forked from uberspark/uberxmhf
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
ecf6006
commit 669ffe4
Showing
1,560 changed files
with
1,136 additions
and
61,853 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,156 +1,73 @@ | ||
| # uber eXtensible Micro-Hypervisor Framework (uberXMHF) | ||
|
|
||
| ## Changelog | ||
|
|
||
| * Version 6.1.0 | ||
|
|
||
| * Features | ||
| * uxmhf: add support for Intel 1st generation core CPU (HP 2540p laptop platform) | ||
|
|
||
| * Documentation | ||
| * uxmhf: revise documentation to clarify OS and boot-loader support | ||
| * uxmhf: clarify documentation on required OS kernel command line parameters and module blacklistings | ||
|
|
||
|
|
||
| * Version 6.0.0 | ||
|
|
||
| * Features | ||
| * uxmhf: add new üapp uhcalltest for testing hypercalls; add corresponding rich guest app for linux | ||
| * uxmhf: add configure option --with-debug-serial-maxcpus to specify platform cores while in debugging mode | ||
| * uxmhf: add support for non linear CPU id mappings setup by some BIOSes | ||
| * uxmhf-rpi3: add support for receive functionality (getc) within uart.h | ||
| * uxmhf-rpi3: add PL011 full UART uart_getc implementation | ||
| * uxmhf-rpi3: add support for PL011 full UART hardware flow control functionality | ||
| * uxmhf-rpi3: add support for mailboxes | ||
| * uxmhf-rpi3: add support for PL011 full UART based debugging | ||
| * uxmhf-rpi3/uapps: add new uberapp (stateDB) to track state entries updates (bounded by a max. value) via in-memory database. | ||
| * uxmhf-rpi3/uapps: add uapp-pvdriver-uart, a para-virtualized guest OS UART driver backend | ||
| * uxmhf-rpi3/uapps: add uapp-uagent, an uberapp that takes an input buffer and returns the encrypt/decrypt of the data based upon an AES secret key. | ||
| * uxmhf-rpi3/uapps: add new uapp (uhsign) for protected HMAC calculation | ||
| * uxmhf-rpi3/uapps: switch to using sha256 within uapp-uhsign | ||
| * uxmhf-rpi3/rgapps/linux - revise libuhcall and uhcallkmod and migrate the va2pa function from user space to kernel driver. | ||
| * uxmhf-rpi3/libs: add sha256 support within libxmhfcrypto | ||
| * uxmhf-rpi3/rgapps/linux/libs: add kernel library libkhcall for performing hypercall from OS kernel mode | ||
|
|
||
| * Documentation | ||
| * revise top-level README with instructions on documentation build | ||
| * add software requirements within a top-level index toctree | ||
| * uxmhf: revise build and installation documentation to clarify grub and debug settings, kernel command line parameters, and modules that need to be blacklisted currently | ||
| * uxmhf: revise instructions to add a new üapp and clarify OS kernel boot configuration details | ||
| * uxmhf: migrate documentation from markdown to restructured text syntax | ||
| * uxmhf-rpi3: add information to turn on UART debugging and select mini/PL011 UART during build | ||
| * uxmhf-rpi3: add information to enable uhsign uberApp during build | ||
| * uxmhf-rpi3: add information about different USB to serial cabling for miniuart and PL011 UART based debugging | ||
| * uxmhf-rpi3: add documentation on how to enable and use uapp-uagent | ||
| * uxmhf-rpi3: revise documentation on how to enable and use uapp-pvdriver-uart | ||
| * uxmhf-rpi3: add stateDB uberapp build documentation | ||
| * uxmhf-rpi3: add documentation to describe libuhcall (user-mode) and libkhcall (kernel-mode) hypercall libraries | ||
| * uxmhf-rpi3: revise instructions to configure existing üapps and add new üapps | ||
| * uxmhf-rpi3: clarify OS kernel boot configuration details | ||
| * uxmhf-rpi3: migrate documentation from markdown to restructured text syntax | ||
| * xmhf: migrate documentation from markdown to restructured text syntax | ||
|
|
||
| * Fixes | ||
| * uxmhf: revise xmhf-bootloader sources to cope with --disable-drt and --disable-dmap configure options | ||
| * uxmhf-rpi3: modify main.c to place uart_testrecv() inside a #ifdef to eliminate build errors if not configured for UART debugging | ||
|
|
||
| * Build | ||
| * add sphinx based documentation build harness | ||
| * uxmhf-rpi3: revise build harness to include --enable-debug-uart, --enable-debug-uart-PL011, and --enable-uapp-uhsign configure options | ||
| * uxmhf-rpi3: autogenerate rpi3 config based on UART selection so we can enable/disable bluetooth UART accordingly | ||
| * uxmhf-rpi3: add docker container for building and installing uberXMHF on Raspberry Pi 3 | ||
| * uxmhf-rpi3: rework build configuration options to decouple --enable-debug-uart and --enable-uart-{pl011,mini} | ||
|
|
||
