Protect DRHD from guest memory access

lxylxy123456 · Oct 19, 2022 · c3a5816 · c3a5816
1 parent 7acbb46
commit c3a5816
Show file tree

Hide file tree

Showing 5 changed files with 41 additions and 2 deletions.
diff --git a/xmhf/src/xmhf-core/include/xmhf-dmaprot.h b/xmhf/src/xmhf-core/include/xmhf-dmaprot.h
@@ -156,6 +156,10 @@ u32 xmhf_dmaprot_earlyinitialize(u64 protectedbuffer_paddr,
 u32 xmhf_dmaprot_initialize(u64 protectedbuffer_paddr,
 	u32 protectedbuffer_vaddr, u32 protectedbuffer_size);
 
+// Call memprot to protect DRHD pages. Should be called by each CPU after
+// xmhf_dmaprot_initialize().
+void xmhf_dmaprot_protect_drhd(VCPU *vcpu);
+
 // Enable the DMA protection HW
 // [NOTE] This function must be separated from <xmhf_dmaprot_initialize>. Otherwise, misconfigured devices can have a 
 // chance to modify XMHF binary between the function <xmhf_dmaprot_initialize> and <xmhf_dmaprot_protect> inside 
@@ -181,6 +185,7 @@ u32 xmhf_dmaprot_arch_earlyinitialize(u64 protectedbuffer_paddr,
 	u64 memregionbase_paddr, u32 memregion_size);
 u32 xmhf_dmaprot_arch_initialize(u64 protectedbuffer_paddr,
 	u32 protectedbuffer_vaddr, u32 protectedbuffer_size);
+void xmhf_dmaprot_arch_protect_drhd(VCPU *vcpu);
 u32 xmhf_dmaprot_arch_enable(u64 protectedbuffer_paddr,
 	u32 protectedbuffer_vaddr, u32 protectedbuffer_size);
 void xmhf_dmaprot_arch_protect(spa_t start_paddr, size_t size);
@@ -209,6 +214,7 @@ u32 xmhf_dmaprot_arch_x86_vmx_earlyinitialize(sla_t protectedbuffer_paddr,
 	sla_t memregionbase_paddr, u32 memregion_size);
 u32 xmhf_dmaprot_arch_x86_vmx_initialize(spa_t protectedbuffer_paddr,
 	hva_t protectedbuffer_vaddr, size_t protectedbuffer_size);
+void xmhf_dmaprot_arch_x86_vmx_protect_drhd(VCPU *vcpu);
 u32 xmhf_dmaprot_arch_x86_vmx_enable(spa_t protectedbuffer_paddr,
 	hva_t protectedbuffer_vaddr, size_t protectedbuffer_size);
 void xmhf_dmaprot_arch_x86_vmx_protect(spa_t start_paddr, size_t size);

diff --git a/xmhf/src/xmhf-core/xmhf-runtime/xmhf-dmaprot/arch/x86/dmap-x86-runtime.c b/xmhf/src/xmhf-core/xmhf-runtime/xmhf-dmaprot/arch/x86/dmap-x86-runtime.c
@@ -79,6 +79,18 @@ u32 xmhf_dmaprot_arch_initialize(u64 protectedbuffer_paddr,
 	}
 }
 
+// Call memprot to protect DRHD pages. Should be called by each CPU after
+// xmhf_dmaprot_initialize().
+void xmhf_dmaprot_arch_protect_drhd(VCPU *vcpu){
+	u32 cpu_vendor = get_cpu_vendor_or_die();	//determine CPU vendor
+
+	if(cpu_vendor == CPU_VENDOR_AMD){
+	  HALT_ON_ERRORCOND(0 && "DRHD protection not implmeneted");
+	}else{	//CPU_VENDOR_INTEL
+		xmhf_dmaprot_arch_x86_vmx_protect_drhd(vcpu);
+	}
+}
+
 u32 xmhf_dmaprot_arch_enable(u64 protectedbuffer_paddr,
 	u32 protectedbuffer_vaddr, u32 protectedbuffer_size){
 	u32 cpu_vendor = get_cpu_vendor_or_die();	//determine CPU vendor

diff --git a/xmhf/src/xmhf-core/xmhf-runtime/xmhf-dmaprot/arch/x86/vmx/dmap-vmx-runtime.c b/xmhf/src/xmhf-core/xmhf-runtime/xmhf-dmaprot/arch/x86/vmx/dmap-vmx-runtime.c
@@ -415,8 +415,8 @@ static u32 vmx_eap_initialize(
 #endif //__XMHF_VERIFICATION__
 
