Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp1823363pxj; Fri, 18 Jun 2021 17:02:45 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz+71QuUjncTGsjct77Heq4XpIyGof3hwg5O5fx5s6aMf0ba7VUh2D86sP0ugUP7OgC8odT X-Received: by 2002:a50:d64a:: with SMTP id c10mr8248740edj.199.1624060964955; Fri, 18 Jun 2021 17:02:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1624060964; cv=none; d=google.com; s=arc-20160816; b=jzqW8kZRfUUoScCUoUnClGNjeiPcx1gxAZO6S3gLKm2MI1r1SaJPfi3l1OCJqmKsX+ dfO1RVlBqd/SBRvOr6LX2eV2G3M2QWY7VLfJKReDTwZUpkM+CW5MRaSVopninpp1kCI1 yH72fdQ7lvfM5bPfmB0psOHvRsabew3DrXOD2okIjGZXPWXAPLU1C7070gB0U2mhwlg2 JN95yl4T4NUfnfp6Mc/4inksTwgAR3yvh3lyGcHvctCcXou067hGakjeQYwnw3jmkYN2 kOc4wIelrslyxPwSJgNOT/5YZ6jubkkDLGoLUFZ7tUwOIyQS1B3XhUdVwwbXkRCf0C4b GEbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:references:in-reply-to:message-id:date:subject :cc:to:from:dkim-signature; bh=LQZ+GE9yVVhfvtNDyFMeIAWHQrqXBNb//RTV73osKc0=; b=JNub50i22DMX4nYort/gpcvkqrCfGhRbQFfD2V4TfUjv+dWOeJ9z3ErcOy1Kbst6sX +HdMqkzBZDENRj3Jn42KzTLjtuAm4IFJy0IXN4FcICuleq9huNvMlVd1rD3RJFkEyeD2 xw74+DOiXWSXq6AKxnuHZ8BKhsQUGO7bQqjoYAKR4jANFb/v82PBV8FxuOwcmNGcQae0 W9yTPSoxn3n82kpqbuZKlp7iA6RvgVsDICRNk94gZNu3NFae5cOBv2maZ/t+7BCLpLTZ idjL2Z4eftM8LOebK0xPEINs86BTZC2vfIlQiXNy6XwjeRbU5ZiiPG5uwWooPHP7E8M0 N2VQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2020-01-29 header.b=AI1H4sqw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t12si11552329edc.333.2021.06.18.17.02.07; Fri, 18 Jun 2021 17:02:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2020-01-29 header.b=AI1H4sqw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231367AbhFRQJa (ORCPT + 99 others); Fri, 18 Jun 2021 12:09:30 -0400 Received: from mx0a-00069f02.pphosted.com ([205.220.165.32]:46090 "EHLO mx0a-00069f02.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230006AbhFRQJ3 (ORCPT ); Fri, 18 Jun 2021 12:09:29 -0400 Received: from pps.filterd (m0246617.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 15IG0sKV005131; Fri, 18 Jun 2021 16:06:57 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references; s=corp-2020-01-29; bh=LQZ+GE9yVVhfvtNDyFMeIAWHQrqXBNb//RTV73osKc0=; b=AI1H4sqwuNomFNCHS74ByG38FHdu9LaoUO43F0e7Sl+Ps49r4Zod77cEZhhVg/FmwAGd E1B04Mi+Hyu3i3xoLWR9/UBo2VaufhM0VWoxeUiVY9UD5d8M47LxPb8oEFX6SSKD4Fn1 z6BktApiCh6GlqGFCPyvp7Vapxis9Q2YBY2KczlXlc8KhVw00CNd9MWkkkhWzn3fT+Ng r7ECmBkCI3xCTVwhrL1sHu1G34jU/ldPT6+ASTa0lctNmc0FdyMKvIYgVyywH+BybD0P lELbFZ9PUpQSKRkPyL8zH/OdBrEeN/T5Zu8wwX0Q5mA8ACzdBFTR9k2mOkIzpaYeXZqk 4w== Received: from userp3020.oracle.com (userp3020.oracle.com [156.151.31.79]) by mx0b-00069f02.pphosted.com with ESMTP id 397mptmbhc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 18 Jun 2021 16:06:56 +0000 Received: from pps.filterd (userp3020.oracle.com [127.0.0.1]) by userp3020.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 15IG1cPH155098; Fri, 18 Jun 2021 16:06:55 GMT Received: from pps.reinject (localhost [127.0.0.1]) by userp3020.oracle.com with ESMTP id 396wayyuxw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 18 Jun 2021 16:06:55 +0000 Received: from userp3020.oracle.com (userp3020.oracle.com [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 15IG6sV1167639; Fri, 18 Jun 2021 16:06:54 GMT Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by userp3020.oracle.com with ESMTP id 396wayyuxh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 18 Jun 2021 16:06:54 +0000 Received: from abhmp0001.oracle.com (abhmp0001.oracle.com [141.146.116.7]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id 15IG6pih018495; Fri, 18 Jun 2021 16:06:51 GMT Received: from lateralus.us.oracle.com (/10.149.232.101) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 18 Jun 2021 16:06:51 +0000 From: Ross Philipson To: linux-kernel@vger.kernel.org, x86@kernel.org, iommu@lists.linux-foundation.org, linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org Cc: ross.philipson@oracle.com, dpsmith@apertussolutions.