Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp500842pxk; Thu, 24 Sep 2020 10:39:31 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxpcy5AFezCbeTnyO/fwad7UZazvV6BU5Dn9a3nqHLoYexiwfHoyDAnsEN1FIYbJFnAtI5n X-Received: by 2002:aa7:cb44:: with SMTP id w4mr1109829edt.139.1600969171640; Thu, 24 Sep 2020 10:39:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600969171; cv=none; d=google.com; s=arc-20160816; b=arAXonqUPkOluQrZfuSRKhaXzzJ/2eW36A7+bSy6vpUMoXctc4VgHPwLVkFIgW1CP8 vq2COIWK9D/9+/EJt/bUhfNC15l4wz9FwLSbW5CP6UyEytC+GFd4nnhJh/HfveYq6QjV 2uLRK5Klekr1ju5owiV93tRwMqx2m2ivWFtREdqVFz/L3mpJVSC9djdl4ewWtPlRVXVp 0nTV5W0WwvfBKzCSiJGWfcSJwELhkN11upeLMXObLcAa1TZgIwYj3z/mHsESKOlg00uJ O+I31v7yluNOAJZuGEHn8DsXGS4I8AQRoQBjeEk39HE9gtnkQA/q9hWmIgIrOze3EBTu T3aw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:date:from:sender:dkim-signature; bh=5bhRjdNmwctA9bi8GxsYvmMwgzV/9dcdCn2Ip4F4euc=; b=wGf7HCcmtCzvEd3R5S0a7v/gNOYBuL2km2JkMbjDLkBpjOSIEkhxp80KRrJihOJo7d RmaG+fY7t5GLgK09rA6yN2pJNL97g0GQ2ruPGGJYi5MsxgkZ/2li0PGpgKtCNWCa/c4n M6ecUGmiYUJfUKT0yBwKgV6KV5VhCTriSsxHiq3e9Zo2MYVowhN7oqllIrWIkC7GUOvD BDHH6S9f5hcWvvni7+qDvU3tFZYDqdafN5PdF0JOEIGqDqnnDLRnIzJG7bIKRFrUXmF8 qyGIK+VTdePfAaPWLEYn5nPtVb0ISVWYByuU8XRbWE4EZJ+TPZZrXpQlpTlsFOvYaC2s jCwA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=cZOWGP+A; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v11si58883edr.99.2020.09.24.10.39.07; Thu, 24 Sep 2020 10:39:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=cZOWGP+A; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727753AbgIXRiG (ORCPT + 99 others); Thu, 24 Sep 2020 13:38:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58858 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726477AbgIXRiF (ORCPT ); Thu, 24 Sep 2020 13:38:05 -0400 Received: from mail-qk1-x741.google.com (mail-qk1-x741.google.com [IPv6:2607:f8b0:4864:20::741]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A2D62C0613CE; Thu, 24 Sep 2020 10:38:05 -0700 (PDT) Received: by mail-qk1-x741.google.com with SMTP id q5so286891qkc.2; Thu, 24 Sep 2020 10:38:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:date:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=5bhRjdNmwctA9bi8GxsYvmMwgzV/9dcdCn2Ip4F4euc=; b=cZOWGP+ALCi4vj4BHTzKgWDrtzwE4tF3jGNpkhuLUh6fG/k8zqpGq1Lo/0dcBLLoIi pPGI5IpS/OrzvOjkni8+1PZ149ujLT0LOP6DV/JchuR6Qm2t3wNtyHG6ve58+vpA1a+n vo9tdcnK4n/fTNOQCs55j4rhmmB4gid8Yk08zVDqQHhgx6gWFwcbAHR0ggH6v1Hu9XQg NWk8LyxkU2lLBfuX9c41Izqi6n4RXF8OzcYv/vBHceR4AQDOinz6HygZUKBdg1Ok6Fhz x7PDV/Kr3TTU4rGFdiyUzzj3q20kP8wByDlsqyrvCMsSIga89AVXjSHZt/HQ36A/Zqys Zm7Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:date:to:cc:subject:message-id :references:mime-version:content-disposition:in-reply-to; bh=5bhRjdNmwctA9bi8GxsYvmMwgzV/9dcdCn2Ip4F4euc=; b=EMrsNQXf4gCxtm1u3qeXqYCljaVzImbs5t2tgxVSEFEYnOYu141mHiKutlLC7bXHDY PlsQ+BMtUZUrg5Av+HOpRmViWVzCpsjUKDN5NDPG6eQQFFAUAXWh4I0pLqN+qu3eQ85p +/a1qG1jwVvoAcAFz+AVYHTzR49bQrMCei+XqMr/oAhCKBWOSxeFvMhLC0Zrg/7fQBd+ XgxUwvS3VwhCb+pV2xBr6GEldGZLVLJD1TzfNQD0aD3zk0jjtKvQI6k54x43F9lCnDej ihhwfyoSUIYb09eXKLr17czvAdNv1W8UO3yx6rdb2iK9TYATNulfyq03oXhAzhJvoR1e AbbA== X-Gm-Message-State: AOAM531+HhRlU4/fQPZZYI5GoKpHSJ03TR08FOwCyUnKS5M6A/gjbKmj gEedA1FF5YcL2pXQVhLCoFA= X-Received: by 2002:a37:9c8:: with SMTP id 191mr213412qkj.292.1600969083722; Thu, 24 Sep 2020 10:38:03 -0700 (PDT) Received: from rani.riverdale.lan ([2001:470:1f07:5f3::b55f]) by smtp.gmail.com with ESMTPSA id n136sm96584qkn.14.2020.09.24.10.38.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Sep 2020 10:38:03 -0700 (PDT) Sender: Arvind Sankar From: Arvind Sankar X-Google-Original-From: Arvind Sankar Date: Thu, 24 Sep 2020 13:38:01 -0400 To: Ross Philipson Cc: linux-kernel@vger.kernel.org, x86@kernel.org, iommu@lists.linux-foundation.org, linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org, dpsmith@apertussolutions.