Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp4132445pxv; Mon, 28 Jun 2021 23:11:18 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzQF7RIPSp09ghUOSguK0B8uOuCrKUK9zboZ+ceJkGucxzE6azLoVaEpMBKkUpovvPu1qkV X-Received: by 2002:a05:6e02:1be3:: with SMTP id y3mr14325887ilv.142.1624947078390; Mon, 28 Jun 2021 23:11:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1624947078; cv=none; d=google.com; s=arc-20160816; b=lGUPvGf+UMkebhGiDoKdiu1eoQbi9KwjD7A45+TbqWN4M+lmlVT4QbNn1YqLrwc01z IeghLDrZCAw9RbKznoOl7oc9Je7cbsiAcu5Rmj/i7USlZoeCeKggPTt6F7nGvauedJYc 9dwYZXRM6h02jR0xPrMVQHZ/liNiZ94IeqFcJswlvNiqwNttbvomL+0SayveCaRWblx3 E/LzOC0Pqrxstixkq6r8ygaBR0LVaunBtN5dg24u4KWPkB6GcitYwg6c4yD59CDh/Jtr VXd4bO5d1rVuk1HDaCOu03hzUcByXtbzpaTqlvQMIyGyvl39zQI1bx7glALa9HytAyYK CpWw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:dkim-signature; bh=AlpvKOKBWbtrP8/Afnp56Pm7GdYimJlG8sWsm5x5Rx4=; b=TAv35FY1ssWjtlFcQicMUflFEs9PaNWlLLPUiuhwyXOCBV9Y4gHZP+o2iGWAylrTro Tx18jE4aRfFpzthJwg1ZHdM4LkSG76JcPOFnhuElTza0atxf7PWWB/5we66MD0gjcp92 9AR9yyQJEGW0cxIS126COsAhPK4pgUzhMTYMTCzGzXwVsub/wNPoJJKZ6OdIWxutBig/ 2exyILgau9Chjql78vFpnDasnKOSq9hA5dWRruqQy6nLTIjvIi4s3kilSOIVBOZwE5Lz Um7dj8kvNQzgWbLm7771aHWUobeG8BKh8ckvBXXQZ63UaDfvAyOTPRpMfLLu0ao6XKc+ ceFw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b="jkak/l53"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p16si21841076jan.14.2021.06.28.23.11.07; Mon, 28 Jun 2021 23:11:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b="jkak/l53"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232026AbhF2GHs (ORCPT + 99 others); Tue, 29 Jun 2021 02:07:48 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:4938 "EHLO mx0b-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231881AbhF2GHg (ORCPT ); Tue, 29 Jun 2021 02:07:36 -0400 Received: from pps.filterd (m0127361.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 15T64M61077663; Tue, 29 Jun 2021 02:05:01 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=subject : to : cc : references : from : message-id : date : mime-version : in-reply-to : content-type : content-transfer-encoding; s=pp1; bh=AlpvKOKBWbtrP8/Afnp56Pm7GdYimJlG8sWsm5x5Rx4=; b=jkak/l53wmqq8ZUPvxJUpZeXGoRpao20lJvetikKwJE4/tbSOqmjv2In2Jub43BUXmOF 2jySiguPbDv5FVbvjKV2c43Rnw9mGSv75q1ctvXa3p5BjYceWfELjRwHK9sy1wnE45zb laQPMQcqAORazyGeAA9n67PQQVrbkarvTkobkZA9OcCi5zJ35paNnzx6wDQQ3L+QLcFq nEIS8x1S3r0czay11sCaNhtv/fEgPBsD8zwuim0dHmU7GYOFwE6wGJPo5PBqTCNNi8VN cWeFOs6YytzS7/lrU3Gxh7B4tgX57oPK4qEORU00yEjZyofgunm/GbzI+rhLhMzVOgn1 0A== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 39fv2ctfc3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 29 Jun 2021 02:05:01 -0400 Received: from m0127361.ppops.net (m0127361.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 15T64Urt078278; Tue, 29 Jun 2021 02:05:00 -0400 Received: from ppma02fra.de.ibm.com (47.49.7a9f.ip4.static.sl-reverse.com [159.122.73.71]) by mx0a-001b2d01.pphosted.com with ESMTP id 39fv2ctfbh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 29 Jun 2021 02:05:00 -0400 Received: from pps.filterd (ppma02fra.de.ibm.com [127.0.0.1]) by ppma02fra.de.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 15T62c4J027760; Tue, 29 Jun 2021 06:04:59 GMT Received: from b06cxnps4075.portsmouth.uk.ibm.com (d06relay12.portsmouth.uk.ibm.com [9.149.109.197]) by ppma02fra.de.ibm.com with ESMTP id 39duv8gjtd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 29 Jun 2021 06:04:58 +0000 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 15T64tvg27328796 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 29 Jun 2021 06:04:56 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B9617A40D7; Tue, 29 Jun 2021 06:04:54 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 471D8A407D; Tue, 29 Jun 2021 06:04:50 +0000 (GMT) Received: from [9.160.49.135] (unknown [9.160.49.135]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Tue, 29 Jun 2021 06:04:49 +0000 (GMT) Subject: Re: [RFC PATCH v2 2/3] efi: Reserve confidential computing secret area To: Tom Lendacky , linux-efi@vger.kernel.org Cc: Laszlo Ersek , Ashish Kalra , Brijesh Singh , Ard Biesheuvel , James Morris , "Serge E. Hallyn" , Andi Kleen , "Dr. David Alan Gilbert" , James Bottomley , Tobin Feldman-Fitzthum , Jim Cadden , linux-coco@lists.linux.dev, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org References: <20210628183431.953934-1-dovmurik@linux.ibm.com> <20210628183431.953934-3-dovmurik@linux.ibm.com> <9b9b682f-297e-9ebd-4d67-43c3ed9ad8c5@amd.com> From: Dov Murik Message-ID: <996db75c-5648-17b1-5bae-f3b10d72c110@linux.ibm.com> Date: Tue, 29 Jun 2021 09:04:48 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: <9b9b682f-297e-9ebd-4d67-43c3ed9ad8c5@amd.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: aZufCRSzQhsAwgYeak7KS2ftPBjDJ4mM X-Proofpoint-GUID: _HvNLJMku3LJoaLB_n9Rwfz3P-avA3HV X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391,18.0.790 definitions=2021-06-29_02:2021-06-25,2021-06-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 adultscore=0 lowpriorityscore=0 malwarescore=0 mlxscore=0 clxscore=1015 mlxlogscore=999 impostorscore=0 phishscore=0 bulkscore=0 suspectscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2106290039 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Tom, On 28/06/2021 23:40, Tom Lendacky wrote: > On 6/28/21 1:34 PM, Dov Murik wrote: >> When efi-stub copies an EFI-provided confidential computing secret area, >> reserve that memory block for future use within the kernel. >> >> Signed-off-by: Dov Murik >> --- >> drivers/firmware/efi/Makefile | 2 +- >> drivers/firmware/efi/confidential-computing.c | 41 +++++++++++++++++++ >> drivers/firmware/efi/efi.c | 5 +++ >> include/linux/efi.h | 4 ++ >> 4 files changed, 51 insertions(+), 1 deletion(-) >> create mode 100644 drivers/firmware/efi/confidential-computing.c >> >> diff --git a/include/linux/efi.h b/include/linux/efi.h >> index 4f647f1ee298..e9740bd16db0 100644 >> --- a/include/linux/efi.h >> +++ b/include/linux/efi.h >> @@ -551,6 +551,8 @@ extern struct efi { >> unsigned long tpm_log; /* TPM2 Event Log table */ >> unsigned long tpm_final_log; /* TPM2 Final Events Log table */ >> unsigned long mokvar_table; /* MOK variable config table */ >> + unsigned long confidential_computing_secret; /* Confidential computing */ >> + /* secret table */ > > If there is any possibility that someone could reuse a form of this > confidential computing secret table in a bare metal system, then this > table needs to be added to the efi_tables[] array in > arch/x86/platform/efi/efi.c. Otherwise, it will be mapped improperly on a > system with SME active. Good catch, thanks. I see that all existing table addresses from struct efi are added to the efi_tables[] array, so for completeness it makes sense to add efi.confidential_computing_secret as well (even though currently bare metal firmware doesn't have this table). Thanks, -Dov > > Thanks, > Tom > >> >> efi_get_time_t *get_time; >> efi_set_time_t *set_time; >> @@ -1190,6 +1192,8 @@ extern int efi_tpm_final_log_size; >> >> extern unsigned long rci2_table_phys; >> >> +extern int efi_confidential_computing_secret_area_reserve(void); >> + >> /* >> * efi_runtime_service() function identifiers. >> * "NONE" is used by efi_recover_from_page_fault() to check if the page >>