RE: [PATCH v3 0/3] Locality support for tpm_crb

[Wei, Gang]

On Mon, Mar 06, 2017 at 11:35 PM +0800, Jarkko Sakkinen wrote:
> On Fri, Mar 03, 2017 at 06:27:19PM -0700, Jerry Snitselaar wrote:
> >
> > Jarkko Sakkinen @ 2017-02-08 11:11 GMT:
> >
> > > The tpm_crb driver should follow the policy of reserving and
> > > relinquishing the locality it uses when multiple localities are
> used,
> > > like when TXT is another locality.
> > >
> > > [This is a resend of v3 as this has been asked from me for a few
> times
> > >  now and there wasn't anything obvious to fix.]
> > >
> > > Jarkko Sakkinen (3):
> > >   tpm_crb: map locality registers
> > >   tpm_crb: encapsulate crb_wait_for_reg_32
> > >   tpm_crb: request and relinquish locality 0
> > >
> > >  drivers/char/tpm/tpm_crb.c | 185
> +
> > >  1 file changed, 137 insertions(+), 48 deletions(-)
> >
> > Reviewed-by: Jerry Snitselaar 
> 
> Jimmy, can you give these patches Tested-by? I remember that
> you said that they are working for you.

Sure. They did work for me.

Jimmy

RE: [PATCH v3 0/3] Locality support for tpm_crb

[Wei, Gang]

On Mon, Mar 06, 2017 at 11:35 PM +0800, Jarkko Sakkinen wrote:
> On Fri, Mar 03, 2017 at 06:27:19PM -0700, Jerry Snitselaar wrote:
> >
> > Jarkko Sakkinen @ 2017-02-08 11:11 GMT:
> >
> > > The tpm_crb driver should follow the policy of reserving and
> > > relinquishing the locality it uses when multiple localities are
> used,
> > > like when TXT is another locality.
> > >
> > > [This is a resend of v3 as this has been asked from me for a few
> times
> > >  now and there wasn't anything obvious to fix.]
> > >
> > > Jarkko Sakkinen (3):
> > >   tpm_crb: map locality registers
> > >   tpm_crb: encapsulate crb_wait_for_reg_32
> > >   tpm_crb: request and relinquish locality 0
> > >
> > >  drivers/char/tpm/tpm_crb.c | 185
> +
> > >  1 file changed, 137 insertions(+), 48 deletions(-)
> >
> > Reviewed-by: Jerry Snitselaar 
> 
> Jimmy, can you give these patches Tested-by? I remember that
> you said that they are working for you.

Sure. They did work for me.

Jimmy

[tip:x86/boot] x86/tboot: Update maintainer list for Intel TXT

[tip-bot for Wei, Gang]

Commit-ID:  74b18e1750201530ce285a5cd1269a9fb592d905
Gitweb: http://git.kernel.org/tip/74b18e1750201530ce285a5cd1269a9fb592d905
Author: Wei, Gang 
AuthorDate: Wed, 2 Dec 2015 07:07:20 +
Committer:  Ingo Molnar 
CommitDate: Fri, 4 Dec 2015 09:25:52 +0100

x86/tboot: Update maintainer list for Intel TXT

Update maintainer list for Intel TXT

Signed-off-by: Gang Wei 
Cc: Andy Lutomirski 
Cc: Borislav Petkov 
Cc: Brian Gerst 
Cc: Denys Vlasenko 
Cc: H. Peter Anvin 
Cc: H. Peter Anvin 
Cc: Joseph Cihula 
Cc: Linus Torvalds 
Cc: Ning Sun 
Cc: Peter Zijlstra 
Cc: Richard L Maliszewski 
Cc: Shane Wang 
Cc: Thomas Gleixner 
Cc: tboot-de...@lists.sourceforge.net 
Link: 
http://lkml.kernel.org/r/d0b11485c64d4b47b66902f8a4e901be03565...@shsmsx102.ccr.corp.intel.com
Signed-off-by: Ingo Molnar 
---
 MAINTAINERS | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/MAINTAINERS b/MAINTAINERS
index 5192700..9a502c0 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -5621,9 +5621,7 @@ F:Documentation/trace/intel_th.txt
 F: drivers/hwtracing/intel_th/
 
 INTEL(R) TRUSTED EXECUTION TECHNOLOGY (TXT)
-M: Richard L Maliszewski 
-M: Gang Wei 
-M: Shane Wang 
+M: Ning Sun 
 L: tboot-de...@lists.sourceforge.net
 W: http://tboot.sourceforge.net
 T: hg http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[tip:x86/boot] x86/tboot: Update maintainer list for Intel TXT

[tip-bot for Wei, Gang]

Commit-ID:  74b18e1750201530ce285a5cd1269a9fb592d905
Gitweb: http://git.kernel.org/tip/74b18e1750201530ce285a5cd1269a9fb592d905
Author: Wei, Gang <gang@intel.com>
AuthorDate: Wed, 2 Dec 2015 07:07:20 +
Committer:  Ingo Molnar <mi...@kernel.org>
CommitDate: Fri, 4 Dec 2015 09:25:52 +0100

