Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp10513667rwr; Fri, 12 May 2023 09:05:17 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6D/97KGfgn2QpINUE68VtNUMq647YwawrUxzX9epWRHuIo3fjBJb4ko/JxoISBuv5t3+0N X-Received: by 2002:a05:6a20:1445:b0:f3:b7:b10a with SMTP id a5-20020a056a20144500b000f300b7b10amr32076324pzi.15.1683907516880; Fri, 12 May 2023 09:05:16 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1683907516; cv=pass; d=google.com; s=arc-20160816; b=V/ltyj+7CTajsk4ns0j8Tx1pa5qx1Hu6wtcI0LB3WyTxHajjqqVGvHuj0DV1pZSn1P a8Vmy747qCYwjYQFmioLbYQzs0hM2JHMVAo9KKHBzoh9BRI/iAKNJ5Q/qAHS2tbYDvZm xASrgKsZh6r9OxKzzCvDO1TFNunvjZfBusbMy4yGrGn2C37Q8dMcGMGavy/OxU3wCxJJ 7MH3BsgDVTk8y/+w4OHbpG1GPXhcp/T75csjqpga/f5TKxgmw+/GKXF7gMjTPVbEzke9 9r6slL2Uu4Iih+7Dvnxzzj7BUH7zPaYzk2GptlSDzFOU+Psh0Q19OHMcvfVpCOWu9yic tcIQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-transfer-encoding :in-reply-to:from:references:cc:to:content-language:subject :user-agent:date:message-id:dkim-signature:dkim-signature; bh=jykXnPcXDZAxc4Q3H/L+VAUrKJnz827BenC8D2fivTs=; b=nLKEtek5D+nLqljF73rh/2lCDfpjRTqF7uyKwHifUONT3N+vwDKz90UQIyXTLz33pH bzexVz4swNgZu3G6JggHrIuWZzYq/8p4PTElbBIerVfcYBVERkMOBXZOMA/K5JoxmDFQ C/5ri3kosM/wdEQG6qSj0oguFiTCOZBFRLM/uAuSWJT0dCD2reKM3KJsGIW6qAz4I01V MGRP3jUQf02NnUVFjorl9qmDIl33yj5FIgkH70MnnPeDsF7VHD3F08GbAj+EBBRdoi6+ YhJqr5jEYmN9B1YcVJXAR3Z54YHBRXz0MoZa6avzJr6XrUYMQ127vfn4FI2yR1i9ylX7 V0Dg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-03-30 header.b=DTffjniW; dkim=pass header.i=@oracle.onmicrosoft.com header.s=selector2-oracle-onmicrosoft-com header.b=kegKzbDC; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i30-20020a63585e000000b0052856cec948si9728257pgm.879.2023.05.12.09.05.03; Fri, 12 May 2023 09:05:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-03-30 header.b=DTffjniW; dkim=pass header.i=@oracle.onmicrosoft.com header.s=selector2-oracle-onmicrosoft-com header.b=kegKzbDC; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241818AbjELP7i (ORCPT + 99 others); Fri, 12 May 2023 11:59:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40726 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241611AbjELP7h (ORCPT ); Fri, 12 May 2023 11:59:37 -0400 Received: from mx0b-00069f02.pphosted.com (mx0b-00069f02.pphosted.com [205.220.177.32]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 04B872683; Fri, 12 May 2023 08:59:34 -0700 (PDT) Received: from pps.filterd (m0246632.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 34CF4BkS002662; Fri, 12 May 2023 15:59:13 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=message-id : date : subject : to : cc : references : from : in-reply-to : content-type : content-transfer-encoding : mime-version; s=corp-2023-03-30; bh=jykXnPcXDZAxc4Q3H/L+VAUrKJnz827BenC8D2fivTs=; b=DTffjniWgihX5U28crPUO5rMz45JWV/FOq5RtncfP5jNh/29FdW6OaPcyJnckIErJeaS AW2zvTnt7GLDifBU1Pbmk49+GlysrR6cMeQYO4c3iLbiPMGdg2dVDQetzzv4pO8JPFH6 GqjiCox6eLTlObEFwiFxrySDL7SN9j6UKuGte8H9yeZLwxmNCSYnNY5DWToiDHv6m6j/ AR5eixgs8X6WfmSA/1piJykSCVd/EA7A48hVIEY4ljjc8Mfhqe1TIK0Qf0tI7HkLJIgP i9sfifaeH5glXuUKAZ1dnv99rNoERPVDg4sDjU27XH/0PGd7FQyiQoX4OIDeFX4g+tJc vw== Received: from phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta03.appoci.oracle.com [138.1.37.129]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3qf777b16d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 12 May 2023 15:59:11 +0000 Received: from pps.filterd (phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (8.17.1.19/8.17.1.19) with ESMTP id 34CEdfuR011571; Fri, 12 May 2023 15:58:58 GMT Received: from nam10-dm6-obe.outbound.protection.outlook.com (mail-dm6nam10lp2108.outbound.protection.outlook.com [104.47.58.108]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 3qf8151r3f-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 12 May 2023 15:58:58 