xen/xen - xen

	Commit message (Collapse)	Author	Age	Files	Lines
*	move various bits into .init.* sections	Jan Beulich	2011-03-09	2	-1/+13
\| \| \| \| \| \| \| \| \| \|	This also includes the removal of some entirely unused functions. The patch builds upon the makefile adjustments done in the earlier sent patch titled "move more kernel decompression bits to .init.* sections". Signed-off-by: Jan Beulich <jbeulich@novell.com>
*	Cleanup: Make local functions static and remove unused functions.	Keir Fraser	2009-09-30	1	-56/+0
\| \| \| \|	Signed-off-by: Christoph Egger <Christoph.Egger@amd.com>
*	txt: perform per-domain (and frametable and xenheap) MAC on entry into	Keir Fraser	2009-03-03	3	-0/+2491
	S3 and verification on resume. The MAC algorithm is called VMAC and was developed by Ted Krovetz and Wei Dai (more details are in the files). It is based on a universal hash function. The universal hash is passed through a pseudo-random function, implemented using AES. More details can be found at http://fastcrypto.org/vmac/. = The AES code comes from the OpenBSD implementation (which is derived from the implementation referenced in VMAC site). As Xen does not have a good source of entropy to generate its own key (for the keyed hash), it uses the key that tboot passes in. Although the code attempts to MAC all of a domain's pages (code/data, VT-d tables) based on its s3_integrity flag, some of a domain's memory may always be MAC'ed, e.g. shadow page tables. Only xenheap pages that are in use are MAC'ed. We believe that the memory MAC'ed by the Xen code and the ranges passed to tboot to MAC cover all of the memory whose integrity needs to be protected on S3. Any suggestions or ranges that we missed are welcome. Signed-off-by: Shane Wang <shane.wang@intel.com> Signed-off-by: Joseph Cihula <joseph.cihula@intel.com>