| * Others | ||
| * uxmhf-rpi3: clean up and use debug printf interface throughout | ||
| * uxmhf-rpi3: add function declarations to header files to remove warnings about implicit function declarations. | ||
| * uxmhf-rpi3: clean up some unused variables | ||
| * uxmhf-rpi3: use top-level uart.h to bring in UART backend interfaces (mini or PL011 UART) | ||
| * uxmhf-rpi3: move code whitelisting functionality into common/ (as it is used by uapp-uhsign and uapp-uagent). | ||
|
|
||
|
|
||
| * Version 5.0 | ||
| * various documentation fixes | ||
| * rpi3-cortex_a53-armv8_32: refactored secure-boot, interrupt protection, | ||
| DMA protection, and FIQ reflection as modular build-time options | ||
| * rpi3-cortex_a53-armv8_32: fixed stability issues within core micro-hypervisor framework | ||
| * pc-intel-x86_32: migrated debug and uobject info library to core uberspark framework | ||
| * pc-intel-x86_32: migrated data types to be stdint compatible | ||
| * pc-intel-x86_32: removed micro-hypervisor specific dependencies on uobject info table | ||
| * pc-intel-x86_32: added new uobject uhmpgtbl to deal with hypervisor page tables for | ||
| unverified hypervisor uobjects | ||
| * pc-intel-x86_32: added new uobject iotbl to deal with hypervisor legacy I/O tables | ||
| for unverified hypervisor uobjects | ||
| * pc-intel-x86_32: revised exhub uobject to handle IDT initialization and operation | ||
| * pc-intel-x86_32: refactored build process to eliminate redundant passes | ||
|
|
||
| * Version 4.1 | ||
| * added support for Ubuntu 16.04 LTS with Linux kernel 4.4.x 32-bits (CONFIG_X86_PAE=n) | ||
| * migrated uberobject manifests to JSON format | ||
| * various documentation updates | ||
|
|
||
| * Version 4.0 | ||
| * first stand-alone uberXMHF release | ||
| * added Raspberry PI 3 hardware platform support | ||
| * consolidated past XMHF x86-32 AMD PC and x86-32 Intel PC (legacy) releases | ||
| * various documentation updates | ||
|
|
||
| * Version 3.1 | ||
| * fixed uxmhf build errors | ||
|
|
||
| * Version 3.0 | ||
| * added support for Frama-C Phosphorus-20170501 | ||
| * added support for Compcert 3.0.1 | ||
| * fixed error due to improper inclusion of xh_ssteptrace in the verification process | ||
| * minor build harness fixes and documentation updates | ||
|
|
||
| * Version 2.0 | ||
| * separated uberspark, uberspark libraries and uxmhf verification/build processes | ||
| * refined and streamlined uberspark and uxmhf verification/build harness | ||
| * fixed minor errors in documentation and updates to reflect release changes | ||
|
|
||
| * Version 1.0 | ||
| * initial release of uberXMHF x86-32 Intel PC | ||
|
|
||
| * Version 0.2.2 | ||
| * various general documentation fixes and cleanup | ||
| * tee-sdk: added patches for newlib and openssl libraries and removed deprecated/non-working examples | ||
| * re-organized framework components and revised configuration/build harness and related documentation | ||
| * fixed build errors with gcc 4.6.3 | ||
| * xmhf-core: re-factored verification harness and added support for 64-bit CBMC | ||
|
|
||
| * Version 0.2.1 | ||
| * tools: add scripts to deal with release tasks | ||
| * xmhf-core: refactor runtime build harness | ||
| * xmhf-core: add build debug information within generated binaries | ||
| * xmhf-core: segregate Dynamic Root-of-Trust and DMA protection logic and build configuration options | ||
| * xmhf-core: add support for upto 8 CPU cores | ||
| * xmhf-core: add XSETBV intercept handling on Intel platforms for CPUs with XSAVE capabilities | ||
| * xmhf-core: fix MTRR logic on Intel platforms to obtain required variable range MTRRs | ||
| * xmhf-core: fix issue related to physical/virtual address overlap for runtime | ||
|
|
||
| * Version 0.2 | ||
| * xmhf-core: clarify documentation and add description for build configuration options and verification | ||
| * xmhf-core: add build configuration options --with-target-platform and --with-target-arch to choose target platform and CPU arch. | ||
| * xmhf-core: restructure core components and general cleanup | ||
| * xmhf-core: add XMHF/hypapp verification harness for verifying core memory integrity | ||
| * xmhf-core: fix build error with --enable-debug-vga configure option | ||
|
|
||
| * Version 0.1.2 | ||
| * xmhf-core: stability improvements - we can now handle guest NMIs gracefully | ||
| * xmhf-core: stability improvements - we now support stock MTRR-enabled (linux) guest kernels on Intel platforms | ||
| * test-bed fixes, refactoring and improvements - now supporting 3.2.0-27-generic (and below) with ubuntu | ||
