Received: by 2002:a05:7412:1e0b:b0:fc:a2b0:25d7 with SMTP id kr11csp111553rdb; Wed, 14 Feb 2024 14:38:54 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXWZRu2C+80wLZOX1FXGnfeegSx6CzKn5Z4ROXi5t9yavCuCVzaNP4TsRXdcvynEnH/OVmnHM0Zts6SVdgMaWkHZebUBKDLfKFHEElutQ== X-Google-Smtp-Source: AGHT+IHF2ioZjwYfNXQiaVTJ9yg+ft0x3KLjdkOCFv1ftwYQSFXGcmf2MVbEO2VvOfPNMoVlo/U7 X-Received: by 2002:a05:6808:22a4:b0:3c0:3733:bbe1 with SMTP id bo36-20020a05680822a400b003c03733bbe1mr269306oib.30.1707950334812; Wed, 14 Feb 2024 14:38:54 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707950334; cv=pass; d=google.com; s=arc-20160816; b=IbEk4XexEy/RtZEZxaAUbR7s1vJqdY3TNx9miTMp2Z3DU3ISOzlYsrAomsH9HnOlLM sj+NSWSkwSO254APgnGqbnK//fNRRFXIRVkL3xNsepJDgLiV/A6eOYwiPxYCMBa52Iuy f1WWDNZZed4SuUIk3jSrZTAiAgqCGrjWHzGDgb/lz6LaokipTi0U8t1HBiw0qXngFqai mTpOFMZmhj6xAzxcnPJKHOanT8YojjR63cfYWaUqIwZaX9DnzuIUdPONYJ96vwbHMYdp okdCUtUU0J+H4UlyJDwvjZf887e8ZgCcv2powmyGrliZGqpivqnt3D5FT0wmLqEi2itY V0Mg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=PJsWJXWC5S8Vdi5TxjdTx2btzT8JLgP7AYShISVlxsY=; fh=8Yi9ekhrsZFPoQwI1mqYNWqkTm1Q3iUHpkig+/9/fSE=; b=AqhfVLjhwnx4b+1dZjHHuryBSJsRUwR+fezbwExmg3FfwjXksNPpJB8KcliiteKwXF 6kajdVu1Rj8Jh+JJCrhSfkYVOPo3RHSxe/3nuGdhexvmtwuHYCsqSddPhtsGpX3l6CzN pCW8NUf6DA3tKf6hyUNaf4d6tTMZpwR5zUhJ+XveZc5zkmEMRIuI781Hb3CIYs/VS050 fH5xSVRgIr5IKrdE+8Bow/5qTu+Ze9Cpqfo3D9W5VOMBf4fvJChnZGawHRWF+UwuqJjC jrwAiTokcIVQyIzzdIDJwCyUxvfyJ+T8di9OhSLihF/JtX0/yZwOaEenLdYTkvgbgXXb 4FAg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-11-20 header.b=fd3j5irO; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-crypto+bounces-2058-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-crypto+bounces-2058-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id o4-20020ad45c84000000b0068d01989970si24375qvh.509.2024.02.14.14.38.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 14:38:54 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto+bounces-2058-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-11-20 header.b=fd3j5irO; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-crypto+bounces-2058-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-crypto+bounces-2058-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 7DDA71C22156 for ; Wed, 14 Feb 2024 22:38:54 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 63C7C14601B; Wed, 14 Feb 2024 22:36:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="fd3j5irO" X-Original-To: linux-crypto@vger.kernel.org Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6BC9C145345; Wed, 14 Feb 2024 22:36:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.165.32 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707950196; cv=none; b=jDNu0fXH7diguCui/UI8EOAwNqN8UV2Vo2vFB6zzrrHSTYNOTXQQBZ/Ba2WtmiIRFV4iofEZVTy+jwV280DM7vpa8MwQnr7bJXq/4QcLSjmGzwtR3VYqpOpHvo3MWPl1LpYrWEbb1sfjOLxmGEbcLZeE4RjTZXeaJkj38cJtVDE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707950196; c=relaxed/simple; bh=lkgZhDywxWBeIykGOxxB04TPIeiXfga5OvHAInlNU1w=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=bu5kbCt4qRxoWBOPmiTRYNasgAJRreiiD7UZcTVGmfNoXX6y0CbjkW85Vkt8BEgoNaJhTG7MU9yafdQLfH3VkDzOkO+IRL319DV2nbaC6fB15ASqb+GSq9lHgo/mLSpkw0FlHUtSqpMkS5z4loa/63+gqLZgN4w8ohC+ZtuoZIM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=oracle.com; spf=pass smtp.mailfrom=oracle.com; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b=fd3j5irO; arc=none smtp.client-ip=205.220.165.32 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=oracle.