ia64/xen-unstable

view xen/Rules.mk @ 19267:7d55cc23493b

txt: perform per-domain (and frametable and xenheap) MAC on entry into
S3 and verification on resume.

The MAC algorithm is called VMAC and was developed by Ted Krovetz and
Wei Dai (more details are in the files). It is based on a universal hash
function. The universal hash is passed through a pseudo-random function,
implemented using AES. More details can be found at
http://fastcrypto.org/vmac/. =
The AES code comes from the OpenBSD implementation (which is derived
from the implementation referenced in VMAC site).

As Xen does not have a good source of entropy to generate its own key
(for the keyed hash), it uses the key that tboot passes in.

Although the code attempts to MAC all of a domain's pages (code/data,
VT-d tables) based on its s3_integrity flag, some of a domain's memory may
always be MAC'ed, e.g. shadow page tables. Only xenheap pages that are in
use are MAC'ed. We believe that the memory MAC'ed by the Xen code and the
ranges passed to tboot to MAC cover all of the memory whose integrity needs
to be protected on S3. Any suggestions or ranges that we missed are
welcome.

Signed-off-by: Shane Wang <shane.wang@intel.com>
Signed-off-by: Joseph Cihula <joseph.cihula@intel.com>
author Keir Fraser <keir.fraser@citrix.com>
date Tue Mar 03 12:48:16 2009 +0000 (2009-03-03)
parents 0e448d0a41ff
children
line source
2 #
3 # If you change any of these configuration options then you must
4 # 'make clean' before rebuilding.
5 #
6 verbose ?= n
7 perfc ?= n
8 perfc_arrays ?= n
9 crash_debug ?= n
10 frame_pointer ?= n
12 XEN_ROOT=$(BASEDIR)/..
13 include $(XEN_ROOT)/Config.mk
15 # Hardcoded configuration implications and dependencies.
16 # Do this is a neater way if it becomes unwieldy.
17 ifeq ($(debug),y)
18 verbose := y
19 frame_pointer := y
20 else
21 CFLAGS += -DNDEBUG
22 endif
23 ifeq ($(perfc_arrays),y)
24 perfc := y
25 endif
27 # Set ARCH/SUBARCH appropriately.
28 override TARGET_SUBARCH := $(XEN_TARGET_ARCH)
29 override TARGET_ARCH := $(shell echo $(XEN_TARGET_ARCH) | \
30 sed -e 's/x86.*/x86/')
32 TARGET := $(BASEDIR)/xen
34 include $(BASEDIR)/arch/$(TARGET_ARCH)/Rules.mk
36 # Note that link order matters!
37 ALL_OBJS-y += $(BASEDIR)/common/built_in.o
38 ALL_OBJS-y += $(BASEDIR)/drivers/built_in.o
39 ALL_OBJS-y += $(BASEDIR)/xsm/built_in.o
40 ALL_OBJS-y += $(BASEDIR)/arch/$(TARGET_ARCH)/built_in.o
41 ALL_OBJS-$(x86) += $(BASEDIR)/crypto/built_in.o
43 CFLAGS-y += -g -D__XEN__
44 CFLAGS-$(XSM_ENABLE) += -DXSM_ENABLE
45 CFLAGS-$(FLASK_ENABLE) += -DFLASK_ENABLE -DXSM_MAGIC=0xf97cff8c
46 CFLAGS-$(FLASK_ENABLE) += -DFLASK_DEVELOP -DFLASK_BOOTPARAM -DFLASK_AVC_STATS
47 CFLAGS-$(ACM_SECURITY) += -DACM_SECURITY -DXSM_MAGIC=0xbcde0100
48 CFLAGS-$(verbose) += -DVERBOSE
49 CFLAGS-$(crash_debug) += -DCRASH_DEBUG
50 CFLAGS-$(perfc) += -DPERF_COUNTERS
51 CFLAGS-$(perfc_arrays) += -DPERF_ARRAYS
52 CFLAGS-$(frame_pointer) += -fno-omit-frame-pointer -DCONFIG_FRAME_POINTER
54 ifneq ($(max_phys_cpus),)
55 CFLAGS-y += -DMAX_PHYS_CPUS=$(max_phys_cpus)
56 endif
57 ifneq ($(max_phys_irqs),)
58 CFLAGS-y += -DMAX_PHYS_IRQS=$(max_phys_irqs)
59 endif
61 AFLAGS-y += -D__ASSEMBLY__
63 ALL_OBJS := $(ALL_OBJS-y)
65 # Get gcc to generate the dependencies for us.
66 CFLAGS-y += -MMD -MF .$(@F).d
67 DEPS = .*.d
69 CFLAGS += $(CFLAGS-y)
71 # Most CFLAGS are safe for assembly files:
72 # -std=gnu{89,99} gets confused by #-prefixed end-of-line comments
73 AFLAGS += $(AFLAGS-y) $(filter-out -std=gnu%,$(CFLAGS))
75 # LDFLAGS are only passed directly to $(LD)
76 LDFLAGS += $(LDFLAGS_DIRECT)
78 include Makefile
80 # Ensure each subdirectory has exactly one trailing slash.
81 subdir-n := $(patsubst %,%/,$(patsubst %/,%,$(subdir-n)))
82 subdir-y := $(patsubst %,%/,$(patsubst %/,%,$(subdir-y)))
84 # Add explicitly declared subdirectories to the object list.
85 obj-y += $(patsubst %/,%/built_in.o,$(subdir-y))
87 # Add implicitly declared subdirectories (in the object list) to the
88 # subdirectory list, and rewrite the object-list entry.
89 subdir-y += $(filter %/,$(obj-y))
90 obj-y := $(patsubst %/,%/built-in.o,$(obj-y))
92 subdir-all := $(subdir-y) $(subdir-n)
94 built_in.o: $(obj-y)
95 $(LD) $(LDFLAGS) -r -o $@ $^
97 # Force execution of pattern rules (for which PHONY cannot be directly used).
98 .PHONY: FORCE
99 FORCE:
101 %/built_in.o: FORCE
102 $(MAKE) -f $(BASEDIR)/Rules.mk -C $* built_in.o
104 .PHONY: clean
105 clean:: $(addprefix _clean_, $(subdir-all))
106 rm -f *.o *~ core $(DEPS)
107 _clean_%/: FORCE
108 $(MAKE) -f $(BASEDIR)/Rules.mk -C $* clean
110 %.o: %.c Makefile
111 $(CC) $(CFLAGS) -c $< -o $@
113 %.o: %.S Makefile
114 $(CC) $(AFLAGS) -c $< -o $@
116 %.i: %.c Makefile
117 $(CPP) $(CFLAGS) $< -o $@
119 # -std=gnu{89,99} gets confused by # as an end-of-line comment marker
120 %.s: %.S Makefile
121 $(CPP) $(AFLAGS) $< -o $@
123 -include $(DEPS)