grub-core/loader/i386/txt/txt.c: Use MAXPHYADDR in MTRR masks#23
grub-core/loader/i386/txt/txt.c: Use MAXPHYADDR in MTRR masks#23miczyg1 wants to merge 2 commits intointel-txt-aem-2.06from
Conversation
|
This shouldn't make a difference with current Xen implementation, in https://github.com/TrenchBoot/xen/blob/aem-4.17.4/xen/arch/x86/boot/head.S#L131 36-bit is selected, and according to Table 5. Truth Table of SINIT / MLE functionality of TXT SDG (Revision 017.4) it takes precedence. To make it work, we should also set this bit in Xen, but currently there are too many branches that would require this change. |
krystian-hebel
changed the base branch from
intel-txt-aem-2.06-rebased
to
intel-txt-aem-2.06
Yes, but then you end up with mixed MTRRs masks on a core. Some of them have MAXPHYADDR masks and some of them have 36bit masks... That's what I observed on VP6670 |
Based on Intel TXT MLE Developer Guide revision 017.4 Table 4 the SINIT capabilities bit 8 indicates whether fixed 36bit masks or MAXPHYADDR masks are to be used in MTRR calculations. Failing to adhere to it may lead to creation of potentially disjoint WB cache ranges and violation of CRAM protections - according to the document. Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
CBnT requires the auth PCR usage and no legacy PCR usage as per TXT MLE Software Development Guide revision 017.4. Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
miczyg1
force-pushed
the
intel-txt-aem-mtrr-mask-fix
branch
from
5451a39 to
90ce968
Compare
2 participants
Based on Intel TXT MLE Developer Guide revision 017.4 Table 4 the SINIT capabilities bit 8 indicates whether fixed 36bit masks or MAXPHYADDR masks are to be used in MTRR calculations. Failing to adhere to it may lead to creation of potentially disjoint WB cache ranges and violation of CRAM protections - according to the document.