RE: [PATCH v3 0/3] Locality support for tpm_crb
On Mon, Mar 06, 2017 at 11:35 PM +0800, Jarkko Sakkinen wrote: > On Fri, Mar 03, 2017 at 06:27:19PM -0700, Jerry Snitselaar wrote: > > > > Jarkko Sakkinen @ 2017-02-08 11:11 GMT: > > > > > The tpm_crb driver should follow the policy of reserving and > > > relinquishing the locality it uses when multiple localities are > used, > > > like when TXT is another locality. > > > > > > [This is a resend of v3 as this has been asked from me for a few > times > > > now and there wasn't anything obvious to fix.] > > > > > > Jarkko Sakkinen (3): > > > tpm_crb: map locality registers > > > tpm_crb: encapsulate crb_wait_for_reg_32 > > > tpm_crb: request and relinquish locality 0 > > > > > > drivers/char/tpm/tpm_crb.c | 185 > + > > > 1 file changed, 137 insertions(+), 48 deletions(-) > > > > Reviewed-by: Jerry Snitselaar> > Jimmy, can you give these patches Tested-by? I remember that > you said that they are working for you. Sure. They did work for me. Jimmy
RE: [PATCH v3 0/3] Locality support for tpm_crb
On Mon, Mar 06, 2017 at 11:35 PM +0800, Jarkko Sakkinen wrote: > On Fri, Mar 03, 2017 at 06:27:19PM -0700, Jerry Snitselaar wrote: > > > > Jarkko Sakkinen @ 2017-02-08 11:11 GMT: > > > > > The tpm_crb driver should follow the policy of reserving and > > > relinquishing the locality it uses when multiple localities are > used, > > > like when TXT is another locality. > > > > > > [This is a resend of v3 as this has been asked from me for a few > times > > > now and there wasn't anything obvious to fix.] > > > > > > Jarkko Sakkinen (3): > > > tpm_crb: map locality registers > > > tpm_crb: encapsulate crb_wait_for_reg_32 > > > tpm_crb: request and relinquish locality 0 > > > > > > drivers/char/tpm/tpm_crb.c | 185 > + > > > 1 file changed, 137 insertions(+), 48 deletions(-) > > > > Reviewed-by: Jerry Snitselaar > > Jimmy, can you give these patches Tested-by? I remember that > you said that they are working for you. Sure. They did work for me. Jimmy
[tip:x86/boot] x86/tboot: Update maintainer list for Intel TXT
Commit-ID: 74b18e1750201530ce285a5cd1269a9fb592d905 Gitweb: http://git.kernel.org/tip/74b18e1750201530ce285a5cd1269a9fb592d905 Author: Wei, Gang AuthorDate: Wed, 2 Dec 2015 07:07:20 + Committer: Ingo Molnar CommitDate: Fri, 4 Dec 2015 09:25:52 +0100 x86/tboot: Update maintainer list for Intel TXT Update maintainer list for Intel TXT Signed-off-by: Gang Wei Cc: Andy Lutomirski Cc: Borislav Petkov Cc: Brian Gerst Cc: Denys Vlasenko Cc: H. Peter Anvin Cc: H. Peter Anvin Cc: Joseph Cihula Cc: Linus Torvalds Cc: Ning Sun Cc: Peter Zijlstra Cc: Richard L Maliszewski Cc: Shane Wang Cc: Thomas Gleixner Cc: tboot-de...@lists.sourceforge.net Link: http://lkml.kernel.org/r/d0b11485c64d4b47b66902f8a4e901be03565...@shsmsx102.ccr.corp.intel.com Signed-off-by: Ingo Molnar --- MAINTAINERS | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/MAINTAINERS b/MAINTAINERS index 5192700..9a502c0 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -5621,9 +5621,7 @@ F:Documentation/trace/intel_th.txt F: drivers/hwtracing/intel_th/ INTEL(R) TRUSTED EXECUTION TECHNOLOGY (TXT) -M: Richard L Maliszewski -M: Gang Wei -M: Shane Wang +M: Ning Sun L: tboot-de...@lists.sourceforge.net W: http://tboot.sourceforge.net T: hg http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[tip:x86/boot] x86/tboot: Update maintainer list for Intel TXT
Commit-ID: 74b18e1750201530ce285a5cd1269a9fb592d905 Gitweb: http://git.kernel.org/tip/74b18e1750201530ce285a5cd1269a9fb592d905 Author: Wei, Gang <gang@intel.com> AuthorDate: Wed, 2 Dec 2015 07:07:20 + Committer: Ingo Molnar <mi...@kernel.org> CommitDate: Fri, 4 Dec 2015 09:25:52 +0100 x86/tboot: Update maintainer list for Intel TXT Update maintainer list for Intel TXT Signed-off-by: Gang Wei <gang@intel.com> Cc: Andy Lutomirski <l...@amacapital.net> Cc: Borislav Petkov <b...@alien8.de> Cc: Brian Gerst <brge...@gmail.com> Cc: Denys Vlasenko <dvlas...@redhat.com> Cc: H. Peter Anvin <imceamailto-hpa+40zytor+2e...@intel.com> Cc: H. Peter Anvin <h...@zytor.com> Cc: Joseph Cihula <joseph.cih...@intel.com> Cc: Linus Torvalds <torva...@linux-foundation.org> Cc: Ning Sun <ning@intel.com> Cc: Peter Zijlstra <pet...@infradead.org> Cc: Richard L Maliszewski <richard.l.maliszew...@intel.com> Cc: Shane Wang <shane.w...@intel.com> Cc: Thomas Gleixner <t...@linutronix.de> Cc: tboot-de...