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oracle.com Received: from pps.filterd (m0333521.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 41ELiXNM012564; Wed, 14 Feb 2024 22:31:43 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=corp-2023-11-20; bh=PJsWJXWC5S8Vdi5TxjdTx2btzT8JLgP7AYShISVlxsY=; b=fd3j5irOcmnaZyBvr57QzI+j//nHj6vIyy22dhu3mI3Af64KbKUtKWpwKaVxkPReeCnN F5fn/w5J12KC8lTppwzmSPNEXttKj5ERnRVU3OFPMZlHGJUrPeJPfOscCLw2PPPWwxsb OGKlM0ekXkhJqMkAKmiqe/RIFR7+dxjlvw7zZlK0XWfzMm6KSKm34T6s/R6EmJABSLxX GbV+rV+UktXqmCy6waojCHi7mvGXGuujOJ8HvdY5lxnsR2a6C963Tc+P/mCU6MElgBDj iekngahwUyH8+5T9nphLDu9N5F/vxiOyG7ljZkn5fxZT0qKp8cvVp2ltLa+o8WNBl65+ dg== Received: from iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta02.appoci.oracle.com [147.154.18.20]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3w91w6rprq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 14 Feb 2024 22:31:43 +0000 Received: from pps.filterd (iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (8.17.1.19/8.17.1.19) with ESMTP id 41EMNohK000605; Wed, 14 Feb 2024 22:31:41 GMT Received: from pps.reinject (localhost [127.0.0.1]) by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 3w5yk9n7c5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 14 Feb 2024 22:31:41 +0000 Received: from iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 41EMVTVE004281; Wed, 14 Feb 2024 22:31:40 GMT Received: from bur-virt-x6-2-100.us.oracle.com (bur-virt-x6-2-100.us.oracle.com [10.153.92.40]) by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 3w5yk9n72r-11 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 14 Feb 2024 22:31:40 +0000 From: Ross Philipson To: linux-kernel@vger.kernel.org, x86@kernel.org, linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org, linux-crypto@vger.kernel.org, kexec@lists.infradead.org, linux-efi@vger.kernel.org Cc: ross.philipson@oracle.com, dpsmith@apertussolutions.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, dave.hansen@linux.intel.com, ardb@kernel.org, mjg59@srcf.ucam.org, James.Bottomley@hansenpartnership.com, peterhuewe@gmx.de, jarkko@kernel.org, jgg@ziepe.ca, luto@amacapital.net, nivedita@alum.mit.edu, herbert@gondor.apana.org.au, davem@davemloft.net, kanth.ghatraju@oracle.com, trenchboot-devel@googlegroups.com Subject: [PATCH v8 10/15] kexec: Secure Launch kexec SEXIT support Date: Wed, 14 Feb 2024 14:18:42 -0800 Message-Id: <20240214221847.2066632-11-ross.philipson@oracle.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20240214221847.2066632-1-ross.philipson@oracle.com> References: <20240214221847.2066632-1-ross.philipson@oracle.com> Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-14_14,2024-02-14_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 phishscore=0 mlxscore=0 bulkscore=0 spamscore=0 malwarescore=0 adultscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2402140170 X-Proofpoint-ORIG-GUID: LLNZ0cqPlLL1enYzc9E7Wr0WpewFmW33 X-Proofpoint-GUID: LLNZ0cqPlLL1enYzc9E7Wr0WpewFmW33 Prior to running