x86/tboot: Update maintainer list for Intel TXT

Update maintainer list for Intel TXT

Signed-off-by: Gang Wei <gang@intel.com>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Borislav Petkov <b...@alien8.de>
Cc: Brian Gerst <brge...@gmail.com>
Cc: Denys Vlasenko <dvlas...@redhat.com>
Cc: H. Peter Anvin <imceamailto-hpa+40zytor+2e...@intel.com>
Cc: H. Peter Anvin <h...@zytor.com>
Cc: Joseph Cihula <joseph.cih...@intel.com>
Cc: Linus Torvalds <torva...@linux-foundation.org>
Cc: Ning Sun <ning@intel.com>
Cc: Peter Zijlstra <pet...@infradead.org>
Cc: Richard L Maliszewski <richard.l.maliszew...@intel.com>
Cc: Shane Wang <shane.w...@intel.com>
Cc: Thomas Gleixner <t...@linutronix.de>
Cc: tboot-de...@lists.sourceforge.net <tboot-de...@lists.sourceforge.net>
Link: 
http://lkml.kernel.org/r/d0b11485c64d4b47b66902f8a4e901be03565...@shsmsx102.ccr.corp.intel.com
Signed-off-by: Ingo Molnar <mi...@kernel.org>
---
 MAINTAINERS | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/MAINTAINERS b/MAINTAINERS
index 5192700..9a502c0 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -5621,9 +5621,7 @@ F:Documentation/trace/intel_th.txt
 F: drivers/hwtracing/intel_th/
 
 INTEL(R) TRUSTED EXECUTION TECHNOLOGY (TXT)
-M: Richard L Maliszewski <richard.l.maliszew...@intel.com>
-M: Gang Wei <gang@intel.com>
-M: Shane Wang <shane.w...@intel.com>
+M: Ning Sun <ning@intel.com>
 L: tboot-de...@lists.sourceforge.net
 W: http://tboot.sourceforge.net
 T: hg http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[PATCH] Update maintainer list for Intel TXT

[Wei, Gang]

Update maintainer list for Intel TXT

Signed-off-by: Gang Wei 
diff --git a/MAINTAINERS b/MAINTAINERS
index cba790b..84c8fe7 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -5621,9 +5621,7 @@ F:Documentation/trace/intel_th.txt
 F: drivers/hwtracing/intel_th/
 
 INTEL(R) TRUSTED EXECUTION TECHNOLOGY (TXT)
-M: Richard L Maliszewski 
-M: Gang Wei 
-M: Shane Wang 
+M: Ning Sun 
 L: tboot-de...@lists.sourceforge.net
 W: http://tboot.sourceforge.net
 T: hg http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[PATCH] Update maintainer list for Intel TXT

[Wei, Gang]

Update maintainer list for Intel TXT

Signed-off-by: Gang Wei <gang@intel.com>
diff --git a/MAINTAINERS b/MAINTAINERS
index cba790b..84c8fe7 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -5621,9 +5621,7 @@ F:Documentation/trace/intel_th.txt
 F: drivers/hwtracing/intel_th/
 
 INTEL(R) TRUSTED EXECUTION TECHNOLOGY (TXT)
-M: Richard L Maliszewski <richard.l.maliszew...@intel.com>
-M:     Gang Wei <gang@intel.com>
-M: Shane Wang <shane.w...@intel.com>
+M: Ning Sun <ning@intel.com>
 L: tboot-de...@lists.sourceforge.net
 W: http://tboot.sourceforge.net
 T: hg http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

RE: [PATCH] Documentation: move intel_txt.txt to Documentation/x86

[Wei, Gang]

Ren, Qiaowei wrote on 2013-12-10:
> Documentation/x86 is a more fitting place for intel_txt.txt.
> 
> Signed-off-by: Qiaowei Ren 
> ---
>  Documentation/intel_txt.txt |  210
>  --- Documentation/x86/intel_txt.txt
>  |  210 +++ 2 files changed, 210
>  insertions(+), 210 deletions(-) delete mode 100644
>  Documentation/intel_txt.txt create mode 100644
>  Documentation/x86/intel_txt.txt

Ack.

Jimmy


smime.p7s
Description: S/MIME cryptographic signature

RE: [PATCH] Documentation: move intel_txt.txt to Documentation/x86

[Wei, Gang]

Ren, Qiaowei wrote on 2013-12-10:
 Documentation/x86 is a more fitting place for intel_txt.txt.
 
 Signed-off-by: Qiaowei Ren qiaowei@intel.com
 ---
  Documentation/intel_txt.txt |  210
  --- Documentation/x86/intel_txt.txt
  |  210 +++ 2 files changed, 210
  insertions(+), 210 deletions(-) delete mode 100644
  Documentation/intel_txt.txt create mode 100644
  Documentation/x86/intel_txt.txt

Ack.

Jimmy


smime.p7s
Description: S/MIME cryptographic signature

RE: [PATCH] x86: add a new SMP bring up way for tboot case

[Wei, Gang]

Oh, the question should be in what states all the AP CPU registers are. Do you 
think we need to define the case like what Intel SDM defined for 
getsec[SENTER]?

Jimmy

H. Peter Anvin wrote on 2013-05-15:
> No, this does not really answer the question of what the CPU state looks 
> like.
>
> "Ren, Qiaowei"  wrote:
>
>> On 2013-05-14, H. Peter Anvin wrote:
>>> On 05/14/2013 02:21 PM, Qiaowei Ren wrote:
 tboot provides a better AP wakeup mechanism based on cpu MWAIT
 feature for OS/VMM. With this mechanism, system will boot faster and
 will NOT require VT to be enabled. But it requires that OS/VMM must
 have support it, otherwise system can never boot up.

 Once this mechanism is enabled, tboot will put APs waiting in MWAIT
 loops before launching kernel. kernel can check the new flag field
 in
 v6 tboot shared page for the hint. If the bit
 TB_FLAG_AP_WAKE_SUPPORT in flag field is set, kernel BSP has to
 write the monitored memory
 (tboot->ap_wake_trigger) to bring APs out of MWAIT loops. The sipi
 vector should be written in
 tboot->ap_wake_addr before waking up APs.

