These values are needed by Secure Launch to locate particular CPUs
during AP startup and to restore the MTRR state after a TXT launch.
Signed-off-by: Ross Philipson
---
arch/x86/include/asm/msr-index.h | 5 +
1 file changed, 5 insertions(+)
diff --git a/arch/x86/include/asm/msr-index.h b
This support allows the DRTM launch to be initiated after an EFI stub
launch of the Linux kernel is done. This is accomplished by providing
a handler to jump to when a Secure Launch is in progress. This has to be
called after the EFI stub does Exit Boot Services.
Signed-off-by: Ross Philipson
DRTM needs to be able to set the locality used by kernel. Provide
a one-shot function tpm_chip_set_locality() for the purpose.
Signed-off-by: Ross Philipson
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-chip.c | 33 -
drivers/char/tpm
From: "Daniel P. Smith"
There are environments, for example, those that comply with the TCG D-RTM
specification that requires the TPM to be left in locality 2. Prepare
kernel for such environments by closing all the localities.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross
callback (into
ACPI code) or when an emergency reset is done. In these cases,
just the TXT registers are finalized but SEXIT is skipped.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/reboot.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kernel/reboot.c b/arch/x86
Prior to running the next kernel via kexec, the Secure Launch code
closes down private SMX resources and does an SEXIT. This allows the
next kernel to start normally without any issues starting the APs etc.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/slaunch.c | 72
Expose the locality used by the kernel to sysfs.
Signed-off-by: Ross Philipson
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-sysfs.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 94231f052ea7
e platform module also registers the securityfs nodes to allow
access to TXT register fields on Intel along with the fetching of
and writing events to the late launch TPM log.
Signed-off-by: Daniel P. Smith
Signed-off-by: garnetgrimm
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefi
start of the setup kernel. The support in the linker
file achieves this.
Signed-off-by: Ross Philipson
Suggested-by: Ard Biesheuvel
Reviewed-by: Ard Biesheuvel
---
arch/x86/boot/compressed/kernel_info.S | 50 +++---
arch/x86/boot/compressed/vmlinux.lds.S | 7
2
niel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 2 +
arch/x86/boot/compressed/sha1.c | 6 +++
include/crypto/sha1.h | 1 +
lib/crypto/sha1.c | 81 +++
4 files changed, 90 insertions(+)
create
From: "Daniel P. Smith"
Validate that the input locality is within the correct range, as specified
by TCG standards, and increase the locality count also for the positive
localities.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
Signed-off-by: Jarkko Sakkinen
---
dr
do then jumps to the standard RM piggy protected mode entry point.
Signed-off-by: Ross Philipson
---
arch/x86/include/asm/realmode.h | 3 ++
arch/x86/kernel/smpboot.c| 43 ++--
arch/x86/realmode/init.c | 3 ++
arch/x86/realmode/rm/header.S
handling the APs on Intel
platforms. The routine sl_main which runs after entering 64b mode is
responsible for measuring configuration and module information before
it is used like the boot params, the kernel command line, the TXT heap,
an external initramfs, etc.
Signed-off-by: Ross Philipson
annot be used.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefile | 1 +
arch/x86/kernel/setup.c| 3 +
arch/x86/kernel/slaunch.c | 524 +
drivers/iommu/intel/dmar.c | 4 +
4 files changed, 532 insertions(+)
create mode 100644 arch/x86/k
Introduce the Secure Launch Resource Table which forms the formal
interface between the pre and post launch code.
Signed-off-by: Ross Philipson
---
include/linux/slr_table.h | 277 ++
1 file changed, 277 insertions(+)
create mode 100644 include/linux
Initial bits to bring in Secure Launch functionality. Add Kconfig
options for compiling in/out the Secure Launch code.
Signed-off-by: Ross Philipson
---
arch/x86/Kconfig | 11 +++
1 file changed, 11 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 9d7bd0ae48c4
ly we would like to thank everyone for their input and assistance. It has
all been very helpful in improving the quality of our solution and in
reviewing/strengthening our security posture.
Thanks
Ross Philipson and Daniel P. Smith
Changes in v2:
- Modified 32b entry code to prevent causing relo
From: "Daniel P. Smith"
Introduce background, overview and configuration/ABI information
for the Secure Launch kernel feature.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
Reviewed-by: Bagas Sanjaya
---
Documentation/security/index.rst | 1 +
..
Introduce the main Secure Launch header file used in the early SL stub
and the early setup code.