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ONeuZDj0scmvcoJ/wf9jfxnyXynQU2Gy9mdss65XRtBknlwNMv0/RymdSRWXS4XavI1HAflB5CZ8uG87PR2ir8b4p0fBIukiEGCkyRzqX91EaCYLEheQyblZZWr6dpQiYSKOqBLvWJia1Knmxnbw8mg8iJX/CMk4oyj69gtjANxIYzYDlTWxk+qp+eHIy/42DSc7vSRILaazeMcKCUc78Hv+gyTOxafRzUvDzFlq+2r48sAIhb99xMmvcKR1OqLyJEcsXrCx18/IzwE60XR3I2rH5AAL9G8k4V1e5kDk/J95Iw2EaAsm+A32CgZB4K8WJMpjZdzQCCRjsD07FgslHw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jykXnPcXDZAxc4Q3H/L+VAUrKJnz827BenC8D2fivTs=; b=QeJrEgUHp0abKF2ea4InHm4l1HTQuoVYYWsSLa/6OWhmmc1B1THRvgldMDcD4xzO5Is6Cfkv+gXxzCsqSfjOTkmdr4eUN9q2k2xg+kkRc86yvjDf++L8mJA+TGQDvnKZuDI8x3xFDdtnHD0JeGcEfMxLDYsz7+CyOCaYKjhPzTglhLxOs0oAnglJDWfGVLUbptgEvW3/ybNlJoG2WnrkrgP6HqOb1M98rXcgOXqO8v51bPjBbYnWC7kCyjbeNB1hb2WnMIdtefB49DCfBvq0nKQfu5nAXH73fESBhbEX+Z1vnU7EvWKGaYpgTT9P0Y47O1n1ELAiDOB3CcuDu2wj4A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jykXnPcXDZAxc4Q3H/L+VAUrKJnz827BenC8D2fivTs=; b=kegKzbDC6wt21rZhE9m1gSCHJJGXE9xqbsz8lbTOcG8csMh0cyBeKdkx8SXhpDUjkF3umAPNAiBkKV3pC2pWsXsuCc+9cikreu1Iw5VbmETHvX8fO9NDMNM3SlRT5H8Fbrcc5qEowuhZf9FmWRkdzQ7na9EFFyjPiTHxlOwnHo4= Received: from BY5PR10MB3793.namprd10.prod.outlook.com (2603:10b6:a03:1f6::14) by SJ2PR10MB7084.namprd10.prod.outlook.com (2603:10b6:a03:4c4::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6363.33; Fri, 12 May 2023 15:58:55 +0000 Received: from BY5PR10MB3793.namprd10.prod.outlook.com ([fe80::37d1:ec08:a280:1d91]) by BY5PR10MB3793.namprd10.prod.outlook.com ([fe80::37d1:ec08:a280:1d91%4]) with mapi id 15.20.6387.024; Fri, 12 May 2023 15:58:55 +0000 Message-ID: Date: Fri, 12 May 2023 11:58:49 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.7.1 Subject: Re: [PATCH v6 08/14] x86: Secure Launch kernel late boot stub Content-Language: en-US To: Jarkko Sakkinen , linux-kernel@vger.kernel.org, x86@kernel.org, linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org, linux-crypto@vger.kernel.org, iommu@lists.linux-foundation.org, kexec@lists.infradead.org, linux-efi@vger.kernel.org Cc: dpsmith@apertussolutions.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, ardb@kernel.org, mjg59@srcf.ucam.org, James.Bottomley@hansenpartnership.com, luto@amacapital.net, nivedita@alum.mit.edu, kanth.ghatraju@oracle.com, trenchboot-devel@googlegroups.com, Ross Philipson References: <20230504145023.835096-1-ross.philipson@oracle.com> <20230504145023.835096-9-ross.philipson@oracle.com> From: Ross Philipson In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-ClientProxiedBy: BN9PR03CA0044.namprd03.prod.outlook.com (2603:10b6:408:fb::19) To BY5PR10MB3793.namprd10.prod.outlook.com (2603:10b6:a03:1f6::14) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BY5PR10MB3793:EE_|SJ2PR10MB7084:EE_ X-MS-Office365-Filtering-Correlation-Id: 71ca858b-e06e-4076-278d-08db5301c99c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: GO8q1VYj03L6n0TV6fdY8nLq9BY2xDJo6eIl20fVge83AFF1wEUVW6SHccVXb/v7VYb0Ozo9nUlGopS64H7waSpyWHUET9pnYjgZrc/GuLDe4O7H/OBIK9N3MbqEA6Mxa7fvx/DrO2Mg0AJyz5mTVtcat8FUv9csfejmBVu2477QoDA+jv3OZjFk0zW1XfQLBUDC9nhDpZJxfYoj3Aaq4fAxn0DoWl1a52otFaA8UKkI2r0niGf6sQoxa1UODRaN8v6O0S27Ockzf8kSHHW6xsp9SqNzr2425rCdhRxRJK9I5bN+Aub8IaS2jlUr/DLIJRXKYlrxEz5JRqergCMVK2AxGxupgcy09I1pnDGNgstyfcGIbcoouj9eVybnw9c3hQ0plM/PbsS8n6G35FGy8bvD0ISZVk8CSaC7/AZAL3X5cU5cbrAIW5C/DJcSZneQAWbPgHaU353bM3VeiXMEILqIgY9nsLTG66BrxkgVroSnd/y9CU4c8BI7KV68v+G/RnBn57Ea9kEsBRaw6+DvG+xAJrO/BxTHFjYjEwTPfmLeDUC5F7Kb7vKeg11HLpr2XsDDTHfNjYNGRv028vRrJ3Wd0iVnxVEQIPxEYkBmWkdbRbbqLNxwLTAhe3rS4mr2cBdmFVGxjQOZuTW20gfEWg== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BY5PR10MB3793.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(39860400002)(366004)(376002)(396003)(346002)(136003)(451199021)(31686004)(316002)(8676002)(44832011)(41300700001)(36756003)(31696002)(86362001)(30864003)(2906002)(7416002)(38100700002)(8936002)(5660300002)(66476007)(478600001)(6512007)(83380400001)(66946007)(6666004)(53546011)(66556008)(186003)(4326008)(107886003)(6486002)(6506007)(2616005)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?SFhVVkV2ejdGa2JRT1I0ZTVEOGRMSHFPTVhINFo0c2pYV1ZoK0Q4TzNzS2hS?= =?utf-8?B?eFp6RkV4L256ckVSN25ocHVaL1pLZzZiY0w2aGZpY0pUSC82bWNwOGgrNUZT?= =?utf-8?B?QWpISzJsSStrU0d3QWx1RlZ6R2ZTcDRBaXNMMWVBUitpRTF6UGZKeWRGczdS?= =?utf-8?B?K2dqUTc4dUpzMHlJMVUwaWp2WFYvczNBa3lzWEpyTlYwdjFaeWRKRXM2MStZ?= =?utf-8?B?ZWdwL2hEMDQ1U05qQmhzR3VMN0lFdE4vT283NE5xN01JWFNTZ2g4RndqM0U0?= =?utf-8?B?R1U2aUVXdWVRQ1h3eFN3Z3VWUk1NWjZrQmNyc2JaRVU5S3VzMjhEcVVIY01Y?= =?utf-8?B?Mk9FMG10OEdmTGhxSTRBMHE0NkJMMnV0Um9sbS92Y1FLb294TElrTmxINmEv?= =?utf-8?B?TzdzTUhSTG5sVExIdFJVY3J2QWgzZnRqMG5NbjZHL1NvODZjUWl3MVdPM2sv?= =?utf-8?B?RmdHbGtOQ2tiZi9PUUQ5RWFsTzhTdFRCcFBXZ0hsQmpJZDdaZmZIOXVYNmlY?= =?utf-8?B?b3dEZUs0by90Nk5xbVR1cjBZSWdXUEg1c3dEd1E3T3V5dS93ZStCSjBYQ1hJ?= =?utf-8?B?SUQrSUpyTm03cTArRkRJWUtPZzh1TTNKaFRSU3luMmZSZkNIV2hCZGRUdnNE?= =?utf-8?B?dzh2U0s1d3BTbGgrbjZzRGhZd0NIcVE5RUJtQWpFcnJkKzRlNzJZSWkwdkpZ?= =?utf-8?B?WWVZMWNFTldrSHNLL29wWnZnMWl5Y3pCbkMxVWZtNklPakJ1ckdHWktPQUg3?= =?utf-8?B?MEtNT1RSM0ZBOVBZYStjb3o5d2FtVUFUaWdxdEJSditEUjh2NHh4Y1hSZDh6?= =?utf-8?B?TElTV3hsZUplbXNvZTRHblkvSHJjMUxYdTAyNE00OXpqV21sVHlFbnRaVGZY?= =?utf-8?B?V0d5ZXpIMzR4dDY4aHlibXNlY1JHNE5lL0pVMVptZ1BpRytvZ0RPemdSQjBP?= =?utf-8?B?eFFkNFVXRTJLa0k1VVVpUDk2bFlZc2FsN282aXg1OVdrMGVTbVFaMTh1WFA4?= =?utf-8?B?S0EyRkhWbklGRTdmQ0pHZXRvbk43eXRjdGxKTU53d3JVMFZaMngwbXVTQ0ti?= =?utf-8?B?ZCtSUDkvay9ocGU5SFUyN3EzZVVwT3YycmtZUVI1dnY5V0U1NlkwMkVVQTVM?= =?utf-8?B?Tm9WSmkvYWpQR3RRa1pwSlZwZ0pvMmMzRkdScjNaU1VhWUFSRFFnSlk3eW5P?= =?utf-8?B?OW12Y2psV1A0WGlyNDNjRk5CMEIyRUhMRUFLOVNOVTdwVkd1SmRDUkYzbTRi?= =?utf-8?B?NW5jMjFERjVsNzRIcHlwdXc3ZGFIQXJjejJGUy9vRW9JQnJUcXNHTXVjU0ZE?= =?utf-8?B?OXRqUzcxdVJqMk9Dc3JJbm9MZHVCNENOMjRQejVqd1Jrclg3ZDUxY3JMSjln?= =?utf-8?B?d0h4a2hlVjNpNlAxTkQwVE1neEw1T01RUStIcjZLbXorVE9PU3ZKMDhsZGdw?= =?utf-8?B?T2lWVUt6NlhyZW1zUVliQnFFc1RiY1RMTWJPTURsdjJMaUhRUjVrcit6cnEw?= =?utf-8?B?amRvS3NQTmJzRVJWUUs0V29BYjdxYmpOb0NwaGRIekN4NFNyUXRZZ29qNVFj?= =?utf-8?B?UE1QUzVpR1RmMnR4WDVkMzNwYVpYMmdhT0phVTBrdWE3R2RTMk83Q1B2OTYy?= =?utf-8?B?bnNGMmZqUjAvaWRxbVhLaC8zN1FySEhuSFRmdnJzOGZ2TzVYRllCQWQ2MnRu?= =?utf-8?B?K3Y3UDF4ZEZrMVJ3d29oc21uemNRT3JqN0FwdzlVTkFNZXpTT09HaVRLTmwx?= =?utf-8?B?YmptdTV2WTNYRkxVVHhDVmdyUDdldG1pMklPVmZ1c3p0ajFSVmN6aTY4ZGR1?= =?utf-8?B?S3d1Q3YrMWVlWE1HcllZNnZmUVVMRURzWDV3QTE0TVZ2VGVOOHVETE8vYjNq?= =?utf-8?B?Sjllb3RIbkZNV2ZvdGpkMkNiNDhxOW9UT0RPZUdpVnMyWUJjUkZtODMrYmJW?= =?utf-8?B?MjhHbGxCdWt5L2taVnhwRDVrM056YlZva0gzT2tUSllVWGV5Sy9oWjdTUHhD?= =?utf-8?B?UVFoNVBjcEZhWkkrU1lGemFXYWE3RHkwTU9JTWxUV3MvV2Y5dlZyd3ZPeXNt?= =?utf-8?B?UzN5ZHhvZS9CVXgxZFZFYW1ycFNkakNhY3Z5Vm51bzVQbVMzdkljS2dqcmJG?= =?utf-8?B?TkJvaThBM2RDZ2tJNWhlY1poM0ZsS3JwUytFd2hVOWhJaGRhQmRRTjdmRDB3?= =?utf-8?Q?eDj5piYWRVWIacTSshkLDQ4=3D?= X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: =?utf-8?B?b3hFL2JuRWsxTUo2L2xhVzI3RTR6dVRXdW1vcys0OWVINS9FOU0zbkpkajZn?= =?utf-8?B?NGhGSWs4SXFXeWNoWlZHWjduMFdKSzEwY3Nmc0lpb1QyMytRak1hM1c1WERY?= =?utf-8?B?WVZnNk9sYUk5Nyt5M3lXV28zM0hNSXVqMlgxRERDY05wT3JDRlVXWnVjVjNt?= =?utf-8?B?VkJhVGlGeEtKeEJmc2l2enpDTE1sZHVQUElrQ3VETnNlWlBDdUZZOHNnblI3?= =?utf-8?B?QVJpeWhrNUwwcUR3RUNWdEt4ZUh3SlY4K3BvTnY5alJUaVZhZHp2SlU4c1ZN?= =?utf-8?B?bHh1OWxqSnllckdDbDVaVjl6Mjd2QjFMQVpDL3VldkVOQ0pmU3JjcUFNSDVF?= =?utf-8?B?UnRuWEZmUG9XSC9NRG1PVlplNlltbXJ4eEFpbkZHdVdVa08yQnFFRm1zd2FS?= =?utf-8?B?Yy91QThQU0hPMnJnSFJPSUpEOUFSYlRHdGxlVGxocjd6anNndncvRFpBVlZz?= =?utf-8?B?UDFzRGVYYlZtNE5reElycnZYc1hYcERlRE56Y2RRd0N0dXhpY1p4V2xQUlk3?= =?utf-8?B?Z0VleW93ZTNjWEl2YzdzR2ErMUJBd0FsNEtGVFMwVy9mUkFhTkxmS2JCMkwr?= =?utf-8?B?OWxmWUw1b01JemNtTFZsNEFsK0pKMnJMa0htU05wdjh6RnpzSnV4dUZsT2lr?= =?utf-8?B?R3RFWVJ3bjNMWWJNbnNjVThUeXIreGI1aWZ4OUdyVXVCU0h2SHFsOTlVdENH?= =?utf-8?B?c2ZKU0w2RnFkakgxamhSdXRqTG1sY3lhTjBOTDRNZUhqQVJBZG56RTJOZWtr?= =?utf-8?B?SG9ZaUxnbGNRY3V0czVtUmpnS2ZNWGYySlNnbzRFVlJmRkQ5YmdhUmlsbzJt?= =?utf-8?B?SDlyTFo1UXFXRzJqQ0xOOGU2NlEzaWZOVUVjRFgxKy9FY1RpaWJlVHVrREtK?= =?utf-8?B?MVNoMXpScFZUSXNwMmR5d2FxRVBWTUEzOUZWZFJ1bzlwZW13anROUWZJRTBV?= =?utf-8?B?OWVNUUF3U0ZGakFMWU1YbXFpdTdQMExFaHR6NGdQSDEzWWg2Umd6bC9sN21w?= =?utf-8?B?MXhIRC9jeW5WOUVHRTV1Rkg0ZzZsTFZnOVNKcEVrYkhadHNSSHluVjVJUUhi?= =?utf-8?B?Y1FyUGt3VTRMTzRaS3RUcDVsaDc0bzFIR2lmcnRQTEZRNU1MRnRjRU93ZE1w?= =?utf-8?B?UUtqZ2lUZ2loMG1uYVBmQXRJREdEQU1id2F2TTR1dlRKTUNwVXAyZ1RwdTJl?= =?utf-8?B?VktHemNvaVlrYWJxZ3dGM0trZU12U1AxU2tId3VZNUJpVGNTTzFUbVQralBY?= =?utf-8?B?RGZDNHRnYzZ1RVlHeldudUtEeCtab3dyck5UM3RDRzFlQWdwV25LZGxhYWxw?