@lists.sourceforge.net <tboot-de...@lists.sourceforge.net> Link: http://lkml.kernel.org/r/d0b11485c64d4b47b66902f8a4e901be03565...@shsmsx102.ccr.corp.intel.com Signed-off-by: Ingo Molnar <mi...@kernel.org> --- MAINTAINERS | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/MAINTAINERS b/MAINTAINERS index 5192700..9a502c0 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -5621,9 +5621,7 @@ F:Documentation/trace/intel_th.txt F: drivers/hwtracing/intel_th/ INTEL(R) TRUSTED EXECUTION TECHNOLOGY (TXT) -M: Richard L Maliszewski <richard.l.maliszew...@intel.com> -M: Gang Wei <gang@intel.com> -M: Shane Wang <shane.w...@intel.com> +M: Ning Sun <ning@intel.com> L: tboot-de...@lists.sourceforge.net W: http://tboot.sourceforge.net T: hg http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH] Update maintainer list for Intel TXT
Update maintainer list for Intel TXT Signed-off-by: Gang Wei diff --git a/MAINTAINERS b/MAINTAINERS index cba790b..84c8fe7 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -5621,9 +5621,7 @@ F:Documentation/trace/intel_th.txt F: drivers/hwtracing/intel_th/ INTEL(R) TRUSTED EXECUTION TECHNOLOGY (TXT) -M: Richard L Maliszewski -M: Gang Wei -M: Shane Wang +M: Ning Sun L: tboot-de...@lists.sourceforge.net W: http://tboot.sourceforge.net T: hg http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH] Update maintainer list for Intel TXT
Update maintainer list for Intel TXT Signed-off-by: Gang Wei <gang@intel.com> diff --git a/MAINTAINERS b/MAINTAINERS index cba790b..84c8fe7 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -5621,9 +5621,7 @@ F:Documentation/trace/intel_th.txt F: drivers/hwtracing/intel_th/ INTEL(R) TRUSTED EXECUTION TECHNOLOGY (TXT) -M: Richard L Maliszewski <richard.l.maliszew...@intel.com> -M: Gang Wei <gang@intel.com> -M: Shane Wang <shane.w...@intel.com> +M: Ning Sun <ning@intel.com> L: tboot-de...@lists.sourceforge.net W: http://tboot.sourceforge.net T: hg http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
RE: [PATCH] Documentation: move intel_txt.txt to Documentation/x86
Ren, Qiaowei wrote on 2013-12-10: > Documentation/x86 is a more fitting place for intel_txt.txt. > > Signed-off-by: Qiaowei Ren > --- > Documentation/intel_txt.txt | 210 > --- Documentation/x86/intel_txt.txt > | 210 +++ 2 files changed, 210 > insertions(+), 210 deletions(-) delete mode 100644 > Documentation/intel_txt.txt create mode 100644 > Documentation/x86/intel_txt.txt Ack. Jimmy smime.p7s Description: S/MIME cryptographic signature
RE: [PATCH] Documentation: move intel_txt.txt to Documentation/x86
Ren, Qiaowei wrote on 2013-12-10: Documentation/x86 is a more fitting place for intel_txt.txt. Signed-off-by: Qiaowei Ren qiaowei@intel.com --- Documentation/intel_txt.txt | 210 --- Documentation/x86/intel_txt.txt | 210 +++ 2 files changed, 210 insertions(+), 210 deletions(-) delete mode 100644 Documentation/intel_txt.txt create mode 100644 Documentation/x86/intel_txt.txt Ack. Jimmy smime.p7s Description: S/MIME cryptographic signature
RE: [PATCH] x86: add a new SMP bring up way for tboot case
Oh, the question should be in what states all the AP CPU registers are. Do you think we need to define the case like what Intel SDM defined for getsec[SENTER]? Jimmy H. Peter Anvin wrote on 2013-05-15: > No, this does not really answer the question of what the CPU state looks > like. > > "Ren, Qiaowei" wrote: > >> On 2013-05-14, H. Peter Anvin wrote: >>> On 05/14/2013 02:21 PM, Qiaowei Ren wrote: tboot provides a better AP wakeup mechanism based on cpu MWAIT feature for OS/VMM. With this mechanism, system will boot faster and will NOT require VT to be enabled. But it requires that OS/VMM must have support it, otherwise system can never boot up. Once this mechanism is enabled, tboot will put APs waiting in MWAIT loops before launching kernel. kernel can check the new flag field in v6 tboot shared page for the hint. If the bit TB_FLAG_AP_WAKE_SUPPORT in flag field is set, kernel BSP has to write the monitored memory (tboot->ap_wake_trigger) to bring APs out of MWAIT loops. The sipi vector should be written in tboot->ap_wake_addr before waking up APs. >>> >>> This really needs a *detailed* specification about the state the CPU >>> is parked in. Most BIOSes do in fact park the CPUs in an mwait loop, >>> but we can't use it because the CPU state they are parked in is >>> ill-defined. >>> >>> This is a good idea, but