>>>
>>> This really needs a *detailed* specification about the state the CPU
>>> is parked in. Most BIOSes do in fact park the CPUs in an mwait loop,
>>> but we can't use it because the CPU state they are parked in is
>>> ill-defined.
>>>
>>> This is a good idea, but please write (or point to) a spec about what
>>> the parked CPU state looks like and how the OS gets control.  From the
>>> *looks* of the code I assume it is entered in 16-bit real mode but
>>> then it is important to know what parts of the register state are
>> well-defined.
>>
>> The following is how to do mwait for tboot & kernel:
>>
>> For bootstrap processor (BSP), "tboot TXT pre-launch" is executed after
>> BIOS. In this stage, tboot will issue GETSEC[SENTER], which broadcasts
>> messages to the chipset and other physical or logical processors in the
>> platform. In response, other logical processors perform basic cleanup
>> and other tasks, and then finally enter SENTER sleep state.
>>
>> Next, for BSP, SINIT will run and then enter "tboot post-launch", which
>> will start all sleeping APs. If tboot command line option "
>> ap_wake_mwait=true" is set, APs will do some work and then enter mwait
>> loop. Kernel will be launched in BSP by tboot post-launch, and bring
>> APs out of mwait loop.
>>
>> Tboot works in protected mode (but paging is disabled), and closes
>> interrupt. For APs, MONITOR and MWAIT related code in tboot is as
>> follows:
>>while ( _tboot_shared.ap_wake_trigger != cpuid ) {
>>cpu_monitor(&_tboot_shared.ap_wake_trigger, 0, 0);
>>mb();
>>if ( _tboot_shared.ap_wake_trigger == cpuid )
>>break;
>>cpu_mwait(0, 0);
>>}
>> Their extension and hint are all 0. According Intel manual:
>>  Extension=0: Treat interrupts as break events even if masked (e.g.,
>> even if EFLAGS.IF=0).
>>  Hint=0: the preferred optimized state the processor should enter is
>> C0.
>> So, when "tboot->ap_wake_trigger" is set by kernel, APs can exit from
>> mwait loop.
>>
>> Peter, I don't know whether I explain your problem. What do you think
>> about it?
>>
>> Thanks,
>> Qiaowei
>



Jimmy


smime.p7s
Description: S/MIME cryptographic signature

RE: [PATCH] x86: add a new SMP bring up way for tboot case

[Wei, Gang]

Oh, the question should be in what states all the AP CPU registers are. Do you 
think we need to define the case like what Intel SDM defined for 
getsec[SENTER]?

Jimmy

H. Peter Anvin wrote on 2013-05-15:
 No, this does not really answer the question of what the CPU state looks 
 like.

 Ren, Qiaowei qiaowei@intel.com wrote:

 On 2013-05-14, H. Peter Anvin wrote:
 On 05/14/2013 02:21 PM, Qiaowei Ren wrote:
 tboot provides a better AP wakeup mechanism based on cpu MWAIT
 feature for OS/VMM. With this mechanism, system will boot faster and
 will NOT require VT to be enabled. But it requires that OS/VMM must
 have support it, otherwise system can never boot up.

 Once this mechanism is enabled, tboot will put APs waiting in MWAIT
 loops before launching kernel. kernel can check the new flag field
 in
 v6 tboot shared page for the hint. If the bit
 TB_FLAG_AP_WAKE_SUPPORT in flag field is set, kernel BSP has to
 write the monitored memory
 (tboot-ap_wake_trigger) to bring APs out of MWAIT loops. The sipi
 vector should be written in
 tboot-ap_wake_addr before waking up APs.


 This really needs a *detailed* specification about the state the CPU
 is parked in. Most BIOSes do in fact park the CPUs in an mwait loop,
 but we can't use it because the CPU state they are parked in is
 ill-defined.

 This is a good idea, but please write (or point to) a spec about what
 the parked CPU state looks like and how the OS gets control.  From the
 *looks* of the code I assume it is entered in 16-bit real mode but
 then it is important to know what parts of the register state are
 well-defined.

 The following is how to do mwait for tboot  kernel:

 For bootstrap processor (BSP), tboot TXT pre-launch is executed after
 BIOS. In this stage, tboot will issue GETSEC[SENTER], which broadcasts
 messages to the chipset and other physical or logical processors in the
 platform. In response, other logical processors perform basic cleanup
 and other tasks, and then finally enter SENTER sleep state.

 Next, for BSP, SINIT will run and then enter tboot post-launch, which
 will start all sleeping APs. If tboot command line option 
 ap_wake_mwait=true is set, APs will do some work and then enter mwait
 loop. Kernel will be launched in BSP by tboot post-launch, and bring
 APs out of mwait loop.

 Tboot works in protected mode (but paging is disabled), and closes
 interrupt. For APs, MONITOR and MWAIT related code in tboot is as
 follows:
while ( _tboot_shared.ap_wake_trigger != cpuid ) {
cpu_monitor(_tboot_shared.ap_wake_trigger, 0, 0);
mb();
if ( _tboot_shared.ap_wake_trigger == cpuid )
break;
cpu_mwait(0, 0);
}
 Their extension and hint are all 0. According Intel manual:
  Extension=0: Treat interrupts as break events even if masked (e.g.,
 even if EFLAGS.IF=0).
  Hint=0: the preferred optimized state the processor should enter is
 C0.
 So, when tboot-ap_wake_trigger is set by kernel, APs can exit from
 mwait loop.

 Peter, I don't know whether I explain your problem. What do you think
 about it?

 Thanks,
 Qiaowei




Jimmy


smime.p7s
Description: S/MIME cryptographic signature

RE: [PATCH v2] x86: add a new SMP bring up way for tboot case

[Wei, Gang]

Any comments on this patch?

