Skip to content

Fix migtd layout configuration #769

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
MichalTarnacki wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Fix migtd layout configuration #769

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions config/image_layout.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"Config": "0x0A0000",
"Mailbox": "0x001000",
"TempStack": "0x010000",
"TempHeap": "0x010000",
"Metadata": "0x001000",
"Payload": "0xEE6000",
"Ipl": "0x50000",
"ResetVector": "0x008000"
"Config": "0x40000",
"Mailbox": "0x1000",
"TempStack": "0x20000",
"TempHeap": "0x20000",
"Payload": "0xC2D000",
"Metadata": "0x1000",
"Ipl": "0x349000",
"ResetVector": "0x8000"
}
42 changes: 17 additions & 25 deletions config/metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,59 +1,51 @@
{
"Sections": [
{
"DataOffset": "0xFA7000",
"RawDataSize": "0x59000",
"MemoryAddress": "0xFFFA7000",
"MemoryDataSize": "0x59000",
"DataOffset": "0x81000",
"RawDataSize": "0xF7F000",
"MemoryAddress": "0xFF081000",
"MemoryDataSize": "0xF7F000",
"Type": "BFV",
"Attributes": "0x1"
},
{
"DataOffset": "0xC1000",
"RawDataSize": "0xEE6000",
"MemoryAddress": "0xFF0C1000",
"MemoryDataSize": "0xEE6000",
"Type": "Payload",
"Attributes": "0x1"
},
{
"DataOffset": "0x0",
"RawDataSize": "0xA0000",
"RawDataSize": "0x40000",
"MemoryAddress": "0xFF000000",
"MemoryDataSize": "0xA0000",
"MemoryDataSize": "0x40000",
"Type": "CFV",
"Attributes": "0x0"
},
{
"DataOffset": "0x0",
"RawDataSize": "0x0",
"MemoryAddress": "0xFF0A1000",
"MemoryDataSize": "0x10000",
"MemoryAddress": "0x7C0000",
"MemoryDataSize": "0x20000",
"Type": "TempMem",
"Attributes": "0x0"
},
{
"DataOffset": "0x0",
"RawDataSize": "0x0",
"MemoryAddress": "0xFF0B1000",
"MemoryDataSize": "0x10000",
"MemoryAddress": "0x7A0000",
"MemoryDataSize": "0x20000",
"Type": "TempMem",
"Attributes": "0x0"
},
{
"DataOffset": "0x0",
"RawDataSize": "0x0",
"MemoryAddress": "0x0",
"MemoryDataSize": "0x2000000",
"Type": "PermMem",
"Attributes": "0x2"
"MemoryAddress": "0x7FE000",
"MemoryDataSize": "0x1000",
"Type": "TempMem",
"Attributes": "0x0"
},
{
"DataOffset": "0x0",
"RawDataSize": "0x0",
"MemoryAddress": "0xFF0A0000",
"MemoryDataSize": "0x1000",
"Type": "TempMem",
"MemoryAddress": "0x800000",
"MemoryDataSize": "0x20000",
"Type": "TD_HOB",
"Attributes": "0x0"
}
]
Expand Down
13 changes: 13 additions & 0 deletions sh_script/build_final.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,18 @@ function populate_layout() {
popd
}

function apply_image_layout() {
pushd ${PROJECT_DIR:-.}/deps/td-shim/devtools/td-layout-config
cargo run -- -t image ../../../../config/image_layout.json -o ../../td-layout/src/build_time.rs
popd
# Relocate TempMem BASE addresses from the firmware range (0xFF0x0000) into
# the Bootloader guest RAM region so QEMU tdx_accept_ram_range() can find them.
local build_time=${PROJECT_DIR:-.}/deps/td-shim/td-layout/src/build_time.rs
sed -i 's/pub const TD_SHIM_MAILBOX_BASE: u32 = 0xFF040000;/pub const TD_SHIM_MAILBOX_BASE: u32 = 0x7FE000;/' "${build_time}"
sed -i 's/pub const TD_SHIM_TEMP_STACK_BASE: u32 = 0xFF041000;/pub const TD_SHIM_TEMP_STACK_BASE: u32 = 0x7C0000;/' "${build_time}"
sed -i 's/pub const TD_SHIM_TEMP_HEAP_BASE: u32 = 0xFF061000;/pub const TD_SHIM_TEMP_HEAP_BASE: u32 = 0x7A0000;/' "${build_time}"
}

# Required by `td-shim-tools` but cannot be set when compiling attestation library
# TODO: Move to `xtask`
function set_cc() {
Expand Down Expand Up @@ -329,6 +341,7 @@ function enroll() {
./sh_script/preparation.sh

populate_layout
apply_image_layout

proccess_args $@

Expand Down
20 changes: 20 additions & 0 deletions xtask/src/build.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,6 +207,26 @@ impl BuildArgs {
}

cmd.run()?;

// Relocate TempMem BASE addresses from the firmware range into
// guest RAM so QEMU tdx_accept_ram_range() can accept them.
let build_time_path = SHIM_FOLDER.join("td-layout/src/build_time.rs");
let content = fs::read_to_string(&build_time_path)?;
let content = content
.replace(
"pub const TD_SHIM_MAILBOX_BASE: u32 = 0xFF040000;",
"pub const TD_SHIM_MAILBOX_BASE: u32 = 0x7FE000;",
)
.replace(
"pub const TD_SHIM_TEMP_STACK_BASE: u32 = 0xFF041000;",
"pub const TD_SHIM_TEMP_STACK_BASE: u32 = 0x7C0000;",
)
.replace(
"pub const TD_SHIM_TEMP_HEAP_BASE: u32 = 0xFF061000;",
"pub const TD_SHIM_TEMP_HEAP_BASE: u32 = 0x7A0000;",
);
fs::write(&build_time_path, content)?;

Ok(())
}

Expand Down