please write (or point to) a spec about what >>> the parked CPU state looks like and how the OS gets control. From the >>> *looks* of the code I assume it is entered in 16-bit real mode but >>> then it is important to know what parts of the register state are >> well-defined. >> >> The following is how to do mwait for tboot & kernel: >> >> For bootstrap processor (BSP), "tboot TXT pre-launch" is executed after >> BIOS. In this stage, tboot will issue GETSEC[SENTER], which broadcasts >> messages to the chipset and other physical or logical processors in the >> platform. In response, other logical processors perform basic cleanup >> and other tasks, and then finally enter SENTER sleep state. >> >> Next, for BSP, SINIT will run and then enter "tboot post-launch", which >> will start all sleeping APs. If tboot command line option " >> ap_wake_mwait=true" is set, APs will do some work and then enter mwait >> loop. Kernel will be launched in BSP by tboot post-launch, and bring >> APs out of mwait loop. >> >> Tboot works in protected mode (but paging is disabled), and closes >> interrupt. For APs, MONITOR and MWAIT related code in tboot is as >> follows: >>while ( _tboot_shared.ap_wake_trigger != cpuid ) { >>cpu_monitor(&_tboot_shared.ap_wake_trigger, 0, 0); >>mb(); >>if ( _tboot_shared.ap_wake_trigger == cpuid ) >>break; >>cpu_mwait(0, 0); >>} >> Their extension and hint are all 0. According Intel manual: >> Extension=0: Treat interrupts as break events even if masked (e.g., >> even if EFLAGS.IF=0). >> Hint=0: the preferred optimized state the processor should enter is >> C0. >> So, when "tboot->ap_wake_trigger" is set by kernel, APs can exit from >> mwait loop. >> >> Peter, I don't know whether I explain your problem. What do you think >> about it? >> >> Thanks, >> Qiaowei > Jimmy smime.p7s Description: S/MIME cryptographic signature
RE: [PATCH] x86: add a new SMP bring up way for tboot case
Oh, the question should be in what states all the AP CPU registers are. Do you think we need to define the case like what Intel SDM defined for getsec[SENTER]? Jimmy H. Peter Anvin wrote on 2013-05-15: No, this does not really answer the question of what the CPU state looks like. Ren, Qiaowei qiaowei@intel.com wrote: On 2013-05-14, H. Peter Anvin wrote: On 05/14/2013 02:21 PM, Qiaowei Ren wrote: tboot provides a better AP wakeup mechanism based on cpu MWAIT feature for OS/VMM. With this mechanism, system will boot faster and will NOT require VT to be enabled. But it requires that OS/VMM must have support it, otherwise system can never boot up. Once this mechanism is enabled, tboot will put APs waiting in MWAIT loops before launching kernel. kernel can check the new flag field in v6 tboot shared page for the hint. If the bit TB_FLAG_AP_WAKE_SUPPORT in flag field is set, kernel BSP has to write the monitored memory (tboot-ap_wake_trigger) to bring APs out of MWAIT loops. The sipi vector should be written in tboot-ap_wake_addr before waking up APs. This really needs a *detailed* specification about the state the CPU is parked in. Most BIOSes do in fact park the CPUs in an mwait loop, but we can't use it because the CPU state they are parked in is ill-defined. This is a good idea, but please write (or point to) a spec about what the parked CPU state looks like and how the OS gets control. From the *looks* of the code I assume it is entered in 16-bit real mode but then it is important to know what parts of the register state are well-defined. The following is how to do mwait for tboot kernel: For bootstrap processor (BSP), tboot TXT pre-launch is executed after BIOS. In this stage, tboot will issue GETSEC[SENTER], which broadcasts messages to the chipset and other physical or logical processors in the platform. In response, other logical processors perform basic cleanup and other tasks, and then finally enter SENTER sleep state. Next, for BSP, SINIT will run and then enter tboot post-launch, which will start all sleeping APs. If tboot command line option ap_wake_mwait=true is set, APs will do some work and then enter mwait loop. Kernel will be launched in BSP by tboot post-launch, and bring APs out of mwait loop. Tboot works in protected mode (but paging is disabled), and closes interrupt. For APs, MONITOR and MWAIT related code in tboot is as follows: while ( _tboot_shared.ap_wake_trigger != cpuid ) { cpu_monitor(_tboot_shared.ap_wake_trigger, 0, 0); mb(); if ( _tboot_shared.ap_wake_trigger == cpuid ) break; cpu_mwait(0, 0); } Their extension and hint are all 0. According Intel manual: Extension=0: Treat interrupts as break events even if masked (e.g., even if EFLAGS.IF=0). Hint=0: the preferred optimized state the processor should enter is C0. So, when tboot-ap_wake_trigger is set by kernel, APs can exit from mwait loop. Peter, I don't know whether I explain your problem. What do you think about it? Thanks, Qiaowei Jimmy smime.p7s Description: S/MIME cryptographic signature
RE: [PATCH v2] x86: add a new SMP bring up way for tboot case
Any comments on this patch? Jimmy Ren, Qiaowei wrote on 2012-10-11: > tboot provides a better AP wakeup mechanism based on cpu MWAIT feature > for OS/VMM. With this mechanism, system will boot faster and will NOT > require VT to be enabled. But it requires that OS/VMM must have support > it, otherwise system can never boot up. > > Once this mechanism is enabled, tboot will put APs waiting in MWAIT > loops before launching kernel. kernel can check the new flag field in v6 > tboot shared page for the hint. If the bit TB_FLAG_AP_WAKE_SUPPORT in > flag field is set, kernel BSP has to write the monitored memory > (tboot->ap_wake_trigger) to bring APs out of MWAIT loops. The sipi > vector should be written in tboot->ap_wake_addr before waking up APs. > > Signed-off-by: Qiaowei Ren > Signed-off-by: Xiaoyan Zhang > Signed-off-by: Gang Wei > --- > arch/x86/kernel/smpboot.c | 21 +++-- > arch/x86/kernel/tboot.c | 17 + > include/linux/tboot.h | 17 + > 3 files changed, 45 insertions(+), 10 deletions(-) > diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c > index c80a33b..884c3e7 100644 > --- a/arch/x86/kernel/smpboot.c > +++ b/arch/x86/kernel/smpboot.c > @@ -662,8 +662,7 @@ static int __cpuinit do_boot_cpu(int apicid, int cpu, > struct task_struct *idle) > /* start_ip had better be page-aligned! */ > unsigned long start_ip = real_mode_header->trampoline_start; > - unsigned long boot_error = 0; > - int timeout; > + int timeout, boot_error = 0; > > /* Just in case we booted with a single CPU. */ > alternatives_enable_smp(); > @@ -710,14 +709,16 @@ static int __cpuinit do_boot_cpu(int apicid, int cpu, > struct task_struct *idle) > } > } > - /* - * Kick the secondary CPU. Use the method in the APIC driver -* > if it's defined - or use an INIT boot APIC message otherwise: -*/ - if > (apic->wakeup_secondary_cpu) -boot_error = > apic->wakeup_secondary_cpu(apicid, start_ip); - else - boot_error = > wakeup_secondary_cpu_via_init(apicid, start_ip); +if > (!tboot_wake_up(apicid, start_ip)) { +/* + * Kick the secondary CPU. > Use the method in the APIC driver +* if it's defined - or use an INIT > boot APIC message otherwise: + */ + if (apic->wakeup_secondary_cpu) > + boot_error = apic->wakeup_secondary_cpu(apicid, start_ip); +else > + boot_error = wakeup_secondary_cpu_via_init(apicid, start_ip); +} > > if (!boot_error) { > /* > diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c > index f84fe00..e5e50b8 100644 > --- a/arch/x86/kernel/tboot.c > +++ b/arch/x86/kernel/tboot.c > @@ -101,6 +101,8 @@ void __init tboot_probe(void) > pr_debug("shutdown_entry: 0x%x\n", tboot->shutdown_entry); > pr_debug("tboot_base: 0x%08x\n", tboot->tboot_base); > pr_debug("tboot_size: 0x%x\n", tboot->tboot_size); > + if (tboot->version >= 6) > + pr_info("flags: 0x%08x\n", tboot->flags); > } > > static pgd_t *tboot_pg_dir; > @@ -453,3 +455,18 @@ int tboot_force_iommu(void) > > return 1; > } > + > +int tboot_wake_up(int apicid, unsigned long sipi_vec) > +{ > + if (!tboot_enabled()) > + return 0; > + > + if ((tboot->version < 6) || > + !(tboot->flags & TB_FLAG_AP_WAKE_SUPPORT)) > + return 0; > + > + tboot->ap_wake_addr = sipi_vec; > + tboot->ap_wake_trigger = apicid; > + > + return 1; > +} > diff --git a/include/linux/tboot.h b/include/linux/tboot.h > index c75128b..d65f7e9 100644 > --- a/include/linux/tboot.h > +++ b/include/linux/tboot.h > @@ -124,8 +124,23 @@ struct tboot { > > /* number of processors in wait-for-SIPI */ > u32 num_in_wfs; > + > + /* > + * version 6+ fields: > + */ > + > + u32 flags; > + > + /* phys addr of kernel/VMM SIPI vector */ > + u64 ap_wake_addr; > + > + /* kernel/VMM writes APIC ID to wake AP */ > + u32 ap_wake_trigger; > } __packed; > +/* kernel/VMM use INIT-SIPI-SIPI if clear, ap_wake_* if set */ > +#define TB_FLAG_AP_WAKE_SUPPORT 0X0001 > + > /* > * UUID for tboot data struct to facilitate matching > * defined as {663C8DFF-E8B3-4b82-AABF-19EA4D057A08} by tboot, which is > @@ -146,6 +161,7 @@ extern void tboot_shutdown(u32 shutdown_type); > extern struct acpi_table_header *tboot_get_dmar_table( > struct acpi_table_header *dmar_tbl); > extern int tboot_force_iommu(void); > +extern int tboot_wake_up(int apicid, unsigned long sipi_vec); > > #else > @@ -156,6 +172,7 @@ extern int tboot_force_iommu(void); > do { } while (0) > #define tboot_get_dmar_table(dmar_tbl) (dmar_tbl) > #define tboot_force_iommu() 0 > +#define tboot_wake_up(apicid,
RE: [PATCH v2] x86: add a new SMP bring up way for tboot case
Any comments on this patch? Jimmy Ren, Qiaowei wrote on 2012-10-11: tboot provides a better AP wakeup mechanism based on cpu MWAIT feature for OS/VMM. With this mechanism, system will boot faster and will NOT require VT to be enabled. But it requires that OS/VMM must have support it, otherwise system can never boot up. Once this mechanism is enabled, tboot will put APs waiting in MWAIT loops before launching kernel. kernel can check the new flag field in v6 tboot shared page for the hint. If the bit TB_FLAG_AP_WAKE_SUPPORT in flag field is set, kernel BSP has to write the monitored memory (tboot-ap_wake_trigger) to bring APs out of MWAIT loops. The sipi vector should be written in tboot-ap_wake_addr before waking up APs. Signed-off-by: Qiaowei Ren qiaowei@intel.com Signed-off-by: Xiaoyan Zhang xiaoyan.zh...@intel.com Signed-off-by: Gang Wei gang@intel.com --- arch/x86/kernel/smpboot.c | 21 +++-- arch/x86/kernel/tboot.c | 17 + include/linux/tboot.h | 17 + 3 files changed, 45 insertions(+), 10 deletions(-) diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c index c80a33b..884c3e7 100644 --- a/arch/x86/kernel/smpboot.c +++ b/arch/x86/kernel/smpboot.c @@ -662,8 +662,7 @@ static int __cpuinit do_boot_cpu(int apicid, int cpu, struct task_struct *idle) /* start_ip had better be page-aligned! */ unsigned long start_ip = real_mode_header-trampoline_start; - unsigned long boot_error = 0; - int timeout; + int timeout, boot_error = 0; /* Just in case we booted with a single CPU. */ alternatives_enable_smp(); @@ -710,14 +709,16 @@ static int __cpuinit do_boot_cpu(int apicid, int cpu, struct task_struct *idle) } } - /* - * Kick the secondary CPU. Use the method in the APIC driver -* if it's defined - or use an INIT boot APIC message otherwise: -*/ - if (apic-wakeup_secondary_cpu) -boot_error = apic-wakeup_secondary_cpu(apicid, start_ip); - else - boot_error = wakeup_secondary_cpu_via_init(apicid, start_ip); +if (!tboot_wake_up(apicid, start_ip)) { +/* + * Kick the secondary CPU. Use the method in the APIC driver +* if it's defined - or use an INIT boot APIC message otherwise: + */ + if (apic-wakeup_secondary_cpu) + boot_error = apic-wakeup_secondary_cpu(apicid, start_ip); +else + boot_error = wakeup_secondary_cpu_via_init(apicid, start_ip); +} if (!boot_error) { /* diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c index f84fe00..e5e50b8 100644 --- a/arch/x86/kernel/tboot.c +++ b/arch/x86/kernel/tboot.c @@ -101,6 +101,8 @@ void __init tboot_probe(void) pr_debug(shutdown_entry: 0x%x\n, tboot-shutdown_entry); pr_debug(tboot_base: 0x%08x\n, tboot-tboot_base); pr_debug(tboot_size: 0x%x\n, tboot-tboot_size); + if (tboot-version = 6) + pr_info(flags: 0x%08x\n, tboot-flags); } static pgd_t *tboot_pg_dir; @@ -453,3 +455,18 @@ int tboot_force_iommu(void) return 1; } + +int tboot_wake_up(int apicid, unsigned long sipi_vec) +{ + if (!tboot_enabled()) + return 0; + + if ((tboot-version 6) || + !(tboot-flags TB_FLAG_AP_WAKE_SUPPORT)) + return 0; + + tboot-ap_wake_addr = sipi_vec; + tboot-ap_wake_trigger = apicid; + + return 1; +} diff --git a/include/linux/tboot.h b/include/linux/tboot.h index c75128b..d65f7e9 100644 --- a/include/linux/tboot.h +++ b/include/linux/tboot.h @@ -124,8 +124,23 @@ struct tboot { /* number of processors in wait-for-SIPI */ u32 num_in_wfs; + + /* + * version 6+ fields: + */ + + u32 flags; + + /* phys addr of kernel/VMM SIPI vector */ + u64 ap_wake_addr; + + /* kernel/VMM writes APIC ID to wake AP */ + u32 ap_wake_trigger; } __packed; +/* kernel/VMM use INIT-SIPI-SIPI if clear, ap_wake_* if set */ +#define TB_FLAG_AP_WAKE_SUPPORT 0X0001 + /* * UUID for tboot data struct to facilitate matching * defined as {663C8DFF-E8B3-4b82-AABF-19EA4D057A08} by tboot, which is @@ -146,6 +161,7 @@ extern void tboot_shutdown(u32 shutdown_type); extern struct acpi_table_header *tboot_get_dmar_table( struct acpi_table_header *dmar_tbl); extern int tboot_force_iommu(void); +extern int tboot_wake_up(int apicid, unsigned long sipi_vec); #else @@ -156,6 +172,7 @@ extern int tboot_force_iommu(void); do { } while (0) #define tboot_get_dmar_table(dmar_tbl) (dmar_tbl) #define tboot_force_iommu() 0 +#define tboot_wake_up(apicid, sipi_vec) 0 #endif /* !CONFIG_INTEL_TXT */ smime.p7s Description: S/MIME
