From: Randy Dunlap <rdunlap@infradead.org>
To: Ross Philipson <ross.philipson@gmail.com>,
linux-kernel@vger.kernel.org, x86@kernel.org,
linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org,
linux-crypto@vger.kernel.org, kexec@lists.infradead.org,
linux-efi@vger.kernel.org, iommu@lists.linux.dev
Cc: dpsmith@apertussolutions.com, tglx@linutronix.de,
mingo@redhat.com, bp@alien8.de, hpa@zytor.com,
dave.hansen@linux.intel.com, ardb@kernel.org,
mjg59@srcf.ucam.org, James.Bottomley@hansenpartnership.com,
peterhuewe@gmx.de, jarkko@kernel.org, jgg@ziepe.ca,
luto@amacapital.net, nivedita@alum.mit.edu,
herbert@gondor.apana.org.au, davem@davemloft.net, corbet@lwn.net,
ebiederm@xmission.com, dwmw2@infradead.org,
baolu.lu@linux.intel.com, kanth.ghatraju@oracle.com,
daniel.kiper@oracle.com, andrew.cooper3@citrix.com,
trenchboot-devel@googlegroups.com
Subject: Re: [PATCH v16 15/38] Documentation/security: Secure Launch kernel documentation
Date: Fri, 15 May 2026 15:02:16 -0700 [thread overview]
Message-ID: <130c4cfa-7388-462f-9b0f-7939680a90ed@infradead.org> (raw)
In-Reply-To: <20260515211410.31440-16-ross.philipson@gmail.com>
On 5/15/26 2:13 PM, Ross Philipson wrote:
> From: "Daniel P. Smith" <dpsmith@apertussolutions.com>
>
> Introduce documentation for the Linux Secure Launch feature.
>
> Co-developed-by: Ross Philipson <ross.philipson@gmail.com>
> Signed-off-by: Daniel P. Smith <dpsmith@apertussolutions.com>
> Signed-off-by: Ross Philipson <ross.philipson@gmail.com>
> ---
> Documentation/arch/x86/boot.rst | 8 +
> Documentation/security/index.rst | 1 +
> .../security/launch-integrity/index.rst | 9 +
> .../launch-integrity/secure_launch.rst | 681 ++++++++++++++++++
> 4 files changed, 699 insertions(+)
> create mode 100644 Documentation/security/launch-integrity/index.rst
> create mode 100644 Documentation/security/launch-integrity/secure_launch.rst
>
> diff --git a/Documentation/security/launch-integrity/secure_launch.rst b/Documentation/security/launch-integrity/secure_launch.rst
> new file mode 100644
> index 000000000000..b4c61fdceaf0
> --- /dev/null
> +++ b/Documentation/security/launch-integrity/secure_launch.rst
> @@ -0,0 +1,681 @@
> +.. SPDX-License-Identifier: GPL-2.0
> +.. Copyright (c) 2019-2026 Daniel P. Smith <dpsmith@apertussolutions.com>
> +
> +======================
> +Secure Launch Overview
> +======================
> +
> +:Author: Daniel P. Smith
> +:Date: February 2026
maybe update?
> +
> +Overview
> +========
[snip]
> +Error Codes
> +===========
> +
> +The TXT specification defines the layout for TXT 32 bit error code values.
32-bit
> +The bit encodings indicate where the error originated (e.g. with the CPU,
> +in the SINIT ACM, in software). The error is written to a sticky TXT
> +register that persists across resets called TXT.ERRORCODE (see the TXT
> +MLE Development Guide). The errors defined by the Secure Launch feature are
> +those generated in the MLE software. They have the format::
> +
> + 0xc0008XXX
> +
> +The low 12 bits are free for defining the following Secure Launch specific
> +error codes.
[snip]
> +Resources
> +=========
> +
> +The TrenchBoot project:
> +
> +https://trenchboot.org
> +
> +Secure Launch Specification:
> +
> +https://trenchboot.org/specifications/Secure_Launch/
> +
> +Trusted Computing Group's D-RTM Architecture:
> +
> +https://trustedcomputinggroup.org/wp-content/uploads/TCG_D-RTM_Architecture_v1-0_Published_06172013.pdf
> +
> +TXT documentation in the Intel TXT MLE Development Guide:
> +
> +https://www.intel.com/content/dam/www/public/us/en/documents/guides/intel-txt-software-development-guide.pdf
> +
> +TXT instructions documentation in the Intel SDM Instruction Set volume:
> +
> +https://software.intel.com/en-us/articles/intel-sdm
> +
> +AMD SKINIT documentation in the System Programming manual:
> +
> +https://www.amd.com/system/files/TechDocs/24593.pdf
> +
> +GRUB Secure Launch support:
> +
> +https://github.com/TrenchBoot/grub/tree/grub-sl-fc-38-dlstub
> +
> +FOSDEM 2021: Secure Upgrades with DRTM
> +
> +https://archive.fosdem.org/2021/schedule/event/firmware_suwd/
> +
> +.. [1]
> + MLE: Measured Launch Environment is the binary runtime that is measured and
> + then run by the TXT SINIT ACM. The TXT MLE Development Guide describes the
> + requirements for the MLE in detail.
> +
> +.. [2]
> + PMR: Intel VTd has a feature in the IOMMU called Protected Memory Registers.
> + There are two of these registers and they allow all DMA to be blocked
> + to large areas of memory. The low PMR can cover all memory below 4Gb on 2Mb
> + boundaries. The high PMR can cover all RAM on the system, again on 2Mb
> + boundaries. This feature is used during a Secure Launch by TXT.
> +
> +.. [3]
> + Secure Launch Specification: https://trenchboot.org/specifications/Secure_Launch/
> +
> +.. [4]
> + ACM: Intel's Authenticated Code Module. This is the 32b bit binary blob that
Does "32b" mean something or should that be 32-bit?
> + is run securely by the GETSEC[SENTER] during a measured launch. It is described
> + in the Intel documentation on TXT and versions for various chipsets are
> + signed and distributed by Intel.
--
~Randy
next prev parent reply other threads:[~2026-05-15 22:02 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-15 21:13 [PATCH v16 00/38] x86: Secure Launch support for Intel TXT Ross Philipson
2026-05-15 21:13 ` [PATCH v16 01/38] tpm: Initial step to reorganize TPM public headers Ross Philipson
2026-05-15 23:03 ` Jarkko Sakkinen
2026-05-15 23:05 ` Jason Gunthorpe
2026-05-15 23:10 ` Dave Hansen
2026-05-15 23:51 ` Jarkko Sakkinen
2026-05-15 21:13 ` [PATCH v16 02/38] tpm: Move TPM1 specific definitions to the command header Ross Philipson
2026-05-15 23:14 ` Jarkko Sakkinen
2026-05-15 21:13 ` [PATCH v16 03/38] tpm: Move TPM2 " Ross Philipson
2026-05-15 23:15 ` Jarkko Sakkinen
2026-05-15 21:13 ` [PATCH v16 04/38] tpm: Move TPM common base " Ross Philipson
2026-05-15 23:22 ` Jarkko Sakkinen
2026-05-15 21:13 ` [PATCH v16 05/38] tpm: Move platform specific definitions to the new PTP header Ross Philipson
2026-05-15 21:13 ` [PATCH v16 06/38] tpm: Remove main TPM header from TPM event log header Ross Philipson
2026-05-15 21:13 ` [PATCH v16 07/38] tpm-buf: Merge TPM_BUF_BOUNDARY_ERROR and TPM_BUF_OVERFLOW Ross Philipson
2026-05-15 21:13 ` [PATCH v16 08/38] tpm-buf: Remove chip parameter from tpm_buf_append_handle() Ross Philipson
2026-05-15 21:13 ` [PATCH v16 09/38] tpm-buf: Implement managed allocations Ross Philipson
2026-05-15 21:13 ` [PATCH v16 10/38] tpm-buf: Add TPM buffer support header for standalone reuse Ross Philipson
2026-05-15 21:13 ` [PATCH v16 11/38] tpm/tpm_tis: Close all localities Ross Philipson
2026-05-15 21:13 ` [PATCH v16 12/38] tpm/tpm_tis: Address positive localities in tpm_tis_request_locality() Ross Philipson