Jimmy

Ren, Qiaowei wrote on 2012-10-11:
> tboot provides a better AP wakeup mechanism based on cpu MWAIT feature
> for OS/VMM. With this mechanism, system will boot faster and will NOT
> require VT to be enabled. But it requires that OS/VMM must have support
> it, otherwise system can never boot up.
> 
> Once this mechanism is enabled, tboot will put APs waiting in MWAIT
> loops before launching kernel. kernel can check the new flag field in v6
> tboot shared page for the hint. If the bit TB_FLAG_AP_WAKE_SUPPORT in
> flag field is set, kernel BSP has to write the monitored memory
> (tboot->ap_wake_trigger) to bring APs out of MWAIT loops. The sipi
> vector should be written in tboot->ap_wake_addr before waking up APs.
> 
> Signed-off-by: Qiaowei Ren 
> Signed-off-by: Xiaoyan Zhang 
> Signed-off-by: Gang Wei 
> ---
>  arch/x86/kernel/smpboot.c |   21 +++--
>  arch/x86/kernel/tboot.c   |   17 +
>  include/linux/tboot.h |   17 +
>  3 files changed, 45 insertions(+), 10 deletions(-)
> diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c
> index c80a33b..884c3e7 100644
> --- a/arch/x86/kernel/smpboot.c
> +++ b/arch/x86/kernel/smpboot.c
> @@ -662,8 +662,7 @@ static int __cpuinit do_boot_cpu(int apicid, int cpu,
> struct task_struct *idle)
>   /* start_ip had better be page-aligned! */
>   unsigned long start_ip = real_mode_header->trampoline_start;
> - unsigned long boot_error = 0;
> - int timeout;
> + int timeout, boot_error = 0;
> 
>   /* Just in case we booted with a single CPU. */
>   alternatives_enable_smp();
> @@ -710,14 +709,16 @@ static int __cpuinit do_boot_cpu(int apicid, int
cpu,
> struct task_struct *idle)
>   }
>   }
> - /* - * Kick the secondary CPU. Use the method in the APIC driver
-*
> if it's defined - or use an INIT boot APIC message otherwise: -*/
-   if
> (apic->wakeup_secondary_cpu) -boot_error =
> apic->wakeup_secondary_cpu(apicid, start_ip); -   else -
boot_error =
> wakeup_secondary_cpu_via_init(apicid, start_ip); +if
> (!tboot_wake_up(apicid, start_ip)) { +/* + *
Kick the secondary CPU.
> Use the method in the APIC driver +* if it's defined - or use
an INIT
> boot APIC message otherwise: + */ +   if
(apic->wakeup_secondary_cpu)
> + boot_error = apic->wakeup_secondary_cpu(apicid,
start_ip); +else
> + boot_error = wakeup_secondary_cpu_via_init(apicid,
start_ip); +}
> 
>   if (!boot_error) {
>   /*
> diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c
> index f84fe00..e5e50b8 100644
> --- a/arch/x86/kernel/tboot.c
> +++ b/arch/x86/kernel/tboot.c
> @@ -101,6 +101,8 @@ void __init tboot_probe(void)
>   pr_debug("shutdown_entry: 0x%x\n", tboot->shutdown_entry);
>   pr_debug("tboot_base: 0x%08x\n", tboot->tboot_base);
>   pr_debug("tboot_size: 0x%x\n", tboot->tboot_size);
> + if (tboot->version >= 6)
> + pr_info("flags: 0x%08x\n", tboot->flags);
>  }
>  
>  static pgd_t *tboot_pg_dir;
> @@ -453,3 +455,18 @@ int tboot_force_iommu(void)
> 
>   return 1;
>  }
> +
> +int tboot_wake_up(int apicid, unsigned long sipi_vec)
> +{
> + if (!tboot_enabled())
> + return 0;
> +
> + if ((tboot->version < 6) ||
> + !(tboot->flags & TB_FLAG_AP_WAKE_SUPPORT))
> + return 0;
> +
> + tboot->ap_wake_addr = sipi_vec;
> + tboot->ap_wake_trigger = apicid;
> +
> + return 1;
> +}
> diff --git a/include/linux/tboot.h b/include/linux/tboot.h
> index c75128b..d65f7e9 100644
> --- a/include/linux/tboot.h
> +++ b/include/linux/tboot.h
> @@ -124,8 +124,23 @@ struct tboot {
> 
>   /* number of processors in wait-for-SIPI */
>   u32 num_in_wfs;
> +
> + /*
> +  * version 6+ fields:
> +  */
> +
> + u32 flags;
> +
> + /* phys addr of kernel/VMM SIPI vector */
> + u64 ap_wake_addr;
> +
> + /* kernel/VMM writes APIC ID to wake AP */
> + u32 ap_wake_trigger;
>  } __packed;
> +/* kernel/VMM use INIT-SIPI-SIPI if clear, ap_wake_* if set */
> +#define TB_FLAG_AP_WAKE_SUPPORT 0X0001
> +
>  /*
>   * UUID for tboot data struct to facilitate matching
>   * defined as {663C8DFF-E8B3-4b82-AABF-19EA4D057A08} by tboot, which is
> @@ -146,6 +161,7 @@ extern void tboot_shutdown(u32 shutdown_type);
>  extern struct acpi_table_header *tboot_get_dmar_table(
> struct acpi_table_header *dmar_tbl);
>  extern int tboot_force_iommu(void);
> +extern int tboot_wake_up(int apicid, unsigned long sipi_vec);
> 
>  #else
> @@ -156,6 +172,7 @@ extern int tboot_force_iommu(void);
>   do { } while (0)
>  #define tboot_get_dmar_table(dmar_tbl)   (dmar_tbl)
>  #define tboot_force_iommu()  0
> +#define tboot_wake_up(apicid, 

RE: [PATCH v2] x86: add a new SMP bring up way for tboot case

[Wei, Gang]

Any comments on this patch?