| * added documentation generator which takes in-tree markdown files and generates html output | ||
| * fixed build target install-bin to include correct destination path | ||
|
|
||
| * Version 0.1.1 | ||
| Introduction | ||
| ============ | ||
|
|
||
| XMHF is an eXtensible and Modular Hypervisor Framework | ||
| that strives to be a | ||
| comprehensible and flexible platform for performing | ||
| hypervisor research and development. The framework allows others to | ||
| build custom (security-sensitive) hypervisor-based solutions | ||
| (called "hypapps"). | ||
|
|
||
| XMHF is designed to achieve three goals – modular extensibility, | ||
| automated verification, and high performance. XMHF includes a | ||
| core that provides functionality common to many hypervisor-based security | ||
| architectures and supports extensions that augment the core with | ||
| additional security or functional properties while preserving the | ||
| fundamental hypervisor security property of memory integrity | ||
| (i.e., ensuring that the hypervisor’s memory is not modified by | ||
| software running at a lower privilege level). | ||
|
|
||
| XMHF advocates a "rich" single-guest execution model where the | ||
| hypervisor framework supports only a single-guest and allows the | ||
| guest direct access to all performance-critical system devices and | ||
| device interrupts. | ||
|
|
||
| XMHF currently runs on recent multicore x86 hardware | ||
| virtualized platforms with support for dynamic root of trust | ||
| and nested (2-dimensional) paging. The framework is capable of | ||
| running unmodified legacy multiprocessor capable OSes such as | ||
| Windows and Linux. | ||
|
|
||
| Documentation is automatically generated from markdown files in the | ||
| code repository, and is viewable at http://xmhf.sourceforge.net/doc/ | ||
|
|
||
|
|
||
| Changelog | ||
| ========= | ||
|
|
||
| * 0.1 Initial Release | ||
| * 0.1.1 | ||
| * Added TPM performance profiling. | ||
| * Stability improvements. | ||
| * Stability improvements (ticket-28 fixed). | ||
| * Intercept handling now serialized in the core. | ||
| * XMHF now builds and runs on Ubuntu 12.04 (precise). | ||
| * Replaced LGPL tlsf implementation with public domain implementation. | ||
| * Added design-documents. | ||
|
|
||
| * Version 0.1 | ||
| * Initial Release | ||
|
|
||
| * 0.1.2 | ||
| * xmhf-core: stability improvements (ticket-73 fixed) - we can now handle guest NMIs gracefully | ||
| * xmhf-core: stability improvements (ticket-10 fixed) - we now support stock MTRR-enabled (linux) guest kernels on Intel platforms | ||
| * test-bed fixes, refactoring and improvements - now supporting 3.2.0-27-generic (and below) with ubuntu | ||
| * added documentation generator which takes in-tree markdown files and generates html output | ||
| * fixed build target install-bin to include correct destination path | ||
| * 0.2 | ||
| * xmhf-core: clarify documentation and add description for build configuration options and verification | ||
| * xmhf-core: add build configuration options --with-target-platform and --with-target-arch to choose target platform and CPU arch. | ||
| * xmhf-core: restructure core components and general cleanup | ||
| * xmhf-core: add XMHF/hypapp verification harness for verifying core memory integrity | ||
| * xmhf-core: fix build error with --enable-debug-vga configure option | ||
| * 0.2.1 | ||
| * tools: add scripts to deal with release tasks | ||
| * xmhf-core: refactor runtime build harness | ||
| * xmhf-core: add build debug information within generated binaries | ||
| * xmhf-core: segregate Dynamic Root-of-Trust and DMA protection logic and build configuration options | ||
| * xmhf-core: add support for upto 8 CPU cores (ticket-74) | ||
| * xmhf-core: add XSETBV intercept handling on Intel platforms for CPUs with XSAVE capabilities (ticket-74) | ||
| * xmhf-core: fix MTRR logic on Intel platforms to obtain required variable range MTRRs (ticket-74) | ||
| * xmhf-core: fix issue related to physical/virtual address overlap for runtime (ticket-31) | ||
| * 0.2.2 | ||
| * various general documentation fixes and cleanup | ||
| * tee-sdk: added patches for newlib and openssl libraries and removed deprecated/non-working examples | ||
| * re-organized framework components and revised configuration/build harness and related documentation | ||
| * fixed build errors with gcc 4.6.3 | ||
| * xmhf-core: re-factored verification harness and added support for 64-bit CBMC | ||
|
|
Oops, something went wrong.