From patchwork Thu May 4 14:50:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Ross Philipson X-Patchwork-Id: 90103 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp378559vqo; Thu, 4 May 2023 07:52:48 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6OBx/+eZpARuAyS4el2LHWRsYHd9+geUGU27Kl5Ol+0uIoqULy5XqcuUjpIL9mL/k+dJnb X-Received: by 2002:a05:6a20:9f49:b0:f5:75f7:a0bd with SMTP id ml9-20020a056a209f4900b000f575f7a0bdmr2495001pzb.13.1683211968300; Thu, 04 May 2023 07:52:48 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1683211968; cv=pass; d=google.com; s=arc-20160816; b=JzOpMuI/1ml7P6MQZ8mzHvn/+o13xekC5dSzG/alGg7luwRNozTOSn4kXK7ihNxDgi bJaD0V76y8oZJxjGd3Gz4Y/3tqKIBOXETUp8nvmtV8ovS9oT4ToPsU79pnzJMLf8A3ez bLFecq4MUh4lYs9GnOTVtgMGajCzD1ljdJlgW0J0fzVq/k8fzdHT+MVCU4aH6b9aXc61 xJI28vjyM8Bi2HsumaANOpVDVveJ0YtEe+QtGlVgcmCEMd8bBYTSmGLpLSMcCTCsfo2H ZssF0B4GpVovp3dMtPquyu+tJvMoyGwW9n4FvJ2b/Gpp8CM/bu7UtQBTYnUDkaDXWoFy JhiA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-transfer-encoding :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature:dkim-signature; bh=tOrl7bwToPdgkLSml1h7WK2eBjs9z6pHb2lNO+Jym7g=; b=HQPGKK3rOJ7Ycud9PrgKoCi+c6KLhu2cd+KMztctdzdTLVDyNTKnM3c/dalI7Bby1v C8db4a+c/swKwHaLP0iRtR6xfaBGWEMqjZXN7xPKETqsnYvK7QOIoTcW/A3TePrY3Kxt BEyEvmNgw0Xf5rByKSK3HVmG2SH/DzZ1KKqLlk/uTO5+l9r9awIosuUfQQZRUe6i93Me GPxZKU3X6/ftUyKmYIUDSK7e6NmEUdsW/LyCPH5bM2B55rBw4cgAB1BIcwKrrcAgZlJG yhLqnHkbS1jxjZ6J/7UjygUMmy73KUMrRZTSd6Vu6MVDhbKhPSvQ83JPjjv7I9wUSR4j 7zsQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-03-30 header.b=Rsk7aoPu; dkim=pass header.i=@oracle.onmicrosoft.com header.s=selector2-oracle-onmicrosoft-com header.b=kMiJPFn9; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r20-20020a17090b051400b00232dd9ab146si15950744pjz.13.2023.05.04.07.52.35; Thu, 04 May 2023 07:52:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-03-30 header.b=Rsk7aoPu; dkim=pass header.i=@oracle.onmicrosoft.com header.s=selector2-oracle-onmicrosoft-com header.b=kMiJPFn9; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231309AbjEDOvl (ORCPT + 99 others); Thu, 4 May 2023 10:51:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45452 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231246AbjEDOve (ORCPT ); Thu, 4 May 2023 10:51:34 -0400 Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 07E862D51; Thu, 4 May 2023 07:51:23 -0700 (PDT) Received: from pps.filterd (m0246617.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 344DbOJO012645; Thu, 4 May 2023 14:51:04 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : content-type : content-transfer-encoding : mime-version; s=corp-2023-03-30; bh=tOrl7bwToPdgkLSml1h7WK2eBjs9z6pHb2lNO+Jym7g=; b=Rsk7aoPutY4eoZ5Uhqq/NXNx96a4nuphfnEqEEyJw14ntQwbcQAKSvhvY2rgnVZ79GEa RMqL4d7/M0cKBpIpde8W83ar6zDzuoeULkFmnmShmc4YxEyVtae3wtQ6ojGo3DRzUXcm nz+1Cay697xGVk64MKD8a8+vw/zRFe6LyjQGOkd3eA2JW3lVzGzHcWlkiRu9AedRLV1f O/9erlC5/VjFRqENYOGa1kQyBjNpRlMAaCWWChmMCoVG5e3QC9oOztCEdalf+TaxhF7d lpfDDuyy3v8Ye2oG9+ASmrgR5ZGEUwUyT/Jie3eng8Tm95euw03WK51lL5GCs9lU1P3r Pw== Received: from phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta02.appoci.oracle.com [147.154.114.232]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3q8usv1ydf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 