Jimmy

Ren, Qiaowei wrote on 2012-10-11:
 tboot provides a better AP wakeup mechanism based on cpu MWAIT feature
 for OS/VMM. With this mechanism, system will boot faster and will NOT
 require VT to be enabled. But it requires that OS/VMM must have support
 it, otherwise system can never boot up.
 
 Once this mechanism is enabled, tboot will put APs waiting in MWAIT
 loops before launching kernel. kernel can check the new flag field in v6
 tboot shared page for the hint. If the bit TB_FLAG_AP_WAKE_SUPPORT in
 flag field is set, kernel BSP has to write the monitored memory
 (tboot-ap_wake_trigger) to bring APs out of MWAIT loops. The sipi
 vector should be written in tboot-ap_wake_addr before waking up APs.
 
 Signed-off-by: Qiaowei Ren qiaowei@intel.com
 Signed-off-by: Xiaoyan Zhang xiaoyan.zh...@intel.com
 Signed-off-by: Gang Wei gang@intel.com
 ---
  arch/x86/kernel/smpboot.c |   21 +++--
  arch/x86/kernel/tboot.c   |   17 +
  include/linux/tboot.h |   17 +
  3 files changed, 45 insertions(+), 10 deletions(-)
 diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c
 index c80a33b..884c3e7 100644
 --- a/arch/x86/kernel/smpboot.c
 +++ b/arch/x86/kernel/smpboot.c
 @@ -662,8 +662,7 @@ static int __cpuinit do_boot_cpu(int apicid, int cpu,
 struct task_struct *idle)
   /* start_ip had better be page-aligned! */
   unsigned long start_ip = real_mode_header-trampoline_start;
 - unsigned long boot_error = 0;
 - int timeout;
 + int timeout, boot_error = 0;
 
   /* Just in case we booted with a single CPU. */
   alternatives_enable_smp();
 @@ -710,14 +709,16 @@ static int __cpuinit do_boot_cpu(int apicid, int
cpu,
 struct task_struct *idle)
   }
   }
 - /* - * Kick the secondary CPU. Use the method in the APIC driver
-*
 if it's defined - or use an INIT boot APIC message otherwise: -*/
-   if
 (apic-wakeup_secondary_cpu) -boot_error =
 apic-wakeup_secondary_cpu(apicid, start_ip); -   else -
boot_error =
 wakeup_secondary_cpu_via_init(apicid, start_ip); +if
 (!tboot_wake_up(apicid, start_ip)) { +/* + *
Kick the secondary CPU.
 Use the method in the APIC driver +* if it's defined - or use
an INIT
 boot APIC message otherwise: + */ +   if
(apic-wakeup_secondary_cpu)
 + boot_error = apic-wakeup_secondary_cpu(apicid,
start_ip); +else
 + boot_error = wakeup_secondary_cpu_via_init(apicid,
start_ip); +}
 
   if (!boot_error) {
   /*
 diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c
 index f84fe00..e5e50b8 100644
 --- a/arch/x86/kernel/tboot.c
 +++ b/arch/x86/kernel/tboot.c
 @@ -101,6 +101,8 @@ void __init tboot_probe(void)
   pr_debug(shutdown_entry: 0x%x\n, tboot-shutdown_entry);
   pr_debug(tboot_base: 0x%08x\n, tboot-tboot_base);
   pr_debug(tboot_size: 0x%x\n, tboot-tboot_size);
 + if (tboot-version = 6)
 + pr_info(flags: 0x%08x\n, tboot-flags);
  }
  
  static pgd_t *tboot_pg_dir;
 @@ -453,3 +455,18 @@ int tboot_force_iommu(void)
 
   return 1;
  }
 +
 +int tboot_wake_up(int apicid, unsigned long sipi_vec)
 +{
 + if (!tboot_enabled())
 + return 0;
 +
 + if ((tboot-version  6) ||
 + !(tboot-flags  TB_FLAG_AP_WAKE_SUPPORT))
 + return 0;
 +
 + tboot-ap_wake_addr = sipi_vec;
 + tboot-ap_wake_trigger = apicid;
 +
 + return 1;
 +}
 diff --git a/include/linux/tboot.h b/include/linux/tboot.h
 index c75128b..d65f7e9 100644
 --- a/include/linux/tboot.h
 +++ b/include/linux/tboot.h
 @@ -124,8 +124,23 @@ struct tboot {
 
   /* number of processors in wait-for-SIPI */
   u32 num_in_wfs;
 +
 + /*
 +  * version 6+ fields:
 +  */
 +
 + u32 flags;
 +
 + /* phys addr of kernel/VMM SIPI vector */
 + u64 ap_wake_addr;
 +
 + /* kernel/VMM writes APIC ID to wake AP */
 + u32 ap_wake_trigger;
  } __packed;
 +/* kernel/VMM use INIT-SIPI-SIPI if clear, ap_wake_* if set */
 +#define TB_FLAG_AP_WAKE_SUPPORT 0X0001
 +
  /*
   * UUID for tboot data struct to facilitate matching
   * defined as {663C8DFF-E8B3-4b82-AABF-19EA4D057A08} by tboot, which is
 @@ -146,6 +161,7 @@ extern void tboot_shutdown(u32 shutdown_type);
  extern struct acpi_table_header *tboot_get_dmar_table(
 struct acpi_table_header *dmar_tbl);
  extern int tboot_force_iommu(void);
 +extern int tboot_wake_up(int apicid, unsigned long sipi_vec);
 
  #else
 @@ -156,6 +172,7 @@ extern int tboot_force_iommu(void);
   do { } while (0)
  #define tboot_get_dmar_table(dmar_tbl)   (dmar_tbl)
  #define tboot_force_iommu()  0
 +#define tboot_wake_up(apicid, sipi_vec) 0
 
  #endif /* !CONFIG_INTEL_TXT */


smime.p7s
Description: S/MIME

RE: [PATCH] driver/char/tpm: fix regression causesd by ppi

[Wei, Gang]

Kent Yoder wrote on 2012-10-10:
> On Tue, Oct 09, 2012 at 05:35:22PM +0800, gang@intel.com wrote:
>> @@ -1476,7 +1477,7 @@ struct tpm_chip *tpm_register_hardware(struct
> device *dev,
>>  goto put_device;
>>  }
>> -if (sys_add_ppi(>kobj)) {
>> +if (tpm_add_ppi(>kobj)) {
>>  misc_deregister(>vendor.miscdev);
>>  goto put_device;
>>  }
>>  
>   Hmm, tpm_add_ppi is just sysfs_create_group, which only ever returns
> 0. Looks like we can remove this error path, but PPI is unusable in the
> failure case.

sysfs_create_group will return 0 on success or return error code. So I don't
think we can remove this error path. The previous call to sysfs_create_group
also have similar error path.

>> +EXPORT_SYMBOL_GPL(tpm_add_ppi);
>> ...
>> +EXPORT_SYMBOL_GPL(tpm_remove_ppi);
>> 
>  Do we need to export these symbols?  These might have been left around
> from when ppi was a standalone module.

We definitely need to export these symbols, since ppi was in tpm_bios.ko,
and these symbols are called from tpm.ko.

Jimmy


smime.p7s
Description: S/MIME cryptographic signature

RE: [PATCH] driver/char/tpm: fix regression causesd by ppi

[Wei, Gang]

Kent Yoder wrote on 2012-10-10:
 On Tue, Oct 09, 2012 at 05:35:22PM +0800, gang@intel.com wrote:
 @@ -1476,7 +1477,7 @@ struct tpm_chip *tpm_register_hardware(struct
 device *dev,
  goto put_device;
  }
 -if (sys_add_ppi(dev-kobj)) {
 +if (tpm_add_ppi(dev-kobj)) {
  misc_deregister(chip-vendor.miscdev);
  goto put_device;
  }
  
   Hmm, tpm_add_ppi is just sysfs_create_group, which only ever returns
 0. Looks like we can remove this error path, but PPI is unusable in the
 failure case.

sysfs_create_group will return 0 on success or return error code. So I don't
think we can remove this error path. The previous call to sysfs_create_group
also have similar error path.

 +EXPORT_SYMBOL_GPL(tpm_add_ppi);
 ...
 +EXPORT_SYMBOL_GPL(tpm_remove_ppi);
 
  Do we need to export these symbols?  These might have been left around
 from when ppi was a standalone module.

We definitely need to export these symbols, since ppi was in tpm_bios.ko,
and these symbols are called from tpm.ko.

Jimmy


smime.p7s
Description: S/MIME cryptographic signature

RE: Possible regression: BUG in fs/sysfs/group.c:65

[Wei, Gang]

Kent Yoder wrote on 2012-10-06:
> On Fri, Oct 05, 2012 at 11:16:06AM -0700, Eric W. Biederman wrote:
>> Ben Guthro  writes:
>> 
>>> I am seeing a regression in today's (Oct 5) kernel - 2 WARNINGS, and a
>>> BUG below that seems to occur upon resuming from S3.
>>> 
>>> I can start a bisection with 3.6 - but wanted to check to see if
>>> anyone else is also experiencing this failure...
>> 
>> I took a quick look and this is a deterministic failure.  The same
>> file is being added to sysfs twice.
>> 
>> Since the routine causing this failure appears to be sys_add_ppi I
>> expect the commit that added this failure mode is the commit below.
>> 
>> Xiaoyan Zhang, Kent Yoder can you guys look at this see why the tpm
>> code is adding itself multiple times into sysfs?
> 
>   It looks like the ppi sysfs teardown code is MIA. Xiaoyan, can you add
> it to tpm_ppi.c, with a caller in tpm_unregister_hardware?

I will try to provide a fix.

Jimmy


smime.p7s
Description: S/MIME cryptographic signature

RE: Possible regression: BUG in fs/sysfs/group.c:65

[Wei, Gang]

Kent Yoder wrote on 2012-10-06:
 On Fri, Oct 05, 2012 at 11:16:06AM -0700, Eric W. Biederman wrote:
 Ben Guthro b...@guthro.net writes:
 
 I am seeing a regression in today's (Oct 5) kernel - 2 WARNINGS, and a
 BUG below that seems to occur upon resuming from S3.
 
 I can start a bisection with 3.6 - but wanted to check to see if
 anyone else is also experiencing this failure...
 
 I took a quick look and this is a deterministic failure.  The same
 file is being added to sysfs twice.
 
 Since the routine causing this failure appears to be sys_add_ppi I
 expect the commit that added this failure mode is the commit below.
 
 Xiaoyan Zhang, Kent Yoder can you guys look at this see why the tpm
 code is adding itself multiple times into sysfs?
 
   It looks like the ppi sysfs teardown code is MIA. Xiaoyan, can you add
 it to tpm_ppi.c, with a caller in tpm_unregister_hardware?

I will try to provide a fix.