     // zap VT-d presence in ACPI table...
-    // TODO: we need to be a little elegant here. eventually need to setup
-    // EPT/NPTs such that the DMAR pages are unmapped for the guest
+    // DRHD pages are protected from guest memory access in
+    // xmhf_dmaprot_arch_x86_vmx_protect_drhd().
     xmhf_baseplatform_arch_flat_writeu32(dmaraddrphys, 0UL);
 
     // Flush CPU cache
@@ -550,6 +550,18 @@ u32 xmhf_dmaprot_arch_x86_vmx_initialize(spa_t protectedbuffer_paddr,
                               vmx_eap_vtd_pts_paddr, vmx_eap_vtd_pts_vaddr, vmx_eap_vtd_ret_paddr, vmx_eap_vtd_ret_vaddr, vmx_eap_vtd_cet_paddr, vmx_eap_vtd_cet_vaddr);
 }
 
+// Call memprot to protect DRHD pages. Should be called by each CPU after
+// xmhf_dmaprot_initialize().
+void xmhf_dmaprot_arch_x86_vmx_protect_drhd(VCPU *vcpu)
+{
+    u32 i = 0;
+    FOREACH_S(i, vtd_num_drhd, VTD_MAX_DRHD, 0, 1)
+    {
+        xmhf_memprot_setprot(vcpu, vtd_drhd[i].regbaseaddr, MEMP_PROT_NOTPRESENT);
+    }
+    printf("Protected %u DRHD tables from guest memory access\n", vtd_num_drhd);
+}
+
 // DMA protect a given region of memory
 void xmhf_dmaprot_arch_x86_vmx_protect(spa_t start_paddr, size_t size)
 {

diff --git a/xmhf/src/xmhf-core/xmhf-runtime/xmhf-dmaprot/dmap-interface-runtime.c b/xmhf/src/xmhf-core/xmhf-runtime/xmhf-dmaprot/dmap-interface-runtime.c
@@ -62,6 +62,12 @@ u32 xmhf_dmaprot_initialize(u64 protectedbuffer_paddr, u32 protectedbuffer_vaddr
 	return xmhf_dmaprot_arch_initialize(protectedbuffer_paddr, protectedbuffer_vaddr, protectedbuffer_size);
 }
 
+// Call memprot to protect DRHD pages. Should be called by each CPU after
+// xmhf_dmaprot_initialize().
+void xmhf_dmaprot_protect_drhd(VCPU *vcpu){
+	xmhf_dmaprot_arch_protect_drhd(vcpu);
+}
+
 // Enable the DMA protection HW
 // [NOTE] This function must be separated from <xmhf_dmaprot_initialize>. Otherwise, misconfigured devices can have a 
 // chance to modify XMHF binary between the function <xmhf_dmaprot_initialize> and <xmhf_dmaprot_protect> inside 

diff --git a/xmhf/src/xmhf-core/xmhf-runtime/xmhf-startup/runtime.c b/xmhf/src/xmhf-core/xmhf-runtime/xmhf-startup/runtime.c
@@ -263,6 +263,9 @@ void xmhf_runtime_main(VCPU *vcpu, u32 isEarlyInit){
   //initialize memory protection for this core
   xmhf_memprot_initialize(vcpu);
 
+  //remove DMAP structures from guest memory
+  xmhf_dmaprot_protect_drhd(vcpu);
+
   //initialize application parameter block and call app main
   {
     APP_PARAM_BLOCK appParamBlock;