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, luto@amacapital.net, trenchboot-devel@googlegroups.com Subject: [PATCH v2 08/12] kexec: Secure Launch kexec SEXIT support Date: Fri, 18 Jun 2021 12:12:53 -0400 Message-Id: <1624032777-7013-9-git-send-email-ross.philipson@oracle.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1624032777-7013-1-git-send-email-ross.philipson@oracle.com> References: <1624032777-7013-1-git-send-email-ross.philipson@oracle.com> X-Proofpoint-GUID: 0Viov2hHSfNgLDHDilXu2cMCH8No2Jc- X-Proofpoint-ORIG-GUID: 0Viov2hHSfNgLDHDilXu2cMCH8No2Jc- Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Prior to running the next kernel via kexec, the Secure Launch code closes down private SMX resources and does an SEXIT. This allows the next kernel to start normally without any issues starting the APs etc. Signed-off-by: Ross Philipson --- arch/x86/kernel/slaunch.c | 71 +++++++++++++++++++++++++++++++++++++++++++++++ kernel/kexec_core.c | 4 +++ 2 files changed, 75 insertions(+) diff --git a/arch/x86/kernel/slaunch.c b/arch/x86/kernel/slaunch.c index a24d384..8db557a 100644 --- a/arch/x86/kernel/slaunch.c +++ b/arch/x86/kernel/slaunch.c @@ -470,3 +470,74 @@ void __init slaunch_setup(void) vendor[3] == INTEL_CPUID_MFGID_EDX) slaunch_setup_intel(); } + +static inline void smx_getsec_sexit(void) +{ + asm volatile (".byte 0x0f,0x37\n" + : : "a" (SMX_X86_GETSEC_SEXIT)); +} + +void slaunch_finalize(int do_sexit) +{ + void __iomem *config; + u64 one = TXT_REGVALUE_ONE, val; + + if ((slaunch_get_flags() & (SL_FLAG_ACTIVE|SL_FLAG_ARCH_TXT)) != + (SL_FLAG_ACTIVE|SL_FLAG_ARCH_TXT)) + return; + + config = ioremap(TXT_PRIV_CONFIG_REGS_BASE, TXT_NR_CONFIG_PAGES * + PAGE_SIZE); + if (!config) { + pr_emerg("Error SEXIT failed to ioremap TXT private reqs\n"); + return; + } + + /* Clear secrets bit for SEXIT */ + memcpy_toio(config + TXT_CR_CMD_NO_SECRETS, &one, sizeof(one)); + memcpy_fromio(&val, config + TXT_CR_E2STS, sizeof(val)); + + /* Unlock memory configurations */ + memcpy_toio(config + TXT_CR_CMD_UNLOCK_MEM_CONFIG, &one, sizeof(one)); + memcpy_fromio(&val, config + TXT_CR_E2STS, sizeof(val)); + + /* Close the TXT private register space */ + memcpy_toio(config + TXT_CR_CMD_CLOSE_PRIVATE, &one, sizeof(one)); + memcpy_fromio(&val, config + TXT_CR_E2STS, sizeof(val)); + + /* + * Calls to iounmap are not being done because of the state of the + * system this late in the kexec process. Local IRQs are disabled and + * iounmap causes a TLB flush which in turn causes a warning. Leaving + * thse mappings is not an issue since the next kernel is going to + * completely re-setup memory management. + */ + + /* Map public registers and do a final read fence */ + config = ioremap(TXT_PUB_CONFIG_REGS_BASE, TXT_NR_CONFIG_PAGES * + PAGE_SIZE); + if (!config) { + pr_emerg("Error SEXIT failed to ioremap TXT public reqs\n"); + return; + } + + memcpy_fromio(&val, config + TXT_CR_E2STS, sizeof(val)); + + pr_emerg("TXT clear secrets bit and unlock memory complete."); + + if (!do_sexit) + return; + + if (smp_processor_id() != 0) { + pr_emerg("Error TXT SEXIT must be called on CPU 0\n"); + return; + } + + /* Disable SMX mode */ + cr4_set_bits(X86_CR4_SMXE); + + /* Do the SEXIT SMX operation */ + smx_getsec_sexit(); + + pr_emerg("TXT SEXIT complete."); +} diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c index f099bae..1dcf20c 100644 --- a/kernel/kexec_core.c +++ b/kernel/kexec_core.c @@ -38,6 +38,7 @@ #include #include #include +#include #include #include @@ -1178,6 +1179,9 @@ int kernel_kexec(void) cpu_hotplug_enable(); pr_notice("Starting new kernel\n"); machine_shutdown(); + + /* Finalize TXT registers and do SEXIT */ + slaunch_finalize(1); } kmsg_dump(KMSG_DUMP_SHUTDOWN); -- 1.8.3.1