From: ross.philipson@oracle.com
To: Ard Biesheuvel <ardb@kernel.org>, kernel test robot <lkp@intel.com>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org,
linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org,
linux-crypto@vger.kernel.org, kexec@lists.infradead.org,
linux-efi@vger.kernel.org, iommu@lists.linux-foundation.org,
oe-kbuild-all@lists.linux.dev, dpsmith@apertussolutions.com,
tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
hpa@zytor.com, dave.hansen@linux.intel.com, mjg59@srcf.ucam.org,
James.Bottomley@hansenpartnership.com, peterhuewe@gmx.de,
jarkko@kernel.org, jgg@ziepe.ca, luto@amacapital.net,
nivedita@alum.mit.edu, herbert@gondor.apana.org.au,
davem@davemloft.net, corbet@lwn.net, ebiederm@xmission.com,
dwmw2@infradead.org, baolu.lu@linux.intel.com,
kanth.ghatraju@oracle.com
Subject: Re: [PATCH v10 20/20] x86/efi: EFI stub DRTM launch support for Secure Launch
Date: Wed, 28 Aug 2024 13:19:16 -0700 [thread overview]
Message-ID: <6b214ad2-d448-4f5f-85e9-93cd38e0e035@oracle.com> (raw)
In-Reply-To: <CAMj1kXGVn85ht_srwhYXDnKffPFX=B2+Cnv-8EAocwoHi__OoQ@mail.gmail.com>
On 8/28/24 10:14 AM, Ard Biesheuvel wrote:
> On Wed, 28 Aug 2024 at 19:09, kernel test robot <lkp@intel.com> wrote:
>>
>> Hi Ross,
>>
>> kernel test robot noticed the following build warnings:
>>
>> [auto build test WARNING on tip/x86/core]
>> [also build test WARNING on char-misc/char-misc-testing char-misc/char-misc-next char-misc/char-misc-linus herbert-cryptodev-2.6/master efi/next linus/master v6.11-rc5]
>> [cannot apply to herbert-crypto-2.6/master next-20240828]
>> [If your patch is applied to the wrong git tree, kindly drop us a note.
>> And when submitting patch, we suggest to use '--base' as documented in
>> https://urldefense.com/v3/__https://git-scm.com/docs/git-format-patch*_base_tree_information__;Iw!!ACWV5N9M2RV99hQ!KhkZK77BXRIR4F24tKkUeIlIrdqXtUW2vcnDV74c_5BmrQBQaQ4FqcDKKv9LB3HQUocTGkrmIxuz-LAC$ ]
>>
>> url: https://urldefense.com/v3/__https://github.com/intel-lab-lkp/linux/commits/Ross-Philipson/Documentation-x86-Secure-Launch-kernel-documentation/20240827-065225__;!!ACWV5N9M2RV99hQ!KhkZK77BXRIR4F24tKkUeIlIrdqXtUW2vcnDV74c_5BmrQBQaQ4FqcDKKv9LB3HQUocTGkrmI7Z6SQKy$
>> base: tip/x86/core
>> patch link: https://urldefense.com/v3/__https://lore.kernel.org/r/20240826223835.3928819-21-ross.philipson*40oracle.com__;JQ!!ACWV5N9M2RV99hQ!KhkZK77BXRIR4F24tKkUeIlIrdqXtUW2vcnDV74c_5BmrQBQaQ4FqcDKKv9LB3HQUocTGkrmIzWfs1XZ$
>> patch subject: [PATCH v10 20/20] x86/efi: EFI stub DRTM launch support for Secure Launch
>> config: i386-randconfig-062-20240828 (https://urldefense.com/v3/__https://download.01.org/0day-ci/archive/20240829/202408290030.FEbUhHbr-lkp@intel.com/config__;!!ACWV5N9M2RV99hQ!KhkZK77BXRIR4F24tKkUeIlIrdqXtUW2vcnDV74c_5BmrQBQaQ4FqcDKKv9LB3HQUocTGkrmIwkYG0TY$ )
>
>
> This is a i386 32-bit build, which makes no sense: this stuff should
> just declare 'depends on 64BIT'
Our config entry already has 'depends on X86_64' which in turn depends
on 64BIT. I would think that would be enough. Do you think it needs an
explicit 'depends on 64BIT' in our entry as well?