04 May 2023 14:51:03 +0000 Received: from pps.filterd (phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (8.17.1.19/8.17.1.19) with ESMTP id 344EFPUo024884; Thu, 4 May 2023 14:51:02 GMT Received: from nam11-bn8-obe.outbound.protection.outlook.com (mail-bn8nam11lp2168.outbound.protection.outlook.com [104.47.58.168]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 3q8sp8tqxu-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 04 May 2023 14:51:02 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Mc3c7iG8OnedaS5YEvCoIu4Fjd86xDnFVbx4S427Yni7IS3WwYZiys0I/Td0drmnjGI9Evgf9qECF+VVCGhCBCSCwTuLnyxINdtvuCka2J3UtTkPM3E8dcMRIwikktUhNuQYSDgWvdlj3I64+L+g6WwNAEIS3OGsAN+bCU0Y03kozt+75YB2eO3qNUGRi5XAhicA0JgH53xCImeNi7rbcvEoCrrP3GSv1xuEAJ/3TYlPjAbDPm/o1YFciIZVTBvpXxMsAlW6zukTQJpKCLaeC+eDnxICcdlKXGx2K6WrNyBvzpXfMBjzZ7OAT3BwuxZJrXZJGrwsfAWKoKsuWYmd6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=tOrl7bwToPdgkLSml1h7WK2eBjs9z6pHb2lNO+Jym7g=; b=FCazusbSub3HvCIQ1nD3ZrztxT03yCvX97gO0rQIIf4auyMPiRzQZ7hLhVXIeHictcWXt+YGhWuD+IqjW6twsFr1caeASOpF8NbQU0TjIyFR//JUoIRO2aYgg3UqC80m+zXP3udB8uo+KJV//q9D8PL356Bi7dMgAJ0JMJy9rV0q8PGd9u3M9N10K10WUfLzwS8AYg8FHq2upKN8DYnOKoeVSOSIsRmalK0oPiYvKB/JjQLftZ1ywUT0n5onkr40CXnMdvXJmAGiomymj6oNbxrZHnSd/vldgK05qOBGzaTI/1qXywVFI9e7tJMPtAHm/nvM5lF0YI3STLgjXPUXVg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tOrl7bwToPdgkLSml1h7WK2eBjs9z6pHb2lNO+Jym7g=; b=kMiJPFn9H07zMiqsUfmH2TyatXEydMPXbBZy1spt9unZtfOnx/uM9FeKoxWyOfCW0wNMJh1HwzimJAT8da8GhcXfHWMn/AefavXxBxL0y3u9uyjwVKuL7D5HnFsHyQHzzzNylHdSsP4w/xzt6VqQP3AGlw4iu4TZ9MtcNnXILPg= Received: from BY5PR10MB3793.namprd10.prod.outlook.com (2603:10b6:a03:1f6::14) by PH0PR10MB6982.namprd10.prod.outlook.com (2603:10b6:510:287::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6363.26; Thu, 4 May 2023 14:50:58 +0000 Received: from BY5PR10MB3793.namprd10.prod.outlook.com ([fe80::a007:b0c1:5cb:329a]) by BY5PR10MB3793.namprd10.prod.outlook.com ([fe80::a007:b0c1:5cb:329a%5]) with mapi id 15.20.6363.026; Thu, 4 May 2023 14:50:58 +0000 From: Ross Philipson To: linux-kernel@vger.kernel.org, x86@kernel.org, linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org, linux-crypto@vger.kernel.org, iommu@lists.linux-foundation.org, kexec@lists.infradead.org, linux-efi@vger.kernel.org Cc: ross.philipson@oracle.com, dpsmith@apertussolutions.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, ardb@kernel.org, mjg59@srcf.ucam.org, James.Bottomley@hansenpartnership.com, luto@amacapital.net, nivedita@alum.mit.edu, kanth.ghatraju@oracle.com, trenchboot-devel@googlegroups.com Subject: [PATCH v6 05/14] x86: Secure Launch main header file Date: Thu, 4 May 2023 14:50:14 +0000 Message-Id: <20230504145023.835096-6-ross.philipson@oracle.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230504145023.835096-1-ross.philipson@oracle.com> References: <20230504145023.835096-1-ross.philipson@oracle.com> X-ClientProxiedBy: LO2P265CA0485.