From patchwork Thu May 4 14:50:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ross Philipson X-Patchwork-Id: 90104 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp379288vqo; Thu, 4 May 2023 07:53:58 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6wAZxsgF16UdCLWRpk/KE39Osk9+qSERQp/uWC5WOMXSKpKKgyZVVO7YN2PGw1hrOCfB5L X-Received: by 2002:aa7:8891:0:b0:643:96bc:b292 with SMTP id z17-20020aa78891000000b0064396bcb292mr1406240pfe.5.1683212038437; Thu, 04 May 2023 07:53:58 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1683212038; cv=pass; d=google.com; s=arc-20160816; b=b9tB3QoyQrYeGGqOvVTTD1j+920VKeoUotOV8zlryTu8pBKgRXfnhi8uVrPUkv3Mex j8Y4r6M7YnlD6OMv01Qj8SBCnQOXLmiNasxRRZssSyyaeoMX9itj6dovKzvszC8ntd45 330MnVgyB5FalSavwzWXARVipuuC/CPes5bqe1ZC9KH6h0QFvxT9KsrpUsxAyc9CAmdg Hp8YS8S/XiJ39dFHgWjZlo+f1M7gnPMQrdWsYv5zDCO558AjrkXjneSmFRkwo4LlXqNW YAOU7hJFJx4IwYh6+L1thMcD/i/gb1nrJ58y9wCVI6h8+4QxxgnLDy8GzufpkaoYqxcz TMIQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-transfer-encoding :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature:dkim-signature; bh=kd4VyTkdmdAPDJ+d8KRWv5cXNJL7wwga8gvLalvkmqc=; b=Bo8tyhZ6u9kPy2m+95mjyHQgRXRY2U2wA3BexRE4fjNw2PeZSaWp2TkoTfYSI2uWkS uJA8LK3+EyqVvyjTBTGJjtapFzoNdisXhlBYJJLkkp2jrVqZ/agLzEoBQrGM/7T3YCCg 5ZnzKqJr/oC9O2NJu6ax+sM1DTjrZYW+zaB4Py180UoRDqMaELO/8k2Qi72+E0QTqVrq N8Psx3FyP/ZoUAx3Xsixt/E796yywu684/8pxRlP/mHslSvJT4v01aoJSOxhN4wx/qph 3NUrwwHRFRkuFRAi7/niE9+3E1fO6UFL7nLpXMe2cLTQdF0GO6Tvrc5KWXLH4ycwCrKz xSwQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-03-30 header.b=CoNfOHVj; dkim=pass header.i=@oracle.onmicrosoft.com header.s=selector2-oracle-onmicrosoft-com header.b=ALLuV6iL; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w2-20020aa79a02000000b0063d27d6eee5si35230850pfj.27.2023.05.04.07.53.43; Thu, 04 May 2023 07:53:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-03-30 header.b=CoNfOHVj; dkim=pass header.i=@oracle.onmicrosoft.com header.s=selector2-oracle-onmicrosoft-com header.b=ALLuV6iL; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231358AbjEDOxR (ORCPT + 99 others); Thu, 4 May 2023 10:53:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46826 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231359AbjEDOwd (ORCPT ); Thu, 4 May 2023 10:52:33 -0400 Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A06F259F8; Thu, 4 May 2023 07:51:38 -0700 (PDT) Received: from pps.filterd (m0246617.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 344DWdK1012298; Thu, 4 May 2023 14:51:18 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : content-transfer-encoding : content-type : mime-version; s=corp-2023-03-30; bh=kd4VyTkdmdAPDJ+d8KRWv5cXNJL7wwga8gvLalvkmqc=; b=CoNfOHVjkAcchUPo1FaCDdZpWV2QqDAboUNgMYZQhnJfmnmr/cfGqqKoXa/OKJL+9Xf+ wRlBN/BJqMBCA7jP6muvFrEe24qRPfO72LmamGxilX3qv7sJE2WxBr8VjfbuJAP63WXn JwL3H9GrN9LG6mHB3FQj77vUnHX/62UsQKIAYBt7YK2URuBPSNvEb/kXjyFHGk0cPEII NKmeOqpYwL4FdCq5jWmZhoIqYfLRBB66R78gqB55HdKrPzNnf/14SXqOtb+sUoqY2FJB 2nKTqppajfGbG2MLGkfMFKXzvMvM1Ey4YR37ThnOabffABLzydKr4tUa2RbqxeExmdsp AQ== Received: from phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta02.appoci.oracle.com [147.154.114.232]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3q8usv1yf1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 04 May 2023 14:51:18 +0000 Received: from pps.filterd (phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (8.17.1.19/8.17.1.19) with ESMTP id 344EcjSa024871; Thu, 4 May 2023 14:51:17 GMT Received: from nam11-bn8-obe.outbound.protection.outlook.com (mail-bn8nam11lp2168.outbound.protection.outlook.com [104.47.58.168]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 3q8sp8tr7x-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 04 May 2023 14:51:17 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=klp9ejf1cA5sQDA/Lwspg4DnEH41HpN6QFPh0nmsJYT08j70QzXc/o4AR6qBWQDFcRtIC5X7YC7N/ALsijsXLe2vwcBmsKfVMGTbJmmfRjm1LrpffPHGx8ek59y0jaEUXWns/4XjV0u584X9lzS4HmUCs9jOZKNzaWrWnjWDXcyUdG8KTBt1UGe/U3H5jaWpWhn2spPiGy+t25LTWiTbHECpB7KEecW1CU3HL8mQhJ0lJSJ1etq2cDEMjTA5Ly8ioF6E8nCb1K+KliRK71RIqYPJAK8vEH2fkR1tGqyFUI/X5FoOib+jWwMAEOkhcxiYYGUQakmLkanSV2ysyrViPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kd4VyTkdmdAPDJ+d8KRWv5cXNJL7wwga8gvLalvkmqc=; b=bjAf0mvalS3QRd7n4zs6+TJNP4PKjKTW4PWK6pZkS43rs0VpnLkgpvVTtraZnLUK0zZXkUK/49v0Lq1XbcilVNhlQFSEeShc3z9HL4vDWRAy9gPQocsaYIU8WBvuGwVD0eR5ECw/nRFHtwJo7978lBYC+HOKRVz5Ki8w1J6x5Ej2ri19eMO1QVczC5XukeYnpS9fRGP/qEPP+4b1HLUz6zvpjSZZs5fFzWHsVsqEfURfb6VflPp9rDR9rfRiYJU4cebaZM5rHY9gJ88Lsxpr0YIzUwbIhkup16jF6f/czk/61nm+IQL0I2Ef0l4CrvMj/Mm/OBCIyGqxrx+UyTjpZg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kd4VyTkdmdAPDJ+d8KRWv5cXNJL7wwga8gvLalvkmqc=; b=ALLuV6iLrr0QYmih/Ji8gpFX1e1BM82jdWGwWweS8FLrhAmjrGhKxDZyJxseaSL98wP9JzrwFP1zmoJaFduY46KH/ISFsCaGkoaQ3uVuLEJ19Pmig3t1MpGkxSEOGyJ+/iLQGPm+CT54GeBk43Kcw8rfNLP2nzlv/4FcFdU9cbM= Received: from BY5PR10MB3793.namprd10.prod.outlook.com (2603:10b6:a03:1f6::14) by PH0PR10MB6982.namprd10.prod.outlook.com (2603:10b6:510:287::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6363.26; Thu, 4 May 2023 14:51:15 +0000 Received: from BY5PR10MB3793.namprd10.prod.outlook.com ([fe80::a007:b0c1:5cb:329a]) by BY5PR10MB3793.namprd10.prod.outlook.com ([fe80::a007:b0c1:5cb:329a%5]) with mapi id 15.20.6363.026; Thu, 4 May 2023 14:51:15 +0000 From: Ross Philipson To: linux-kernel@vger.kernel.org, x86@kernel.org, linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org, linux-crypto@vger.kernel.org, iommu@lists.linux-foundation.org, kexec@lists.infradead.org, linux-efi@vger.kernel.org Cc: ross.philipson@oracle.com, dpsmith@apertussolutions.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, ardb@kernel.org, mjg59@srcf.ucam.org, James.Bottomley@hansenpartnership.com, luto@amacapital.net, nivedita@alum.mit.edu, kanth.ghatraju@oracle.com, trenchboot-devel@googlegroups.com Subject: [PATCH v6 10/14] kexec: Secure Launch kexec SEXIT support Date: Thu, 4 May 2023 14:50:19 +0000 Message-Id: <20230504145023.835096-11-ross.philipson@oracle.