Jimmy


smime.p7s
Description: S/MIME cryptographic signature

RE: [PATCH] x86/kernel: remove tboot 1:1 page table creation code

[Wei, Gang]

Acked-by: Gang Wei 

> From: Xiaoyan Zhang 
> 
> For TXT boot, while Linux kernel trys to shutdown/S3/S4/reboot, it need to
> jump back to tboot code and do TXT teardown work. Previously kernel zapped
> all mem page identity mapping (va=pa) after booting, so tboot code mem
> address
> was mapped again with identity mapping. Now kernel didn't zap the identity
> mapping page table, so tboot related code can remove the remapping code
> before
> trapping back now.
> 
> Signed-off-by: Xiaoyan Zhang 
> ---
>  arch/x86/kernel/tboot.c |   78
+++
>  1 files changed, 5 insertions(+), 73 deletions(-)
> 
> diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c
> index f84fe00..d4f460f 100644
> --- a/arch/x86/kernel/tboot.c
> +++ b/arch/x86/kernel/tboot.c
> @@ -103,71 +103,13 @@ void __init tboot_probe(void)
>   pr_debug("tboot_size: 0x%x\n", tboot->tboot_size);
>  }
> 
> -static pgd_t *tboot_pg_dir;
> -static struct mm_struct tboot_mm = {
> - .mm_rb  = RB_ROOT,
> - .pgd= swapper_pg_dir,
> - .mm_users   = ATOMIC_INIT(2),
> - .mm_count   = ATOMIC_INIT(1),
> - .mmap_sem   = __RWSEM_INITIALIZER(init_mm.mmap_sem),
> - .page_table_lock =
> __SPIN_LOCK_UNLOCKED(init_mm.page_table_lock),
> - .mmlist = LIST_HEAD_INIT(init_mm.mmlist),
> -};
> -
>  static inline void switch_to_tboot_pt(void)
>  {
> - write_cr3(virt_to_phys(tboot_pg_dir));
> -}
> -
> -static int map_tboot_page(unsigned long vaddr, unsigned long pfn,
> -   pgprot_t prot)
> -{
> - pgd_t *pgd;
> - pud_t *pud;
> - pmd_t *pmd;
> - pte_t *pte;
> -
> - pgd = pgd_offset(_mm, vaddr);
> - pud = pud_alloc(_mm, pgd, vaddr);
> - if (!pud)
> - return -1;
> - pmd = pmd_alloc(_mm, pud, vaddr);
> - if (!pmd)
> - return -1;
> - pte = pte_alloc_map(_mm, NULL, pmd, vaddr);
> - if (!pte)
> - return -1;
> - set_pte_at(_mm, vaddr, pte, pfn_pte(pfn, prot));
> - pte_unmap(pte);
> - return 0;
> -}
> -
> -static int map_tboot_pages(unsigned long vaddr, unsigned long start_pfn,
> -unsigned long nr)
> -{
> - /* Reuse the original kernel mapping */
> - tboot_pg_dir = pgd_alloc(_mm);
> - if (!tboot_pg_dir)
> - return -1;
> -
> - for (; nr > 0; nr--, vaddr += PAGE_SIZE, start_pfn++) {
> - if (map_tboot_page(vaddr, start_pfn, PAGE_KERNEL_EXEC))
> - return -1;
> - }
> -
> - return 0;
> -}
> -
> -static void tboot_create_trampoline(void)
> -{
> - u32 map_base, map_size;
> -
> - /* Create identity map for tboot shutdown code. */
> - map_base = PFN_DOWN(tboot->tboot_base);
> - map_size = PFN_UP(tboot->tboot_size);
> - if (map_tboot_pages(map_base << PAGE_SHIFT, map_base, map_size))
> - panic("tboot: Error mapping tboot pages (mfns) @ 0x%x,
0x%x\n",
> -   map_base, map_size);
> +#ifdef CONFIG_X86_32
> + load_cr3(initial_page_table);
> +#else
> + write_cr3(real_mode_header->trampoline_pgd);
> +#endif
>  }
> 
>  #ifdef CONFIG_ACPI_SLEEP
> @@ -225,14 +167,6 @@ void tboot_shutdown(u32 shutdown_type)
>   if (!tboot_enabled())
>   return;
> 
> - /*
> -  * if we're being called before the 1:1 mapping is set up then just
> -  * return and let the normal shutdown happen; this should only be
> -  * due to very early panic()
> -  */
> - if (!tboot_pg_dir)
> - return;
> -
>   /* if this is S3 then set regions to MAC */
>   if (shutdown_type == TB_SHUTDOWN_S3)
>   if (tboot_setup_sleep())
> @@ -343,8 +277,6 @@ static __init int tboot_late_init(void)
>   if (!tboot_enabled())
>   return 0;
> 
> - tboot_create_trampoline();
> -
>   atomic_set(_wfs_count, 0);
>   register_hotcpu_notifier(_cpu_notifier);
> 
> --
> 1.7.7.6



smime.p7s
Description: S/MIME cryptographic signature

RE: [PATCH] MAINTAINERS: fix TXT maintainer list and source repo path

[Wei, Gang]

Thanks for pointing it out.

Jimmy

On Thu, 2012-08-30 at 16:34 +0800, j...@perches.com wrote:
> On Thu, 2012-08-30 at 13:19 +0800, gang@intel.com wrote:
> > diff --git a/MAINTAINERS b/MAINTAINERS
> []
> >  INTEL(R) TRUSTED EXECUTION TECHNOLOGY (TXT)
> []
> > -T: Mercurial http://www.bughost.org/repos.hg/tboot.hg
> > +T: Mercurial http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot
>
> Perhaps this would be better as:
> T:hg http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot
>
> From the MAINTAINERS introduction:
>
> Descriptions of section entries:
> []
> T: SCM tree type and location.  Type is one of: git, hg, quilt, stgit, 
> topgit.
>


smime.p7s
Description: S/MIME cryptographic signature

RE: [PATCH] MAINTAINERS: fix TXT maintainer list and source repo path

[Wei, Gang]

Thanks for pointing it out.