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:13a::10) To BY5PR10MB3793.namprd10.prod.outlook.com (2603:10b6:a03:1f6::14) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BY5PR10MB3793:EE_|PH0PR10MB6982:EE_ X-MS-Office365-Filtering-Correlation-Id: 9983a358-5ed3-4961-aff7-08db4caef8c8 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: AaZjOb97yEXGbHCFb/XKjumlRbRLvoYEmchdtH9bXh8Hxp+pQcFS1ewJOsyNDaL7Lc0DCIqmIvD0evSt+Dh9syLfvBC74xnR6ppS6g1Z9fKrFnQGQ6kyOKX4mM/plSHev7Wny/jtp8lgCwIa5wcJ6bonzEzpWiXt3NlS9yfkCBvlSR9mkjaqAdIzGKW4/10xA+a0KWCjU8tHmoLVcICCswr2F/Xg74XNHiHs1pYtNZnXUADtrL+qqUpbAFi1MXFvKyJljjn9lZXmbEpnJcYOe3E6TI7xUTPOEZjWPGKHkrpM2Sdnw3OJvME4G0ebYd1h8Vb4N9R20OimSIdg2Oe/N/ViiGndeGJlxxOFxoyC022Y1OCabNFgbf/jKLFDouQhmfEIAfqMF8cXSjQNX/IZXab4gwS/wE/dkbiOiJwCZId+4lTiecdTOJxcVMExVS2f811jj2oViyV0fgqObom7G1QYB5akMETwEG4p3WmgfAv++MVMep5IkFhx830T3U017dPOsFsq281cfpDE1Pxykf3QmzwgdC4XEl413FOmif3IccvJW14grM3rrPkGxHgh X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BY5PR10MB3793.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(39860400002)(396003)(346002)(136003)(376002)(366004)(451199021)(36756003)(38100700002)(5660300002)(7416002)(2906002)(44832011)(30864003)(8936002)(316002)(86362001)(4326008)(66556008)(66476007)(66946007)(8676002)(41300700001)(83380400001)(186003)(6512007)(6506007)(1076003)(26005)(6486002)(478600001)(2616005)(6666004);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?UIuT93//8HBab6lBuGuRUY4g2eau?= =?utf-8?q?mKPMb9l9jLWqxZaPz+GBrwQquJPTVRhWu1PQWeZUENCzTxIyEXLYRQKCmvHhdS0Qx?= =?utf-8?q?eVgAvhSFPE9wq/1ewTQb10eB3oRSlr5zi18zYGDjXfjRWwahBzT3rPQExXhJsov3x?= =?utf-8?q?v3OBSOfnCco1DjxNrTvOz8Y25OfVSe1/kAM+W3w++OpPw2hbbTvy5MMl3HyOwdwrs?= =?utf-8?q?MRbLeiIFaKby5S7kpisB/i3yDg/Z2Rk2dJqOlIWLG0WQJlWjznfeSrglOcbi53xym?= =?utf-8?q?MYpkw3iSdIBFocknPhY7bkVE300vo5E7qId4vMnxzbCFSlwdN3FOFYB3934jwt4iN?= =?utf-8?q?jxtGxUPcSQaxY4hG+WwByz+1ovKR97QS2GZ4/MvU0suUboe+PLiQao+aVsIIofjI7?= =?utf-8?q?VHzPFl6Ybzy34mMkpMdouX2gmkUYe2QJUk/XFMBkJIhsNde1Mv7L6WoGtIJayoAs2?= =?utf-8?q?SNCBJNxMAKbwN/HddKZz5tUjW5orCnMieVKoaWAmZJ3vJL0aTF45qOZmcsoFjZmY4?= =?utf-8?q?LcusW/JdXCPj5yqmgKzhO2pMeTpVmmO5nfTrDlgk8Z4yGaG/se80ejwNyglc5XSqt?= =?utf-8?q?Nw4HWLGhiJcpgg7Ssw4IxyGjSS51T8DhvAOr7HyakoVLNnBOL/Kgn7NfXf9h8MKU9?= =?utf-8?q?s693+mdk0Cp15Ivyd9AMg0JAxQCNFv55p27/qynP7wzFboIm59PFH2iANosrbUroH?= =?utf-8?q?aO+2y3oii9r1f8UhHSmdHKtu1oKqSypZ0tOrbdFVvD06NIc6RQ13tVzt2/YPPjawN?= =?utf-8?q?0HqiLEYND8sZO5uwiy3Y2aNsPLnSdMwizWw57Nb+KC3LgBTKv6y9xoSy9ELOlZRj/?= =?utf-8?q?zovuQ4G2Msn388cN6NM0PEwGOgs9FOL/WYgHq4xARNIJwo8DM+1Zkb4n7KwU8Q94R?= =?utf-8?q?2HRoZrwFRxGLTGNp8JTq4piLr+ASNg89PyXSgkoNSc/Rki0my/edY4kDKLLvUWAoV?= =?utf-8?q?e66H2FTe9Y3F1IpBqlf81wd536dYY5MPagqOSTH4RqZU5t+SLjiTIU8V4Niorx3z3?= =?utf-8?q?0i8vD4/UmAK/I2odkIprO3EG8ALLdXaAFh/LdBnUJEDEJ4cRRIW4bcthK8uHhvF/M?= =?utf-8?q?6yBZze7VAQu9a+VKKMNTt6k4SpOTU3JG3soF2TuvQ0mLp+PHQjVhU0iD1NJRoIlpL?= =?utf-8?q?7b7EEcnK6UQYt1DKEUEyrTfdzGfQB03TH7rjbSy9/GYYDJUJDfXr7XB9DmWbY6z5A?= =?utf-8?q?iSqyeZE2AZ2nBQB1cMvzXSiaBMU8SVb0Bn0osE2lj2XxRIBapn7Nq0t7DcTHxQATa?= =?utf-8?q?cghIA7ruUcIFZqwMEQ+94Z4pTYdv7ZmC+g7IiUj3rKmHFr6z/zs+l/PkeoSmg3CSy?= =?utf-8?q?BZSe8hbQxl502t15DLNPEhNVAoh1id6RYuKlBmxOxmlArMi0gm9hZjCAglbId8woZ?= =?utf-8?q?gGvpGCZzcKuFciC5xL0zUExaUthUcXrSJUoiUzPmqR/42ysrqpQvh+kfjawixXHNW?= =?utf-8?q?Dw+WeRFp588GQ4ZrtRlEgyrv4Go+8Raz4cLYv9Q+ARhZBWdAQLrpC4N/Dw2Y4QweY?= =?utf-8?q?x837cVUXutmeJpUhbsIsEl7NqzOcNJHBDA=3D=3D?= X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: =?utf-8?q?yfNE6zapiXKPrXdL?= =?utf-8?q?1nljmbEx2Krj1tQ5jAVQA9LPVYesJOR9xvjAUe7xaS6/0o6RVA5jb4KFC0zryUSZa?= =?utf-8?q?GfA6EhgrDWFYx61gYxU+TKXokCquKvOENFjYhZtQ10/onf+EgdHDHAypmeMxkmc3r?