From: Sean Christopherson <seanjc@google.com>
To: Ross Philipson <ross.philipson@oracle.com>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org,
linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org,
linux-crypto@vger.kernel.org, iommu@lists.linux-foundation.org,
kexec@lists.infradead.org, linux-efi@vger.kernel.org,
dpsmith@apertussolutions.com, tglx@linutronix.de,
mingo@redhat.com, bp@alien8.de, hpa@zytor.com, ardb@kernel.org,
mjg59@srcf.ucam.org, James.Bottomley@hansenpartnership.com,
luto@amacapital.net, nivedita@alum.mit.edu,
kanth.ghatraju@oracle.com, trenchboot-devel@googlegroups.com
Subject: Re: [PATCH v7 10/13] kexec: Secure Launch kexec SEXIT support
Date: Fri, 10 Nov 2023 15:41:45 -0800 [thread overview]
Message-ID: <ZU6_uUe45qAx52mI@google.com> (raw)
In-Reply-To: <20231110222751.219836-11-ross.philipson@oracle.com>
On Fri, Nov 10, 2023, Ross Philipson wrote:
> Prior to running the next kernel via kexec, the Secure Launch code
> closes down private SMX resources and does an SEXIT. This allows the
> next kernel to start normally without any issues starting the APs etc.
>
> Signed-off-by: Ross Philipson <ross.philipson@oracle.com>
> ---
> arch/x86/kernel/slaunch.c | 73 +++++++++++++++++++++++++++++++++++++++
> kernel/kexec_core.c | 4 +++
> 2 files changed, 77 insertions(+)
>
> diff --git a/arch/x86/kernel/slaunch.c b/arch/x86/kernel/slaunch.c
> index cd5aa34e395c..32b0c24a6484 100644
> --- a/arch/x86/kernel/slaunch.c
> +++ b/arch/x86/kernel/slaunch.c
> @@ -523,3 +523,76 @@ void __init slaunch_setup_txt(void)
>
> pr_info("Intel TXT setup complete\n");
> }
> +
> +static inline void smx_getsec_sexit(void)
> +{
> + asm volatile (".byte 0x0f,0x37\n"
> + : : "a" (SMX_X86_GETSEC_SEXIT));
SMX has been around for what, two decades? Is open coding getsec actually necessary?
> + /* Disable SMX mode */
Heh, the code and the comment don't really agree. I'm guessing the intent of the
comment is referring to leaving the measured environment, but it looks odd. If
manually setting SMXE is necessary, I'd just delete this comment, or maybe move
it to above SEXIT.
> + cr4_set_bits(X86_CR4_SMXE);
Is it actually legal to clear CR4.SMXE while post-SENTER? I don't see anything
in the SDM that says it's illegal, but allowing software to clear SMXE in that
case seems all kinds of odd.
> +
> + /* Do the SEXIT SMX operation */
> + smx_getsec_sexit();
> +
> + pr_info("TXT SEXIT complete.\n");
> +}
next prev parent reply other threads:[~2023-11-10 23:41 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-10 22:27 [PATCH v7 00/13] x86: Trenchboot secure dynamic launch Linux kernel support Ross Philipson
2023-11-10 22:27 ` [PATCH v7 01/13] x86/boot: Place kernel_info at a fixed offset Ross Philipson
2023-11-10 22:27 ` [PATCH v7 02/13] Documentation/x86: Secure Launch kernel documentation Ross Philipson
2023-11-12 18:07 ` Alyssa Ross
2023-11-16 17:55 ` ross.philipson
2024-01-31 19:40 ` Daniel P. Smith
2023-11-10 22:27 ` [PATCH v7 03/13] x86: Secure Launch Kconfig Ross Philipson
2023-11-10 22:27 ` [PATCH v7 04/13] x86: Secure Launch Resource Table header file Ross Philipson
2023-11-10 22:27 ` [PATCH v7 05/13] x86: Secure Launch main " Ross Philipson
2023-11-10 22:27 ` [PATCH v7 06/13] x86: Add early SHA support for Secure Launch early measurements Ross Philipson
2023-11-11 17:44 ` Eric Biggers
2023-11-11 18:19 ` Andrew Cooper
2023-11-11 20:36 ` James Bottomley
2023-11-13 23:21 ` Andrew Cooper
2023-11-10 22:27 ` [PATCH v7 07/13] x86: Secure Launch kernel early boot stub Ross Philipson
2023-11-10 22:27 ` [PATCH v7 08/13] x86: Secure Launch kernel late " Ross Philipson
2023-11-10 22:27 ` [PATCH v7 09/13] x86: Secure Launch SMP bringup support Ross Philipson
2023-11-11 10:41 ` kernel test robot
2023-11-10 22:27 ` [PATCH v7 10/13] kexec: Secure Launch kexec SEXIT support Ross Philipson
2023-11-10 23:41 ` Sean Christopherson [this message]
2023-11-16 0:50 ` ross.philipson
2023-11-10 22:27 ` [PATCH v7 11/13] reboot: Secure Launch SEXIT support on reboot paths Ross Philipson
2023-11-10 22:27 ` [PATCH v7 12/13] x86: Secure Launch late initcall platform module Ross Philipson
2023-11-10 22:27 ` [PATCH v7 13/13] tpm: Allow locality 2 to be set when initializing the TPM for Secure Launch Ross Philipson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZU6_uUe45qAx52mI@google.com \
--to=seanjc@google.com \
--cc=James.Bottomley@hansenpartnership.com \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=dpsmith@apertussolutions.com \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux-foundation.org \
--cc=kanth.ghatraju@oracle.com \
--cc=kexec@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mingo@redhat.com \
--cc=mjg59@srcf.ucam.org \
--cc=nivedita@alum.mit.edu \
--cc=ross.philipson@oracle.com \
--cc=tglx@linutronix.de \
--cc=trenchboot-devel@googlegroups.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).