Received: by 2002:a05:6500:1b41:b0:1fb:d597:ff75 with SMTP id cz1csp343414lqb; Tue, 4 Jun 2024 13:07:47 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXFKnJuxq3qMnda3Dr1e2/aI1F5xw4HjMmYdW81VcwHba+LW06BAWySjR+Jk5uuVW9qF1RWe4Dfmps/SIQFfX7eb97JEaW/qeClaRBVGg== X-Google-Smtp-Source: AGHT+IG+ICkg/LCnv4tLyOJjhrf9oNgC57uwqT0zKHt8L5Hzpt08IEBoZ0qOHxKs2O4AJAz6yOr/ X-Received: by 2002:a17:902:c942:b0:1f6:89b1:a405 with SMTP id d9443c01a7336-1f6a5a84961mr8799945ad.67.1717531666917; Tue, 04 Jun 2024 13:07:46 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717531666; cv=pass; d=google.com; s=arc-20160816; b=ILyznMGRT93bPz29FWtSfAVWvlXI5F+8/HAh28lXVfRIvCa/ozyWgIu37rIunEnQ7E 68zHvpF1eyhPTo2mmFncVKnLaEc90gyRL1lbsLAnBBrRRnvNbxDlCIZWEUUrFBoGvMqm Y5I2liwoN6l6aMtQiUZ2sz19ky9zayKuS/Ys7XRJQVPbGmYSo/b2Xn2xjEUTglynzfjU ysgdtZpZSoPJ7rL2bwEW8GCDZKhmoYdzLmajBFxMHaN7HJWs5o/CXkFbe8VBDWGjg5/p kCX+BfOcEtJicIkgwn9QylA5ptFuFua4xaP+Qz+AxyBMkY8ybYWvEAwtppKDZfOAj30b pVIQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=KX6Hxbz09tY2t+ubWVU/8L7+7VJN5uiKgW3CojCHGno=; fh=x4JEXdITJ03f7fvdFTw1BV69Q5AynuprZNh65fG5IYU=; b=Le0IrDWAxxU2ssZet6qB5go/0mPxy7CWN9kfy5Z3r3zEn8FQsn7l3ABkT447PHMUFq qHnl5D90+HfvQyK2WvC49AZAZW5NOLMMdqCGjykTlHbOv/ICvDdFKKO93S7FTA8vh8dm mTKVCSMoDVosgs78IzJ9foqb5aS1kmhQbUHWPQXCMD5CFfNABhcx6lgn4nK8yYwk0zOm Im4RLmCZfeAdpqBfOvK3x3WVVshtlc5wkRH5i+GxW39RapkdeGVdAxyCcnl/qGEiQ/aX EBJ00b8tBV90F3Q5Xwfdso8Cz4VcfFEJwbbkH5w+j5hx6DtzBvJPmyKmAI52yclLyLqN ANaQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=MJGAjhvB; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-201328-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-201328-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id d9443c01a7336-1f63233eefbsi88485025ad.7.2024.06.04.13.07.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Jun 2024 13:07:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-201328-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=MJGAjhvB; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-201328-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-201328-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id C2DAC286970 for ; Tue, 4 Jun 2024 20:07:01 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id CEE2014BF98; Tue, 4 Jun 2024 20:05:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="MJGAjhvB" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A91C61350FD; Tue, 4 Jun 2024 20:05:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717531542; cv=none; b=tqCLvsGX9yNPmpCJBzfFpbfgQxc4nEAlSQ1WHozygnHU0FP7Nid6u7xkjqnQA6I9zDKUrf9u7iDkUS+T4PAJagz3hjEVarKUHQ53KWHq/z/wstNov72/KgLYlKToWUTgsE7K5jAbME4SZ0V4eBTWVg5NJLTKN9Q0QjF0TGol/l8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717531542; c=relaxed/simple; bh=QLqs9WHSOcHHhkgiaiakjAA0F6yNAaoAq+qiyxzHWdI=; h=Mime-Version:Content-Type:Date:Message-Id:Cc:Subject:From:To: References:In-Reply-To; b=eMykEQLDjfAoPDLals97pDAAnuJyl42iKhs/PGDROvdFTIxmzJ65Zc4whRncLctlCBD/KT6BwxGFqoC/QEwKt57A3blZXPKXdWLAweJhi0E8IU53AFM+pnjupsEJtwPm8V04/uN3j4AL0w3L0J5L9UJwTlJGAutXfbB4tDJkTEM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=MJGAjhvB; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id AC2A3C2BBFC; Tue, 4 Jun 2024 20:05:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1717531542; bh=QLqs9WHSOcHHhkgiaiakjAA0F6yNAaoAq+qiyxzHWdI=; h=Date:Cc:Subject:From:To:References:In-Reply-To:From; b=MJGAjhvB+Xghx5Zt1mN7lrbKgKYJzpdLiUP3UIYJTEVSzjDezPhUgxLfWeM+XSlxy d7xQl557WklPewcEGbPNvc68StJMzAdeLB89n0HTzoaPD+GB/rb+s5orzTYSRNvGX1 yYcNKwEAATao/C0+n7oqXcoW3CWefkgZPjiljdFbdpaeTqy7jwriWyqJaMRbMTgDm7 KRWPAr66+yOe8gDXKFHlz/pBlEKCQ6zUDpaPeKCi3mxboYTq03gu77u9XALv//oi4T e5ceTYkB2tAVYKVDc+Nr2tmfgufFvl0B1pSoRxoLagUhZ6UswqK5DT2uCJG+eY7vFR yVdi8y//tvCKg== Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Tue, 04 Jun 2024 23:05:34 +0300 Message-Id: Cc: , , , , , , , , , , , , , , , , , , , , , Subject: Re: [PATCH v9 10/19] x86: Secure Launch SMP bringup support From: "Jarkko Sakkinen" To: "Ross Philipson" , , , , , , , , X-Mailer: aerc 0.17.0 References: <20240531010331.134441-1-ross.philipson@oracle.com> <20240531010331.134441-11-ross.philipson@oracle.com> In-Reply-To: <20240531010331.134441-11-ross.philipson@oracle.com> On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote: > On Intel, the APs are left in a well documented state after TXT performs > the late launch. Specifically they cannot have #INIT asserted on them so > a standard startup via INIT/SIPI/SIPI cannot be performed. Instead the > early SL stub code uses MONITOR and MWAIT to park the APs. The realmode/i= nit.c > code updates the jump address for the waiting APs with the location of th= e > Secure Launch entry point in the RM piggy after it is loaded and fixed up= . > As the APs are woken up by writing the monitor, the APs jump to the Secur= e > Launch entry point in the RM piggy which mimics what the real mode code w= ould > do then jumps to the standard RM piggy protected mode entry point. > > Signed-off-by: Ross Philipson > --- > arch/x86/include/asm/realmode.h | 3 ++ > arch/x86/kernel/smpboot.c | 58 +++++++++++++++++++++++++++- > arch/x86/realmode/init.c | 3 ++ > arch/x86/realmode/rm/header.S | 3 ++ > arch/x86/realmode/rm/trampoline_64.S | 32 +++++++++++++++ > 5 files changed, 97 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/include/asm/realmode.h b/arch/x86/include/asm/realm= ode.h > index 87e5482acd0d..339b48e2543d 100644 > --- a/arch/x86/include/asm/realmode.h > +++ b/arch/x86/include/asm/realmode.h > @@ -38,6 +38,9 @@ struct real_mode_header { > #ifdef CONFIG_X86_64 > u32 machine_real_restart_seg; > #endif > +#ifdef CONFIG_SECURE_LAUNCH > + u32 sl_trampoline_start32; > +#endif > }; > =20 > /* This must match data at realmode/rm/trampoline_{32,64}.S */ > diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c > index 0c35207320cb..adb521221d6c 100644 > --- a/arch/x86/kernel/smpboot.c > +++ b/arch/x86/kernel/smpboot.c > @@ -60,6 +60,7 @@ > #include > #include > #include > +#include > =20 > #include > #include > @@ -868,6 +869,56 @@ int common_cpu_up(unsigned int cpu, struct task_stru= ct *idle) > return 0; > } > =20 > +#ifdef CONFIG_SECURE_LAUNCH > + > +static bool slaunch_is_txt_launch(void) > +{ > + if ((slaunch_get_flags() & (SL_FLAG_ACTIVE|SL_FLAG_ARCH_TXT)) =3D=3D > + (SL_FLAG_ACTIVE | SL_FLAG_ARCH_TXT)) > + return true; > + > + return false; > +} static inline bool slaunch_is_txt_launch(void) { u32 mask =3D SL_FLAG_ACTIVE | SL_FLAG_ARCH_TXT; return slaunch_get_flags() & mask =3D=3D mask; } > + > +/* > + * TXT AP startup is quite different than normal. The APs cannot have #I= NIT > + * asserted on them or receive SIPIs. The early Secure Launch code has p= arked > + * the APs using monitor/mwait. This will wake the APs by writing the mo= nitor > + * and have them jump to the protected mode code in the rmpiggy where th= e rest > + * of the SMP boot of the AP will proceed normally. > + */ > +static void slaunch_wakeup_cpu_from_txt(int cpu, int apicid) > +{ > + struct sl_ap_wake_info *ap_wake_info; > + struct sl_ap_stack_and_monitor *stack_monitor =3D NULL; struct sl_ap_stack_and_monitor *stack_monitor; /* note: no initialization *= / struct sl_ap_wake_info *ap_wake_info; > + > + ap_wake_info =3D slaunch_get_ap_wake_info(); > + > + stack_monitor =3D (struct sl_ap_stack_and_monitor *)__va(ap_wake_info->= ap_wake_block + > + ap_wake_info->ap_stacks_offset); > + > + for (unsigned int i =3D TXT_MAX_CPUS - 1; i >=3D 0; i--) { > + if (stack_monitor[i].apicid =3D=3D apicid) { > + /* Write the monitor */ I'd remove this comment. > + stack_monitor[i].monitor =3D 1; > + break; > + } > + } > +} > + > +#else > + > +static inline bool slaunch_is_txt_launch(void) > +{ > + return false; > +} > + > +static inline void slaunch_wakeup_cpu_from_txt(int cpu, int apicid) > +{ > +} > + > +#endif /* !CONFIG_SECURE_LAUNCH */ > + > /* > * NOTE - on most systems this is a PHYSICAL apic ID, but on multiquad > * (ie clustered apic addressing mode), this is a LOGICAL apic ID. > @@ -877,7 +928,7 @@ int common_cpu_up(unsigned int cpu, struct task_struc= t *idle) > static int do_boot_cpu(u32 apicid, int cpu, struct task_struct *idle) > { > unsigned long start_ip =3D real_mode_header->trampoline_start; > - int ret; > + int ret =3D 0; > =20 > #ifdef CONFIG_X86_64 > /* If 64-bit wakeup method exists, use the 64-bit mode trampoline IP */ > @@ -922,12 +973,15 @@ static int do_boot_cpu(u32 apicid, int cpu, struct = task_struct *idle) > =20 > /* > * Wake up a CPU in difference cases: > + * - Intel TXT DRTM launch uses its own method to wake the APs > * - Use a method from the APIC driver if one defined, with wakeup > * straight to 64-bit mode preferred over wakeup to RM. > * Otherwise, > * - Use an INIT boot APIC message > */ > - if (apic->wakeup_secondary_cpu_64) > + if (slaunch_is_txt_launch()) > + slaunch_wakeup_cpu_from_txt(cpu, apicid); > + else if (apic->wakeup_secondary_cpu_64) > ret =3D apic->wakeup_secondary_cpu_64(apicid, start_ip); > else if (apic->wakeup_secondary_cpu) > ret =3D apic->wakeup_secondary_cpu(apicid, start_ip); > diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c > index f9bc444a3064..d95776cb30d3 100644 > --- a/arch/x86/realmode/init.c > +++ b/arch/x86/realmode/init.c > @@ -4,6 +4,7 @@ > #include > #include > #include > +#include > =20 > #include > #include > @@ -210,6 +211,8 @@ void __init init_real_mode(void) > =20 > setup_real_mode(); > set_real_mode_permissions(); > + > + slaunch_fixup_jump_vector(); > } > =20 > static int __init do_init_real_mode(void) > diff --git a/arch/x86/realmode/rm/header.S b/arch/x86/realmode/rm/header.= S > index 2eb62be6d256..3b5cbcbbfc90 100644 > --- a/arch/x86/realmode/rm/header.S > +++ b/arch/x86/realmode/rm/header.S > @@ -37,6 +37,9 @@ SYM_DATA_START(real_mode_header) > #ifdef CONFIG_X86_64 > .long __KERNEL32_CS > #endif > +#ifdef CONFIG_SECURE_LAUNCH > + .long pa_sl_trampoline_start32 > +#endif > SYM_DATA_END(real_mode_header) > =20 > /* End signature, used to verify integrity */ > diff --git a/arch/x86/realmode/rm/trampoline_64.S b/arch/x86/realmode/rm/= trampoline_64.S > index 14d9c7daf90f..b0ce6205d7ea 100644 > --- a/arch/x86/realmode/rm/trampoline_64.S > +++ b/arch/x86/realmode/rm/trampoline_64.S > @@ -122,6 +122,38 @@ SYM_CODE_END(sev_es_trampoline_start) > =20 > .section ".text32","ax" > .code32 > +#ifdef CONFIG_SECURE_LAUNCH > + .balign 4 > +SYM_CODE_START(sl_trampoline_start32) > + /* > + * The early secure launch stub AP wakeup code has taken care of all > + * the vagaries of launching out of TXT. This bit just mimics what the > + * 16b entry code does and jumps off to the real startup_32. > + */ > + cli > + wbinvd > + > + /* > + * The %ebx provided is not terribly useful since it is the physical > + * address of tb_trampoline_start and not the base of the image. > + * Use pa_real_mode_base, which is fixed up, to get a run time > + * base register to use for offsets to location that do not have > + * pa_ symbols. > + */ > + movl $pa_real_mode_base, %ebx > + > + LOCK_AND_LOAD_REALMODE_ESP lock_pa=3D1 > + > + lgdt tr_gdt(%ebx) > + lidt tr_idt(%ebx) > + > + movw $__KERNEL_DS, %dx # Data segment descriptor > + > + /* Jump to where the 16b code would have jumped */ > + ljmpl $__KERNEL32_CS, $pa_startup_32 > +SYM_CODE_END(sl_trampoline_start32) > +#endif > + > .balign 4 > SYM_CODE_START(startup_32) > movl %edx, %ss BR, Jarkko