github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-09-23 17:58:30 +00:00
Code Issues Projects Releases Wiki Activity

HV: trusty: refine secure_world_control

Browse Source 
Define Bitmap flag to indicate secure world's state:
    supported: 0(not supported), 1(supported)
    active:    0(inactive), 1(active)

Refine secure_world_memory:
    base_gpa_in_sos: base_gpa from SOS's view
    base_gpa_in_uos: base_gpa from UOS's view, this is the original base_gpa
                     allocated by bootloader.
    Recording above GPA is for usage of trusty EPT destroy and re-create.
    There is an assumption: the secure world's memory address is contiguous
    in both SOS and physical side.

Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This commit is contained in:
Qi Yadong
2018-05-25 09:30:37 +08:00
committed by lijinxia
parent ff96453993
commit b5b769f45a
9 changed files with 37 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
hypervisor/common/hypercall.c
View File

@@ -181,7 +181,7 @@ int32_t hcall_create_vm(struct vm *vm, uint64_t param)
}
(void)memset(&vm_desc, 0U, sizeof(vm_desc));
vm_desc.sworld_enabled =
vm_desc.sworld_supported =
((cv.vm_flag & (SECURE_WORLD_ENABLED)) != 0U);
(void)memcpy_s(&vm_desc.GUID[0], 16U, &cv.GUID[0], 16U);
ret = create_vm(&vm_desc, &target_vm);

18
hypervisor/common/trusty_hypercall.c
View File

@@ -20,13 +20,13 @@ int32_t hcall_world_switch(struct vcpu *vcpu)
return -EINVAL;
}
if (!vcpu->vm->sworld_control.sworld_enabled) {
pr_err("%s, Secure World is not enabled!\n", __func__);
if (!vcpu->vm->sworld_control.flag.supported) {
pr_err("Secure World is not supported!\n");
return -EPERM;
}
if (vcpu->vm->arch_vm.sworld_eptp == NULL) {
pr_err("%s, Trusty is not initialized!\n", __func__);
if (!vcpu->vm->sworld_control.flag.active) {
pr_err("Trusty is not initialized!\n");
return -EPERM;
}
@@ -39,13 +39,13 @@ int32_t hcall_world_switch(struct vcpu *vcpu)
*/
int32_t hcall_initialize_trusty(struct vcpu *vcpu, uint64_t param)
{
if (!vcpu->vm->sworld_control.sworld_enabled) {
pr_err("%s, Secure World is not enabled!\n", __func__);
if (!vcpu->vm->sworld_control.flag.supported) {
pr_err("Secure World is not supported!\n");
return -EPERM;
}
if (vcpu->vm->arch_vm.sworld_eptp != NULL) {
pr_err("%s, Trusty already initialized!\n", __func__);
if (vcpu->vm->sworld_control.flag.active) {
pr_err("Trusty already initialized!\n");
return -EPERM;
}
@@ -59,5 +59,7 @@ int32_t hcall_initialize_trusty(struct vcpu *vcpu, uint64_t param)
return -ENODEV;
}
vcpu->vm->sworld_control.flag.active = 1UL;
return 0;
}