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230504145023.835096-1-ross.philipson@oracle.com> References: <20230504145023.835096-1-ross.philipson@oracle.com> X-ClientProxiedBy: DS7PR03CA0316.namprd03.prod.outlook.com (2603:10b6:8:2b::17) To BY5PR10MB3793.namprd10.prod.outlook.com (2603:10b6:a03:1f6::14) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BY5PR10MB3793:EE_|PH0PR10MB6982:EE_ X-MS-Office365-Filtering-Correlation-Id: 84644b11-833e-49b1-0c86-08db4caf0297 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: XUh7J0ncYAJZM8q9VEStVVQehmU6BknMpeG52QJfjmY7u3J4wYrUU3tYu8gade4ueN/8WTXoNPjBiWHM0gO6tauZmNDjZwqwRHMiMaL2Q1yPGwXAokcpVoY62W8mrZdr9eST4h3CQ9dFPfRrwdMJ26vu6Z6zSjGsU1hnxmilfAYizZeO5sTuul6Oj+xYXXLX+9q4iCTidfGdovyfnqLVIta8TPc56Z65mcVQccSkgMuCLW3K9mTWqJKdniT0fYv+Hpl2vjvyS8Ivu4ocizhkz3LqeY3S9bIt2N5luC3rIuhFe5U0Cu67zOuQD9dTxBagdyIX++cgzUNhEVEhXtxF/UEA2I6Ya9EwGh2GOjjw/1EmExi9I3zUMBBg2Q/a/rDbXXXfdy4BnJTDBn+QOvOHjTeEyTGLKecilYMzLgQqeZxIJP3REWKm5Rgs7sm1OEoTCDYkVHQ62Iy5XJ4K7crwpBRmFpTf0sc06xjgBea7uBE5Y2JmZ6T8C9l9tZzp73MjFvkQ/nOe60jEabnhxqYGysLPDNJSQCryKz4AZ4RPVipWnrcD0JWl0Rme8yjLWxhL X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BY5PR10MB3793.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(39860400002)(396003)(346002)(136003)(376002)(366004)(451199021)(36756003)(38100700002)(5660300002)(7416002)(2906002)(44832011)(8936002)(316002)(86362001)(4326008)(66556008)(66476007)(66946007)(8676002)(41300700001)(83380400001)(186003)(6512007)(6506007)(1076003)(26005)(6486002)(478600001)(2616005);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: +r/480AoLanktEYaXl7/4LUvrX5YV99uuXDDj2gszBOC0nKG3ENULcOPNKVueIRPpWWVZqZbhTnj7VX4MVEepEyWPfCCTEypdy1Kmj1Dh5QtUDvzJSHrhxkQCGzy1DKHO2RVna7imv0LW0paBCXA7jH/QxJIg87UM/xG/2uelcC8ADEq4Rn/8WC5vZ0VEQZzXhQO9UxO3+ZW02IV887fAACE1uTQHD3OTqAIKgpPvpG3kNhr+8bC8XL1U5RE/8AQdinmvR8L+rNhFfOHgJICLfCHu3iuWnTFnhDdu27otySoPPxUjsX/EuuXDdeEoDvr+o45xHg39t+ox+B9yhJlmDU5WpndD8qC/lg5dAgDIofXsUiAN1EC/6GSCCcWllYTbsVw+/N1eoJpWlNpnUa65cNXl9pW+XorhpGSF6Ss6mseUAWjv0xv6VtfX/U09i4TLn9kMKthIfF+32wT6EZxdHkriPMbShcxUFIvzN0TU5C6wwPs00J4i8mSu4Lu1kZ9GG1ln9TZscdOJBfA9nexGt0jmTKhGNiNmlmN6HQFUUY0P/wZmO+2auP3xUrQ2mi+vMWDRHHciV0m7LVnImJzMBkCJT58etRnJgR6vGuOMHPM1pWOVa3ggAac/J8mymAi9hkDVOEE4K+6TrW6zjxC0NBikZQsKHV93CEELFrm7Ay4a1465mIcRwv9+efHUBf8JweytXqA20lylBiA3ygS7i3Wum/HPuXlZpdkabgDuCkzoaaNmxi1p37f5KTBwjGgABGNTE6ZBQ6CNfjV8WSf4+nbu5it7ylkoNhD8kYnwzXoAAYxO/WyRJPkuCPUdoLtYh/RPGqweF3EtjbhK3LOYtLWiwWBL+B2vP06OTZuVA2CNOqymEmA/dulZSTIyPO5/zMI3d/sKv3qGBRBRQUoBzoBHePrNB7XlIFjsHZelbewgP/y1C+GC24Uj2txau5OFNyGz15j2KtSOocWhqA2v6ADQDFIayoIH0RXeeSHCEZZD6T8xnIiCNp1jDQeXYY3GryOT4RKVoB5M5WjiqaK2iRVZsxkbL6nlaxW59NWTxR0hRiaeFddtwOXZ9AIZlxcJDxvx07VDSSmjMQLiDJJcBsO41494fuz9n2xvOdgo7bzLhqRNSoYulcXrtEM6Zg1+/ai6Tof1nU0bbmQZP3uGKyEJh4TfBq2xEjblvZntYBNiAUoeGlhzLeL/RWNM4kIeApFCwzMDpr51R3fioe0IqmdRV9gTfAA70CkscaQvrYPxkD1DSJ07II15NxxH5UrPRm+svyr1kRYptfdNErr58JytUGszIb877DA0KaqXEreDBt6qk4DhYWSyMyxJBsvKanfF1kyYZqZ516v/285AKvB+18xJaL9y+4zgyYpiKP/NSnCJDcmmGtiw+7ZgNf0RDTB4SSt/yI70i3r3Oizag+Qq3aDvDHTJuR4ocsAShG/mAhA9xMLdPdP6BIXmp5XXtbFq/IYsscQGqxVqUbS2jB+XfzkSWRwkUlTpFCYFrr9jK1qk+0ZPPsmzEg9YfXvALqVyfPU6VVgOnZB17PGcXG61q3wtAkoxczQAUJArP5MZRtaQ78tmMlPezqsJ5K+sKW/j+TebFpJXnVHyB3/jQ== X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: G0QfPTarvsFzlEntXZjpHLgTIiF4gKb+xGBx6EzLJCTpZdpwG/QXBLibwJ6hrWBa/lqvkEUhYrnLfC83bw2bxoBs5A7VKeg7VNHWUaBMzmOtghAexu/9K9qRL9e7fKrsqYzmIQ5UcQaRuxwIVEn/YsvphixSue2o7yDU2h2AMzmmRr3bax1aA4C9EuAXjLq0DbDbGpyUR+fqiW6vU6+BH8aP7nLZTB9WGlAIMEXMwmWwh8rxcITClg85101vrcV6oWyBR97kSmiI2+stgXeAUJZqOYXTCzD9rEfJps7I0L952f3+HvK+s/03BxtdXKrhWsWZHBkfopbwfYhtQR0FpAZE+ySgrNM6akQ5GDZBYO9Axpn2ZfNsbA47U3vHpgzggx0HjbGY0owf6b3jhYKo0losbzYGEOV5n5DHsWksgwtux54T58K59EZO3LuHLN4sg6F+4h/QQeCrjmFLBbBrUIIYXe7zGfxcDWW0wy6nxYdAJOC/to2TqWvV+FG+B72YGMTN/gjPAXTcp/CWjE3Ep+oQV+mCVLm4Ve2o8eXz7V0meIqRb5zzelY7PO3CvDIOPjP8kydlraXeromQJq1TZsWjgJIZaXdWVMYbxC2/e/jWeCP8GR+pKybm9ApRpHvYkkblX7WRhTfzEojKzTLK1HKaa4B0OpsLljYqw8VDZB0h/sUA1BbIbYEUqrqdD5WqMjDLqlPVXY73de1JxrBPQfKZZMxK0rFI4B4OJuxDU40GcLxvG3DaGz1NgGpq55UMbuE1pJJJYT2K9aN8IjAKnctb7eFNayoVK/RJqip2OznVVp0syaA2KhkGfVU1NqNReWI58vXGZ0NMyTstkVOrsGP1GUmJvY+FpmDDNYm0za6SZjwju1VRUOxdUITLeGHoazufvl/8aaJoMJPBQsWY546wkeIYRGen4sMiTFcjm+K9u6JjpbTtPdXBxlxpFSOxsuBkYcr/p2rsxlsgJ8EPqhwz3v1yNtmKxiIZHBECOiKpfbocgvAuHTMInix73pSMLBOZWLpMJ8RSkzkTTmHkIK5ALdaIYK6FEb1vwRiKNB/OpOjmNo5jyYyb6ylwgsJhON43dU9XJPpm0KkcE+T1RS8X0/6c4c4vQlvprlE+Aci6UlZnZNFpra7upIasfKOR4WhskwdRdhdiya9s4Hp9P2sWU+rGNLJ6FXItmNvkvF5zj68mf74J97BjXXd1laujL7lbGg7HJS6PezpjGLHPFblcLZN4xjpNh5zSPLu2kWW6ScqXI+9G0KnqGorWYeJsEjY4lV3i5A7Qtk54J2XaeVm3IzZhBe5v9fFl8XyGM1Y= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 84644b11-833e-49b1-0c86-08db4caf0297 X-MS-Exchange-CrossTenant-AuthSource: BY5PR10MB3793.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 May 2023 14:51:15.0752 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: gFF2PsBGiGYq4OwTjobG1AYI1HZ2K20326ukMIvhvt7nAWYGthajipquaUMl52w/X8neehffRoJYksk2YFyXSK8C10007zyIvd0P/hJtdjM= X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR10MB6982 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-05-04_10,2023-05-04_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 mlxlogscore=999 spamscore=0 phishscore=0 adultscore=0 mlxscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2303200000 definitions=main-2305040122 X-Proofpoint-ORIG-GUID: _zxZOBZNHVB1E3cyrWAPT_EwGgesoPsZ X-Proofpoint-GUID: _zxZOBZNHVB1E3cyrWAPT_EwGgesoPsZ X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764975746613533213?= X-GMAIL-MSGID: =?utf-8?q?1764975746613533213?