Thanks
Ross
>
>
>> compiler: clang version 18.1.5 (https://urldefense.com/v3/__https://github.com/llvm/llvm-project__;!!ACWV5N9M2RV99hQ!KhkZK77BXRIR4F24tKkUeIlIrdqXtUW2vcnDV74c_5BmrQBQaQ4FqcDKKv9LB3HQUocTGkrmI2SDLdTN$ 617a15a9eac96088ae5e9134248d8236e34b91b1)
>> reproduce (this is a W=1 build): (https://urldefense.com/v3/__https://download.01.org/0day-ci/archive/20240829/202408290030.FEbUhHbr-lkp@intel.com/reproduce__;!!ACWV5N9M2RV99hQ!KhkZK77BXRIR4F24tKkUeIlIrdqXtUW2vcnDV74c_5BmrQBQaQ4FqcDKKv9LB3HQUocTGkrmI5MJDdIG$ )
>>
>> If you fix the issue in a separate patch/commit (i.e. not just a new version of
>> the same patch/commit), kindly add following tags
>> | Reported-by: kernel test robot <lkp@intel.com>
>> | Closes: https://urldefense.com/v3/__https://lore.kernel.org/oe-kbuild-all/202408290030.FEbUhHbr-lkp@intel.com/__;!!ACWV5N9M2RV99hQ!KhkZK77BXRIR4F24tKkUeIlIrdqXtUW2vcnDV74c_5BmrQBQaQ4FqcDKKv9LB3HQUocTGkrmI-MitiqR$
>>
>> sparse warnings: (new ones prefixed by >>)
>>>> drivers/firmware/efi/libstub/x86-stub.c:945:41: sparse: sparse: non size-preserving pointer to integer cast
>> drivers/firmware/efi/libstub/x86-stub.c:953:65: sparse: sparse: non size-preserving pointer to integer cast
>>>> drivers/firmware/efi/libstub/x86-stub.c:980:70: sparse: sparse: non size-preserving integer to pointer cast
>> drivers/firmware/efi/libstub/x86-stub.c:1014:45: sparse: sparse: non size-preserving integer to pointer cast
>>
>> vim +945 drivers/firmware/efi/libstub/x86-stub.c
>>
>> 927
>> 928 static bool efi_secure_launch_update_boot_params(struct slr_table *slrt,
>> 929 struct boot_params *boot_params)
>> 930 {
>> 931 struct slr_entry_intel_info *txt_info;
>> 932 struct slr_entry_policy *policy;
>> 933 struct txt_os_mle_data *os_mle;
>> 934 bool updated = false;
>> 935 int i;
>> 936
>> 937 txt_info = slr_next_entry_by_tag(slrt, NULL, SLR_ENTRY_INTEL_INFO);
>> 938 if (!txt_info)
>> 939 return false;
>> 940
>> 941 os_mle = txt_os_mle_data_start((void *)txt_info->txt_heap);
>> 942 if (!os_mle)
>> 943 return false;
>> 944
>> > 945 os_mle->boot_params_addr = (u64)boot_params;
>> 946
>> 947 policy = slr_next_entry_by_tag(slrt, NULL, SLR_ENTRY_ENTRY_POLICY);
>> 948 if (!policy)
>> 949 return false;
>> 950
>> 951 for (i = 0; i < policy->nr_entries; i++) {
>> 952 if (policy->policy_entries[i].entity_type == SLR_ET_BOOT_PARAMS) {
>> 953 policy->policy_entries[i].entity = (u64)boot_params;
>> 954 updated = true;
>> 955 break;
>> 956 }
>> 957 }
>> 958
>> 959 /*
>> 960 * If this is a PE entry into EFI stub the mocked up boot params will
>> 961 * be missing some of the setup header data needed for the second stage
>> 962 * of the Secure Launch boot.
