9 comments:
File src/security/intel/txt/common.c:
What's this magic number?
sizeof(uint32_t)
Patch Set #7, Line 316: locked
If it's not locked, isn't that a serious error? I'd expect that TXT is enabled after the MSR is lock […]
maybe
Patch Set #7, Line 364: return true;
Maybe add some message? […]
In that case it already prints "TEE-TXT: CPU supports SMX: false"
Patch Set #7, Line 425: policy
Which policy?
TXT Policy Data Record (Firmware Inteface Table Type 0x0A)
File src/security/intel/txt/getsec.c:
What does this 0x1f mean?
That's taken from some TXT Spec.
The SDM uses 4GiB-1 here, so we should use the same
File src/security/intel/txt/getsec_enteraccs.S:
Where is this used?
looks unused
GPE or GP? Or GPF? GPE reminds me of General Purpose Event and I get confused
GPF
I think this one is used right above?
yes
File src/security/intel/txt/ramstage.c:
Patch Set #7, Line 161: Tested
Tests showed
To view, visit change 37016. To unsubscribe, or for help writing mail filters, visit settings.