RE: [PATCH] driver/char/tpm: fix regression causesd by ppi
Kent Yoder wrote on 2012-10-10: > On Tue, Oct 09, 2012 at 05:35:22PM +0800, gang@intel.com wrote: >> @@ -1476,7 +1477,7 @@ struct tpm_chip *tpm_register_hardware(struct > device *dev, >> goto put_device; >> } >> -if (sys_add_ppi(>kobj)) { >> +if (tpm_add_ppi(>kobj)) { >> misc_deregister(>vendor.miscdev); >> goto put_device; >> } >> > Hmm, tpm_add_ppi is just sysfs_create_group, which only ever returns > 0. Looks like we can remove this error path, but PPI is unusable in the > failure case. sysfs_create_group will return 0 on success or return error code. So I don't think we can remove this error path. The previous call to sysfs_create_group also have similar error path. >> +EXPORT_SYMBOL_GPL(tpm_add_ppi); >> ... >> +EXPORT_SYMBOL_GPL(tpm_remove_ppi); >> > Do we need to export these symbols? These might have been left around > from when ppi was a standalone module. We definitely need to export these symbols, since ppi was in tpm_bios.ko, and these symbols are called from tpm.ko. Jimmy smime.p7s Description: S/MIME cryptographic signature
RE: [PATCH] driver/char/tpm: fix regression causesd by ppi
Kent Yoder wrote on 2012-10-10: On Tue, Oct 09, 2012 at 05:35:22PM +0800, gang@intel.com wrote: @@ -1476,7 +1477,7 @@ struct tpm_chip *tpm_register_hardware(struct device *dev, goto put_device; } -if (sys_add_ppi(dev-kobj)) { +if (tpm_add_ppi(dev-kobj)) { misc_deregister(chip-vendor.miscdev); goto put_device; } Hmm, tpm_add_ppi is just sysfs_create_group, which only ever returns 0. Looks like we can remove this error path, but PPI is unusable in the failure case. sysfs_create_group will return 0 on success or return error code. So I don't think we can remove this error path. The previous call to sysfs_create_group also have similar error path. +EXPORT_SYMBOL_GPL(tpm_add_ppi); ... +EXPORT_SYMBOL_GPL(tpm_remove_ppi); Do we need to export these symbols? These might have been left around from when ppi was a standalone module. We definitely need to export these symbols, since ppi was in tpm_bios.ko, and these symbols are called from tpm.ko. Jimmy smime.p7s Description: S/MIME cryptographic signature
RE: Possible regression: BUG in fs/sysfs/group.c:65
Kent Yoder wrote on 2012-10-06: > On Fri, Oct 05, 2012 at 11:16:06AM -0700, Eric W. Biederman wrote: >> Ben Guthro writes: >> >>> I am seeing a regression in today's (Oct 5) kernel - 2 WARNINGS, and a >>> BUG below that seems to occur upon resuming from S3. >>> >>> I can start a bisection with 3.6 - but wanted to check to see if >>> anyone else is also experiencing this failure... >> >> I took a quick look and this is a deterministic failure. The same >> file is being added to sysfs twice. >> >> Since the routine causing this failure appears to be sys_add_ppi I >> expect the commit that added this failure mode is the commit below. >> >> Xiaoyan Zhang, Kent Yoder can you guys look at this see why the tpm >> code is adding itself multiple times into sysfs? > > It looks like the ppi sysfs teardown code is MIA. Xiaoyan, can you add > it to tpm_ppi.c, with a caller in tpm_unregister_hardware? I will try to provide a fix. Jimmy smime.p7s Description: S/MIME cryptographic signature
RE: Possible regression: BUG in fs/sysfs/group.c:65
Kent Yoder wrote on 2012-10-06: On Fri, Oct 05, 2012 at 11:16:06AM -0700, Eric W. Biederman wrote: Ben Guthro b...@guthro.net writes: I am seeing a regression in today's (Oct 5) kernel - 2 WARNINGS, and a BUG below that seems to occur upon resuming from S3. I can start a bisection with 3.6 - but wanted to check to see if anyone else is also experiencing this failure... I took a quick look and this is a deterministic failure. The same file is being added to sysfs twice. Since the routine causing this failure appears to be sys_add_ppi I expect the commit that added this failure mode is the commit below. Xiaoyan Zhang, Kent Yoder can you guys look at this see why the tpm code is adding itself multiple times into sysfs? It looks like the ppi sysfs teardown code is MIA. Xiaoyan, can you add it to tpm_ppi.c, with a caller in tpm_unregister_hardware? I will try to provide a fix. Jimmy smime.p7s Description: S/MIME cryptographic signature
