The Secure Launch MLE environment uses PCRs that are only accessible from
the DRTM locality 2. By default the TPM drivers always initialize the
locality to 0. When a Secure Launch is in progress, initialize the
locality to 2.
Signed-off-by: Ross Philipson
---
drivers/char/tpm/tpm-chip.c | 13
Prior to running the next kernel via kexec, the Secure Launch code
closes down private SMX resources and does an SEXIT. This allows the
next kernel to start normally without any issues starting the APs etc.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/slaunch.c | 71
The IOMMU should always be set to default translated type after
the PMRs are disabled to protect the MLE from DMA.
Signed-off-by: Ross Philipson
---
drivers/iommu/intel/iommu.c | 5 +
drivers/iommu/iommu.c | 6 +-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a
callback (into
ACPI code) or when an emergency reset is done. In these cases,
just the TXT registers are finalized but SEXIT is skipped.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/reboot.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kernel/reboot.c b/arch/x86
protections are in place.
For TXT, this code also reserves the original compressed kernel setup
area where the APs were left looping so that this memory cannot be used.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefile | 1 +
arch/x86/kernel/setup.c| 3 +
arch/x86/kernel/slaunch.c
Introduce the main Secure Launch header file used in the early SL stub
and the early setup code.
Signed-off-by: Ross Philipson
---
include/linux/slaunch.h | 540
1 file changed, 540 insertions(+)
create mode 100644 include/linux/slaunch.h
diff
ls in. The result is this is a modified copy of
that code that still leverages the core SHA algorithms.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 2 +
arch/x86/boot/compressed/early_sha1.c | 103
arc
e platform module also registers the securityfs nodes to allow
access to TXT register fields on Intel along with the fetching of
and writing events to the late launch TPM log.
Signed-off-by: Daniel P. Smith
Signed-off-by: garnetgrimm
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefi
handling the APs on Intel
platforms. The routine sl_main which runs after entering 64b mode is
responsible for measuring configuration and module information before
it is used like the boot params, the kernel command line, the TXT heap,
an external initramfs, etc.
Signed-off-by: Ross Philipson
2 pre-launch support patchset (WIP):
https://lists.gnu.org/archive/html/grub-devel/2020-05/msg00011.html
Thanks
Ross Philipson and Daniel P. Smith
Changes in v2:
- Modified 32b entry code to prevent causing relocations in the compressed
kernel.
- Dropped patches for compressed kernel TPM PCR e
in the ELF symbol table.
Signed-off-by: Arvind Sankar
Cc: Ross Philipson
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/kernel_info.S | 19 +++
arch/x86/boot/compressed/kernel_info.h | 12
arch/x86/boot/compressed/vmlinux.lds.S | 6 ++
3 files c
Initial bits to bring in Secure Launch functionality. Add Kconfig
options for compiling in/out the Secure Launch code.
Signed-off-by: Ross Philipson
---
arch/x86/Kconfig | 32
1 file changed, 32 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
then jumps the the standard RM piggy protected mode
entry point.
Signed-off-by: Ross Philipson
---
arch/x86/include/asm/realmode.h | 3 ++
arch/x86/kernel/smpboot.c| 86
arch/x86/realmode/rm/header.S| 3 ++
arch/x86/realmode/rm
On 6/18/21 2:32 PM, Robin Murphy wrote:
> On 2021-06-18 17:12, Ross Philipson wrote:
>> The IOMMU should always be set to default translated type after
>> the PMRs are disabled to protect the MLE from DMA.
>>
>> Signed-off-by: Ross Philipson
>> ---
>
On 6/22/21 7:06 AM, Robin Murphy wrote:
On 2021-06-21 18:51, Ross Philipson wrote:
On 6/18/21 2:32 PM, Robin Murphy wrote:
On 2021-06-18 17:12, Ross Philipson wrote:
The IOMMU should always be set to default translated type after
the PMRs are disabled to protect the MLE from DMA.
Signed-off
On 6/21/21 5:15 PM, Andy Lutomirski wrote:
On Mon, Jun 21, 2021 at 10:51 AM Ross Philipson
wrote:
On 6/18/21 2:32 PM, Robin Murphy wrote:
On 2021-06-18 17:12, Ross Philipson wrote:
The IOMMU should always be set to default translated type after
the PMRs are disabled to protect the MLE from
then jumps the the standard RM piggy protected mode
entry point.
