From: Ross Philipson <ross.philipson@gmail.com>
To: linux-kernel@vger.kernel.org, x86@kernel.org,
linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org,
linux-crypto@vger.kernel.org, kexec@lists.infradead.org,
linux-efi@vger.kernel.org, iommu@lists.linux.dev
Cc: ross.philipson@gmail.com, dpsmith@apertussolutions.com,
tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
hpa@zytor.com, dave.hansen@linux.intel.com, ardb@kernel.org,
mjg59@srcf.ucam.org, James.Bottomley@hansenpartnership.com,
peterhuewe@gmx.de, jarkko@kernel.org, jgg@ziepe.ca,
luto@amacapital.net, nivedita@alum.mit.edu,
herbert@gondor.apana.org.au, davem@davemloft.net, corbet@lwn.net,
ebiederm@xmission.com, dwmw2@infradead.org,
baolu.lu@linux.intel.com, kanth.ghatraju@oracle.com,
daniel.kiper@oracle.com, andrew.cooper3@citrix.com,
trenchboot-devel@googlegroups.com
Subject: [PATCH v16 37/38] x86/efistub: EFI stub DRTM support for Secure Launch
Date: Fri, 15 May 2026 14:14:09 -0700 [thread overview]
Message-ID: <20260515211410.31440-38-ross.philipson@gmail.com> (raw)
In-Reply-To: <20260515211410.31440-1-ross.philipson@gmail.com>
From: Ard Biesheuvel <ardb@kernel.org>
Invoke the Secure Launch protocol exposed by the boot loader at the
appropriate time to perform a measured launch of the decompressed
kernel after ExitBootServices().
Co-developed-by: Ross Philipson <ross.philipson@gmail.com>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Ross Philipson <ross.philipson@gmail.com>
---
drivers/firmware/efi/libstub/Makefile | 1 +
drivers/firmware/efi/libstub/efistub.h | 24 ++++++++++++++
drivers/firmware/efi/libstub/x86-slaunch.c | 38 ++++++++++++++++++++++
drivers/firmware/efi/libstub/x86-stub.c | 27 ++++++++++++---
4 files changed, 86 insertions(+), 4 deletions(-)
create mode 100644 drivers/firmware/efi/libstub/x86-slaunch.c
diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
index e386ffd009b7..fd5eaf3142b2 100644
--- a/drivers/firmware/efi/libstub/Makefile
+++ b/drivers/firmware/efi/libstub/Makefile
@@ -86,6 +86,7 @@ lib-$(CONFIG_ARM) += arm32-stub.o
lib-$(CONFIG_ARM64) += kaslr.o arm64.o arm64-stub.o smbios.o
lib-$(CONFIG_X86) += x86-stub.o smbios.o
lib-$(CONFIG_X86_64) += x86-5lvl.o
+lib-$(CONFIG_SECURE_LAUNCH) += x86-slaunch.o
lib-$(CONFIG_RISCV) += kaslr.o riscv.o riscv-stub.o
lib-$(CONFIG_LOONGARCH) += loongarch.o loongarch-stub.o
diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h
index 979a21818cc1..18301ba3ae0f 100644
--- a/drivers/firmware/efi/libstub/efistub.h
+++ b/drivers/firmware/efi/libstub/efistub.h
@@ -1267,4 +1267,28 @@ void arch_accept_memory(phys_addr_t start, phys_addr_t end);
efi_status_t efi_zboot_decompress_init(unsigned long *alloc_size);
efi_status_t efi_zboot_decompress(u8 *out, unsigned long outlen);
+#ifdef CONFIG_SECURE_LAUNCH
+efi_status_t efi_secure_launch_init(efi_handle_t image_handle);
+efi_status_t efi_secure_launch_prepare(struct boot_params *boot_params,
+ phys_addr_t base);
+void efi_secure_launch(void);
+#else
+static inline
+efi_status_t efi_secure_launch_init(efi_handle_t image_handle)
+{
