From a4be10f375bb53bb0a9768fbaabe3e524e3fa72e Mon Sep 17 00:00:00 2001 From: "Li, Fei1" Date: Sat, 3 Nov 2018 22:51:36 +0800 Subject: [PATCH] hv: mmu: unmap the trusty EPT when destroy_secure_world Unmap the trusty EPT mapping when destroy_secure_world. The reason is now the normal world and trusty will share the PD and PT page. Before we add the mapping for each world, we should unmap it from another world. Besides, fix a minor bug for condition priority. Tracked-On: #861 Signed-off-by: Li, Fei1 --- hypervisor/arch/x86/mmu.c | 2 +- hypervisor/arch/x86/trusty.c | 8 +++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/hypervisor/arch/x86/mmu.c b/hypervisor/arch/x86/mmu.c index 6c86e2a39..250252e5b 100644 --- a/hypervisor/arch/x86/mmu.c +++ b/hypervisor/arch/x86/mmu.c @@ -280,7 +280,7 @@ void init_paging(void) */ hv_hpa = get_hv_image_base(); mmu_modify_or_del((uint64_t *)ppt_mmu_pml4_addr, hv_hpa & PDE_MASK, - CONFIG_HV_RAM_SIZE + ((hv_hpa & (PDE_SIZE - 1UL)) != 0UL) ? PDE_SIZE : 0UL, + CONFIG_HV_RAM_SIZE + (((hv_hpa & (PDE_SIZE - 1UL)) != 0UL) ? PDE_SIZE : 0UL), PAGE_CACHE_WB, PAGE_CACHE_MASK | PAGE_USER, &ppt_mem_ops, MR_MODIFY); diff --git a/hypervisor/arch/x86/trusty.c b/hypervisor/arch/x86/trusty.c index d74d332bd..afce5cb6f 100644 --- a/hypervisor/arch/x86/trusty.c +++ b/hypervisor/arch/x86/trusty.c @@ -166,6 +166,11 @@ void destroy_secure_world(struct vm *vm, bool need_clr_mem) (void)memset(hpa2hva(hpa), 0U, size); } + ept_mr_del(vm, vm->arch_vm.sworld_eptp, gpa_uos, size); + /* sanitize trusty ept page-structures */ + sanitize_pte((uint64_t *)vm->arch_vm.sworld_eptp); + vm->arch_vm.sworld_eptp = NULL; + /* restore memory to SOS ept mapping */ ept_mr_add(vm0, vm0->arch_vm.nworld_eptp, hpa, gpa_sos, size, EPT_RWX | EPT_WB); @@ -174,9 +179,6 @@ void destroy_secure_world(struct vm *vm, bool need_clr_mem) ept_mr_add(vm, vm->arch_vm.nworld_eptp, hpa, gpa_uos, size, EPT_RWX | EPT_WB); - /* sanitize trusty ept page-structures */ - sanitize_pte((uint64_t *)vm->arch_vm.sworld_eptp); - vm->arch_vm.sworld_eptp = NULL; } static void save_world_ctx(struct vcpu *vcpu, struct ext_context *ext_ctx)