From: "Daniel P. Smith" <dpsmith@apertussolutions.com>
To: Matthew Garrett <mjg59@srcf.ucam.org>,
Ross Philipson <ross.philipson@oracle.com>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org,
linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org,
linux-crypto@vger.kernel.org, iommu@lists.linux-foundation.org,
kexec@lists.infradead.org, linux-efi@vger.kernel.org,
tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
hpa@zytor.com, ardb@kernel.org,
James.Bottomley@hansenpartnership.com, luto@amacapital.net,
nivedita@alum.mit.edu, kanth.ghatraju@oracle.com,
trenchboot-devel@googlegroups.com
Subject: Re: [PATCH v6 02/14] Documentation/x86: Secure Launch kernel documentation
Date: Fri, 16 Jun 2023 12:44:27 -0400 [thread overview]
Message-ID: <e7dcb85b-25bb-8d5a-3758-e4243bc6ffec@apertussolutions.com> (raw)
In-Reply-To: <20230512104753.GA14461@srcf.ucam.org>
On 5/12/23 06:47, Matthew Garrett wrote:
> On Thu, May 04, 2023 at 02:50:11PM +0000, Ross Philipson wrote:
>> +Secure Launch does not interoperate with KASLR. If possible, the MLE should be
>> +built with KASLR disabled::
>
> Why does Secure Launch not interoperate with KASLR?
>
> Re: IOMMUs
Until the IOMMU driver comes online, memory is protected by the PMRs
regions requested by the Preamble (pre-launch code) in accordance with
Intel TXT specifications and configured by the ACM. The KASLR randomizer
will run before the IOMMU driver is able to come online and ensure
frames used by the kernel are protected as well as frames that a driver
may registered in a BAR are not blocked.
>> +It is recommended that no other command line options should be set to override
>> +the defaults above.
>
> What happens if they are? Does doing so change the security posture of
> the system? If so, will the measurements be different in a way that
> demonstrates the system is in an insecure state?
>
In an early version of the patch series this was enforced when turning
on Secure Launch, but concerns were raised over this approach and was
asked to allow the user to be able to shoot themselves in the foot.
Overriding these values could render either an insecure state and/or an
unstable system.
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
next prev parent reply other threads:[~2023-06-16 16:45 UTC|newest]
Thread overview: 100+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-04 14:50 [PATCH v6 00/14] x86: Trenchboot secure dynamic launch Linux kernel support Ross Philipson
2023-05-04 14:50 ` [PATCH v6 01/14] x86/boot: Place kernel_info at a fixed offset Ross Philipson
2023-05-04 14:50 ` [PATCH v6 02/14] Documentation/x86: Secure Launch kernel documentation Ross Philipson
2023-05-05 16:19 ` Simon Horman
2023-05-05 17:32 ` Ross Philipson
2023-05-06 8:48 ` Bagas Sanjaya
2023-05-10 15:41 ` Ross Philipson
2023-05-12 10:47 ` Matthew Garrett
2023-06-16 16:44 ` Daniel P. Smith [this message]
2023-06-16 16:54 ` Matthew Garrett
2023-06-16 18:21 ` Daniel P. Smith
2023-05-12 13:19 ` Thomas Gleixner
2023-05-04 14:50 ` [PATCH v6 03/14] x86: Secure Launch Kconfig Ross Philipson
2023-05-04 14:50 ` [PATCH v6 04/14] x86: Secure Launch Resource Table header file Ross Philipson
2023-05-05 16:22 ` Simon Horman
2023-05-05 17:34 ` Ross Philipson
2023-05-10 23:04 ` Jarkko Sakkinen
2023-05-15 20:58 ` Daniel P. Smith
2023-05-12 10:55 ` Matthew Garrett
2023-05-15 21:15 ` Daniel P. Smith
2023-05-15 21:22 ` Matthew Garrett
2023-05-16 0:41 ` Daniel P. Smith
2023-05-16 1:43 ` Matthew Garrett
2023-06-16 20:01 ` Daniel P. Smith
2023-06-16 20:15 ` Matthew Garrett
2023-07-07 19:31 ` Daniel P. Smith
2023-05-04 14:50 ` [PATCH v6 05/14] x86: Secure Launch main " Ross Philipson
2023-05-05 16:25 ` Simon Horman