+ return EFI_UNSUPPORTED;
+}
+
+static inline
+efi_status_t efi_secure_launch_prepare(struct boot_params *boot_params,
+ phys_addr_t base)
+{
+ return EFI_SUCCESS;
+}
+
+static inline void efi_secure_launch(void)
+{
+}
+#endif
+
#endif
diff --git a/drivers/firmware/efi/libstub/x86-slaunch.c b/drivers/firmware/efi/libstub/x86-slaunch.c
new file mode 100644
index 000000000000..98ff15f94996
--- /dev/null
+++ b/drivers/firmware/efi/libstub/x86-slaunch.c
@@ -0,0 +1,38 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+#include <linux/efi.h>
+#include <linux/pci.h>
+#include <linux/stddef.h>
+#include <linux/slr_efi.h>
+#include <linux/slaunch.h>
+
+#include <asm/boot.h>
+#include <asm/bootparam.h>
+#include <asm/efi.h>
+
+#include "efistub.h"
+
+static struct efi_slaunch_protocol *slaunch;
+
+efi_status_t efi_secure_launch_init(efi_handle_t image_handle)
+{
+ return efi_bs_call(handle_protocol, image_handle,
+ &EFI_SLAUNCH_PROTOCOL_GUID, (void **)&slaunch);
+}
+
+efi_status_t efi_secure_launch_prepare(struct boot_params *boot_params,
+ phys_addr_t base)
+{
+ if (!slaunch)
+ return EFI_SUCCESS;
+
+ return slaunch->setup_dlme(slaunch, base, mle_header_offset, (u64)boot_params);
+}
+
+void efi_secure_launch(void)
+{
+ if (!slaunch)
+ return;
+
+ slaunch->launch(slaunch);
+}
diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c
index cef32e2c82d8..339e63ae84ef 100644
--- a/drivers/firmware/efi/libstub/x86-stub.c
+++ b/drivers/firmware/efi/libstub/x86-stub.c
@@ -833,7 +833,8 @@ static efi_status_t parse_options(const char *cmdline)
}
static efi_status_t efi_decompress_kernel(unsigned long *kernel_entry,
- struct boot_params *boot_params)
+ struct boot_params *boot_params,
+ unsigned long alloc_limit)
{
unsigned long virt_addr = LOAD_PHYSICAL_ADDR;
unsigned long addr, alloc_size, entry;
@@ -877,8 +878,7 @@ static efi_status_t efi_decompress_kernel(unsigned long *kernel_entry,
status = efi_random_alloc(alloc_size, CONFIG_PHYSICAL_ALIGN, &addr,
seed[0], EFI_LOADER_CODE,
- LOAD_PHYSICAL_ADDR,
- EFI_X86_KERNEL_ALLOC_LIMIT);
+ LOAD_PHYSICAL_ADDR, alloc_limit);
if (status != EFI_SUCCESS)
return status;
@@ -890,6 +890,10 @@ static efi_status_t efi_decompress_kernel(unsigned long *kernel_entry,
*kernel_entry = addr + entry;
+ status = efi_secure_launch_prepare(boot_params, addr);
+ if (status != EFI_SUCCESS)
+ return status;
+
return efi_adjust_memory_range_protection(addr, kernel_text_size) ?:
efi_adjust_memory_range_protection(addr + kernel_inittext_offset,
kernel_inittext_size);
@@ -914,6 +918,7 @@ void __noreturn efi_stub_entry(efi_handle_t handle,
struct boot_params *boot_params)
{
+ unsigned long alloc_limit = EFI_X86_KERNEL_ALLOC_LIMIT;
efi_guid_t guid = EFI_MEMORY_ATTRIBUTE_PROTOCOL_GUID;
const struct linux_efi_initrd *initrd = NULL;
unsigned long kernel_entry;
@@ -925,6 +930,17 @@ void __noreturn efi_stub_entry(efi_handle_t handle,
if (efi_system_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE)
efi_exit(handle, EFI_INVALID_PARAMETER);
+ status = efi_secure_launch_init(handle);
+ switch (status) {