Signed-off-by: Ross Philipson
---
include/linux/slaunch.h | 547
1 file changed, 547 insertions(+)
create mode 100644 include/linux/slaunch.h
diff --git a
nel is not uncompressed at this point.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 2 +-
arch/x86/boot/compressed/sha256.c | 6 ++
2 files changed, 7 insertions(+), 1 deletion(-)
create mode 100644 arch/x86/boot/compressed/sha256.c
On 11/21/24 2:42 PM, Andy Lutomirski wrote:
On Thu, Nov 21, 2024 at 12:54 PM Andy Lutomirski wrote:
On Thu, Nov 21, 2024 at 12:11 PM wrote:
On 11/18/24 12:02 PM, Andy Lutomirski wrote:
If the vendor of an attestation-dependent thing trusts SM3 but *Linux*
does not like SM3, then the vend
On 11/18/24 12:02 PM, Andy Lutomirski wrote:
On Mon, Nov 18, 2024 at 11:12 AM James Bottomley
wrote:
On Mon, 2024-11-18 at 10:43 -0800, Andy Lutomirski wrote:
Linux should not use TPM2_PCR_Extend *at all*. Instead, Linux should
exclusively use TPM2_PCR_Event. I would expect that passing, sa
Initial bits to bring in Secure Launch functionality. Add Kconfig
options for compiling in/out the Secure Launch code.
Signed-off-by: Ross Philipson
---
arch/x86/Kconfig | 11 +++
1 file changed, 11 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 007bab9f2a0e
s/TechDocs/24593.pdf
The TrenchBoot project provides a quick start guide to help get a system
up and running with Secure Launch for Linux:
https://github.com/TrenchBoot/documentation/blob/master/QUICKSTART.md
Patch set based on commit:
torvalds/master/77f587896757708780a7e8792efe62939f25a5ab
Thanks
Ro
This support allows the DRTM launch to be initiated after an EFI stub
launch of the Linux kernel is done. This is accomplished by providing
a handler to jump to when a Secure Launch is in progress. This has to be
called after the EFI stub does Exit Boot Services.
Signed-off-by: Ross Philipson
e platform module also registers the securityfs nodes to allow
access to TXT register fields on Intel along with the fetching of
and writing events to the late launch TPM log.
Signed-off-by: Daniel P. Smith
Signed-off-by: garnetgrimm
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefi
Expose a sysfs interface to allow user mode to set and query the default
locality set for the TPM chip.
Signed-off-by: Ross Philipson
---
drivers/char/tpm/tpm-sysfs.c | 30 ++
1 file changed, 30 insertions(+)
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char
Curently the locality is hard coded to 0 but for DRTM support, access
is needed to localities 1 through 4.
Signed-off-by: Ross Philipson
---
drivers/char/tpm/tpm-chip.c | 24 +++-
include/linux/tpm.h | 4
2 files changed, 27 insertions(+), 1 deletion(-)
diff
ned-off-by: Ross Philipson
---
drivers/char/tpm/tpm_tis_core.c | 11 +++
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c
index 22ebf679ea69..20a8b341be0d 100644
--- a/drivers/char/tpm/tpm_tis_core.c
+++ b/driver
From: "Daniel P. Smith"
When tis_tis_core initializes, it assumes all localities are closed. There
are cases when this may not be the case. This commit addresses this by
ensuring all localities are closed before initializing begins.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross
ned-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
Reported-by: Kanth Ghatraju
---
drivers/char/tpm/tpm_tis_core.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c
index fdef214b9f6b..a6967f312837 10
callback (into
ACPI code) or when an emergency reset is done. In these cases,
just the TXT registers are finalized but SEXIT is skipped.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/reboot.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kernel/reboot.c b/arch/x86
Prior to running the next kernel via kexec, the Secure Launch code
closes down private SMX resources and does an SEXIT. This allows the
next kernel to start normally without any issues starting the APs etc.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/slaunch.c | 72
do then jumps to the standard RM piggy protected mode entry point.
Signed-off-by: Ross Philipson
---
arch/x86/include/asm/realmode.h | 3 ++
arch/x86/kernel/smpboot.c| 43 ++--
arch/x86/realmode/init.c | 3 ++
arch/x86/realmode/rm/header.S
annot be used.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefile | 1 +
arch/x86/kernel/setup.c| 3 +
arch/x86/kernel/slaunch.c | 524 +
drivers/iommu/intel/dmar.c | 4 +
4 files changed, 532 insertions(+)
create mode 100644 arch/x86/k
handling the APs on Intel
platforms. The routine sl_main which runs after entering 64b mode is
responsible for measuring configuration and module information before
it is used like the boot params, the kernel command line, the TXT heap,
an external initramfs, etc.