the next kernel via kexec, the Secure Launch code closes down private SMX resources and does an SEXIT. This allows the next kernel to start normally without any issues starting the APs etc. Signed-off-by: Ross Philipson --- arch/x86/kernel/slaunch.c | 73 +++++++++++++++++++++++++++++++++++++++ kernel/kexec_core.c | 4 +++ 2 files changed, 77 insertions(+) diff --git a/arch/x86/kernel/slaunch.c b/arch/x86/kernel/slaunch.c index 1fae323e8d1b..429e6d39e73b 100644 --- a/arch/x86/kernel/slaunch.c +++ b/arch/x86/kernel/slaunch.c @@ -523,3 +523,76 @@ void __init slaunch_setup_txt(void) pr_info("Intel TXT setup complete\n"); } + +static inline void smx_getsec_sexit(void) +{ + asm volatile ("getsec\n" + : : "a" (SMX_X86_GETSEC_SEXIT)); +} + +/* + * Used during kexec and on reboot paths to finalize the TXT state + * and do an SEXIT exiting the DRTM and disabling SMX mode. + */ +void slaunch_finalize(int do_sexit) +{ + u64 one = TXT_REGVALUE_ONE, val; + void __iomem *config; + + if ((slaunch_get_flags() & (SL_FLAG_ACTIVE | SL_FLAG_ARCH_TXT)) != + (SL_FLAG_ACTIVE | SL_FLAG_ARCH_TXT)) + return; + + config = ioremap(TXT_PRIV_CONFIG_REGS_BASE, TXT_NR_CONFIG_PAGES * + PAGE_SIZE); + if (!config) { + pr_emerg("Error SEXIT failed to ioremap TXT private reqs\n"); + return; + } + + /* Clear secrets bit for SEXIT */ + memcpy_toio(config + TXT_CR_CMD_NO_SECRETS, &one, sizeof(one)); + memcpy_fromio(&val, config + TXT_CR_E2STS, sizeof(val)); + + /* Unlock memory configurations */ + memcpy_toio(config + TXT_CR_CMD_UNLOCK_MEM_CONFIG, &one, sizeof(one)); + memcpy_fromio(&val, config + TXT_CR_E2STS, sizeof(val)); + + /* Close the TXT private register space */ + memcpy_toio(config + TXT_CR_CMD_CLOSE_PRIVATE, &one, sizeof(one)); + memcpy_fromio(&val, config + TXT_CR_E2STS, sizeof(val)); + + /* + * Calls to iounmap are not being done because of the state of the + * system this late in the kexec process. Local IRQs are disabled and + * iounmap causes a TLB flush which in turn causes a warning. Leaving + * thse mappings is not an issue since the next kernel is going to + * completely re-setup memory management. + */ + + /* Map public registers and do a final read fence */ + config = ioremap(TXT_PUB_CONFIG_REGS_BASE, TXT_NR_CONFIG_PAGES * + PAGE_SIZE); + if (!config) { + pr_emerg("Error SEXIT failed to ioremap TXT public reqs\n"); + return; + } + + memcpy_fromio(&val, config + TXT_CR_E2STS, sizeof(val)); + + pr_emerg("TXT clear secrets bit and unlock memory complete.\n"); + + if (!do_sexit) + return; + + if (smp_processor_id() != 0) + panic("Error TXT SEXIT must be called on CPU 0\n"); + + /* In case SMX mode was disabled, enable it for SEXIT */ + cr4_set_bits(X86_CR4_SMXE); + + /* Do the SEXIT SMX operation */ + smx_getsec_sexit(); + + pr_info("TXT SEXIT complete.\n"); +} diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c index d08fc7b5db97..8036a731b1bb 100644 --- a/kernel/kexec_core.c +++ b/kernel/kexec_core.c @@ -40,6 +40,7 @@ #include #include #include +#include #include #include @@ -1268,6 +1269,9 @@ int kernel_kexec(void) cpu_hotplug_enable(); pr_notice("Starting new kernel\n"); machine_shutdown(); + + /* Finalize TXT registers and do SEXIT */ + slaunch_finalize(1); } kmsg_dump(KMSG_DUMP_SHUTDOWN); -- 2.39.3