= =?utf-8?B?Sm0zbFYrUVJ4dFlOZVMyTER4WWhnODZsZkdaWTI2bDZ5TVdwTU1vQTEvRlFS?= =?utf-8?B?dWJmZnZFdTNCSmhieXZOclpiWFNPK2lwTlBJTVZWLzE5VFRkam5xNnF4amhT?= =?utf-8?B?M0lYVlExRFdWbGpuV3drNURXQU5CVU91Y3dwbVUxZVBYd2RiSjhCUlRTMllz?= =?utf-8?B?Yk1QL0FIZGpnclY3cDRSZnQ0MW9VN1NTR0JQT0tDVWE4aWZ2ZjlCU3IxQnN2?= =?utf-8?B?L0VLcDdPRHowdWhocG1raDQ2S21wMlBmZlVqRUFCc2xxdDJRVGY5NDJKSFp1?= =?utf-8?B?elZwRTh0OVhvYXpCcTQyWlVDdjlqbnRTUEFIMnQ3cWNUYnBxSkwycjVxMHlC?= =?utf-8?B?RXFhTXNRTC9vZTJHblVQTWZrem43M3BqVkY3NUkwNTZpZzlESzdvVVdGcXdh?= =?utf-8?Q?zogoxmuBN8lUDpYvJQ=3D?= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 71ca858b-e06e-4076-278d-08db5301c99c X-MS-Exchange-CrossTenant-AuthSource: BY5PR10MB3793.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 May 2023 15:58:55.2319 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: lhbayKZ0ePOaZL5RLTqBLDdGi1XzFGMR6hknx6iMKuLQPCPqx/8bQbTihSAl8Bnah4wBx+CTe5+ajQMyuLgFj7pHOX9NXpAWurQzg+CrR6Q= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR10MB7084 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-05-12_10,2023-05-05_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 phishscore=0 adultscore=0 spamscore=0 suspectscore=0 malwarescore=0 bulkscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2304280000 definitions=main-2305120133 X-Proofpoint-GUID: YbMhg6wHjZOTo-zLP0rza4tQe3UzwZHz X-Proofpoint-ORIG-GUID: YbMhg6wHjZOTo-zLP0rza4tQe3UzwZHz X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_LOW, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 5/10/23 19:02, Jarkko Sakkinen wrote: > On Thu May 4, 2023 at 5:50 PM EEST, Ross Philipson wrote: >> The routine slaunch_setup is called out of the x86 specific setup_arch >> routine during early kernel boot. After determining what platform is >> present, various operations specific to that platform occur. This >> includes finalizing setting for the platform late launch and verifying >> that memory protections are in place. >> >> For TXT, this code also reserves the original compressed kernel setup >> area where the APs were left looping so that this memory cannot be used. >> >> Signed-off-by: Ross Philipson >> --- >> arch/x86/kernel/Makefile | 1 + >> arch/x86/kernel/setup.c | 3 + >> arch/x86/kernel/slaunch.c | 497 +++++++++++++++++++++++++++++++++++++++++++++ >> drivers/iommu/intel/dmar.c | 4 + >> 4 files changed, 505 insertions(+) >> create mode 100644 arch/x86/kernel/slaunch.c >> >> diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile >> index dd61752..3d2a33e 100644 >> --- a/arch/x86/kernel/Makefile >> +++ b/arch/x86/kernel/Makefile >> @@ -72,6 +72,7 @@ obj-$(CONFIG_X86_32) += tls.o >> obj-$(CONFIG_IA32_EMULATION) += tls.o >> obj-y += step.o >> obj-$(CONFIG_INTEL_TXT) += tboot.o >> +obj-$(CONFIG_SECURE_LAUNCH) += slaunch.o >> obj-$(CONFIG_ISA_DMA_API) += i8237.o >> obj-y += stacktrace.o >> obj-y += cpu/ >> diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c >> index 16babff..592c09e 100644 >> --- a/arch/x86/kernel/setup.c >> +++ b/arch/x86/kernel/setup.c >> @@ -21,6 +21,7 @@ >> #include >> #include >> #include >> +#include > > Only because of pure curiosity: what made you choose this location in > the middle for the new include? :-) Only because Secure Launch is like TBOOT. No other real reason. > >> #include >> #include >> #include >> @@ -1063,6 +1064,8 @@ void __init setup_arch(char **cmdline_p) >> early_gart_iommu_check(); >> #endif >> >> + slaunch_setup_txt(); >> + >> /* >> * partially used pages are not usable - thus >> * we are rounding upwards: >> diff --git a/arch/x86/kernel/slaunch.c b/arch/x86/kernel/slaunch.c >> new file mode 100644 >> index 0000000..7dba088 >> --- /dev/null >> +++ b/arch/x86/kernel/slaunch.c >> @@ -0,0 +1,497 @@ >> +// SPDX-License-Identifier: GPL-2.0 >> +/* >> + * Secure Launch late validation/setup and finalization support. >> + * >> + * Copyright (c) 2022, Oracle and/or its affiliates. >> + */ >> + >> +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt >> + >> +#include >> +#include >> +#include >> +#include >> +#include >> +#include >> +#include >> +#include >> +#include >> +#include >> +#include >> +#include >> +#include >> + >> +static u32 sl_flags; >> +static struct sl_ap_wake_info ap_wake_info; >> +static u64 evtlog_addr; >> +static u32 evtlog_size; >> +static u64 vtd_pmr_lo_size; >> + >> +/* This should be plenty of room */ >> +static u8 txt_dmar[PAGE_SIZE] __aligned(16); >> + >> +u32 slaunch_get_flags(void) >> +{ >> + return sl_flags; >> +} >> +EXPORT_SYMBOL(slaunch_get_flags); >> + >> +struct sl_ap_wake_info *slaunch_get_ap_wake_info(void) >> +{ >> + return &ap_wake_info; >> +} >> + >> +struct acpi_table_header *slaunch_get_dmar_table(struct acpi_table_header *dmar) >> +{ >> + /* The DMAR is only stashed and provided via TXT on Intel systems */ >> + if (memcmp(txt_dmar, "DMAR", 4)) >> + return dmar; >> + >> + return (struct acpi_table_header *)(&txt_dmar[0]); >> +} >> + >> +void __noreturn slaunch_txt_reset(void __iomem *txt, >> + const char *msg, u64 error) >> +{ >> + u64 one = 1, val; >> + >> + pr_err("%s", msg); >> + >> + /* >> + * This performs a TXT reset with a sticky error code. The reads of >> + * TXT_CR_E2STS act as barriers. >> + */ >> + memcpy_toio(txt + TXT_CR_ERRORCODE, &error, sizeof(error)); >> + memcpy_fromio(&val, txt + TXT_CR_E2STS, sizeof(val)); >> + memcpy_toio(txt + TXT_CR_CMD_NO_SECRETS, &one, sizeof(one)); >> + memcpy_fromio(&val, txt + TXT_CR_E2STS, sizeof(val)); >> + memcpy_toio(txt + TXT_CR_CMD_UNLOCK_MEM_CONFIG, &one, sizeof(one)); >> + memcpy_fromio(&val, txt + TXT_CR_E2STS, sizeof(val)); >> + memcpy_toio(txt + TXT_CR_CMD_RESET, &one, sizeof(one)); >> + >> + for ( ; ; ) >> + asm volatile ("hlt"); >> + >> + unreachable(); >> +} >> + >> +/* >> + * The TXT heap is too big to map all at once with early_ioremap >> + * so it is done a table at a time. >> + */ >> +static void __init *txt_early_get_heap_table(void __iomem *txt, u32 type, >> + u32 bytes) >> +{ >> + u64 base, size, offset = 0; >> + void *heap; >> + int i; >> + >> + if (type > TXT_SINIT_TABLE_MAX) >> + slaunch_txt_reset(txt, >> + "Error invalid table type for early heap walk\n", >> + SL_ERROR_HEAP_WALK); > > Align with 'txt'. Ack > >> + >> + memcpy_fromio(&base, txt + TXT_CR_HEAP_BASE, sizeof(base)); >> + memcpy_fromio(&size, txt + TXT_CR_HEAP_SIZE, sizeof(size)); >> + >> + /* Iterate over heap tables looking for table of "type" */ >> + for (i = 0; i < type; i++) { >> + base += offset; >> + heap = early_memremap(base, sizeof(u64)); >> + if (!heap) >> + slaunch_txt_reset(txt, >> + "Error early_memremap of heap for heap walk\n", >> + SL_ERROR_HEAP_MAP); >> + >> + offset = *((u64 *)heap); >> + >> + /* >> + * After the first iteration, any offset of zero is invalid and >> + * implies the TXT heap is corrupted. >> + */ >> + if (!offset) >> + slaunch_txt_reset(txt, >> + "Error invalid 0 offset in heap walk\n", >> + SL_ERROR_HEAP_ZERO_OFFSET); >> + >> + early_memunmap(heap, sizeof(u64)); >> + } >> + >> + /* Skip the size field at the head of each table */ >> + base += sizeof(u64); >> + heap = early_memremap(base, bytes); >> + if (!heap) >> + slaunch_txt_reset(txt, >> + "Error early_memremap of heap section\n", >> + SL_ERROR_HEAP_MAP); >> + >> + return heap; >> +} >> + >> +static void __init txt_early_put_heap_table(void *addr, unsigned long size) >> +{ >> + early_memunmap(addr, size); >> +} >> + >> +/* >> + * TXT uses a special set of VTd registers to protect all of memory from DMA >> + * until the IOMMU can be programmed to protect memory. There is the low >> + * memory PMR that can protect all memory up to 4G. The high memory PRM can >> + * be setup to protect all memory beyond 4Gb. Validate that these values cover >> + * what is expected. >> + */ >> +static void __init slaunch_verify_pmrs(void __iomem *txt) >> +{ >> + struct txt_os_sinit_data *os_sinit_data; >> + u32 field_offset, err = 0; >> + const char *errmsg = ""; >> + unsigned long last_pfn; >> + >> + field_offset = offsetof(struct txt_os_sinit_data, lcp_po_base); >> + os_sinit_data = txt_early_get_heap_table(txt, TXT_OS_SINIT_DATA_TABLE, >> + field_offset); >> + >> + /* Save a copy */ >> + vtd_pmr_lo_size = os_sinit_data->vtd_pmr_lo_size; >> + >> + last_pfn = e820__end_of_ram_pfn(); >> + >> + /* >> + * First make sure the hi PMR covers all memory above 4G. In the >> + * unlikely case where there is < 4G on the system, the hi PMR will >> + * not be set. >> + */ >> + if (os_sinit_data->vtd_pmr_hi_base != 0x0ULL) { >> + if (os_sinit_data->vtd_pmr_hi_base != 0x100000000ULL) { >> + err = SL_ERROR_HI_PMR_BASE; >> + errmsg = "Error hi PMR base\n"; >> + goto out; >> + } >> + >> + if (PFN_PHYS(last_pfn) > os_sinit_data->vtd_pmr_hi_base + >> + os_sinit_data->vtd_pmr_hi_size) { >> + err = SL_ERROR_HI_PMR_SIZE; >> + errmsg = "Error hi PMR size\n"; >> + goto out; >> + } >> + } >> + >> + /* >> + * Lo PMR base should always be 0. This was already checked in >> + * early stub. >> + */ >> + >> + /* >> + * Check that if the kernel was loaded below 4G, that it is protected >> + * by the lo PMR. Note this is the decompressed kernel. The ACM would >> + * have ensured the compressed kernel (the MLE image) was protected. >> + */ >> + if ((__pa_symbol(_end) < 0x100000000ULL) && >> + (__pa_symbol(_end) > os_sinit_data->vtd_pmr_lo_size)) { >> + err = SL_ERROR_LO_PMR_MLE; >> + errmsg = "Error lo PMR does not cover MLE kernel\n"; >> + } >> + >> + /* >> + * Other regions of interest like boot param, AP wake block, cmdline >> + * already checked for PMR coverage in the early stub code. >> + */ >> + >> +out: >> + txt_early_put_heap_table(os_sinit_data, field_offset); >> + >> + if (err) >> + slaunch_txt_reset(txt, errmsg, err); >> +} >> + >> +static void __init slaunch_txt_reserve_range(u64 base, u64 size) >> +{ >> + int type; >> + >> + type = e820__get_entry_type(base, base + size - 1); >> + if (type == E820_TYPE_RAM) { >> + pr_info("memblock reserve base: %llx size: %llx\n", base, size); >> + memblock_reserve(base, size); >> + } >> +} >> + >> +/* >> + * For Intel, certain regions of memory must be marked as reserved by putting >> + * them on the memblock reserved list if they are not already e820 reserved. >> + * This includes: >> + * - The TXT HEAP >> + * - The ACM area >> + * - The TXT private register bank >> + * - The MDR list sent to the MLE by the ACM (see TXT specification) >> + * (Normally the above are properly reserved by firmware but if it was not >> + * done, reserve them now) >> + * - The AP wake block >> + * - TPM log external to the TXT heap >> + * >> + * Also if the low PMR doesn't cover all memory < 4G, any RAM regions above >> + * the low PMR must be reservered too. >> + */ >> +static void __init slaunch_txt_reserve(void __iomem *txt) >> +{ >> + struct txt_sinit_memory_descriptor_record *mdr; >> + struct txt_sinit_mle_data *sinit_mle_data; >> + u64 base, size, heap_base, heap_size; >> + u32 mdrnum, mdroffset, mdrslen; >> + u32 field_offset, i; >> + void *mdrs; >> + >> + base = TXT_PRIV_CONFIG_REGS_BASE; >> + size = TXT_PUB_CONFIG_REGS_BASE - TXT_PRIV_CONFIG_REGS_BASE; >> + slaunch_txt_reserve_range(base, size); >> + >> + memcpy_fromio(&heap_base, txt + TXT_CR_HEAP_BASE, sizeof(heap_base)); >> + memcpy_fromio(&heap_size, txt + TXT_CR_HEAP_SIZE, sizeof(heap_size)); >> + slaunch_txt_reserve_range(heap_base, heap_size); >> + >> + memcpy_fromio(&base, txt + TXT_CR_SINIT_BASE, sizeof(base)); >> + memcpy_fromio(&size, txt + TXT_CR_SINIT_SIZE, sizeof(size)); >> + slaunch_txt_reserve_range(base, size); >> + >> + field_offset = offsetof(struct txt_sinit_mle_data, >> + sinit_vtd_dmar_table_size); >> + sinit_mle_data = txt_early_get_heap_table(txt, TXT_SINIT_MLE_DATA_TABLE, >> + field_offset); >> + >> + mdrnum = sinit_mle_data->num_of_sinit_mdrs; >> + mdroffset = sinit_mle_data->sinit_mdrs_table_offset; >> + >> + txt_early_put_heap_table(sinit_mle_data, field_offset); >> + >> + if (!mdrnum) >> + goto nomdr; >> + >> + mdrslen = mdrnum * sizeof(struct txt_sinit_memory_descriptor_record); >> + >> + mdrs = txt_early_get_heap_table(txt, TXT_SINIT_MLE_DATA_TABLE, >> + mdroffset + mdrslen - 8); >> + >> + mdr = mdrs + mdroffset - 8; >> + >> + for (i = 0; i < mdrnum; i++, mdr++) { >> + /* Spec says some entries can have length 0, ignore them */ >> + if (mdr->type > 0 && mdr->length > 0) >> + slaunch_txt_reserve_range(mdr->address, mdr->length); >> + } >> + >> + txt_early_put_heap_table(mdrs, mdroffset + mdrslen - 8); >> + >> +nomdr: >> + slaunch_txt_reserve_range(ap_wake_info.ap_wake_block, >> + ap_wake_info.ap_wake_block_size); >> + >> + /* >> + * Earlier checks ensured that the event log was properly situated >> + * either inside the TXT heap or outside. This is a check to see if the >> + * event log needs to be reserved. If it is in the TXT heap, it is >> + * already reserved. >> + */ >> + if (evtlog_addr < heap_base || evtlog_addr > (heap_base + heap_size)) >> + slaunch_txt_reserve_range(evtlog_addr, evtlog_size); >> + >> + for (i = 0; i < e820_table->nr_entries; i++) { >> + base = e820_table->entries[i].addr; >> + size = e820_table->entries[i].size; >> + if ((base >= vtd_pmr_lo_size) && (base < 0x100000000ULL)) >> + slaunch_txt_reserve_range(base, size); >> + else if ((base < vtd_pmr_lo_size) && >> + (base + size > vtd_pmr_lo_size)) >> + slaunch_txt_reserve_range(vtd_pmr_lo_size, >> + base + size - vtd_pmr_lo_size); >> + } >> +} >> + >> +/* >> + * TXT stashes a safe copy of the DMAR ACPI table to prevent tampering. >> + * It is stored in the TXT heap. Fetch it from there and make it available >> + * to the IOMMU driver. >> + */ >> +static void __init slaunch_copy_dmar_table(void __iomem *txt) >> +{ >> + struct txt_sinit_mle_data *sinit_mle_data; >> + u32 field_offset, dmar_size, dmar_offset; >> + void *dmar; >> + >> + memset(&txt_dmar, 0, PAGE_SIZE); >> + >> + field_offset = offsetof(struct txt_sinit_mle_data, >> + processor_scrtm_status); >> + sinit_mle_data = txt_early_get_heap_table(txt, TXT_SINIT_MLE_DATA_TABLE, >> + field_offset); >> + >> + dmar_size = sinit_mle_data->sinit_vtd_dmar_table_size; >> + dmar_offset = sinit_mle_data->sinit_vtd_dmar_table_offset; >> + >> + txt_early_put_heap_table(sinit_mle_data, field_offset); >> + >> + if (!dmar_size || !dmar_offset) >> + slaunch_txt_reset(txt, >> + "Error invalid DMAR table values\n", >> + SL_ERROR_HEAP_INVALID_DMAR); >> + >> + if (unlikely(dmar_size > PAGE_SIZE)) >> + slaunch_txt_reset(txt, >> + "Error DMAR too big to store\n", >> + SL_ERROR_HEAP_DMAR_SIZE); >> + >> + >> + dmar = txt_early_get_heap_table(txt, TXT_SINIT_MLE_DATA_TABLE, >> + dmar_offset + dmar_size - 8); >> + if (!dmar) >> + slaunch_txt_reset(txt, >> + "Error early_ioremap of DMAR\n", >> + SL_ERROR_HEAP_DMAR_MAP); >> + >> + memcpy(&txt_dmar[0], dmar + dmar_offset - 8, dmar_size); >> + >> + txt_early_put_heap_table(dmar, dmar_offset + dmar_size - 8); >> +} >> + >> +/* >> + * The location of the safe AP wake code block is stored in the TXT heap. >> + * Fetch needed values here in the early init code for later use in SMP >> + * startup. >> + * >> + * Also get the TPM event log values are in the SLRT and have to be fetched. >> + * They will be put on the memblock reserve list later. >> + */ >> +static void __init slaunch_fetch_values(void __iomem *txt) >> +{ >> + struct txt_os_mle_data *os_mle_data; >> + struct slr_entry_log_info *log_info; >> + struct slr_table *slrt; >> + u8 *jmp_offset; >> + u32 size; >> + >> + os_mle_data = txt_early_get_heap_table(txt, TXT_OS_MLE_DATA_TABLE, >> + sizeof(*os_mle_data)); >> + >> + ap_wake_info.ap_wake_block = os_mle_data->ap_wake_block; >> + ap_wake_info.ap_wake_block_size = os_mle_data->ap_wake_block_size; >> + >> + jmp_offset = os_mle_data->mle_scratch + SL_SCRATCH_AP_JMP_OFFSET; >> + ap_wake_info.ap_jmp_offset = *((u32 *)jmp_offset); >> + >> + slrt = (struct slr_table *)early_memremap(os_mle_data->slrt, sizeof(*slrt)); >> + if (!slrt) >> + slaunch_txt_reset(txt, >> + "Error early_memremap of SLRT failed\n", >> + SL_ERROR_SLRT_MAP); >> + >> + size = slrt->size; >> + early_memunmap(slrt, sizeof(*slrt)); >> + >> + slrt = (struct slr_table *)early_memremap(os_mle_data->slrt, size); >> + if (!slrt) >> + slaunch_txt_reset(txt, >> + "Error early_memremap of SLRT failed\n", >> + SL_ERROR_SLRT_MAP); >> + >> + log_info = (struct