[tboot-devel] Failure to run MLE at non-zero linear address

[Hal F. <hal...@gm...>]

I am experimenting with tboot as a model for other TXT code. It is
great to have something that works as a starting point.

As a first small step, I am trying to change tboot so that the MLE
page tables are set up with the MLE at a nonzero linear address. The
spec says that this should work. Presently the MLE is mapped in the
page tables at address 0 - 16000 (hex). I want to first try changing
this to map at 1000-17000, in other words just one page higher.

Here is the patch I made to txt.c for this:

$ hg diff txt/txt.c
diff -r 201092e1f7e9 tboot/txt/txt.c
--- a/tboot/txt/txt.c   Thu Nov 22 11:08:37 2007 -0500
+++ b/tboot/txt/txt.c   Fri Jan 04 09:40:11 2008 -0800
@@ -74,6 +74,9 @@ extern char __start[];          /* tboot
 extern char __start[];          /* tboot entry point in boot.S */
 extern char _txt_wakeup[];      /* RLP join address for GETSEC[WAKEUP] */

+/* Offset within page tables */
+#define MLE_OFFSET     0x1000
+
 /*
  * this is the structure whose addr we'll put in TXT heap
  * it needs to be within the MLE pages, so force it to the .text section
@@ -83,8 +86,8 @@ __attribute__ ((__section__ (".text")))
     guid              :  MLE_HDR_GUID,
     length            :  sizeof(mle_hdr_t),
     version           :  0x00010001,
-    entry_point       :  (uint32_t)&__start - TBOOT_BASE_ADDR,
-    first_valid_page  :  0,
+    entry_point       :  (uint32_t)&__start - TBOOT_BASE_ADDR + MLE_OFFSET,
+    first_valid_page  :  MLE_OFFSET,
     mle_start_off     :  (uint32_t)&_mle_start - TBOOT_BASE_ADDR,
     mle_end_off       :  (uint32_t)&_mle_end - TBOOT_BASE_ADDR,
 };
@@ -168,7 +171,7 @@ static void *build_mle_pagetable(uint32_
     /* only use first entry in page dir */
     *(uint64_t *)pg_dir = MAKE_PDTE(pg_tab);

-    pte = pg_tab;
+    pte = pg_tab + MLE_OFFSET/PAGE_SIZE;
     mle_off = 0;
     do {
         *pte = MAKE_PDTE(mle_start + mle_off);
@@ -305,7 +308,8 @@ static txt_heap_t *init_txt_heap(void *p
     os_sinit_data->mle_ptab = (uint64_t)(unsigned long)ptab_base;
     os_sinit_data->mle_size = g_mle_hdr.mle_end_off - g_mle_hdr.mle_start_off;
     /* this is linear addr (offset from MLE base) of mle header */
-    os_sinit_data->mle_hdr_base = (uint64_t)&g_mle_hdr - (uint64_t)&_mle_start;
+    os_sinit_data->mle_hdr_base =
+       (uint64_t)&g_mle_hdr - (uint64_t)&_mle_start + MLE_OFFSET;
     /* SINIT supports more recent version than we do, so use our most recent */
     if ( os_sinit_data_ver >= 0x03 ) {
         os_sinit_data->version = 0x03;     /* 0x03 is the max we support */


Basically I make 4 changes: entry_point and first_valid_page in the
MLE header get moved up 0x1000, and the mle_hdr_base field in the TXT
heap also gets moved up. Then the page tables are initialized starting
with the 2nd rather than the 1st entry.

However, it does not work. The system crashes with a TXT reset when it
calls GETSEC[SENTER]. And due to some problem with my HP dc7800 vPro
system, TXT resets don't lead to a clean reboot and I have to
power-cycle my machine, losing any ERRORCODE status. So I can't tell
what exactly is going wrong.

I wonder if someone with more experience with TXT can advise me
whether other fields need to be adjusted when changing the linear
address mapping in the MLE page tables

Also, along these lines, the documentation is ambiguous about the MLE
Join structure EIP address. Table 7 says, "Linear IP entry point
(physical address)". However a linear address is not a physical
address. tboot is actually putting in the physical address here so I
assume the reference to a linear address is a mistake. The issue
doesn't affect my test because I am not getting that far, but since
tboot works OK with a physical address, I assume that there is no need
to adjust this value when changing the MLE page tables.

Thanks very much!

Hal Finney