>> 963 */
>> 964 if (image) {
>> 965 struct setup_header *hdr = (struct setup_header *)((u8 *)image->image_base +
>> 966 offsetof(struct boot_params, hdr));
>> 967 u64 cmdline_ptr;
>> 968
>> 969 boot_params->hdr.setup_sects = hdr->setup_sects;
>> 970 boot_params->hdr.syssize = hdr->syssize;
>> 971 boot_params->hdr.version = hdr->version;
>> 972 boot_params->hdr.loadflags = hdr->loadflags;
>> 973 boot_params->hdr.kernel_alignment = hdr->kernel_alignment;
>> 974 boot_params->hdr.min_alignment = hdr->min_alignment;
>> 975 boot_params->hdr.xloadflags = hdr->xloadflags;
>> 976 boot_params->hdr.init_size = hdr->init_size;
>> 977 boot_params->hdr.kernel_info_offset = hdr->kernel_info_offset;
>> 978 efi_set_u64_form(boot_params->hdr.cmd_line_ptr, boot_params->ext_cmd_line_ptr,
>> 979 &cmdline_ptr);
>> > 980 boot_params->hdr.cmdline_size = strlen((const char *)cmdline_ptr);
>> 981 }
>> 982
>> 983 return updated;
>> 984 }
>> 985
>>
>> --
>> 0-DAY CI Kernel Test Service
>> https://urldefense.com/v3/__https://github.com/intel/lkp-tests/wiki__;!!ACWV5N9M2RV99hQ!KhkZK77BXRIR4F24tKkUeIlIrdqXtUW2vcnDV74c_5BmrQBQaQ4FqcDKKv9LB3HQUocTGkrmIy5kGTJf$
>>
next prev parent reply other threads:[~2024-08-28 20:20 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-26 22:38 [PATCH v10 00/20] x86: Trenchboot secure dynamic launch Linux kernel support Ross Philipson
2024-08-26 22:38 ` [PATCH v10 01/20] Documentation/x86: Secure Launch kernel documentation Ross Philipson
2024-08-26 22:38 ` [PATCH v10 02/20] x86: Secure Launch Kconfig Ross Philipson
2024-08-26 22:38 ` [PATCH v10 03/20] x86: Secure Launch Resource Table header file Ross Philipson
2024-08-26 22:38 ` [PATCH v10 04/20] x86: Secure Launch main " Ross Philipson
2024-08-26 22:38 ` [PATCH v10 05/20] x86: Add early SHA-1 support for Secure Launch early measurements Ross Philipson
2024-08-26 22:38 ` [PATCH v10 06/20] x86: Add early SHA-256 " Ross Philipson
2024-08-26 22:38 ` [PATCH v10 07/20] x86/msr: Add variable MTRR base/mask and x2apic ID registers Ross Philipson
2024-08-26 22:38 ` [PATCH v10 08/20] x86/boot: Place TXT MLE header in the kernel_info section Ross Philipson
2024-08-27 10:29 ` Ard Biesheuvel
2024-08-26 22:38 ` [PATCH v10 09/20] x86: Secure Launch kernel early boot stub Ross Philipson
2024-08-26 22:38 ` [PATCH v10 10/20] x86: Secure Launch kernel late " Ross Philipson
2024-08-26 22:38 ` [PATCH v10 11/20] x86: Secure Launch SMP bringup support Ross Philipson
2024-08-26 22:38 ` [PATCH v10 12/20] kexec: Secure Launch kexec SEXIT support Ross Philipson
2024-08-26 22:38 ` [PATCH v10 13/20] x86/reboot: Secure Launch SEXIT support on reboot paths Ross Philipson
2024-08-26 22:38 ` [PATCH v10 14/20] tpm: Protect against locality counter underflow Ross Philipson
2024-08-26 22:38 ` [PATCH v10 15/20] tpm: Ensure tpm is in known state at startup Ross Philipson
2024-08-26 22:38 ` [PATCH v10 16/20] tpm: Make locality requests return consistent values Ross Philipson
2024-08-26 22:38 ` [PATCH v10 17/20] tpm: Add ability to set the default locality the TPM chip uses Ross Philipson
2024-08-26 22:38 ` [PATCH v10 18/20] tpm: Add sysfs interface to allow setting and querying the default locality Ross Philipson
2024-08-26 22:38 ` [PATCH v10 19/20] x86: Secure Launch late initcall platform module Ross Philipson
2024-08-26 22:38 ` [PATCH v10 20/20] x86/efi: EFI stub DRTM launch support for Secure Launch Ross Philipson
2024-08-27 10:28 ` Ard Biesheuvel
2024-08-27 17:19 ` ross.philipson
2024-08-27 20:09 ` kernel test robot
2024-08-28 17:09 ` kernel test robot
2024-08-28 17:14 ` Ard Biesheuvel
2024-08-28 20:19 ` ross.philipson [this message]
2024-08-29 13:23 ` Jonathan McDowell
2024-08-29 13:28 ` Ard Biesheuvel
2024-08-29 15:13 ` ross.philipson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6b214ad2-d448-4f5f-85e9-93cd38e0e035@oracle.com \
--to=ross.philipson@oracle.com \
--cc=James.Bottomley@hansenpartnership.com \
--cc=ardb@kernel.org \
--cc=baolu.lu@linux.intel.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=dpsmith@apertussolutions.com \
--cc=dwmw2@infradead.org \
--cc=ebiederm@xmission.com \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux-foundation.org \
--cc=jarkko@kernel.org \
--cc=jgg@ziepe.ca \
--cc=kanth.ghatraju@oracle.com \
--cc=kexec@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lkp@intel.com \
--cc=luto@amacapital.net \
--cc=mingo@redhat.com \
--cc=mjg59@srcf.ucam.org \
--cc=nivedita@alum.mit.edu \
--cc=oe-kbuild-all@lists.linux.dev \
--cc=peterhuewe@gmx.de \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox