Re: [PATCH v6 06/14] x86: Add early SHA support for Secure Launch early measurements

Ross Philipson wrote: > > +static void __sha_transform(u32 *digest, const char *data) > +{ > + u32 ws[SHA1_WORKSPACE_WORDS]; > + > + sha1_transform(digest, data, ws); > + > + memzero_explicit(ws, sizeof(ws)); > +} > + > +void early_sha1_init(struct sha1_state *sctx) > +{ > +

Re: [PATCH v6 08/14] x86: Secure Launch kernel late boot stub

On Thu May 4, 2023 at 5:50 PM EEST, Ross Philipson wrote: > The routine slaunch_setup is called out of the x86 specific setup_arch > routine during early kernel boot. After determining what platform is > present, various operations specific to that platform occur. This > includes finalizing

Re: [PATCH v6 04/14] x86: Secure Launch Resource Table header file

On Thu May 4, 2023 at 5:50 PM EEST, Ross Philipson wrote: > Introduce the Secure Launch Resource Table which forms the formal > interface between the pre and post launch code. > > Signed-off-by: Ross Philipson > --- > include/linux/slr_table.h | 270 >

Re: [PATCH v6 09/14] x86: Secure Launch SMP bringup support

On Thu May 4, 2023 at 5:50 PM EEST, Ross Philipson wrote: > On Intel, the APs are left in a well documented state after TXT performs > the late launch. Specifically they cannot have #INIT asserted on them so > a standard startup via INIT/SIPI/SIPI cannot be performed. Instead the > early SL stub

Re: [PATCH v22 6/8] crash: hotplug support for kexec_load()

On 5/9/23 01:15, Sourabh Jain wrote: On 04/05/23 04:11, Eric DeVolder wrote: The hotplug support for kexec_load() requires coordination with userspace, and therefore a little extra help from the kernel to facilitate the coordination. In the absence of the solution contained within this

Re: [PATCH v22 5/8] x86/crash: add x86 crash hotplug support

On 5/9/23 17:52, Thomas Gleixner wrote: On Wed, May 03 2023 at 18:41, Eric DeVolder wrote: In the patch 'kexec: exclude elfcorehdr from the segment digest' See reply to 8/8 yep diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 53bab123a8ee..80538524c494 100644 ---

Re: [PATCH v22 8/8] x86/crash: optimize CPU changes

On 5/9/23 17:39, Thomas Gleixner wrote: On Wed, May 03 2023 at 18:41, Eric DeVolder wrote: This patch is dependent upon the patch 'crash: change Seriously? You send a patch series which is ordered in itself and then tell in the changelog of patch 8/8 that it depends on patch 7/8? This

Re: [PATCH v6 12/14] x86: Secure Launch late initcall platform module

On Thu May 4, 2023 at 5:50 PM EEST, Ross Philipson wrote: > From: "Daniel P. Smith" > > The Secure Launch platform module is a late init module. During the > init call, the TPM event log is read and measurements taken in the > early boot stub code are located. These measurements are extended >

Re: [PATCH v6 12/14] x86: Secure Launch late initcall platform module

On Thu May 4, 2023 at 5:50 PM EEST, Ross Philipson wrote: > From: "Daniel P. Smith" > > The Secure Launch platform module is a late init module. During the > init call, the TPM event log is read and measurements taken in the > early boot stub code are located. These measurements are extended >

Re: [PATCH v6 06/14] x86: Add early SHA support for Secure Launch early measurements

On Wed May 10, 2023 at 4:21 AM EEST, Eric Biggers wrote: > On Thu, May 04, 2023 at 02:50:15PM +, Ross Philipson wrote: > > From: "Daniel P. Smith" > > > > The SHA algorithms are necessary to measure configuration information into > > the TPM as early as possible before using the values. This

Re: [PATCH v6 4/4] risc/purgatory: Add linker script

On Mon, May 01, 2023 at 09:54:43PM +0200, Ricardo Ribalda wrote: > On Mon, 1 May 2023 at 19:41, Conor Dooley wrote: > > On Mon, May 01, 2023 at 02:38:22PM +0200, Ricardo Ribalda wrote: > > > If PGO is enabled, the purgatory ends up with multiple .text sections. > > > This is not supported by

Re: [PATCH v6 00/14] x86: Trenchboot secure dynamic launch Linux kernel support

On Thu, May 04, 2023 at 02:50:09PM +, Ross Philipson wrote: > This patchset provides detailed documentation of DRTM, the approach used for > adding the capbility, and relevant API/ABI documentation. In addition to the > documentation the patch set introduces Intel TXT support as the first

[PATCH v6 07/14] x86: Secure Launch kernel early boot stub

The Secure Launch (SL) stub provides the entry point for Intel TXT (and later AMD SKINIT) to vector to during the late launch. The symbol sl_stub_entry is that entry point and its offset into the kernel is conveyed to the launching code using the MLE (Measured Launch Environment) header in the

[PATCH v6 02/14] Documentation/x86: Secure Launch kernel documentation

Introduce background, overview and configuration/ABI information for the Secure Launch kernel feature. Signed-off-by: Daniel P. Smith Signed-off-by: Ross Philipson --- Documentation/security/index.rst | 1 + Documentation/security/launch-integrity/index.rst | 10 +

Re: [PATCH v6 02/14] Documentation/x86: Secure Launch kernel documentation

On Thu, May 04, 2023 at 02:50:11PM +, Ross Philipson wrote: > += > +System Launch Integrity documentation > += > + > +.. toctree:: By convention, doc toctree have 2-level depth (only page title and first-level headings

Re: [RFC PATCH v2 0/3] pmem memmap dump support

Hi Dan on 5/8/2023 5:45 PM, Zhijian Li (Fujitsu) wrote: > Dan, > > > On 29/04/2023 02:59, Dan Williams wrote: >> Li Zhijian wrote: >>> Hello folks, >>> >>> About 2 months ago, we posted our first RFC[3] and received your kindly >>> feedback. Thank you :) >>> Now, I'm back with the code. >>> >>>