View Change

9 comments:

• File src/security/intel/txt/common.c:

  • Patch Set #7, Line 135: 4

    What's this magic number?

    sizeof(uint32_t)

  • Patch Set #7, Line 316: locked

    If it's not locked, isn't that a serious error? I'd expect that TXT is enabled after the MSR is lock […]

    maybe

  • Patch Set #7, Line 364: return true;

    Maybe add some message? […]

    In that case it already prints "TEE-TXT: CPU supports SMX: false"

  • Patch Set #7, Line 425: policy

    Which policy?

    TXT Policy Data Record (Firmware Inteface Table Type 0x0A)

• File src/security/intel/txt/getsec.c:

  • Patch Set #7, Line 65: 0x1f

    What does this 0x1f mean?

    That's taken from some TXT Spec.
    The SDM uses 4GiB-1 here, so we should use the same

• File src/security/intel/txt/getsec_enteraccs.S:

  • Patch Set #7, Line 191: 1:

    Where is this used?

    looks unused

  • Patch Set #7, Line 192: GPE

    GPE or GP? Or GPF? GPE reminds me of General Purpose Event and I get confused

    GPF

  • Patch Set #7, Line 245: 1:

    I think this one is used right above?

    yes

• File src/security/intel/txt/ramstage.c:

  • Patch Set #7, Line 161: Tested

    Tests showed

To view, visit change 37016. To unsubscribe, or for help writing mail filters, visit settings.