RE: [PATCH] x86/kernel: remove tboot 1:1 page table creation code
Acked-by: Gang Wei > From: Xiaoyan Zhang > > For TXT boot, while Linux kernel trys to shutdown/S3/S4/reboot, it need to > jump back to tboot code and do TXT teardown work. Previously kernel zapped > all mem page identity mapping (va=pa) after booting, so tboot code mem > address > was mapped again with identity mapping. Now kernel didn't zap the identity > mapping page table, so tboot related code can remove the remapping code > before > trapping back now. > > Signed-off-by: Xiaoyan Zhang > --- > arch/x86/kernel/tboot.c | 78 +++ > 1 files changed, 5 insertions(+), 73 deletions(-) > > diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c > index f84fe00..d4f460f 100644 > --- a/arch/x86/kernel/tboot.c > +++ b/arch/x86/kernel/tboot.c > @@ -103,71 +103,13 @@ void __init tboot_probe(void) > pr_debug("tboot_size: 0x%x\n", tboot->tboot_size); > } > > -static pgd_t *tboot_pg_dir; > -static struct mm_struct tboot_mm = { > - .mm_rb = RB_ROOT, > - .pgd= swapper_pg_dir, > - .mm_users = ATOMIC_INIT(2), > - .mm_count = ATOMIC_INIT(1), > - .mmap_sem = __RWSEM_INITIALIZER(init_mm.mmap_sem), > - .page_table_lock = > __SPIN_LOCK_UNLOCKED(init_mm.page_table_lock), > - .mmlist = LIST_HEAD_INIT(init_mm.mmlist), > -}; > - > static inline void switch_to_tboot_pt(void) > { > - write_cr3(virt_to_phys(tboot_pg_dir)); > -} > - > -static int map_tboot_page(unsigned long vaddr, unsigned long pfn, > - pgprot_t prot) > -{ > - pgd_t *pgd; > - pud_t *pud; > - pmd_t *pmd; > - pte_t *pte; > - > - pgd = pgd_offset(_mm, vaddr); > - pud = pud_alloc(_mm, pgd, vaddr); > - if (!pud) > - return -1; > - pmd = pmd_alloc(_mm, pud, vaddr); > - if (!pmd) > - return -1; > - pte = pte_alloc_map(_mm, NULL, pmd, vaddr); > - if (!pte) > - return -1; > - set_pte_at(_mm, vaddr, pte, pfn_pte(pfn, prot)); > - pte_unmap(pte); > - return 0; > -} > - > -static int map_tboot_pages(unsigned long vaddr, unsigned long start_pfn, > -unsigned long nr) > -{ > - /* Reuse the original kernel mapping */ > - tboot_pg_dir = pgd_alloc(_mm); > - if (!tboot_pg_dir) > - return -1; > - > - for (; nr > 0; nr--, vaddr += PAGE_SIZE, start_pfn++) { > - if (map_tboot_page(vaddr, start_pfn, PAGE_KERNEL_EXEC)) > - return -1; > - } > - > - return 0; > -} > - > -static void tboot_create_trampoline(void) > -{ > - u32 map_base, map_size; > - > - /* Create identity map for tboot shutdown code. */ > - map_base = PFN_DOWN(tboot->tboot_base); > - map_size = PFN_UP(tboot->tboot_size); > - if (map_tboot_pages(map_base << PAGE_SHIFT, map_base, map_size)) > - panic("tboot: Error mapping tboot pages (mfns) @ 0x%x, 0x%x\n", > - map_base, map_size); > +#ifdef CONFIG_X86_32 > + load_cr3(initial_page_table); > +#else > + write_cr3(real_mode_header->trampoline_pgd); > +#endif > } > > #ifdef CONFIG_ACPI_SLEEP > @@ -225,14 +167,6 @@ void tboot_shutdown(u32 shutdown_type) > if (!tboot_enabled()) > return; > > - /* > - * if we're being called before the 1:1 mapping is set up then just > - * return and let the normal shutdown happen; this should only be > - * due to very early panic() > - */ > - if (!tboot_pg_dir) > - return; > - > /* if this is S3 then set regions to MAC */ > if (shutdown_type == TB_SHUTDOWN_S3) > if (tboot_setup_sleep()) > @@ -343,8 +277,6 @@ static __init int tboot_late_init(void) > if (!tboot_enabled()) > return 0; > > - tboot_create_trampoline(); > - > atomic_set(_wfs_count, 0); > register_hotcpu_notifier(_cpu_notifier); > > -- > 1.7.7.6 smime.p7s Description: S/MIME cryptographic signature
RE: [PATCH] MAINTAINERS: fix TXT maintainer list and source repo path
Thanks for pointing it out. Jimmy On Thu, 2012-08-30 at 16:34 +0800, j...@perches.com wrote: > On Thu, 2012-08-30 at 13:19 +0800, gang@intel.com wrote: > > diff --git a/MAINTAINERS b/MAINTAINERS > [] > > INTEL(R) TRUSTED EXECUTION TECHNOLOGY (TXT) > [] > > -T: Mercurial http://www.bughost.org/repos.hg/tboot.hg > > +T: Mercurial http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot > > Perhaps this would be better as: > T:hg http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot > > From the MAINTAINERS introduction: > > Descriptions of section entries: > [] > T: SCM tree type and location. Type is one of: git, hg, quilt, stgit, > topgit. > smime.p7s Description: S/MIME cryptographic signature