Signed-off-by: Ross Philipson
---
arch/x86/include/asm/realmode.h | 3 ++
arch/x86/kernel/smpboot.c| 86
arch/x86/realmode/rm/header.S| 3 ++
arch/x86/realmode/rm
in the ELF symbol table.
Signed-off-by: Arvind Sankar
Cc: Ross Philipson
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/kernel_info.S | 19 +++
arch/x86/boot/compressed/kernel_info.h | 12
arch/x86/boot/compressed/vmlinux.lds.S | 6 ++
3 files c
ment-guide.pdf
https://software.intel.com/en-us/articles/intel-sdm
AMD SKINIT is documented in the System Programming manual:
https://www.amd.com/system/files/TechDocs/24593.pdf
GRUB2 pre-launch support patchset (WIP):
https://lists.gnu.org/archive/html/grub-devel/2020-05/msg00011.html
Thank
was remapped under the
covers.
The setup_indirect structure was introduced in commit:
commit b3c72fc9a78e (x86/boot: Introduce setup_indirect)
Signed-off-by: Ross Philipson
---
arch/x86/kernel/e820.c | 31 -
arch/x86/kernel/kdebugfs.c | 28
Prior to running the next kernel via kexec, the Secure Launch code
closes down private SMX resources and does an SEXIT. This allows the
next kernel to start normally without any issues starting the APs etc.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/slaunch.c | 71
Initial bits to bring in Secure Launch functionality. Add Kconfig
options for compiling in/out the Secure Launch code.
Signed-off-by: Ross Philipson
---
arch/x86/Kconfig | 32
1 file changed, 32 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
e platform module also registers the securityfs nodes to allow
access to TXT register fields on Intel along with the fetching of
and writing events to the late launch TPM log.
Signed-off-by: Daniel P. Smith
Signed-off-by: garnetgrimm
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefi
One of the two functions in ioremap.c that handles setup_data was
missing the correct handling of setup_indirect structures.
Functionality missing from original commit:
commit b3c72fc9a78e (x86/boot: Introduce setup_indirect)
Signed-off-by: Ross Philipson
---
arch/x86/mm/ioremap.c | 21
The Secure Launch MLE environment uses PCRs that are only accessible from
the DRTM locality 2. By default the TPM drivers always initialize the
locality to 0. When a Secure Launch is in progress, initialize the
locality to 2.
Signed-off-by: Ross Philipson
---
drivers/char/tpm/tpm-chip.c | 13
ls in. The result is this is a modified copy of
that code that still leverages the core SHA algorithms.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 2 +
arch/x86/boot/compressed/early_sha1.c | 103
arc
callback (into
ACPI code) or when an emergency reset is done. In these cases,
just the TXT registers are finalized but SEXIT is skipped.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/reboot.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kernel/reboot.c b/arch/x86
handling the APs on Intel
platforms. The routine sl_main which runs after entering 64b mode is
responsible for measuring configuration and module information before
it is used like the boot params, the kernel command line, the TXT heap,
an external initramfs, etc.
Signed-off-by: Ross Philipson
Introduce the main Secure Launch header file used in the early SL stub
and the early setup code.
Signed-off-by: Ross Philipson
---
include/linux/slaunch.h | 532
1 file changed, 532 insertions(+)
create mode 100644 include/linux/slaunch.h
diff
protections are in place.
For TXT, this code also reserves the original compressed kernel setup
area where the APs were left looping so that this memory cannot be used.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefile | 1 +
arch/x86/kernel/setup.c| 3 +
arch/x86/kernel/slaunch.c
Introduce background, overview and configuration/ABI information
for the Secure Launch kernel feature.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
Documentation/x86/index.rst | 1 +
Documentation/x86/secure-launch.rst | 714
2
On 8/10/21 12:19 PM, Jarkko Sakkinen wrote:
On Mon, Aug 09, 2021 at 12:38:44PM -0400, Ross Philipson wrote:
One of the two functions in ioremap.c that handles setup_data was
missing the correct handling of setup_indirect structures.
What is "correct handling", and how was it broken
On 8/10/21 12:21 PM, Jarkko Sakkinen wrote:
On Mon, Aug 09, 2021 at 12:38:56PM -0400, Ross Philipson wrote:
The Secure Launch MLE environment uses PCRs that are only accessible from
the DRTM locality 2. By default the TPM drivers always initialize the
locality to 0. When a Secure Launch is in
callback (into
ACPI code) or when an emergency reset is done. In these cases,
just the TXT registers are finalized but SEXIT is skipped.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/reboot.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kernel/reboot.c b/arch/x86
then jumps the the standard RM piggy protected mode
entry point.
Signed-off-by: Ross Philipson
---
arch/x86/include/asm/realmode.h | 3 ++
arch/x86/kernel/smpboot.c| 86
arch/x86/realmode/rm/header.S| 3 ++
arch/x86/realmode/rm
Prior to running the next kernel via kexec, the Secure Launch code
closes down private SMX resources and does an SEXIT. This allows the
next kernel to start normally without any issues starting the APs etc.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/slaunch.c | 71
Introduce the main Secure Launch header file used in the early SL stub
and the early setup code.
Signed-off-by: Ross Philipson
---
include/linux/slaunch.h | 532
1 file changed, 532 insertions(+)
create mode 100644 include/linux/slaunch.h
diff
in the ELF symbol table.
Signed-off-by: Arvind Sankar
Cc: Ross Philipson
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/kernel_info.S | 19 +++
arch/x86/boot/compressed/kernel_info.h | 12
arch/x86/boot/compressed/vmlinux.lds.S | 6 ++
3 files c
ls in. The result is this is a modified copy of
that code that still leverages the core SHA algorithms.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 2 +
arch/x86/boot/compressed/early_sha1.c | 103
arc
was missing.
Fixes: b3c72fc9a78e ("x86/boot: Introduce setup_indirect")
Signed-off-by: Ross Philipson
---
arch/x86/mm/ioremap.c | 21 +++--
1 file changed, 19 insertions(+), 2 deletions(-)
diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c
index ab74e4f..f2b3
Initial bits to bring in Secure Launch functionality. Add Kconfig
options for compiling in/out the Secure Launch code.
Signed-off-by: Ross Philipson
---
arch/x86/Kconfig | 32
1 file changed, 32 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
Introduce background, overview and configuration/ABI information
for the Secure Launch kernel feature.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
Documentation/x86/index.rst | 1 +
Documentation/x86/secure-launch.rst | 716
2
area is remapped under the
covers.
The fix is to properly memremap both the setup_data and setup_indirect
structures in these cases before accessing them.
Fixes: b3c72fc9a78e ("x86/boot: Introduce setup_indirect")
Signed-off-by: Ross Philipson
---
arch/x86/kernel/e820.
e platform module also registers the securityfs nodes to allow
access to TXT register fields on Intel along with the fetching of
and writing events to the late launch TPM log.
Signed-off-by: Daniel P. Smith
Signed-off-by: garnetgrimm
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefi
The Secure Launch MLE environment uses PCRs that are only accessible from
the DRTM locality 2. By default the TPM drivers always initialize the
locality to 0. When a Secure Launch is in progress, initialize the
locality to 2.
Signed-off-by: Ross Philipson
---
drivers/char/tpm/tpm-chip.c | 9
ed in the System Programming manual:
https://www.amd.com/system/files/TechDocs/24593.pdf
GRUB2 pre-launch support patchset (WIP):
https://lists.gnu.org/archive/html/grub-devel/2020-05/msg00011.html
Thanks
Ross Philipson and Daniel P. Smith
Changes in v2:
- Modified 32b entry code to prevent ca
handling the APs on Intel
platforms. The routine sl_main which runs after entering 64b mode is
responsible for measuring configuration and module information before
it is used like the boot params, the kernel command line, the TXT heap,
an external initramfs, etc.
Signed-off-by: Ross Philipson
protections are in place.
For TXT, this code also reserves the original compressed kernel setup
area where the APs were left looping so that this memory cannot be used.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefile | 1 +
arch/x86/kernel/setup.c| 3 +
arch/x86/kernel/slaunch.c
Prior to running the next kernel via kexec, the Secure Launch code
closes down private SMX resources and does an SEXIT. This allows the
next kernel to start normally without any issues starting the APs etc.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/slaunch.c | 70
The Secure Launch MLE environment uses PCRs that are only accessible from
the DRTM locality 2. By default the TPM drivers always initialize the
locality to 0. When a Secure Launch is in progress, initialize the
locality to 2.
Signed-off-by: Ross Philipson
---
drivers/char/tpm/tpm-chip.c | 13
callback (into
ACPI code) or when an emergency reset is done. In these cases,
just the TXT registers are finalized but SEXIT is skipped.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/reboot.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kernel/reboot.c b/arch/x86
From: "Daniel P. Smith"
This commit exposes a minimal general interface for the compressed
kernel to request the required TPM operations to send measurements to
a TPM.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 2 +-
arc
-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 4 +
arch/x86/boot/compressed/early_sha1.c | 104
arch/x86/boot/compressed/early_sha1.h | 17 +++
arch/x86/boot/compressed/early_sha256.c | 6 +
arch/x86/boot/compressed
From: "Daniel P. Smith"
This commit introduces an abstraction for TPM1.2 and TPM2.0 devices
above the TPM hardware interface.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 3 +-
arch/x86/boot/compressed/
Introduce the main Secure Launch header file used in the early SL stub
and the early setup code.
Signed-off-by: Ross Philipson
---
include/linux/slaunch.h | 544
1 file changed, 544 insertions(+)
create mode 100644 include/linux/slaunch.h
diff
Initial bits to bring in Secure Launch functionality. Add Kconfig
options for compiling in/out the Secure Launch code.
Signed-off-by: Ross Philipson
---
arch/x86/Kconfig | 36
1 file changed, 36 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
handling the APs on Intel
platforms. The routine sl_main which runs after entering 64b mode is
responsible for measuring configuration and module information before
it is used like the boot params, the kernel command line, the TXT heap,
an external initramfs, etc.
Signed-off-by: Ross Philipson
upport patchset (WIP):
https://lists.gnu.org/archive/html/grub-devel/2020-05/msg00011.html
Thanks
Ross Philipson and Daniel P. Smith
Daniel P. Smith (4):
x86: Add early TPM TIS/CRB interface support for Secure Launch
x86: Add early TPM1.2/TPM2.0 interface support for Secure Launch
x86: A
then jumps the the standard RM piggy protected mode
entry point.
Signed-off-by: Ross Philipson
---
arch/x86/include/asm/realmode.h | 3 ++
arch/x86/kernel/smpboot.c| 86
arch/x86/realmode/rm/header.S| 3 ++
arch/x86/realmode/rm
From: "Daniel P. Smith"
The late init functionality registers securityfs nodes to allow access
to TXT register fields on Intel along with the fetching of and writing
events to the late launch TPM log.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
Signed-off-by: g
th
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 2 +
arch/x86/boot/compressed/tpm/crb.c| 304 ++
arch/x86/boot/compressed/tpm/crb.h| 20 ++
arch/x86/boot/compressed/tpm/tis.c| 215 +
arc
protections are in place.
For TXT, this code also reserves the original compressed kernel setup
area where the APs were left looping so that this memory cannot be used.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefile | 1 +
arch/x86/kernel/setup.c| 3 +
arch/x86/kernel/slaunch.c
On 9/24/20 1:38 PM, Arvind Sankar wrote:
> On Thu, Sep 24, 2020 at 10:58:35AM -0400, Ross Philipson wrote:
>> The Secure Launch (SL) stub provides the entry point for Intel TXT (and
>> later AMD SKINIT) to vector to during the late launch. The symbol
>> sl_stub_entry is tha
On 9/24/20 10:08 PM, Randy Dunlap wrote:
> On 9/24/20 7:58 AM, Ross Philipson wrote:
>> Initial bits to bring in Secure Launch functionality. Add Kconfig
>> options for compiling in/out the Secure Launch code.
>>
>> Signed-off-by: Ross Philipson
>
> Hi,
&g
On 9/25/20 3:18 PM, Arvind Sankar wrote:
> On Fri, Sep 25, 2020 at 10:56:43AM -0400, Ross Philipson wrote:
>> On 9/24/20 1:38 PM, Arvind Sankar wrote:
>>> On Thu, Sep 24, 2020 at 10:58:35AM -0400, Ross Philipson wrote:
>>>
>>>> diff --git a/arch/x86/boot/com
On 10/16/20 4:51 PM, Arvind Sankar wrote:
> On Thu, Oct 15, 2020 at 08:26:54PM +0200, Daniel Kiper wrote:
>>
>> I am discussing with Ross the other option. We can create
>> .rodata.mle_header section and put it at fixed offset as
>> kernel_info is. So, we would have, e.g.:
>>
>> arch/x86/boot/compr
On 10/19/20 1:06 PM, Arvind Sankar wrote:
> On Mon, Oct 19, 2020 at 10:38:08AM -0400, Ross Philipson wrote:
>> On 10/16/20 4:51 PM, Arvind Sankar wrote:
>>> On Thu, Oct 15, 2020 at 08:26:54PM +0200, Daniel Kiper wrote:
>>>>
>>>> I am discussing
On 10/21/20 12:18 PM, Arvind Sankar wrote:
> On Wed, Oct 21, 2020 at 05:28:33PM +0200, Daniel Kiper wrote:
>> On Mon, Oct 19, 2020 at 01:18:22PM -0400, Arvind Sankar wrote:
>>> On Mon, Oct 19, 2020 at 04:51:53PM +0200, Daniel Kiper wrote:
On Fri, Oct 16, 2020 at 04:51:51PM -0400, Arvind Sankar
On 12/2/21 12:26, Robin Murphy wrote:
> On 2021-08-27 14:28, Ross Philipson wrote:
> [...]
>> +IOMMU Configuration
>> +---
>> +
>> +When doing a Secure Launch, the IOMMU should always be enabled and
>> the drivers
>> +loaded. However, I
On 12/3/21 11:03, Robin Murphy wrote:
> On 2021-12-03 15:47, Ross Philipson wrote:
>> On 12/2/21 12:26, Robin Murphy wrote:
>>> On 2021-08-27 14:28, Ross Philipson wrote:
>>> [...]
>>>> +IOMMU Configuration
>>>> +---
>>>&
ies it pulls in. The result
is this is a modified copy of that code that still leverages the core
SHA algorithms.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 2 +
arch/x86/boot/compressed/early_sha1.c | 97 +++
then jumps to the standard RM piggy protected mode
entry point.
Signed-off-by: Ross Philipson
---
arch/x86/include/asm/realmode.h | 3 ++
arch/x86/kernel/smpboot.c| 86
arch/x86/realmode/rm/header.S| 3 ++
arch/x86/realmode/rm
Initial bits to bring in Secure Launch functionality. Add Kconfig
options for compiling in/out the Secure Launch code.
Signed-off-by: Ross Philipson
---
arch/x86/Kconfig | 34 ++
1 file changed, 34 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
Introduce the main Secure Launch header file used in the early SL stub
and the early setup code.
Signed-off-by: Ross Philipson
---
include/linux/slaunch.h | 532
1 file changed, 532 insertions(+)
create mode 100644 include/linux/slaunch.h
diff
The Secure Launch MLE environment uses PCRs that are only accessible from
the DRTM locality 2. By default the TPM drivers always initialize the
locality to 0. When a Secure Launch is in progress, initialize the
locality to 2.
Signed-off-by: Ross Philipson
---
drivers/char/tpm/tpm-chip.c | 9
s://software.intel.com/en-us/articles/intel-sdm
AMD SKINIT is documented in the System Programming manual:
https://www.amd.com/system/files/TechDocs/24593.pdf
GRUB2 pre-launch support patchset (WIP):
https://lists.gnu.org/archive/html/grub-devel/2020-05/msg00011.html
Thanks
Ross Philipson and
Prior to running the next kernel via kexec, the Secure Launch code
closes down private SMX resources and does an SEXIT. This allows the
next kernel to start normally without any issues starting the APs etc.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/slaunch.c | 69
protections are in place.
For TXT, this code also reserves the original compressed kernel setup
area where the APs were left looping so that this memory cannot be used.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefile | 1 +
arch/x86/kernel/setup.c| 3 +
arch/x86/kernel/slaunch.c
handling the APs on Intel
platforms. The routine sl_main which runs after entering 64b mode is
responsible for measuring configuration and module information before
it is used like the boot params, the kernel command line, the TXT heap,
an external initramfs, etc.
Signed-off-by: Ross Philipson
e platform module also registers the securityfs nodes to allow
access to TXT register fields on Intel along with the fetching of
and writing events to the late launch TPM log.
Signed-off-by: Daniel P. Smith
Signed-off-by: garnetgrimm
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefi
callback (into
ACPI code) or when an emergency reset is done. In these cases,
just the TXT registers are finalized but SEXIT is skipped.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/reboot.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kernel/reboot.c b/arch/x86
ure in the ELF symbol table.
Signed-off-by: Arvind Sankar
Cc: Ross Philipson
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/kernel_info.S | 19 +++
arch/x86/boot/compressed/kernel_info.h | 12
arch/x86/boot/compressed/vmlinux.lds.S | 6 ++
3 files c
Introduce background, overview and configuration/ABI information
for the Secure Launch kernel feature.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
Documentation/security/index.rst | 1 +
Documentation/security/launch-integrity/index.rst | 10
On 5/12/23 11:04 AM, Thomas Gleixner wrote:
On Thu, May 04 2023 at 14:50, Ross Philipson wrote:
+
+/* CPUID: leaf 1, ECX, SMX feature bit */
+#define X86_FEATURE_BIT_SMX(1 << 6)
+
+/* Can't include apiddef.h in asm */
Why not? All it needs is a #ifndef __ASSEMBLY__ guard a
On 5/12/23 9:10 AM, Ross Philipson wrote:
On 5/12/23 07:00, Matthew Garrett wrote:
On Thu, May 04, 2023 at 02:50:14PM +, Ross Philipson wrote:
+static inline int tpm12_log_event(void *evtlog_base, u32 evtlog_size,
+ u32 event_size, void *event)
+{
+ struct
callback (into
ACPI code) or when an emergency reset is done. In these cases,
just the TXT registers are finalized but SEXIT is skipped.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/reboot.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kernel/reboot.c b/arch/x86
Initial bits to bring in Secure Launch functionality. Add Kconfig
options for compiling in/out the Secure Launch code.
Signed-off-by: Ross Philipson
---
arch/x86/Kconfig | 12
1 file changed, 12 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 3762f41bb092
do then jumps to the standard RM piggy protected mode entry point.
Signed-off-by: Ross Philipson
---
arch/x86/include/asm/realmode.h | 3 ++
arch/x86/kernel/smpboot.c| 56 +++-
arch/x86/realmode/init.c | 3 ++
arch/x86/realmode/rm/header.S
ure in the ELF symbol table.
Signed-off-by: Arvind Sankar
Cc: Ross Philipson
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/kernel_info.S | 19 +++
arch/x86/boot/compressed/kernel_info.h | 12
arch/x86/boot/compressed/vmlinux.lds.S | 6 ++
3 files c
The Secure Launch MLE environment uses PCRs that are only accessible from
the DRTM locality 2. By default the TPM drivers always initialize the
locality to 0. When a Secure Launch is in progress, initialize the
locality to 2.
Signed-off-by: Ross Philipson
---
drivers/char/tpm/tpm-chip.c | 9
Introduce the Secure Launch Resource Table which forms the formal
interface between the pre and post launch code.
Signed-off-by: Ross Philipson
---
include/linux/slr_table.h | 270 ++
1 file changed, 270 insertions(+)
create mode 100644 include/linux
-fc-38-dlstub
Patch set based on commit:
torvolds/master/6bc986ab839c844e78a2333a02e55f02c9e57935
Thanks
Ross Philipson and Daniel P. Smith
Changes in v2:
- Modified 32b entry code to prevent causing relocations in the compressed
kernel.
- Dropped patches for compressed kernel TPM PCR e
e and allow it to be pulled into the
setup kernel in the same manner as sha256 is.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 2 +
arch/x86/boot/compressed/early_sha1.c | 12
arch/x86/boot/compressed/early_sha256.c | 6 ++
i
Prior to running the next kernel via kexec, the Secure Launch code
closes down private SMX resources and does an SEXIT. This allows the
next kernel to start normally without any issues starting the APs etc.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/slaunch.c | 73
Introduce the main Secure Launch header file used in the early SL stub
and the early setup code.
Signed-off-by: Ross Philipson
---
include/linux/slaunch.h | 542
1 file changed, 542 insertions(+)
create mode 100644 include/linux/slaunch.h
diff --git a
e platform module also registers the securityfs nodes to allow
access to TXT register fields on Intel along with the fetching of
and writing events to the late launch TPM log.
Signed-off-by: Daniel P. Smith
Signed-off-by: garnetgrimm
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefi
protections are in place.
For TXT, this code also reserves the original compressed kernel setup
area where the APs were left looping so that this memory cannot be used.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefile | 1 +
arch/x86/kernel/setup.c| 3 +
arch/x86/kernel/slaunch.c
handling the APs on Intel
platforms. The routine sl_main which runs after entering 64b mode is
responsible for measuring configuration and module information before
it is used like the boot params, the kernel command line, the TXT heap,
an external initramfs, etc.
Signed-off-by: Ross Philipson
Introduce background, overview and configuration/ABI information
for the Secure Launch kernel feature.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
Reviewed-by: Bagas Sanjaya
---
Documentation/security/index.rst | 1 +
.../security/launch-integrity/index.rst
On 11/10/23 3:41 PM, Sean Christopherson wrote:
On Fri, Nov 10, 2023, Ross Philipson wrote:
Prior to running the next kernel via kexec, the Secure Launch code
closes down private SMX resources and does an SEXIT. This allows the
next kernel to start normally without any issues starting the APs
1 - 100 of 190 matches
Mail list logo