= =?utf-8?q?r4PhSdaLNrD4klBPrpNlwQ/YtqSBz0upi+1kpPAThwF2ldV15OrRx/MlAoa7DxMVm?= =?utf-8?q?f5xCROS7mJ0ZYIGDWtuDlnrhFaHrlSDNnaea4k9wq6+r2DUmp26yKLWgEr2s5Arwm?= =?utf-8?q?/+XcXeaQi1vaKVD1HEoOGpsXq8Mge56pTOfyV3H6tEu6ddrKbB8Ycahm6ndSmNNjh?= =?utf-8?q?5yWQGrVAvkY+zcP8vdEOw/mcRDbc6wYzwb/t/nzR/Nf8CxR2EuHeL4KKoyIHomDTQ?= =?utf-8?q?OJua+1DEt0gubDpxs6WD6mUHatrUY4lwL8RjisKClXwSt4O5J0Lm4tmYoLZWdfvjX?= =?utf-8?q?id9fE2Ky/zRuYig9RK/ZCHlovaOln/f/5fK9hcDNn1C8JKAjWRov7HOHW6oYW0g1P?= =?utf-8?q?Czquu3xaR/3zlgq6laXDCgBpZOtp/KJFBZkxUWCbk+zenTQok2bBonf5w60S01mXh?= =?utf-8?q?B53hiGhBRb7VnARF49wRFy+k1UVYHv2jbH4QVpIRqpwa1uFqZKf70cpEU6rMlAZ3g?= =?utf-8?q?TDQB0PMY6qsgmBvp14Huh2G3kEpT+YUZ1Eg2CbVeXErJbF5/7YXotv9JB1b5DYezU?= =?utf-8?q?BSRWFK52q6nzj/lH3CTXEUkikzAwHQIXLuc+QPh3BvJWOpm0Dj+iIbSraYI7c7cYg?= =?utf-8?q?qk15A1Kg7TkI4ifmjF+65dyPNrYmV0hlvddYOnXlx4wH+HdPIy7e0ZSqmOi3j4DOu?= =?utf-8?q?HM8g7cVgYEferhJdwjqrNKCQqzPDd4zrlxqc2p1QZ+Kugp+uk0YL93HMQ0mC1Cfgq?= =?utf-8?q?e90EXkLhwCMMJFMWVYJ10t8qj04zXLjUK3ydUi3HMOEI/TRCvZkhjky/zJ/q8W7Tl?= =?utf-8?q?XRoMwx5Y0LpBLxv4uzcFzM8tO7P4ZlDPU0SjIoLaiEZXZDFsVO//SaqqBJSbxlINX?= =?utf-8?q?OXjAu3Ffnrwklx6YqAaz3Io+mVmvHcWfDKnVov8kAvK5V7PQ8E1zDXJFk6DFoBCIh?= =?utf-8?q?VVukfyoD7Yg79ZZP4JX976Fj6N/ejOGEwOkAM+VJ7beuwqHIhRLnt8GnQP3DetEIQ?= =?utf-8?q?2euw6KY6jLRqTOCLTp4F25htS8Mu+FRqC3s8kjJ27I7RLvhnpNzjfn7W0x1DK8gdb?= =?utf-8?q?cVqjvdMSeZbLbHZ2A/Ag5FQvE86eVYT7NZ9nMwNOSIqhv4muctn+BBzOiXMmNO649?= =?utf-8?q?LtB0DvA=3D?= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9983a358-5ed3-4961-aff7-08db4caef8c8 X-MS-Exchange-CrossTenant-AuthSource: BY5PR10MB3793.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 May 2023 14:50:58.6686 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 7KU1E2CqnxNWp+GFKEzJTnJk1lRlc4cIalwZooHNYX9aGbXmcSrbY7wZcF41KXS056X6HVFHozhJDhlr6TVyxI/LKiqnjpyjHLQrKSDcp8g= X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR10MB6982 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-05-04_10,2023-05-04_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 mlxlogscore=999 spamscore=0 phishscore=0 adultscore=0 mlxscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2303200000 definitions=main-2305040122 X-Proofpoint-ORIG-GUID: VyBVz23yu0pOw-Rw8_rFwTjqe0zwJKxP X-Proofpoint-GUID: VyBVz23yu0pOw-Rw8_rFwTjqe0zwJKxP X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764975672584912433?= X-GMAIL-MSGID: =?utf-8?q?1764975672584912433?= Introduce the main Secure Launch header file used in the early SL stub and the early setup code. Signed-off-by: Ross Philipson --- include/linux/slaunch.h | 513 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 513 insertions(+) create mode 100644 include/linux/slaunch.h diff --git a/include/linux/slaunch.h b/include/linux/slaunch.h new file mode 100644 index 0000000..a1c3172 --- /dev/null +++ b/include/linux/slaunch.h @@ -0,0 +1,513 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Main Secure Launch header file. + * + * Copyright (c) 2022, Oracle and/or its affiliates. + */ + +#ifndef _LINUX_SLAUNCH_H +#define _LINUX_SLAUNCH_H + +/* + * Secure Launch Defined State Flags + */ +#define SL_FLAG_ACTIVE 0x00000001 +#define SL_FLAG_ARCH_SKINIT 0x00000002 +#define SL_FLAG_ARCH_TXT 0x00000004 + +/* + * Secure Launch CPU Type + */ +#define SL_CPU_AMD 1 +#define SL_CPU_INTEL 