hv:Unmap AP trampoline region from service VM's EPT

AP trampoline code should be accessible to hypervisor only, this patch is to unmap this region from service VM's EPT for security reason. Tracked-On: #3992 Signed-off-by: Yonghua Huang <yonghua.huang@intel.com> Reviewed-by: Fei Li <fei1.li@intel.com> Acked-by: Eddie Dong <eddie.dong@intel.com>
2025-07-04 02:56:52 +00:00 · 2019-11-02 20:32:35 +08:00 · 2019-11-02 20:32:35 +08:00 · 8227804b09
commit 8227804b09
parent d74497eb17
1 changed files with 9 additions and 0 deletions
--- a/hypervisor/arch/x86/guest/vm.c
+++ b/hypervisor/arch/x86/guest/vm.c
@ -25,6 +25,7 @@
 #include <mmu.h>
 #include <logmsg.h>
 #include <vboot_info.h>
+#include <vboot.h>
 #include <board.h>
 #include <sgx.h>
 #include <sbuf.h>
@ -380,6 +381,14 @@ static void prepare_sos_vm_memmap(struct acrn_vm *vm)
 			ept_del_mr(vm, pml4_page, vm_config->memory.start_hpa, vm_config->memory.size);
 		}
 	}
+
+	/* unmap AP trampoline code for security
+	 * 'allocate_pages()' in depri boot mode or
+	 * 'e820_alloc_low_memory()' in direct boot
+	 * mode will ensure the base address of tramploline
+	 * code be page-aligned.
+	 */
+	ept_del_mr(vm, pml4_page, get_ap_trampoline_buf(), CONFIG_LOW_RAM_SIZE);
 }

 /* Add EPT mapping of EPC reource for the VM */