Jimmy

On Thu, 2012-08-30 at 16:34 +0800, j...@perches.com wrote:
 On Thu, 2012-08-30 at 13:19 +0800, gang@intel.com wrote:
  diff --git a/MAINTAINERS b/MAINTAINERS
 []
   INTEL(R) TRUSTED EXECUTION TECHNOLOGY (TXT)
 []
  -T: Mercurial http://www.bughost.org/repos.hg/tboot.hg
  +T: Mercurial http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot

 Perhaps this would be better as:
 T:hg http://tboot.hg.sourceforge.net:8000/hgroot/tboot/tboot

 From the MAINTAINERS introduction:

 Descriptions of section entries:
 []
 T: SCM tree type and location.  Type is one of: git, hg, quilt, stgit, 
 topgit.



smime.p7s
Description: S/MIME cryptographic signature

RE: [PATCH] x86/kernel: remove tboot 1:1 page table creation code

[Wei, Gang]

Acked-by: Gang Wei gang@intel.com

 From: Xiaoyan Zhang xiaoyan.zh...@intel.com
 
 For TXT boot, while Linux kernel trys to shutdown/S3/S4/reboot, it need to
 jump back to tboot code and do TXT teardown work. Previously kernel zapped
 all mem page identity mapping (va=pa) after booting, so tboot code mem
 address
 was mapped again with identity mapping. Now kernel didn't zap the identity
 mapping page table, so tboot related code can remove the remapping code
 before
 trapping back now.
 
 Signed-off-by: Xiaoyan Zhang xiaoyan.zh...@intel.com
 ---
  arch/x86/kernel/tboot.c |   78
+++
  1 files changed, 5 insertions(+), 73 deletions(-)
 
 diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c
 index f84fe00..d4f460f 100644
 --- a/arch/x86/kernel/tboot.c
 +++ b/arch/x86/kernel/tboot.c
 @@ -103,71 +103,13 @@ void __init tboot_probe(void)
   pr_debug(tboot_size: 0x%x\n, tboot-tboot_size);
  }
 
 -static pgd_t *tboot_pg_dir;
 -static struct mm_struct tboot_mm = {
 - .mm_rb  = RB_ROOT,
 - .pgd= swapper_pg_dir,
 - .mm_users   = ATOMIC_INIT(2),
 - .mm_count   = ATOMIC_INIT(1),
 - .mmap_sem   = __RWSEM_INITIALIZER(init_mm.mmap_sem),
 - .page_table_lock =
 __SPIN_LOCK_UNLOCKED(init_mm.page_table_lock),
 - .mmlist = LIST_HEAD_INIT(init_mm.mmlist),
 -};
 -
  static inline void switch_to_tboot_pt(void)
  {
 - write_cr3(virt_to_phys(tboot_pg_dir));
 -}
 -
 -static int map_tboot_page(unsigned long vaddr, unsigned long pfn,
 -   pgprot_t prot)
 -{
 - pgd_t *pgd;
 - pud_t *pud;
 - pmd_t *pmd;
 - pte_t *pte;
 -
 - pgd = pgd_offset(tboot_mm, vaddr);
 - pud = pud_alloc(tboot_mm, pgd, vaddr);
 - if (!pud)
 - return -1;
 - pmd = pmd_alloc(tboot_mm, pud, vaddr);
 - if (!pmd)
 - return -1;
 - pte = pte_alloc_map(tboot_mm, NULL, pmd, vaddr);
 - if (!pte)
 - return -1;
 - set_pte_at(tboot_mm, vaddr, pte, pfn_pte(pfn, prot));
 - pte_unmap(pte);
 - return 0;
 -}
 -
 -static int map_tboot_pages(unsigned long vaddr, unsigned long start_pfn,
 -unsigned long nr)
 -{
 - /* Reuse the original kernel mapping */
 - tboot_pg_dir = pgd_alloc(tboot_mm);
 - if (!tboot_pg_dir)
 - return -1;
 -
 - for (; nr  0; nr--, vaddr += PAGE_SIZE, start_pfn++) {
 - if (map_tboot_page(vaddr, start_pfn, PAGE_KERNEL_EXEC))
 - return -1;
 - }
 -
 - return 0;
 -}
 -
 -static void tboot_create_trampoline(void)
 -{
 - u32 map_base, map_size;
 -
 - /* Create identity map for tboot shutdown code. */
 - map_base = PFN_DOWN(tboot-tboot_base);
 - map_size = PFN_UP(tboot-tboot_size);
 - if (map_tboot_pages(map_base  PAGE_SHIFT, map_base, map_size))
 - panic(tboot: Error mapping tboot pages (mfns) @ 0x%x,
0x%x\n,
 -   map_base, map_size);
 +#ifdef CONFIG_X86_32
 + load_cr3(initial_page_table);
 +#else
 + write_cr3(real_mode_header-trampoline_pgd);
 +#endif
  }
 
  #ifdef CONFIG_ACPI_SLEEP
 @@ -225,14 +167,6 @@ void tboot_shutdown(u32 shutdown_type)
   if (!tboot_enabled())
   return;
 
 - /*
 -  * if we're being called before the 1:1 mapping is set up then just
 -  * return and let the normal shutdown happen; this should only be
 -  * due to very early panic()
 -  */
 - if (!tboot_pg_dir)
 - return;
 -
   /* if this is S3 then set regions to MAC */
   if (shutdown_type == TB_SHUTDOWN_S3)
   if (tboot_setup_sleep())
 @@ -343,8 +277,6 @@ static __init int tboot_late_init(void)
   if (!tboot_enabled())
   return 0;
 
 - tboot_create_trampoline();
 -
   atomic_set(ap_wfs_count, 0);
   register_hotcpu_notifier(tboot_cpu_notifier);
 
 --
 1.7.7.6



smime.p7s
Description: S/MIME cryptographic signature