2026-05-15 21:13 ` [PATCH v16 13/38] tpm/tpm_tis: Allow locality to be set to a different value Ross Philipson
2026-05-15 21:13 ` [PATCH v16 14/38] tpm/sysfs: Show locality used by kernel Ross Philipson
2026-05-15 21:13 ` [PATCH v16 15/38] Documentation/security: Secure Launch kernel documentation Ross Philipson
2026-05-15 22:02 ` Randy Dunlap [this message]
2026-05-15 21:13 ` [PATCH v16 16/38] x86: Secure Launch Kconfig Ross Philipson
2026-05-15 21:13 ` [PATCH v16 17/38] x86: Secure Launch Resource Table header file Ross Philipson
2026-05-15 21:13 ` [PATCH v16 18/38] x86/efi: Secure Launch Resource Table EFI definitions " Ross Philipson
2026-05-15 21:13 ` [PATCH v16 19/38] x86: Secure Launch main " Ross Philipson
2026-05-15 21:13 ` [PATCH v16 20/38] x86/txt: Intel Trusted eXecution Technology (TXT) definitions Ross Philipson
2026-05-15 21:13 ` [PATCH v16 21/38] lib/crypto: Add SHA1 support for pre-boot environments Ross Philipson
2026-05-15 21:13 ` [PATCH v16 22/38] lib/crypto: Add SHA512 " Ross Philipson
2026-05-15 21:13 ` [PATCH v16 23/38] x86: Allow WARN_trap() macro to be included in " Ross Philipson
2026-05-15 21:13 ` [PATCH v16 24/38] x86/msr: Add variable MTRR base/mask and x2apic ID registers Ross Philipson
2026-05-15 21:13 ` [PATCH v16 25/38] x86/boot: Slight refactor of the 5 level paging logic Ross Philipson
2026-05-15 21:13 ` [PATCH v16 26/38] x86: Add early SHA-1 support for Secure Launch early measurements Ross Philipson
2026-05-15 21:13 ` [PATCH v16 27/38] x86: Add early SHA-256 " Ross Philipson
2026-05-15 21:14 ` [PATCH v16 28/38] x86: Add early SHA-384/512 " Ross Philipson
2026-05-15 21:14 ` [PATCH v16 29/38] x86/tpm: Early startup TPM PCR extending driver Ross Philipson
2026-05-15 22:32 ` Dave Hansen
2026-05-15 21:14 ` [PATCH v16 30/38] x86/slaunch: Add MLE header and Secure Launch entrypoint to the core kernel Ross Philipson
2026-05-15 21:14 ` [PATCH v16 31/38] x86/slaunch: Secure Launch kernel early boot initialization Ross Philipson
2026-05-15 21:14 ` [PATCH v16 32/38] x86/slaunch: Secure Launch kernel late " Ross Philipson
2026-05-15 21:14 ` [PATCH v16 33/38] x86/slaunch: Secure Launch SMP bringup support Ross Philipson
2026-05-15 21:14 ` [PATCH v16 34/38] kexec/slaunch: Secure Launch kexec SEXIT support Ross Philipson
2026-05-15 21:14 ` [PATCH v16 35/38] reboot/slaunch: Secure Launch SEXIT support on reboot paths Ross Philipson
2026-05-15 21:14 ` [PATCH v16 36/38] x86/slaunch: Secure Launch late initcall platform module Ross Philipson
2026-05-15 21:14 ` [PATCH v16 37/38] x86/efistub: EFI stub DRTM support for Secure Launch Ross Philipson
2026-05-15 21:14 ` [PATCH v16 38/38] x86/boot: Legacy boot " Ross Philipson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=130c4cfa-7388-462f-9b0f-7939680a90ed@infradead.org \
--to=rdunlap@infradead.org \
--cc=James.Bottomley@hansenpartnership.com \
--cc=andrew.cooper3@citrix.com \
--cc=ardb@kernel.org \
--cc=baolu.lu@linux.intel.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=daniel.kiper@oracle.com \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=dpsmith@apertussolutions.com \
--cc=dwmw2@infradead.org \
--cc=ebiederm@xmission.com \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux.dev \
--cc=jarkko@kernel.org \
--cc=jgg@ziepe.ca \
--cc=kanth.ghatraju@oracle.com \
--cc=kexec@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mingo@redhat.com \
--cc=mjg59@srcf.ucam.org \
--cc=nivedita@alum.mit.edu \
--cc=peterhuewe@gmx.de \
--cc=ross.philipson@gmail.com \
--cc=tglx@linutronix.de \
--cc=trenchboot-devel@googlegroups.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox