On 21-04-2025 21:57, Ross Philipson wrote:
+/*
+ * The kernel_info structure is not placed at a fixed offest in the
typo offest -> offset
+ * kernel image. So this macro and the support in the linker file
+ * allow the relative offsets for the MLE header within the kernel
+ * image to be
On 21-04-2025 21:57, Ross Philipson wrote:
Prior to running the next kernel via kexec, the Secure Launch code
closes down private SMX resources and does an SEXIT. This allows the
next kernel to start normally without any issues starting the APs etc.
Signed-off-by: Ross Philipson
---
[clip]
On 21-04-2025 21:57, Ross Philipson wrote:
The Secure Launch (SL) stub provides the entry point for Intel TXT to
jump to during the dynamic launch. The symbol sl_stub_entry is that entry
point and its offset into the kernel is conveyed to the launching code using
the Measured Launch Environmen
On 11-04-2025 02:11, Ross Philipson wrote:
+
+ - Entry from the dynamic launch jumps to the SL stub.
+ - SL stub fixes up the world on the BSP.
+ - For TXT, SL stub wakes the APs, fixes up their worlds.
+ - For TXT, APs are left halted using MONITOR/MWAIT intructions.
typo intructions -> ins
On 11-04-2025 02:11, Ross Philipson wrote:
+.. note::
+Intel TXT pre-dates the TCG Dynamic Launch specification. In the Intel TXT
+documentation, Dynamic Root of Trust for Measurement was abbreviated as
DRTM.
+When Dynamic Launch was codified in the TCG specification, it was given
On 11-04-2025 02:11, Ross Philipson wrote:
DRTM needs to be able to set the locality used by kernel. Provide
a one-shot function tpm_chip_set_locality() for the purpose.
Signed-off-by: Ross Philipson
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-chip.c | 33 +
On 11-04-2025 02:11, Ross Philipson wrote:
Introduce the main Secure Launch header file used in the early SL stub
and the early setup code.
This header file contains the following categories:
- Secure Launch implementation specific structures and definitions.
- Intel TXT architecture spec
On 21-04-2025 21:56, Ross Philipson wrote:
+static inline int
+slr_add_entry(struct slr_table *table,
+ struct slr_entry_hdr *entry)
+{
+ struct slr_entry_hdr *end;
+
+ if ((table->size + entry->size) > table->max_size)
+ return -1;
+
+ memcpy((u8 *)
On 21-04-2025 21:56, Ross Philipson wrote:
The Secure Launch Specification is an architectural agnostic, software neutral
API/ABI maintainted by the TrenchBoot project. It's function is to allow any
typo maintainted
compliant boot loader to communicate the pre-launch configuration to any
c
