add data structure in vm for enable trusty feature

add key info structure add sworld_eptp in vm structure, and rename ept->nworld_eptp add secure world control structure Change-Id: Tracked-On:220921 Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
2025-09-22 09:17:58 +00:00 · 2018-03-05 15:09:30 +08:00
parent b4580d69b8
commit 78649c4a52
9 changed files with 166 additions and 19 deletions
--- a/arch/x86/ept.c
+++ b/arch/x86/ept.c
@@ -134,7 +134,7 @@ void free_ept_mem(void *pml4_addr)

 void destroy_ept(struct vm *vm)
 {
-	free_ept_mem(vm->arch_vm.ept);
+	free_ept_mem(vm->arch_vm.nworld_eptp);
 	free_ept_mem(vm->arch_vm.m2p);
 }

@@ -147,7 +147,7 @@ uint64_t gpa2hpa_check(struct vm *vm, uint64_t gpa,
 	struct map_params map_params;

 	map_params.page_table_type = PT_EPT;
-	map_params.pml4_base = vm->arch_vm.ept;
+	map_params.pml4_base = vm->arch_vm.nworld_eptp;
 	map_params.pml4_inverted = vm->arch_vm.m2p;
 	obtain_last_page_table_entry(&map_params, &entry,
 			(void *)gpa, true);
@@ -186,7 +186,7 @@ uint64_t hpa2gpa(struct vm *vm, uint64_t hpa)
 	struct map_params map_params;

 	map_params.page_table_type = PT_EPT;
-	map_params.pml4_base = vm->arch_vm.ept;
+	map_params.pml4_base = vm->arch_vm.nworld_eptp;
 	map_params.pml4_inverted = vm->arch_vm.m2p;

 	obtain_last_page_table_entry(&map_params, &entry,
@@ -536,13 +536,13 @@ int ept_mmap(struct vm *vm, uint64_t hpa,

 	/* Setup memory map parameters */
 	map_params.page_table_type = PT_EPT;
-	if (vm->arch_vm.ept) {
-		map_params.pml4_base = vm->arch_vm.ept;
+	if (vm->arch_vm.nworld_eptp) {
+		map_params.pml4_base = vm->arch_vm.nworld_eptp;
 		map_params.pml4_inverted = vm->arch_vm.m2p;
 	} else {
 		map_params.pml4_base =
 			alloc_paging_struct();
-		vm->arch_vm.ept = map_params.pml4_base;
+		vm->arch_vm.nworld_eptp = map_params.pml4_base;
 		map_params.pml4_inverted = alloc_paging_struct();
 		vm->arch_vm.m2p = map_params.pml4_inverted;
 	}
--- a/arch/x86/guest/vm.c
+++ b/arch/x86/guest/vm.c
@@ -132,8 +132,8 @@ int create_vm(struct vm_description *vm_desc, struct vm **rtn_vm)
 #endif
 		} else {
 			/* populate UOS vm fields according to vm_desc */
-			vm->secure_world_enabled =
-				vm_desc->secure_world_enabled;
+			vm->sworld_control.sworld_enabled =
+				vm_desc->sworld_enabled;
 			memcpy_s(&vm->GUID[0], sizeof(vm->GUID),
 						&vm_desc->GUID[0],
 						sizeof(vm_desc->GUID));
--- a/arch/x86/mmu.c
+++ b/arch/x86/mmu.c
@@ -137,7 +137,8 @@ void mmu_invept(struct vcpu *vcpu)
 	struct invept_desc desc = {0};

 	if (check_invept_single_support()) {
-		desc.eptp = (uint64_t) vcpu->vm->arch_vm.ept | (3 << 3) | 6;
+		desc.eptp = (uint64_t) vcpu->vm->arch_vm.nworld_eptp
+			| (3 << 3) | 6;
 		_invept(INVEPT_TYPE_SINGLE_CONTEXT, desc);
 	} else if (check_invept_global_support())
 		_invept(INVEPT_TYPE_ALL_CONTEXTS, desc);
--- a/arch/x86/vmx.c
+++ b/arch/x86/vmx.c
@@ -983,7 +983,7 @@ static void init_exec_ctrl(struct vcpu *vcpu)
 	 * TODO: introduce API to make this data driven based
 	 * on VMX_EPT_VPID_CAP
 	 */
-	value64 = ((uint64_t) vm->arch_vm.ept) | (3 << 3) | 6;
+	value64 = ((uint64_t) vm->arch_vm.nworld_eptp) | (3 << 3) | 6;
 	exec_vmwrite64(VMX_EPT_POINTER_FULL, value64);
 	pr_dbg("VMX_EPT_POINTER: 0x%016llx ", value64);