Signed-off-by: Ross Philipson
start of the setup kernel. The support in the linker
file achieves this.
Signed-off-by: Ross Philipson
Suggested-by: Ard Biesheuvel
Reviewed-by: Ard Biesheuvel
---
arch/x86/boot/compressed/kernel_info.S | 50 +++---
arch/x86/boot/compressed/vmlinux.lds.S | 7
2
These values are needed by Secure Launch to locate particular CPUs
during AP startup and to restore the MTRR state after a TXT launch.
Signed-off-by: Ross Philipson
---
arch/x86/include/asm/msr-index.h | 5 +
1 file changed, 5 insertions(+)
diff --git a/arch/x86/include/asm/msr-index.h b
nel is not uncompressed at this point.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 2 +-
arch/x86/boot/compressed/sha256.c | 6 ++
2 files changed, 7 insertions(+), 1 deletion(-)
create mode 100644 arch/x86/boot/compressed/sha256.c
niel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 2 +
arch/x86/boot/compressed/sha1.c | 6 +++
include/crypto/sha1.h | 1 +
lib/crypto/sha1.c | 81 +++
4 files changed, 90 insertions(+)
create
Introduce the main Secure Launch header file used in the early SL stub
and the early setup code.
Signed-off-by: Ross Philipson
---
include/linux/slaunch.h | 548
1 file changed, 548 insertions(+)
create mode 100644 include/linux/slaunch.h
diff --git a
From: "Daniel P. Smith"
Introduce background, overview and configuration/ABI information
for the Secure Launch kernel feature.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
Reviewed-by: Bagas Sanjaya
---
Documentation/security/index.rst | 1 +
..
Introduce the Secure Launch Resource Table which forms the formal
interface between the pre and post launch code.
Signed-off-by: Ross Philipson
---
include/linux/slr_table.h | 276 ++
1 file changed, 276 insertions(+)
create mode 100644 include/linux
N9M2RV99hQ!KhkZK77BXRIR4F24tKkUeIlIrdqXtUW2vcnDV74c_5BmrQBQaQ4FqcDKKv9LB3HQUocTGkrmIxuz-LAC$
]
url:
https://urldefense.com/v3/__https://github.com/intel-lab-lkp/linux/commits/Ross-Philipson/Documentation-x86-Secure-Launch-kernel-documentation/20240827-065225__;!!ACWV5
d in
https://urldefense.com/v3/__https://git-scm.com/docs/git-format-patch*_base_tree_information__;Iw!!ACWV5N9M2RV99hQ!KhkZK77BXRIR4F24tKkUeIlIrdqXtUW2vcnDV74c_5BmrQBQaQ4FqcDKKv9LB3HQUocTGkrmIxuz-LAC$
]
url:
https://urldefense.com/v3/__https://github.com/intel-lab-lkp/linux/commits/Ross-Philipson/Doc
On 8/27/24 11:14 AM, 'Eric Biggers' via trenchboot-devel wrote:
On Thu, May 30, 2024 at 07:16:56PM -0700, Eric Biggers wrote:
On Thu, May 30, 2024 at 06:03:18PM -0700, Ross Philipson wrote:
From: "Daniel P. Smith"
For better or worse, Secure Launch needs SHA-1 and SH
On 8/27/24 3:28 AM, Ard Biesheuvel wrote:
On Tue, 27 Aug 2024 at 00:44, Ross Philipson wrote:
This support allows the DRTM launch to be initiated after an EFI stub
launch of the Linux kernel is done. This is accomplished by providing
a handler to jump to when a Secure Launch is in progress
Introduce the main Secure Launch header file used in the early SL stub
and the early setup code.
Signed-off-by: Ross Philipson
---
include/linux/slaunch.h | 548
1 file changed, 548 insertions(+)
create mode 100644 include/linux/slaunch.h
diff --git a
s/TechDocs/24593.pdf
The TrenchBoot project provides a quick start guide to help get a system
up and running with Secure Launch for Linux:
https://github.com/TrenchBoot/documentation/blob/master/QUICKSTART.md
Patch set based on commit:
torvalds/master/b311c1b497e51a628aa89e7cb954481e5f9dced2
Thanks
Ro
This support allows the DRTM launch to be initiated after an EFI stub
launch of the Linux kernel is done. This is accomplished by providing
a handler to jump to when a Secure Launch is in progress. This has to be
called after the EFI stub does Exit Boot Services.
Signed-off-by: Ross Philipson
e platform module also registers the securityfs nodes to allow
access to TXT register fields on Intel along with the fetching of
and writing events to the late launch TPM log.
Signed-off-by: Daniel P. Smith
Signed-off-by: garnetgrimm
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefi
Expose a sysfs interface to allow user mode to set and query the default
locality set for the TPM chip.
Signed-off-by: Ross Philipson
---
drivers/char/tpm/tpm-sysfs.c | 30 ++
1 file changed, 30 insertions(+)
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char
Curently the locality is hard coded to 0 but for DRTM support, access
is needed to localities 1 through 4.
Signed-off-by: Ross Philipson
---
drivers/char/tpm/tpm-chip.c | 24 +++-
include/linux/tpm.h | 4
2 files changed, 27 insertions(+), 1 deletion(-)
diff
ned-off-by: Ross Philipson
---
drivers/char/tpm/tpm_tis_core.c | 11 +++
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c
index 22ebf679ea69..20a8b341be0d 100644
--- a/drivers/char/tpm/tpm_tis_core.c
+++ b/driver
From: "Daniel P. Smith"
When tis_tis_core initializes, it assumes all localities are closed. There
are cases when this may not be the case. This commit addresses this by
ensuring all localities are closed before initializing begins.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross
ned-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
Reported-by: Kanth Ghatraju
---
drivers/char/tpm/tpm_tis_core.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c
index fdef214b9f6b..a6967f312837 10
callback (into
ACPI code) or when an emergency reset is done. In these cases,
just the TXT registers are finalized but SEXIT is skipped.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/reboot.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kernel/reboot.c b/arch/x86
Prior to running the next kernel via kexec, the Secure Launch code
closes down private SMX resources and does an SEXIT. This allows the
next kernel to start normally without any issues starting the APs etc.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/slaunch.c | 72
handling the APs on Intel
platforms. The routine sl_main which runs after entering 64b mode is
responsible for measuring configuration and module information before
it is used like the boot params, the kernel command line, the TXT heap,
an external initramfs, etc.
Signed-off-by: Ross Philipson
do then jumps to the standard RM piggy protected mode entry point.
Signed-off-by: Ross Philipson
---
arch/x86/include/asm/realmode.h | 3 ++
arch/x86/kernel/smpboot.c| 43 ++--
arch/x86/realmode/init.c | 3 ++
arch/x86/realmode/rm/header.S
annot be used.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefile | 1 +
arch/x86/kernel/setup.c| 3 +
arch/x86/kernel/slaunch.c | 524 +
drivers/iommu/intel/dmar.c | 4 +
4 files changed, 532 insertions(+)
create mode 100644 arch/x86/k
start of the setup kernel. The support in the linker
file achieves this.
Signed-off-by: Ross Philipson
Suggested-by: Ard Biesheuvel
---
arch/x86/boot/compressed/kernel_info.S | 50 +++---
arch/x86/boot/compressed/vmlinux.lds.S | 7
2 files changed, 53 insertions(
From: "Daniel P. Smith"
Introduce background, overview and configuration/ABI information
for the Secure Launch kernel feature.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
Reviewed-by: Bagas Sanjaya
---
Documentation/security/index.rst | 1 +
..
These values are needed by Secure Launch to locate particular CPUs
during AP startup and to restore the MTRR state after a TXT launch.
Signed-off-by: Ross Philipson
---
arch/x86/include/asm/msr-index.h | 5 +
1 file changed, 5 insertions(+)
diff --git a/arch/x86/include/asm/msr-index.h b
nel is not uncompressed at this point.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 2 +-
arch/x86/boot/compressed/sha256.c | 6 ++
2 files changed, 7 insertions(+), 1 deletion(-)
create mode 100644 arch/x86/boot/compressed/sha256.c
niel P. Smith
Signed-off-by: Ross Philipson
---
arch/x86/boot/compressed/Makefile | 2 +
arch/x86/boot/compressed/sha1.c | 6 +++
include/crypto/sha1.h | 1 +
lib/crypto/sha1.c | 82 +++
4 files changed, 91 insertions(+)
create
Introduce the Secure Launch Resource Table which forms the formal
interface between the pre and post launch code.
Signed-off-by: Ross Philipson
---
include/linux/slr_table.h | 276 ++
1 file changed, 276 insertions(+)
create mode 100644 include/linux
Initial bits to bring in Secure Launch functionality. Add Kconfig
options for compiling in/out the Secure Launch code.
Signed-off-by: Ross Philipson
---
arch/x86/Kconfig | 11 +++
1 file changed, 11 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 007bab9f2a0e
On 6/4/24 3:59 PM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
The routine slaunch_setup is called out of the x86 specific setup_arch()
routine during early kernel boot. After determining what platform is
present, various operations specific to that
On 6/19/24 5:18 PM, Jarkko Sakkinen wrote:
On Thu Jun 6, 2024 at 7:49 PM EEST, wrote:
For any architectures dig a similar fact:
1. Is not dead.
2. Will be there also in future.
Make any architecture existentially relevant for and not too much
coloring in the text that is easy to check.
It is
On 6/5/24 11:02 PM, Jarkko Sakkinen wrote:
On Wed Jun 5, 2024 at 10:03 PM EEST, wrote:
So I did not mean to imply that DRTM support on various
platforms/architectures has a short expiration date. In fact we are
actively working on DRTM support through the TrenchBoot project on
several platforms
Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
Introduce the Secure Launch Resource Table which forms the formal
interface between the pre and post launch code.
Signed-off-by: Ross Philipson
If a uarch specific, I'd appreciate Intel SDM reference here so that I
can
On 6/4/24 5:22 PM, Jarkko Sakkinen wrote:
On Wed Jun 5, 2024 at 2:00 AM EEST, wrote:
On 6/4/24 3:36 PM, Jarkko Sakkinen wrote:
On Tue Jun 4, 2024 at 11:31 PM EEST, wrote:
On 6/4/24 11:21 AM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
Introduce the
On 6/4/24 3:50 PM, Jarkko Sakkinen wrote:
On Wed Jun 5, 2024 at 1:14 AM EEST, wrote:
On 6/4/24 1:27 PM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
Curently the locality is hard coded to 0 but for DRTM support, access
is needed to localities 1 through 4
On 6/4/24 3:36 PM, Jarkko Sakkinen wrote:
On Tue Jun 4, 2024 at 11:31 PM EEST, wrote:
On 6/4/24 11:21 AM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
Introduce the Secure Launch Resource Table which forms the formal
interface between the pre and post
On 6/4/24 1:27 PM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
Curently the locality is hard coded to 0 but for DRTM support, access
is needed to localities 1 through 4.
Signed-off-by: Ross Philipson
---
drivers/char/tpm/tpm-chip.c | 24
On 6/4/24 1:05 PM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
On Intel, the APs are left in a well documented state after TXT performs
the late launch. Specifically they cannot have #INIT asserted on them so
a standard startup via INIT/SIPI/SIPI cannot be
On 6/4/24 12:59 PM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
The routine slaunch_setup is called out of the x86 specific setup_arch()
routine during early kernel boot. After determining what platform is
present, various operations specific to that
On 6/4/24 12:58 PM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
The routine slaunch_setup is called out of the x86 specific setup_arch()
routine during early kernel boot. After determining what platform is
present, various operations specific to that
03:32, Ross Philipson wrote:
The Secure Launch (SL) stub provides the entry point for Intel TXT (and
later AMD SKINIT) to vector to during the late launch. The symbol
sl_stub_entry is that entry point and its offset into the kernel is
conveyed to the launching code using the MLE (Measured Launch
On 6/4/24 12:56 PM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
The Secure Launch (SL) stub provides the entry point for Intel TXT (and
later AMD SKINIT) to vector to during the late launch. The symbol
sl_stub_entry is that entry point and its offset into
On 6/4/24 11:52 AM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
From: "Daniel P. Smith"
For better or worse, Secure Launch needs SHA-1 and SHA-256. The
choice of hashes used lie with the platform firmware, not with
software, and is often outs
On 6/4/24 11:24 AM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
Introduce the main Secure Launch header file used in the early SL stub
and the early setup code.
Signed-off-by: Ross Philipson
Right and anything AMD specific should also have legit
On 6/4/24 11:21 AM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
Introduce the Secure Launch Resource Table which forms the formal
interface between the pre and post launch code.
Signed-off-by: Ross Philipson
If a uarch specific, I'd appreciate Inte
On 6/4/24 11:18 AM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
From: Arvind Sankar
There are use cases for storing the offset of a symbol in kernel_info.
