_start to
+ * virtual address SCRUB_VIRUTAL_ADDRESS
+ * Since the physical address is specified as a page
+ * the block does not need to start on a page boundary.
+ *
+ */
+ map_pages_to_tboot(
+ SCRUB_VIRUTAL_ADDRESS,
+ block_start>>TB_L1_PAGETABLE_SHIFT,
+ 1);
+
+ /*
+ *
+ * If block_start is not on a page boundary,
+ * erase the block from the offset to the end of page.
+ *
+ */
+ uint32_t scrub_block_offset = block_start &
SCRUB_BLOCK_OFFSET;
+
+ /*
+ *
+ * The starting virtual address is the
+ * SCRUB_VIRUTAL_ADDRESS plus any offset
+ *
+ */
+ uint32_t scrub_block_virtual_address =
+ SCRUB_VIRUTAL_ADDRESS + scrub_block_offset;
+
+ /*
+ *
+ * Determine the block size.
+ * The block size is from the start address to the
+ * end of the page or block.
+ *
+ */
+ uint32_t scrub_block_length =
+ SCRUB_BLOCK_SIZE - scrub_block_offset;
+ if(scrub_block_length > block_length)
+ scrub_block_length = block_length;
+
+ /*
+ *
+ * The page is mapped.
+ * The starting virual address and length have been
computed.
+ * Ready to erase.
+ *
+ */
+ memset(
+ (void*)scrub_block_virtual_address,
+ 0,
+ scrub_block_length);
+
+ /* Advance to the next page */
+ block_length -= scrub_block_length;
+ block_start += scrub_block_length;
+
+ }
+ }
+ }
+
+ disable_paging();
+ wbinvd();
+ printk("complete\n");
+}
+
void print_e820_map(void)
{
print_map(g_copy_e820_map, g_nr_map);
diff -up tboot-1.7.2/tboot/common/tboot.c.orig
tboot-1.7.2/tboot/common/tboot.c
--- tboot-1.7.2/tboot/common/tboot.c.orig 2012-10-09 14:26:33.211480000
-0700
+++ tboot-1.7.2/tboot/common/tboot.c 2012-10-09 14:28:59.726554000
-0700
@@ -207,6 +207,14 @@ static void post_launch(void)
if ( !e820_protect_region(base, size, E820_RESERVED) )
apply_policy(TB_ERR_FATAL);
}
+
+ /* protect the e820 map */
+ base = TBOOT_E820_COPY_ADDR;
+ size = TBOOT_E820_COPY_SIZE;
+ printk("reserving tboot e820 memory map (%Lx - %Lx) in e820
table\n", base,
+ (base + size - 1));
+ if ( !e820_protect_region(base, size, E820_RESERVED) )
+ apply_policy(TB_ERR_FATAL);
/* replace map in mbi with copy */
replace_e820_map(g_mbi);
@@ -346,6 +354,10 @@ void begin_launch(multiboot_info_t *mbi)
/* make the CPU ready for measured launch */
if ( !prepare_cpu() )
apply_policy(TB_ERR_FATAL);
+
+ /* disable legacy USB #SMIs */
+ if (get_tboot_no_usb())
+ disable_smis();
/* do s3 launch directly, if is a s3 resume */
if ( s3_flag ) {
@@ -525,8 +537,9 @@ void shutdown(void)
tpm_save_state(2);
/* scrub any secrets by clearing their memory, then flush cache
*/
- /* we don't have any secrets to scrub, however */
- ;
+ /* scrub memory if requested on the command line */
+ if (get_scrub_e820())
+ e820_scrub_usable();
/* in mwait "mode", APs will be in MONITOR/MWAIT and can be
left there */
if ( !use_mwait() ) {
[diff -up tboot-1.7.2/tboot/include/cmdline.h.orig
tboot-1.7.2/tboot/include/cmdline.h
--- tboot-1.7.2/tboot/include/cmdline.h.orig 2012-10-09
14:25:28.155780000 -0700
+++ tboot-1.7.2/tboot/include/cmdline.h 2012-10-09 14:28:59.728551000
-0700
@@ -47,6 +47,8 @@ extern bool get_tboot_serial(void);
extern void get_tboot_baud(void);
extern void get_tboot_fmt(void);
extern void get_tboot_vga_delay(void);
+extern bool get_tboot_no_usb(void);
+extern bool get_scrub_e820(void);
extern bool get_tboot_mwait(void);
extern bool get_tboot_prefer_da(void);
extern void get_tboot_min_ram(void);
diff -up tboot-1.7.2/tboot/include/e820.h.orig
tboot-1.7.2/tboot/include/e820.h
--- tboot-1.7.2/tboot/include/e820.h.orig 2012-10-09 14:26:00.123106000
-0700
+++ tboot-1.7.2/tboot/include/e820.h 2012-10-09 14:28:48.055068000
-0700
@@ -70,6 +70,7 @@ typedef struct __packed {
extern bool copy_e820_map(const multiboot_info_t *mbi);
extern bool e820_protect_region(uint64_t addr, uint64_t size, uint32_t
type);
+extern void e820_scrub_usable(void);
extern bool e820_reserve_ram(uint64_t base, uint64_t length);
extern void print_e820_map(void);
extern void replace_e820_map(multiboot_info_t *mbi);
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