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, luto@amacapital.net, trenchboot-devel@googlegroups.com Subject: Re: [PATCH 07/13] x86: Secure Launch kernel early boot stub Message-ID: <20200924173801.GA103726@rani.riverdale.lan> References: <1600959521-24158-1-git-send-email-ross.philipson@oracle.com> <1600959521-24158-8-git-send-email-ross.philipson@oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <1600959521-24158-8-git-send-email-ross.philipson@oracle.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Sep 24, 2020 at 10:58:35AM -0400, Ross Philipson wrote: > The Secure Launch (SL) stub provides the entry point for Intel TXT (and > later AMD SKINIT) to vector to during the late launch. The symbol > sl_stub_entry is that entry point and its offset into the kernel is > conveyed to the launching code using the MLE (Measured Launch > Environment) header in the structure named mle_header. The offset of the > MLE header is set in the kernel_info. The routine sl_stub contains the > very early late launch setup code responsible for setting up the basic > environment to allow the normal kernel startup_32 code to proceed. It is > also responsible for properly waking and handling the APs on Intel > platforms. The routine sl_main which runs after entering 64b mode is > responsible for measuring configuration and module information before > it is used like the boot params, the kernel command line, the TXT heap, > an external initramfs, etc. > > Signed-off-by: Ross Philipson Which version of the kernel is this based on? > diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S > index 97d37f0..42043bf 100644 > --- a/arch/x86/boot/compressed/head_64.S > +++ b/arch/x86/boot/compressed/head_64.S > @@ -279,6 +279,21 @@ SYM_INNER_LABEL(efi32_pe_stub_entry, SYM_L_LOCAL) > SYM_FUNC_END(efi32_stub_entry) > #endif > > +#ifdef CONFIG_SECURE_LAUNCH > +SYM_FUNC_START(sl_stub_entry) > + /* > + * On entry, %ebx has the entry abs offset to sl_stub_entry. To > + * find the beginning of where we are loaded, sub off from the > + * beginning. > + */ This requirement should be added to the documentation. Is it necessary or can this stub just figure out the address the same way as the other 32-bit entry points, using the scratch space in bootparams as a little stack? > + leal (startup_32 - sl_stub_entry)(%ebx), %ebx > + > + /* More room to work in sl_stub in the text section */ > + jmp sl_stub > + > +SYM_FUNC_END(sl_stub_entry) > +#endif > + > .code64 > .org 0x200 > SYM_CODE_START(startup_64) > @@ -537,6 +552,25 @@ SYM_FUNC_START_LOCAL_NOALIGN(.Lrelocated) > shrq $3, %rcx > rep stosq > > +#ifdef CONFIG_SECURE_LAUNCH > + /* > + * Have to do the final early sl stub work in 64b area. > + * > + * *********** NOTE *********** > + * > + * Several boot params get used before we get a chance to measure > + * them in this call. This is a known issue and we currently don't > + * have a solution. The scratch field doesn't matter and loadflags > + * have KEEP_SEGMENTS set by the stub code. There is no obvious way > + * to do anything about the use of kernel_alignment or init_size > + * though these seem low risk. > + */ There are various fields in bootparams that depend on where the kernel/initrd and cmdline are loaded in memory. If the entire bootparams page is getting measured, does that mean they all have to be at fixed addresses on every boot? Also KEEP_SEGMENTS support is gone from the kernel since v5.7, since it was unused. startup_32 now always loads a GDT and then the segment registers. I think this should be ok for you as the only thing the flag used to do in the 64-bit kernel was to stop startup_32 from blindly loading __BOOT_DS into the segment registers before it had setup its own GDT. For the 32-bit assembler code that's being added, tip/master now has changes that prevent the compressed kernel from having any runtime relocations. You'll need to revise some of the code and the data structures initial values to avoid creating relocations. Thanks.