Received: by 2002:a17:90a:1609:0:0:0:0 with SMTP id n9csp2193772pja; Thu, 26 Mar 2020 11:09:18 -0700 (PDT) X-Google-Smtp-Source: ADFU+vs+i8rvVMTFeI4tDoDB8YH0MqcNrn8LUz6Le6oWTBpmBl8m23rNALWVq/P7t9u7ESpofEap X-Received: by 2002:a4a:d794:: with SMTP id c20mr6249632oou.77.1585246158834; Thu, 26 Mar 2020 11:09:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1585246158; cv=none; d=google.com; s=arc-20160816; b=HfvtnHOwDZwhxPfbIrVUxMhxidtH5ApBgpnrq6dEiLB3ubJL6CV2jQnHAZiyObLdYc kroA5CppYf0AangzlDCs0P/J1Y+2PIvCuMDbZNFySlNtJHZzmrPrXuPDwR0Kz+i7AQM7 P+xmAuiFltQQCGcGoj7ldpprRvEsAYPyOPJqiQ0lm28p1Y6HLWhy3kYJDckN+wXv9kOc /F75sBpW2lge/OchZUG5SIZfNcS/HU7jkCLAC4aM8QO0AVBqqynGObZY/k5FSBiLqoPm tIiY2NlwxSRKsOhmPvIeFAv64yjc8lMx8TA7J2AjNgc9TYxcxclRdKm5k+R9NnGQkaDy EJfw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=BJaWZQd3Uzd0rIHPr8Tee7YFwxS0GsA8ikWhqjK/e0I=; b=iYV7hPpKCqbAMBMo4fLyqvSkfEEtfHwWFQVFeAh7QLsqpNvmUT0+w8E3zDU4QYTuzQ tTIoGsM3xbGLb+2QYwMnu1XwE7Se6TTpsVLgXXOS5/+As6ST/bLXBsV6RllkhAnlUaxE hFZZqbESqoh+XHhDty7I5/Dh7nOKDWx59gAfPE6+1a+YyGrhs0mat14PDdHOxR7mkfb0 4uI9N2eQC+WHKKK/7z693enrjJfuCgB0SEkifxdRJjdNqzcAT2pMnShdRB5Jz4Vubosn GAoFEqF/dVTVHEFR4fg+WmsO6q9LOUPeo3ftrgbOFA4/Qknuq8jTWgfeoK8SnuktbTYS MX8w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2020-01-29 header.b=eAH5+9B8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y206si1257758oig.253.2020.03.26.11.09.03; Thu, 26 Mar 2020 11:09:18 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2020-01-29 header.b=eAH5+9B8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727995AbgCZSH3 (ORCPT + 99 others); Thu, 26 Mar 2020 14:07:29 -0400 Received: from aserp2120.oracle.com ([141.146.126.78]:35784 "EHLO aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727933AbgCZSH3 (ORCPT ); Thu, 26 Mar 2020 14:07:29 -0400 Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 02QI3LR7083907; Thu, 26 Mar 2020 18:07:01 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc : subject : message-id : references : mime-version : content-type : in-reply-to; s=corp-2020-01-29; bh=BJaWZQd3Uzd0rIHPr8Tee7YFwxS0GsA8ikWhqjK/e0I=; b=eAH5+9B8Dlao4gANk+9VC3KHEoCNjPwSA1bFece9Z7Eeu2OwXw+qkyABtsWD0KqcGEl2 JiKWqMclSTNfdN+Lo3FnSYtR4auuXSu6+31R9gUmsApdFj0gn2HXoRw6dRH91JJ1arp6 czecPixOUhR54tKla1baSgGcHLiDiKfWgx+i0BxSilUGAoq+8vkZHIUNaaSoTHnAusuf DnXVQZhVluGRx1wSdTSRWA2AnzHH8iQm6fHXr3cWCIkYhrzalj/AYS/OxrA8sv/UHFP5 PCCXk0UD/JoV7VOTwuE2YoX4iijwJ58kFHiWWEY8TWEVVMUYZtFSFG/NtCxwsBzEgO5h DQ== Received: from aserp3020.oracle.com (aserp3020.oracle.com [141.146.126.70]) by aserp2120.oracle.com with ESMTP id 2ywavmhdca-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 26 Mar 2020 18:07:01 +0000 Received: from pps.filterd (aserp3020.oracle.com [127.0.0.1]) by aserp3020.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 02QI2cJ4175416; Thu, 26 Mar 2020 18:07:00 GMT Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75]) by aserp3020.oracle.com with ESMTP id 30073e3vta-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 26 Mar 2020 18:07:00 +0000 Received: from abhmp0010.oracle.com (abhmp0010.oracle.com [141.146.116.16]) by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id 02QI6wo6016073; Thu, 26 Mar 2020 18:06:58 GMT Received: from tomti.i.net-space.pl (/10.175.206.254) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 26 Mar 2020 11:06:57 -0700 Date: Thu, 26 Mar 2020 19:06:53 +0100 From: Daniel Kiper To: Ross Philipson Cc: linux-kernel@vger.kernel.org, x86@kernel.org, linux-doc@vger.kernel.org, dpsmith@apertussolutions.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, trenchboot-devel@googlegroups.com Subject: Re: [RFC PATCH 01/12] x86: Secure Launch Kconfig Message-ID: <20200326180653.nyfkbrczl5gxbukl@tomti.i.net-space.pl> References: <20200325194317.526492-1-ross.philipson@oracle.com> <20200325194317.526492-2-ross.philipson@oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200325194317.526492-2-ross.philipson@oracle.com> User-Agent: NeoMutt/20170113 (1.7.2) X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9572 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 adultscore=0 suspectscore=0 mlxscore=0 phishscore=0 bulkscore=0 spamscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2003260135 X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9572 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 malwarescore=0 priorityscore=1501 mlxscore=0 bulkscore=0 clxscore=1015 impostorscore=0 phishscore=0 suspectscore=0 mlxlogscore=999 spamscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2003260135 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Mar 25, 2020 at 03:43:06PM -0400, Ross Philipson wrote: > Initial bits to bring in Secure Launch functionality. Add Kconfig > options for compiling in/out the Secure Launch code. > > Signed-off-by: Ross Philipson > --- > arch/x86/Kconfig | 11 +++++++++++ > 1 file changed, 11 insertions(+) > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > index 5e8949953660..7f3406a9948b 100644 > --- a/arch/x86/Kconfig > +++ b/arch/x86/Kconfig > @@ -2014,6 +2014,17 @@ config EFI_MIXED > > If unsure, say N. > > +config SECURE_LAUNCH > + bool "Secure Launch support" > + default n > + depends on X86_64 > + help > + This Secure Launch kernel feature allows a bzImage to be loaded > + directly through Intel TXT or AMD SKINIT measured launch. This I think that you should drop AMD SKINIT from here. This should be added when AMD secure launch implementation is added. ...and why we need this as separate patch? Could not we add this in a patch which uses CONFIG_SECURE_LAUNCH for first time? Daniel