2 + +#if IS_ENABLED(CONFIG_SECURE_LAUNCH) + +#define __SL32_CS 0x0008 +#define __SL32_DS 0x0010 + +/* + * Intel Safer Mode Extensions (SMX) + * + * Intel SMX provides a programming interface to establish a Measured Launched + * Environment (MLE). The measurement and protection mechanisms supported by the + * capabilities of an Intel Trusted Execution Technology (TXT) platform. SMX is + * the processor’s programming interface in an Intel TXT platform. + * + * See Intel SDM Volume 2 - 6.1 "Safer Mode Extensions Reference" + */ + +/* + * SMX GETSEC Leaf Functions + */ +#define SMX_X86_GETSEC_SEXIT 5 +#define SMX_X86_GETSEC_SMCTRL 7 +#define SMX_X86_GETSEC_WAKEUP 8 + +/* + * Intel Trusted Execution Technology MMIO Registers Banks + */ +#define TXT_PUB_CONFIG_REGS_BASE 0xfed30000 +#define TXT_PRIV_CONFIG_REGS_BASE 0xfed20000 +#define TXT_NR_CONFIG_PAGES ((TXT_PUB_CONFIG_REGS_BASE - \ + TXT_PRIV_CONFIG_REGS_BASE) >> PAGE_SHIFT) + +/* + * Intel Trusted Execution Technology (TXT) Registers + */ +#define TXT_CR_STS 0x0000 +#define TXT_CR_ESTS 0x0008 +#define TXT_CR_ERRORCODE 0x0030 +#define TXT_CR_CMD_RESET 0x0038 +#define TXT_CR_CMD_CLOSE_PRIVATE 0x0048 +#define TXT_CR_DIDVID 0x0110 +#define TXT_CR_VER_EMIF 0x0200 +#define TXT_CR_CMD_UNLOCK_MEM_CONFIG 0x0218 +#define TXT_CR_SINIT_BASE 0x0270 +#define TXT_CR_SINIT_SIZE 0x0278 +#define TXT_CR_MLE_JOIN 0x0290 +#define TXT_CR_HEAP_BASE 0x0300 +#define TXT_CR_HEAP_SIZE 0x0308 +#define TXT_CR_SCRATCHPAD 0x0378 +#define TXT_CR_CMD_OPEN_LOCALITY1 0x0380 +#define TXT_CR_CMD_CLOSE_LOCALITY1 0x0388 +#define TXT_CR_CMD_OPEN_LOCALITY2 0x0390 +#define TXT_CR_CMD_CLOSE_LOCALITY2 0x0398 +#define TXT_CR_CMD_SECRETS 0x08e0 +#define TXT_CR_CMD_NO_SECRETS 0x08e8 +#define TXT_CR_E2STS 0x08f0 + +/* TXT default register value */ +#define TXT_REGVALUE_ONE 0x1ULL + +/* TXTCR_STS status bits */ +#define TXT_SENTER_DONE_STS (1<<0) +#define TXT_SEXIT_DONE_STS (1<<1) + +/* + * SINIT/MLE Capabilities Field Bit Definitions + */ +#define TXT_SINIT_MLE_CAP_WAKE_GETSEC 0 +#define TXT_SINIT_MLE_CAP_WAKE_MONITOR 1 + +/* + * OS/MLE Secure Launch Specific Definitions + */ +#define TXT_OS_MLE_STRUCT_VERSION 1 +#define TXT_OS_MLE_MAX_VARIABLE_MTRRS 32 + +/* + * TXT Heap Table Enumeration + */ +#define TXT_BIOS_DATA_TABLE 1 +#define TXT_OS_MLE_DATA_TABLE 2 +#define TXT_OS_SINIT_DATA_TABLE 3 +#define TXT_SINIT_MLE_DATA_TABLE 4 +#define TXT_SINIT_TABLE_MAX TXT_SINIT_MLE_DATA_TABLE + +/* + * Secure Launch Defined Error Codes used in MLE-initiated TXT resets. + * + * TXT Specification + * Appendix I ACM Error Codes + */ +#define SL_ERROR_GENERIC 0xc0008001 +#define SL_ERROR_TPM_INIT 0xc0008002 +#define SL_ERROR_TPM_INVALID_LOG20 0xc0008003 +#define SL_ERROR_TPM_LOGGING_FAILED 0xc0008004 +#define SL_ERROR_REGION_STRADDLE_4GB 0xc0008005 +#define SL_ERROR_TPM_EXTEND 0xc0008006 +#define SL_ERROR_MTRR_INV_VCNT 0xc0008007 +#define SL_ERROR_MTRR_INV_DEF_TYPE 0xc0008008 +#define SL_ERROR_MTRR_INV_BASE 0xc0008009 +#define SL_ERROR_MTRR_INV_MASK 0xc000800a +#define SL_ERROR_MSR_INV_MISC_EN 0xc000800b +#define SL_ERROR_INV_AP_INTERRUPT 0xc000800c +#define SL_ERROR_INTEGER_OVERFLOW 0xc000800d +#define SL_ERROR_HEAP_WALK 0xc000800e +#define SL_ERROR_HEAP_MAP 0xc000800f +#define SL_ERROR_REGION_ABOVE_4GB 0xc0008010 +#define SL_ERROR_HEAP_INVALID_DMAR 0xc0008011 +#define SL_ERROR_HEAP_DMAR_SIZE 0xc0008012 +#define SL_ERROR_HEAP_DMAR_MAP 0xc0008013 +#define SL_ERROR_HI_PMR_BASE 0xc0008014 +#define SL_ERROR_HI_PMR_SIZE 0xc0008015 +#define SL_ERROR_LO_PMR_BASE 0xc0008016 +#define SL_ERROR_LO_PMR_MLE 0xc0008017 +#define SL_ERROR_INITRD_TOO_BIG 0xc0008018 +#define SL_ERROR_HEAP_ZERO_OFFSET 0xc0008019 +#define SL_ERROR_WAKE_BLOCK_TOO_SMALL 0xc000801a +#define SL_ERROR_MLE_BUFFER_OVERLAP 0xc000801b +#define SL_ERROR_BUFFER_BEYOND_PMR 0xc000801c +#define SL_ERROR_OS_SINIT_BAD_VERSION 0xc000801d +#define SL_ERROR_EVENTLOG_MAP 0xc000801e +#define SL_ERROR_TPM_NUMBER_ALGS 0xc000801f +#define SL_ERROR_TPM_UNKNOWN_DIGEST 0xc0008020 +#define SL_ERROR_TPM_INVALID_EVENT 0xc0008021 +#define SL_ERROR_INVALID_SLRT 0xc0008022 +#define SL_ERROR_SLRT_MISSING_ENTRY 0xc0008023 +#define SL_ERROR_SLRT_MAP 0xc0008024 + +/* + * Secure Launch Defined Limits + */ +#define TXT_MAX_CPUS 512 +#define TXT_BOOT_STACK_SIZE 24 + +/* + * Secure Launch event log entry type. The TXT specification defines the + * base event value as 0x400 for DRTM values. + */ +#define TXT_EVTYPE_BASE 0x400 +#define TXT_EVTYPE_SLAUNCH (TXT_EVTYPE_BASE + 0x102) +#define TXT_EVTYPE_SLAUNCH_START (TXT_EVTYPE_BASE + 0x103) +#define TXT_EVTYPE_SLAUNCH_END (TXT_EVTYPE_BASE + 0x104) + +/* + * Measured Launch PCRs + */ +#define SL_DEF_DLME_DETAIL_PCR17 17 +#define SL_DEF_DLME_AUTHORITY_PCR18 18 +#define SL_ALT_DLME_AUTHORITY_PCR19 19 +#define SL_ALT_DLME_DETAIL_PCR20 20 + +/* + * MLE scratch area offsets + */ +#define SL_SCRATCH_AP_EBX 0 +#define SL_SCRATCH_AP_JMP_OFFSET 4 +#define SL_SCRATCH_AP_PAUSE 8 + +#ifndef __ASSEMBLY__ + +#include +#include +#include + +/* + * Secure Launch AP wakeup information fetched in SMP boot code. + */ +struct sl_ap_wake_info { + u32 ap_wake_block; + u32 ap_wake_block_size; + u32 ap_jmp_offset; +}; + +/* + * TXT heap extended data elements. + */ +struct txt_heap_ext_data_element { + u32 type; + u32 size; + /* Data */ +} __packed; + +#define TXT_HEAP_EXTDATA_TYPE_END 0 + +struct txt_heap_end_element { + u32 type; + u32 size; +} __packed; + +#define TXT_HEAP_EXTDATA_TYPE_TPM_EVENT_LOG_PTR 5 + +struct txt_heap_event_log_element { + u64 event_log_phys_addr; +} __packed; + +#define TXT_HEAP_EXTDATA_TYPE_EVENT_LOG_POINTER2_1 8 + +struct txt_heap_event_log_pointer2_1_element { + u64 phys_addr; + u32 allocated_event_container_size; + u32 first_record_offset; + u32 next_record_offset; +} __packed; + +/* + * Secure Launch defined OS/MLE TXT Heap table + */ +struct txt_os_mle_data { + u32 version; + u32 boot_params_addr; + u64 slrt; + u64 txt_info; + u32 ap_wake_block; + u32 ap_wake_block_size; + u8 mle_scratch[64]; +} __packed; + +/* + * TXT specification defined BIOS data TXT Heap table + */ +struct txt_bios_data { + u32 version; /* Currently 5 for TPM 1.2 and 6 for TPM 2.0 */ + u32 bios_sinit_size; + u64 reserved1; + u64 reserved2; + u32 num_logical_procs; + /* Versions >= 5 with updates in version 6 */ + u32 sinit_flags; + u32 mle_flags; + /* Versions >= 4 */ + /* Ext Data Elements */ +} __packed; + +/* + * TXT specification defined OS/SINIT TXT Heap table + */ +struct txt_os_sinit_data { + u32 version; /* Currently 6 for TPM 1.2 and 7 for TPM 2.0 */ + u32 flags; + u64 mle_ptab; + u64 mle_size; + u64 mle_hdr_base; + u64 vtd_pmr_lo_base; + u64 vtd_pmr_lo_size; + u64 vtd_pmr_hi_base; + u64 vtd_pmr_hi_size; + u64 lcp_po_base; + u64 lcp_po_size; + u32 capabilities; + /* Version = 5 */ + u64 efi_rsdt_ptr; + /* Versions >= 6 */ + /* Ext Data Elements */ +} __packed; + +/* + * TXT specification defined SINIT/MLE TXT Heap table + */ +struct txt_sinit_mle_data { + u32 version; /* Current values are 6 through 9 */ + /* Versions <= 8 */ + u8 bios_acm_id[20]; + u32 edx_senter_flags; + u64 mseg_valid; + u8 sinit_hash[20]; + u8 mle_hash[20]; + u8 stm_hash[20]; + u8 lcp_policy_hash[20]; + u32 lcp_policy_control; + /* Versions >= 7 */ + u32 rlp_wakeup_addr; + u32 reserved; + u32 num_of_sinit_mdrs; + u32 sinit_mdrs_table_offset; + u32 sinit_vtd_dmar_table_size; + u32 sinit_vtd_dmar_table_offset; + /* Versions >= 8 */ + u32 processor_scrtm_status; + /* Versions >= 9 */ + /* Ext Data Elements */ +} __packed; + +/* + * TXT data reporting structure for memory types + */ +struct txt_sinit_memory_descriptor_record { + u64 address; + u64 length; + u8 type; + u8 reserved[7]; +} __packed; + +/* + * TXT data structure used by a responsive local processor (RLP) to start + * execution in response to a GETSEC[WAKEUP]. + */ +struct smx_rlp_mle_join { + u32 rlp_gdt_limit; + u32 rlp_gdt_base; + u32 rlp_seg_sel; /* cs (ds, es, ss are seg_sel+8) */ + u32 rlp_entry_point; /* phys addr */ +} __packed; + +/* + * TPM event log structures defined in both the TXT specification and + * the TCG documentation. + */ +#define TPM12_EVTLOG_SIGNATURE "TXT Event Container" + +struct tpm12_event_log_header { + char signature[20]; + char reserved[12]; + u8 container_ver_major; + u8 container_ver_minor; + u8 pcr_event_ver_major; + u8 pcr_event_ver_minor; + u32 container_size; + u32 pcr_events_offset; + u32 next_event_offset; + /* PCREvents[] */ +} __packed; + +/* + * Functions to extract data from the Intel TXT Heap Memory. The layout + * of the heap is as follows: + * +----------------------------+ + * | Size Bios Data table (u64) | + * +----------------------------+ + * | Bios Data table | + * +----------------------------+ + * | Size OS MLE table (u64) | + * +----------------------------+ + * | OS MLE table | + * +--------------------------- + + * | Size OS SINIT table (u64) | + * +----------------------------+ + * | OS SINIT table | + * +----------------------------+ + * | Size SINIT MLE table (u64) | + * +----------------------------+ + * | SINIT MLE table | + * +----------------------------+ + * + * NOTE: the table size fields include the 8 byte size field itself. + */ +static inline u64 txt_bios_data_size(void *heap) +{ + return *((u64 *)heap); +} + +static inline void *txt_bios_data_start(void *heap) +{ + return heap + sizeof(u64); +} + +static inline u64 txt_os_mle_data_size(void *heap) +{ + return *((u64 *)(heap + txt_bios_data_size(heap))); +} + +static inline void *txt_os_mle_data_start(void *heap) +{ + return heap + txt_bios_data_size(heap) + sizeof(u64); +} + +static inline u64 txt_os_sinit_data_size(void *heap) +{ + return *((u64 *)(heap + txt_bios_data_size(heap) + + txt_os_mle_data_size(heap))); +} + +static inline void *txt_os_sinit_data_start(void *heap) +{ + return heap + txt_bios_data_size(heap) + + txt_os_mle_data_size(heap) + sizeof(u64); +} + +static inline u64 txt_sinit_mle_data_size(void *heap) +{ + return *((u64 *)(heap + txt_bios_data_size(heap) + + txt_os_mle_data_size(heap) + + txt_os_sinit_data_size(heap))); +} + +static inline void *txt_sinit_mle_data_start(void *heap) +{ + return heap + txt_bios_data_size(heap) + + txt_os_mle_data_size(heap) + + txt_os_sinit_data_size(heap) + sizeof(u64); +} + +/* + * TPM event logging functions. + */ +static inline struct txt_heap_event_log_pointer2_1_element* +tpm20_find_log2_1_element(struct txt_os_sinit_data *os_sinit_data) +{ + struct txt_heap_ext_data_element *ext_elem; + + /* The extended element array as at the end of this table */ + ext_elem = (struct txt_heap_ext_data_element *) + ((u8 *)os_sinit_data + sizeof(struct txt_os_sinit_data)); + + while (ext_elem->type != TXT_HEAP_EXTDATA_TYPE_END) { + if (ext_elem->type == + TXT_HEAP_EXTDATA_TYPE_EVENT_LOG_POINTER2_1) { + return (struct txt_heap_event_log_pointer2_1_element *) + ((u8 *)ext_elem + + sizeof(struct txt_heap_ext_data_element)); + } + ext_elem = + (struct txt_heap_ext_data_element *) + ((u8 *)ext_elem + ext_elem->size); + } + + return NULL; +} + +static inline int tpm12_log_event(void *evtlog_base, u32 evtlog_size, + u32 event_size, void *event) +{ + struct tpm12_event_log_header *evtlog = + (struct tpm12_event_log_header *)evtlog_base; + + if (memcmp(evtlog->signature, TPM12_EVTLOG_SIGNATURE, + sizeof(TPM12_EVTLOG_SIGNATURE))) + return -EINVAL; + + if (evtlog->container_size > evtlog_size) + return -EINVAL; + + if (evtlog->next_event_offset + event_size > evtlog->container_size) + return -E2BIG; + + memcpy(evtlog_base + evtlog->next_event_offset, event, event_size); + evtlog->next_event_offset += event_size; + + return 0; +} + +static inline int tpm20_log_event(struct txt_heap_event_log_pointer2_1_element *elem, + void *evtlog_base, u32 evtlog_size, + u32 event_size, void *event) +{ + struct tcg_pcr_event *header = + (struct tcg_pcr_event *)evtlog_base; + + /* Has to be at least big enough for the signature */ + if (header->event_size < sizeof(TCG_SPECID_SIG)) + return -EINVAL; + + if (memcmp((u8 *)header + sizeof(struct tcg_pcr_event), + TCG_SPECID_SIG, sizeof(TCG_SPECID_SIG))) + return -EINVAL; + + if (elem->allocated_event_container_size > evtlog_size) + return -EINVAL; + + if (elem->next_record_offset + event_size > + elem->allocated_event_container_size) + return -E2BIG; + + memcpy(evtlog_base + elem->next_record_offset, event, event_size); + elem->next_record_offset += event_size; + + return 0; +} + +/* + * External functions avalailable in mainline kernel. + */ +extern void slaunch_setup_txt(void); +extern u32 slaunch_get_flags(void); +extern struct sl_ap_wake_info *slaunch_get_ap_wake_info(void); +extern struct acpi_table_header *slaunch_get_dmar_table(struct acpi_table_header *dmar); +extern void __noreturn slaunch_txt_reset(void __iomem *txt, + const char *msg, u64 error); +extern void slaunch_finalize(int do_sexit); + +#endif /* !__ASSEMBLY */ + +#else + +#define slaunch_setup_txt() do { } while (0) +#define slaunch_get_flags() 0 +#define slaunch_get_dmar_table(d) (d) +#define slaunch_finalize(d) do { } while (0) + +#endif /* !IS_ENABLED(CONFIG_SECURE_LAUNCH) */ + +#endif /* _LINUX_SLAUNCH_H */