github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-06-19 20:22:46 +00:00
Code Issues Projects Releases Wiki Activity

hv[v3]: hide AP trampoline code from service VM

Browse Source 
AP trampoline code should be accessible
 to hypervisor only, this patch is to unmap
 this region from service VM's EPT.

[v2] update
 AP trampoline code is already removed from
 SOS E820, no need to remove it again.

[v3] update:
 update comments about the alignment of base
 address of AP trampoline buffer.

Tracked-On: #3993
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Li, Fei <fei1.li@intel.com>
This commit is contained in:
Yonghua Huang 2019-11-02 20:32:35 +08:00 committed by ACRN System Integration
parent 04f0753587
commit c09723bda9
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
hypervisor/arch/x86/guest/vm.c
View File

@ -25,6 +25,7 @@
#include <mmu.h>
#include <logmsg.h>
#include <vboot_info.h>
#include <vboot.h>
#include <board.h>
#include <sgx.h>
#include <sbuf.h>
@ -380,6 +381,14 @@ static void prepare_sos_vm_memmap(struct acrn_vm *vm)
ept_del_mr(vm, pml4_page, vm_config->memory.start_hpa, vm_config->memory.size);
}
}
/* unmap AP trampoline code for security
* 'allocate_pages()' in depri boot mode or
* 'e820_alloc_low_memory()' in direct boot
* mode will ensure the base address of tramploline
* code be page-aligned.
*/
ept_del_mr(vm, pml4_page, get_ap_trampoline_buf(), CONFIG_LOW_RAM_SIZE);
}
/* Add EPT mapping of EPC reource for the VM */