slr_entry_log_info *) >> + slr_next_entry_by_tag(slrt, NULL, SLR_ENTRY_LOG_INFO); >> + >> + if (!log_info) >> + slaunch_txt_reset(txt, >> + "SLRT missing logging info entry\n", >> + SL_ERROR_SLRT_MISSING_ENTRY); >> + >> + evtlog_addr = log_info->addr; >> + evtlog_size = log_info->size; >> + >> + early_memunmap(slrt, size); >> + >> + txt_early_put_heap_table(os_mle_data, sizeof(*os_mle_data)); >> +} >> + >> +/* >> + * Intel TXT specific late stub setup and validation. >> + */ >> +void __init slaunch_setup_txt(void) >> +{ >> + u64 one = TXT_REGVALUE_ONE, val; >> + void __iomem *txt; >> + >> + if (!boot_cpu_has(X86_FEATURE_SMX)) >> + return; >> + >> + /* >> + * If booted through secure launch entry point, the loadflags >> + * option will be set. >> + */ >> + if (!(boot_params.hdr.loadflags & SLAUNCH_FLAG)) >> + return; >> + >> + /* >> + * See if SENTER was done by reading the status register in the >> + * public space. If the public register space cannot be read, TXT may >> + * be disabled. >> + */ >> + txt = early_ioremap(TXT_PUB_CONFIG_REGS_BASE, >> + TXT_NR_CONFIG_PAGES * PAGE_SIZE); >> + if (!txt) >> + return; >> + >> + memcpy_fromio(&val, txt + TXT_CR_STS, sizeof(val)); >> + early_iounmap(txt, TXT_NR_CONFIG_PAGES * PAGE_SIZE); >> + >> + /* SENTER should have been done */ >> + if (!(val & TXT_SENTER_DONE_STS)) >> + panic("Error TXT.STS SENTER_DONE not set\n"); >> + >> + /* SEXIT should have been cleared */ >> + if (val & TXT_SEXIT_DONE_STS) >> + panic("Error TXT.STS SEXIT_DONE set\n"); >> + >> + /* Now we want to use the private register space */ >> + txt = early_ioremap(TXT_PRIV_CONFIG_REGS_BASE, >> + TXT_NR_CONFIG_PAGES * PAGE_SIZE); >> + if (!txt) { >> + /* This is really bad, no where to go from here */ >> + panic("Error early_ioremap of TXT priv registers\n"); >> + } >> + >> + /* >> + * Try to read the Intel VID from the TXT private registers to see if >> + * TXT measured launch happened properly and the private space is >> + * available. >> + */ >> + memcpy_fromio(&val, txt + TXT_CR_DIDVID, sizeof(val)); >> + if ((val & 0xffff) != 0x8086) { >> + /* >> + * Can't do a proper TXT reset since it appears something is >> + * wrong even though SENTER happened and it should be in SMX >> + * mode. >> + */ >> + panic("Invalid TXT vendor ID, not in SMX mode\n"); >> + } >> + >> + /* Set flags so subsequent code knows the status of the launch */ >> + sl_flags |= (SL_FLAG_ACTIVE|SL_FLAG_ARCH_TXT); >> + >> + /* >> + * Reading the proper DIDVID from the private register space means we >> + * are in SMX mode and private registers are open for read/write. >> + */ >> + >> + /* On Intel, have to handle TPM localities via TXT */ >> + memcpy_toio(txt + TXT_CR_CMD_SECRETS, &one, sizeof(one)); >> + memcpy_fromio(&val, txt + TXT_CR_E2STS, sizeof(val)); >> + memcpy_toio(txt + TXT_CR_CMD_OPEN_LOCALITY1, &one, sizeof(one)); >> + memcpy_fromio(&val, txt + TXT_CR_E2STS, sizeof(val)); >> + >> + slaunch_fetch_values(txt); >> + >> + slaunch_verify_pmrs(txt); >> + >> + slaunch_txt_reserve(txt); >> + >> + slaunch_copy_dmar_table(txt); >> + >> + early_iounmap(txt, TXT_NR_CONFIG_PAGES * PAGE_SIZE); >> + >> + pr_info("Intel TXT setup complete\n"); >> +} >> diff --git a/drivers/iommu/intel/dmar.c b/drivers/iommu/intel/dmar.c >> index a3414af..5d1ac8d 100644 >> --- a/drivers/iommu/intel/dmar.c >> +++ b/drivers/iommu/intel/dmar.c >> @@ -28,6 +28,7 @@ >> #include >> #include >> #include >> +#include >> #include >> >> #include "iommu.h" >> @@ -660,6 +661,9 @@ static inline int dmar_walk_dmar_table(struct acpi_table_dmar *dmar, >> */ >> dmar_tbl = tboot_get_dmar_table(dmar_tbl); >> >> + /* If Secure Launch is active, it has similar logic */ >> + dmar_tbl = slaunch_get_dmar_table(dmar_tbl); >> + >> dmar = (struct acpi_table_dmar *)dmar_tbl; >> if (!dmar) >> return -ENODEV; >> -- >> 1.8.3.1 > > Is it possible to test TXT in QEMU? Never done it so that's why I'm > asking. I would be if emulation of the GETSEC leaf functions were added to QEMU. AFAIK there is no public implementation of this at present. Thanks Ross > > BR, Jarkko >