2023-05-05 17:37 ` Ross Philipson
2023-05-12 11:00 ` Matthew Garrett
2023-05-12 16:10 ` Ross Philipson
2023-10-31 21:37 ` ross.philipson
2023-05-04 14:50 ` [PATCH v6 06/14] x86: Add early SHA support for Secure Launch early measurements Ross Philipson
2023-05-05 16:34 ` Simon Horman
2023-05-09 16:09 ` Daniel P. Smith
2023-05-10 1:21 ` Eric Biggers
2023-05-10 22:28 ` Jarkko Sakkinen
2023-05-12 11:04 ` Matthew Garrett
2023-05-12 11:18 ` Ard Biesheuvel
2023-05-12 11:28 ` Matthew Garrett
2023-05-12 11:58 ` Ard Biesheuvel
2023-05-12 12:24 ` Andrew Cooper
2023-05-14 18:18 ` Eric Biggers
2023-05-14 19:11 ` Matthew Garrett
2023-05-12 13:24 ` Thomas Gleixner
2023-05-12 16:13 ` Matthew Garrett
2023-05-12 18:17 ` Thomas Gleixner
2023-05-12 19:12 ` Matthew Garrett
2023-05-12 19:42 ` Andrew Cooper
2023-05-15 21:23 ` Daniel P. Smith
2023-05-11 3:33 ` Herbert Xu
2023-05-16 0:50 ` Daniel P. Smith
2023-05-04 14:50 ` [PATCH v6 07/14] x86: Secure Launch kernel early boot stub Ross Philipson
2023-05-05 17:47 ` Simon Horman
2023-05-05 18:58 ` Ross Philipson
2023-05-05 19:46 ` Simon Horman
2023-05-12 11:26 ` Matthew Garrett
2023-05-12 16:17 ` Ross Philipson
2023-05-12 16:27 ` Matthew Garrett
2023-05-16 1:11 ` Daniel P. Smith
2023-05-16 1:45 ` Matthew Garrett
2023-06-15 18:00 ` Ross Philipson
2023-05-12 18:04 ` Thomas Gleixner
2023-05-15 20:13 ` Ross Philipson
2023-09-20 21:40 ` ross.philipson
2023-05-04 14:50 ` [PATCH v6 08/14] x86: Secure Launch kernel late " Ross Philipson
2023-05-05 17:52 ` Simon Horman
2023-05-05 18:59 ` Ross Philipson
2023-05-10 23:02 ` Jarkko Sakkinen
2023-05-12 15:58 ` Ross Philipson
2023-05-24 2:55 ` Jarkko Sakkinen
2023-05-12 15:44 ` Thomas Gleixner
2023-05-15 20:06 ` Ross Philipson
2023-05-04 14:50 ` [PATCH v6 09/14] x86: Secure Launch SMP bringup support Ross Philipson
2023-05-05 17:54 ` Simon Horman
2023-05-05 18:59 ` Ross Philipson
2023-05-10 22:55 ` Jarkko Sakkinen
2023-05-11 16:21 ` Ross Philipson
2023-05-12 18:02 ` Thomas Gleixner
2023-05-15 20:19 ` Ross Philipson
2023-05-04 14:50 ` [PATCH v6 10/14] kexec: Secure Launch kexec SEXIT support Ross Philipson
2023-05-04 14:50 ` [PATCH v6 11/14] reboot: Secure Launch SEXIT support on reboot paths Ross Philipson
2023-05-12 11:40 ` Matthew Garrett
2023-05-15 18:16 ` Ross Philipson
2023-05-16 1:23 ` Daniel P. Smith
2023-05-04 14:50 ` [PATCH v6 12/14] x86: Secure Launch late initcall platform module Ross Philipson
2023-05-05 19:42 ` Simon Horman
2023-05-08 15:07 ` Ross Philipson
2023-05-10 22:39 ` Jarkko Sakkinen
2023-05-12 15:53 ` Ross Philipson
2023-05-10 22:40 ` Jarkko Sakkinen
2023-05-12 15:54 ` Ross Philipson
2023-05-04 14:50 ` [PATCH v6 13/14] tpm: Allow locality 2 to be set when initializing the TPM for Secure Launch Ross Philipson
2023-05-12 11:43 ` Matthew Garrett
2023-05-12 16:22 ` Ross Philipson
2023-05-16 1:37 ` Daniel P. Smith
2023-05-04 14:50 ` [PATCH v6 14/14] x86: EFI stub DRTM launch support " Ross Philipson
2023-05-05 8:39 ` [PATCH v6 00/14] x86: Trenchboot secure dynamic launch Linux kernel support Bagas Sanjaya
2023-05-05 15:45 ` Ross Philipson
2023-05-06 7:56 ` Bagas Sanjaya
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e7dcb85b-25bb-8d5a-3758-e4243bc6ffec@apertussolutions.com \
--to=dpsmith@apertussolutions.com \
--cc=James.Bottomley@hansenpartnership.com \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux-foundation.org \
--cc=kanth.ghatraju@oracle.com \
--cc=kexec@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mingo@redhat.com \
--cc=mjg59@srcf.ucam.org \
--cc=nivedita@alum.mit.edu \
--cc=ross.philipson@oracle.com \
--cc=tglx@linutronix.de \
--cc=trenchboot-devel@googlegroups.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox