On 03/29/25 at 01:14am, Roberto Ricci wrote:
> On 2025-01-27 10:42 +0800, Dave Young wrote:
> > On Mon, 27 Jan 2025 at 10:39, Dave Young wrote:
> > > On 01/13/25 at 10:28pm, Roberto Ricci wrote:
> > > > After rebooting the system via kexec, hibernating and rebooting the
> > > > machine, this oops
From: "Daniel P. Smith"
There are environments, for example, those that comply with the TCG D-RTM
specification that requires the TPM to be left in locality 2. Prepare
kernel for such environments by closing all the localities.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
Signe
[0.00] Linux version 6.14.0 (ricci@desktop0a) (gcc (GCC) 13.2.0, GNU ld
(GNU Binutils) 2.41) #1 SMP PREEMPT_DYNAMIC @0
[0.00] Command line: root=UUID=71b5e20d-efaa-4c09-b189-73cd6255e8ce ro
loglevel=4 oops=panic panic=30 crashkernel=512M
[0.00] BIOS-provided physical RAM m
On 2025-01-27 10:42 +0800, Dave Young wrote:
> On Mon, 27 Jan 2025 at 10:39, Dave Young wrote:
> > On 01/13/25 at 10:28pm, Roberto Ricci wrote:
> > > After rebooting the system via kexec, hibernating and rebooting the
> > > machine, this oops occurs:
> > >
> > [snip]
> > >
> > > I will send the k
From: "Daniel P. Smith"
Introduce background, overview and configuration/ABI information
for the Secure Launch kernel feature.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
Reviewed-by: Bagas Sanjaya
---
Documentation/security/index.rst | 1 +
.../security/launc
If the MLE kernel is being powered off, rebooted or halted,
then SEXIT must be called. Note that the SEXIT GETSEC leaf
can only be called after a machine_shutdown() has been done on
these paths. The machine_shutdown() is not called on a few paths
like when poweroff action does not have a poweroff c
DRTM needs to be able to set the locality used by kernel. Provide
a one-shot function tpm_chip_set_locality() for the purpose.
Signed-off-by: Ross Philipson
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-chip.c | 33 -
drivers/char/tpm/tpm_tis_core.c
Initial bits to bring in Secure Launch functionality. Add Kconfig
options for compiling in/out the Secure Launch code.
Signed-off-by: Ross Philipson
---
arch/x86/Kconfig | 11 +++
1 file changed, 11 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 9427b5292ca2..a9278
The Secure Launch (SL) stub provides the entry point for Intel TXT to
jump to during the dynamic launch. The symbol sl_stub_entry is that entry
point and its offset into the kernel is conveyed to the launching code using
the Measured Launch Environment (MLE) header in the structure named mle_header
The larger focus of the TrenchBoot project (https://github.com/TrenchBoot) is to
enhance the boot security and integrity in a unified manner. The first area of
focus has been on the Trusted Computing Group's Dynamic Launch for establishing
a hardware Root of Trust for Measurement, also know as DRTM
Add the MSR values required by Secure Launch to locate particular CPU cores
during application processor (AP) startup, and restore the MTRR state after
an Intel TXT launch.
Signed-off-by: Ross Philipson
---
arch/x86/include/asm/msr-index.h | 5 +
1 file changed, 5 insertions(+)
diff --git a
From: "Daniel P. Smith"
The Secure Launch platform module is a late init module. During the
init call, the TPM event log is read and measurements taken in the
early boot stub code are located. These measurements are extended
into the TPM PCRs using the mainline TPM kernel driver.
The platform mo
Expose the locality used by the kernel to sysfs.
Signed-off-by: Ross Philipson
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-sysfs.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 94231f052ea7..2da5857e
On Intel, the APs are left in a well documented state after TXT performs
the late launch. Specifically they cannot have #INIT asserted on them so
a standard startup via INIT/SIPI/SIPI cannot be performed. Instead the
early SL stub code uses MONITOR and MWAIT to park the APs. The realmode/init.c
cod
This support allows the DRTM launch to be initiated after an EFI stub
launch of the Linux kernel is done. This is accomplished by providing
a handler to jump to when a Secure Launch is in progress. This has to be
called after the EFI stub does Exit Boot Services.
Signed-off-by: Ross Philipson
Rev
The Measured Launch Environment (MLE) header must be locatable by the
boot loader and Intel TXT must be setup to do a launch with this header's
location. While the offset to the kernel_info structure does not need
to be at a fixed offset, the offsets in the header must be relative
offsets from the
From: "Daniel P. Smith"
Validate that the input locality is within the correct range, as specified
by TCG standards, and increase the locality count also for the positive
localities.
Signed-off-by: Daniel P. Smith
Signed-off-by: Ross Philipson
Signed-off-by: Jarkko Sakkinen
---
drivers/char/
From: "Daniel P. Smith"
Secure Launch is written to be compliant with the Intel TXT Measured Launch
Developer's Guide. The MLE Guide dictates that the system can be configured to
use both the SHA-1 and SHA-2 hashing algorithms.
Regardless of the preference towards SHA-2, if the firmware elected
Prior to running the next kernel via kexec, the Secure Launch code
closes down private SMX resources and does an SEXIT. This allows the
next kernel to start normally without any issues starting the APs etc.
Signed-off-by: Ross Philipson
---
arch/x86/kernel/slaunch.c | 72
The routine slaunch_setup() is called out of the x86 specific setup_arch()
routine during early kernel boot. After determining what platform is
present, various operations specific to that platform occur. This
includes finalizing setting for the platform late launch and verifying
that memory protec
From: "Daniel P. Smith"
The SHA-256 algorithm is necessary to measure configuration information into
the TPM as early as possible before using the values. This implementation
uses the established approach of #including the SHA-256 libraries directly in
the code since the compressed kernel is not
Introduce the main Secure Launch header file used in the early SL stub
and the early setup code.
This header file contains the following categories:
- Secure Launch implementation specific structures and definitions.
- Intel TXT architecture specific DRTM structures, definitions and functions
us
The Secure Launch Specification is an architectural agnostic, software neutral
API/ABI maintainted by the TrenchBoot project. It's function is to allow any
compliant boot loader to communicate the pre-launch configuration to any
compliant post-launch kernel. This API/ABI is referred to as the Secur
Add Andrew as kexec/kdump maintainer because he has been helping review
and merge ready kexec/kdump patches.
And I would like to nominate myself as kexec maintainer because I always
try to review generic kexec codes.
Signed-off-by: Baoquan He
---
MAINTAINERS | 3 +++
1 file changed, 3 insertion
24 matches
Mail list logo