For example, the trenchboot series [0] needs to store the offset of the
Measured Launch Environment
On 6/4/24 10:27 AM, Ard Biesheuvel wrote:
On Tue, 4 Jun 2024 at 19:24, wrote:
On 5/31/24 6:33 AM, Ard Biesheuvel wrote:
On Fri, 31 May 2024 at 13:00, Ard Biesheuvel wrote:
Hello Ross,
On Fri, 31 May 2024 at 03:32, Ross Philipson wrote:
The Secure Launch (SL) stub provides the entry
On 5/31/24 7:04 AM, Ard Biesheuvel wrote:
On Fri, 31 May 2024 at 15:33, Ard Biesheuvel wrote:
On Fri, 31 May 2024 at 13:00, Ard Biesheuvel wrote:
Hello Ross,
On Fri, 31 May 2024 at 03:32, Ross Philipson wrote:
The Secure Launch (SL) stub provides the entry point for Intel TXT (and
On 5/31/24 6:33 AM, Ard Biesheuvel wrote:
On Fri, 31 May 2024 at 13:00, Ard Biesheuvel wrote:
Hello Ross,
On Fri, 31 May 2024 at 03:32, Ross Philipson wrote:
The Secure Launch (SL) stub provides the entry point for Intel TXT (and
later AMD SKINIT) to vector to during the late launch. The
On 5/31/24 4:09 AM, Ard Biesheuvel wrote:
On Fri, 31 May 2024 at 03:32, Ross Philipson wrote:
This support allows the DRTM launch to be initiated after an EFI stub
launch of the Linux kernel is done. This is accomplished by providing
a handler to jump to when a Secure Launch is in progress
On 5/31/24 4:00 AM, Ard Biesheuvel wrote:
Hello Ross,
Hi Ard,
On Fri, 31 May 2024 at 03:32, Ross Philipson wrote:
The Secure Launch (SL) stub provides the entry point for Intel TXT (and
later AMD SKINIT) to vector to during the late launch. The symbol
sl_stub_entry is that entry point
On 5/30/24 7:16 PM, Eric Biggers wrote:
On Thu, May 30, 2024 at 06:03:18PM -0700, Ross Philipson wrote:
From: "Daniel P. Smith"
For better or worse, Secure Launch needs SHA-1 and SHA-256. The
choice of hashes used lie with the platform firmware, not with
software, and is often outs
e platform module also registers the securityfs nodes to allow
access to TXT register fields on Intel along with the fetching of
and writing events to the late launch TPM log.
Signed-off-by: Daniel P. Smith
Signed-off-by: garnetgrimm
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefi
Curently the locality is hard coded to 0 but for DRTM support, access
is needed to localities 1 through 4.
Signed-off-by: Ross Philipson
---
drivers/char/tpm/tpm-chip.c | 24 +++-
drivers/char/tpm/tpm-interface.c | 15 +++
drivers/char/tpm/tpm.h
ned-off-by: Ross Philipson
---
drivers/char/tpm/tpm_tis_core.c | 11 +++
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c
index 9fb53bb3e73f..685bdeadec51 100644
--- a/drivers/char/tpm/tpm_tis_core.c
+++ b/driver
From: "Daniel P. Smith"
When tis core initializes, it assumes all localities are closed. There
are cases when this may not be the case. This commit addresses this by
ensuring all localities are closed before initializing begins.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross
Prior to running the next kernel via kexec, the Secure Launch code
closes down private SMX resources and does an SEXIT. This allows the
next kernel to start normally without any issues starting the APs etc.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/slaunch.c | 73
ned-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
Reported-by: Kanth Ghatraju
Fixes: 933bfc5ad213 ("tpm, tpm: Implement usage counter for locality")
---
drivers/char/tpm/tpm_tis_core.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/char/tpm/tpm_
protections are in place.
For TXT, this code also reserves the original compressed kernel setup
area where the APs were left looping so that this memory cannot be used.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/Makefile | 1 +
arch/x86/kernel/setup.c| 3 +
arch/x86/kernel/slaunch.c
Expose a sysfs interface to allow user mode to set and query the preferred
locality for the TPM chip.
Signed-off-by: Ross Philipson
---
drivers/char/tpm/tpm-sysfs.c | 30 ++
1 file changed, 30 insertions(+)
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char
callback (into
ACPI code) or when an emergency reset is done. In these cases,
just the TXT registers are finalized but SEXIT is skipped.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/reboot.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kernel/reboot.c b/arch/x86
1 - 100 of 212 matches
Mail list logo