+ case EFI_SUCCESS:
+ alloc_limit = U32_MAX;
+ break;
+ case EFI_UNSUPPORTED:
+ break;
+ default:
+ efi_exit(handle, status);
+ }
+
if (!IS_ENABLED(CONFIG_EFI_HANDOVER_PROTOCOL) || !boot_params) {
status = efi_allocate_bootparams(handle, &boot_params);
if (status != EFI_SUCCESS)
@@ -974,7 +990,7 @@ void __noreturn efi_stub_entry(efi_handle_t handle,
if (efi_mem_encrypt > 0)
hdr->xloadflags |= XLF_MEM_ENCRYPTION;
- status = efi_decompress_kernel(&kernel_entry, boot_params);
+ status = efi_decompress_kernel(&kernel_entry, boot_params, alloc_limit);
if (status != EFI_SUCCESS) {
efi_err("Failed to decompress kernel\n");
goto fail;
@@ -1029,6 +1045,9 @@ void __noreturn efi_stub_entry(efi_handle_t handle,
goto fail;
}
+ /* If a Secure Launch is in progress, this never returns */
+ efi_secure_launch();
+
/*
* Call the SEV init code while still running with the firmware's
* GDT/IDT, so #VC exceptions will be handled by EFI.
--
2.47.3
next prev parent reply other threads:[~2026-05-15 21:15 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-15 21:13 [PATCH v16 00/38] x86: Secure Launch support for Intel TXT Ross Philipson
2026-05-15 21:13 ` [PATCH v16 01/38] tpm: Initial step to reorganize TPM public headers Ross Philipson
2026-05-15 23:03 ` Jarkko Sakkinen
2026-05-15 23:05 ` Jason Gunthorpe
2026-05-15 23:10 ` Dave Hansen
2026-05-15 23:51 ` Jarkko Sakkinen
2026-05-15 21:13 ` [PATCH v16 02/38] tpm: Move TPM1 specific definitions to the command header Ross Philipson
2026-05-15 23:14 ` Jarkko Sakkinen
2026-05-15 21:13 ` [PATCH v16 03/38] tpm: Move TPM2 " Ross Philipson
2026-05-15 23:15 ` Jarkko Sakkinen
2026-05-15 21:13 ` [PATCH v16 04/38] tpm: Move TPM common base " Ross Philipson
2026-05-15 23:22 ` Jarkko Sakkinen
2026-05-15 21:13 ` [PATCH v16 05/38] tpm: Move platform specific definitions to the new PTP header Ross Philipson
2026-05-15 21:13 ` [PATCH v16 06/38] tpm: Remove main TPM header from TPM event log header Ross Philipson
2026-05-15 21:13 ` [PATCH v16 07/38] tpm-buf: Merge TPM_BUF_BOUNDARY_ERROR and TPM_BUF_OVERFLOW Ross Philipson
2026-05-15 21:13 ` [PATCH v16 08/38] tpm-buf: Remove chip parameter from tpm_buf_append_handle() Ross Philipson
2026-05-15 21:13 ` [PATCH v16 09/38] tpm-buf: Implement managed allocations Ross Philipson
2026-05-15 21:13 ` [PATCH v16 10/38] tpm-buf: Add TPM buffer support header for standalone reuse Ross Philipson
2026-05-15 21:13 ` [PATCH v16 11/38] tpm/tpm_tis: Close all localities Ross Philipson
2026-05-15 21:13 ` [PATCH v16 12/38] tpm/tpm_tis: Address positive localities in tpm_tis_request_locality() Ross Philipson
2026-05-15 21:13 ` [PATCH v16 13/38] tpm/tpm_tis: Allow locality to be set to a different value Ross Philipson
2026-05-15 21:13 ` [PATCH v16 14/38] tpm/sysfs: Show locality used by kernel Ross Philipson
2026-05-15 21:13 ` [PATCH v16 15/38] Documentation/security: Secure Launch kernel documentation Ross Philipson
2026-05-15 22:02 ` Randy Dunlap
2026-05-15 21:13 ` [PATCH v16 16/38] x86: Secure Launch Kconfig Ross Philipson
2026-05-15 21:13 ` [PATCH v16 17/38] x86: Secure Launch Resource Table header file Ross Philipson
2026-05-15 21:13 ` [PATCH v16 18/38] x86/efi: Secure Launch Resource Table EFI definitions " Ross Philipson
2026-05-15 21:13 ` [PATCH v16 19/38] x86: Secure Launch main " Ross Philipson
2026-05-15 21:13 ` [PATCH v16 20/38] x86/txt: Intel Trusted eXecution Technology (TXT) definitions Ross Philipson
2026-05-15 21:13 ` [PATCH v16 21/38] lib/crypto: Add SHA1 support for pre-boot environments Ross Philipson
2026-05-15 21:13 ` [PATCH v16 22/38] lib/crypto: Add SHA512 " Ross Philipson
2026-05-15 21:13 ` [PATCH v16 23/38] x86: Allow WARN_trap() macro to be included in " Ross Philipson
2026-05-15 21:13 ` [PATCH v16 24/38] x86/msr: Add variable MTRR base/mask and x2apic ID registers Ross Philipson
2026-05-15 21:13 ` [PATCH v16 25/38] x86/boot: Slight refactor of the 5 level paging logic Ross Philipson
2026-05-15 21:13 ` [PATCH v16 26/38] x86: Add early SHA-1 support for Secure Launch early measurements Ross Philipson
2026-05-15 21:13 ` [PATCH v16 27/38] x86: Add early SHA-256 " Ross Philipson
2026-05-15 21:14 ` [PATCH v16 28/38] x86: Add early SHA-384/512 " Ross Philipson
2026-05-15 21:14 ` [PATCH v16 29/38] x86/tpm: Early startup TPM PCR extending driver Ross Philipson
2026-05-15 22:32 ` Dave Hansen
2026-05-15 21:14 ` [PATCH v16 30/38] x86/slaunch: Add MLE header and Secure Launch entrypoint to the core kernel Ross Philipson
2026-05-15 21:14 ` [PATCH v16 31/38] x86/slaunch: Secure Launch kernel early boot initialization Ross Philipson
2026-05-15 21:14 ` [PATCH v16 32/38] x86/slaunch: Secure Launch kernel late " Ross Philipson
2026-05-15 21:14 ` [PATCH v16 33/38] x86/slaunch: Secure Launch SMP bringup support Ross Philipson
2026-05-15 21:14 ` [PATCH v16 34/38] kexec/slaunch: Secure Launch kexec SEXIT support Ross Philipson
2026-05-15 21:14 ` [PATCH v16 35/38] reboot/slaunch: Secure Launch SEXIT support on reboot paths Ross Philipson
2026-05-15 21:14 ` [PATCH v16 36/38] x86/slaunch: Secure Launch late initcall platform module Ross Philipson
2026-05-15 21:14 ` Ross Philipson [this message]
2026-05-15 21:14 ` [PATCH v16 38/38] x86/boot: Legacy boot DRTM support for Secure Launch Ross Philipson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260515211410.31440-38-ross.philipson@gmail.com \
--to=ross.philipson@gmail.com \
--cc=James.Bottomley@hansenpartnership.com \
--cc=andrew.cooper3@citrix.com \
--cc=ardb@kernel.org \
--cc=baolu.lu@linux.intel.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=daniel.kiper@oracle.com \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=dpsmith@apertussolutions.com \
--cc=dwmw2@infradead.org \
--cc=ebiederm@xmission.com \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux.dev \
--cc=jarkko@kernel.org \
--cc=jgg@ziepe.ca \
--cc=kanth.ghatraju@oracle.com \
--cc=kexec@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mingo@redhat.com \
--cc=mjg59@srcf.ucam.org \
--cc=nivedita@alum.mit.edu \
--cc=peterhuewe@gmx.de \
--cc=tglx@linutronix.de \
--cc=trenchboot-devel@googlegroups.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.