RE: [PATCH] MAINTAINERS: fix TXT maintainer list and source repo path
Thanks for pointing it out. Jimmy On Thu, 2012-08-30 at 16:34 +0800, j...@perches.com wrote: On Thu, 2012-08-30 at 13:19 +0800, gang@intel.com wrote: diff --git a/MAINTAINERS b/MAINTAINERS [] INTEL(R) TRUSTED EXECUTION TECHNOLOGY (TXT) [] -T: Mercurial http://www.bughost.org/repos.hg/tboot.hg +T: Mercurial http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot Perhaps this would be better as: T:hg http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot From the MAINTAINERS introduction: Descriptions of section entries: [] T: SCM tree type and location. Type is one of: git, hg, quilt, stgit, topgit. smime.p7s Description: S/MIME cryptographic signature
RE: [PATCH] x86/kernel: remove tboot 1:1 page table creation code
Acked-by: Gang Wei gang@intel.com From: Xiaoyan Zhang xiaoyan.zh...@intel.com For TXT boot, while Linux kernel trys to shutdown/S3/S4/reboot, it need to jump back to tboot code and do TXT teardown work. Previously kernel zapped all mem page identity mapping (va=pa) after booting, so tboot code mem address was mapped again with identity mapping. Now kernel didn't zap the identity mapping page table, so tboot related code can remove the remapping code before trapping back now. Signed-off-by: Xiaoyan Zhang xiaoyan.zh...@intel.com --- arch/x86/kernel/tboot.c | 78 +++ 1 files changed, 5 insertions(+), 73 deletions(-) diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c index f84fe00..d4f460f 100644 --- a/arch/x86/kernel/tboot.c +++ b/arch/x86/kernel/tboot.c @@ -103,71 +103,13 @@ void __init tboot_probe(void) pr_debug(tboot_size: 0x%x\n, tboot-tboot_size); } -static pgd_t *tboot_pg_dir; -static struct mm_struct tboot_mm = { - .mm_rb = RB_ROOT, - .pgd= swapper_pg_dir, - .mm_users = ATOMIC_INIT(2), - .mm_count = ATOMIC_INIT(1), - .mmap_sem = __RWSEM_INITIALIZER(init_mm.mmap_sem), - .page_table_lock = __SPIN_LOCK_UNLOCKED(init_mm.page_table_lock), - .mmlist = LIST_HEAD_INIT(init_mm.mmlist), -}; - static inline void switch_to_tboot_pt(void) { - write_cr3(virt_to_phys(tboot_pg_dir)); -} - -static int map_tboot_page(unsigned long vaddr, unsigned long pfn, - pgprot_t prot) -{ - pgd_t *pgd; - pud_t *pud; - pmd_t *pmd; - pte_t *pte; - - pgd = pgd_offset(tboot_mm, vaddr); - pud = pud_alloc(tboot_mm, pgd, vaddr); - if (!pud) - return -1; - pmd = pmd_alloc(tboot_mm, pud, vaddr); - if (!pmd) - return -1; - pte = pte_alloc_map(tboot_mm, NULL, pmd, vaddr); - if (!pte) - return -1; - set_pte_at(tboot_mm, vaddr, pte, pfn_pte(pfn, prot)); - pte_unmap(pte); - return 0; -} - -static int map_tboot_pages(unsigned long vaddr, unsigned long start_pfn, -unsigned long nr) -{ - /* Reuse the original kernel mapping */ - tboot_pg_dir = pgd_alloc(tboot_mm); - if (!tboot_pg_dir) - return -1; - - for (; nr 0; nr--, vaddr += PAGE_SIZE, start_pfn++) { - if (map_tboot_page(vaddr, start_pfn, PAGE_KERNEL_EXEC)) - return -1; - } - - return 0; -} - -static void tboot_create_trampoline(void) -{ - u32 map_base, map_size; - - /* Create identity map for tboot shutdown code. */ - map_base = PFN_DOWN(tboot-tboot_base); - map_size = PFN_UP(tboot-tboot_size); - if (map_tboot_pages(map_base PAGE_SHIFT, map_base, map_size)) - panic(tboot: Error mapping tboot pages (mfns) @ 0x%x, 0x%x\n, - map_base, map_size); +#ifdef CONFIG_X86_32 + load_cr3(initial_page_table); +#else + write_cr3(real_mode_header-trampoline_pgd); +#endif } #ifdef CONFIG_ACPI_SLEEP @@ -225,14 +167,6 @@ void tboot_shutdown(u32 shutdown_type) if (!tboot_enabled()) return; - /* - * if we're being called before the 1:1 mapping is set up then just - * return and let the normal shutdown happen; this should only be - * due to very early panic() - */ - if (!tboot_pg_dir) - return; - /* if this is S3 then set regions to MAC */ if (shutdown_type == TB_SHUTDOWN_S3) if (tboot_setup_sleep()) @@ -343,8 +277,6 @@ static __init int tboot_late_init(void) if (!tboot_enabled()) return 0; - tboot_create_trampoline(); - atomic_set(ap_wfs_count, 0); register_hotcpu_notifier(tboot_cpu_notifier); -- 1.7.7.6 smime.p7s Description: S/MIME cryptographic signature