= Prior to running the next kernel via kexec, the Secure Launch code closes down private SMX resources and does an SEXIT. This allows the next kernel to start normally without any issues starting the APs etc. Signed-off-by: Ross Philipson --- arch/x86/kernel/slaunch.c | 69 +++++++++++++++++++++++++++++++++++++++++++++++ kernel/kexec_core.c | 4 +++ 2 files changed, 73 insertions(+) diff --git a/arch/x86/kernel/slaunch.c b/arch/x86/kernel/slaunch.c index 7dba088..176c029 100644 --- a/arch/x86/kernel/slaunch.c +++ b/arch/x86/kernel/slaunch.c @@ -495,3 +495,72 @@ void __init slaunch_setup_txt(void) pr_info("Intel TXT setup complete\n"); } + +static inline void smx_getsec_sexit(void) +{ + asm volatile (".byte 0x0f,0x37\n" + : : "a" (SMX_X86_GETSEC_SEXIT)); +} + +void slaunch_finalize(int do_sexit) +{ + u64 one = TXT_REGVALUE_ONE, val; + void __iomem *config; + + if ((slaunch_get_flags() & (SL_FLAG_ACTIVE|SL_FLAG_ARCH_TXT)) != + (SL_FLAG_ACTIVE | SL_FLAG_ARCH_TXT)) + return; + + config = ioremap(TXT_PRIV_CONFIG_REGS_BASE, TXT_NR_CONFIG_PAGES * + PAGE_SIZE); + if (!config) { + pr_emerg("Error SEXIT failed to ioremap TXT private reqs\n"); + return; + } + + /* Clear secrets bit for SEXIT */ + memcpy_toio(config + TXT_CR_CMD_NO_SECRETS, &one, sizeof(one)); + memcpy_fromio(&val, config + TXT_CR_E2STS, sizeof(val)); + + /* Unlock memory configurations */ + memcpy_toio(config + TXT_CR_CMD_UNLOCK_MEM_CONFIG, &one, sizeof(one)); + memcpy_fromio(&val, config + TXT_CR_E2STS, sizeof(val)); + + /* Close the TXT private register space */ + memcpy_toio(config + TXT_CR_CMD_CLOSE_PRIVATE, &one, sizeof(one)); + memcpy_fromio(&val, config + TXT_CR_E2STS, sizeof(val)); + + /* + * Calls to iounmap are not being done because of the state of the + * system this late in the kexec process. Local IRQs are disabled and + * iounmap causes a TLB flush which in turn causes a warning. Leaving + * thse mappings is not an issue since the next kernel is going to + * completely re-setup memory management. + */ + + /* Map public registers and do a final read fence */ + config = ioremap(TXT_PUB_CONFIG_REGS_BASE, TXT_NR_CONFIG_PAGES * + PAGE_SIZE); + if (!config) { + pr_emerg("Error SEXIT failed to ioremap TXT public reqs\n"); + return; + } + + memcpy_fromio(&val, config + TXT_CR_E2STS, sizeof(val)); + + pr_emerg("TXT clear secrets bit and unlock memory complete.\n"); + + if (!do_sexit) + return; + + if (smp_processor_id() != 0) + panic("Error TXT SEXIT must be called on CPU 0\n"); + + /* Disable SMX mode */ + cr4_set_bits(X86_CR4_SMXE); + + /* Do the SEXIT SMX operation */ + smx_getsec_sexit(); + + pr_info("TXT SEXIT complete.\n"); +} diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c index 3d578c6..5d66d68 100644 --- a/kernel/kexec_core.c +++ b/kernel/kexec_core.c @@ -40,6 +40,7 @@ #include #include #include +#include #include #include @@ -1275,6 +1276,9 @@ int kernel_kexec(void) cpu_hotplug_enable(); pr_notice("Starting new kernel\n"); machine_shutdown(); + + /* Finalize TXT registers and do SEXIT */ + slaunch_finalize(1); } kmsg_dump(KMSG_DUMP_SHUTDOWN);