Re: [PATCH v9 09/19] x86: Secure Launch kernel late boot stub

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 6/4/24 3:59 PM, Jarkko Sakkinen wrote:
On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
The routine slaunch_setup is called out of the x86 specific setup_arch()
routine during early kernel boot. After determining what platform is
present, various operations specific to that platform occur. This
includes finalizing setting for the platform late launch and verifying
that memory protections are in place.

For TXT, this code also reserves the original compressed kernel setup
area where the APs were left looping so that this memory cannot be used.

Signed-off-by: Ross Philipson <ross.philipson@xxxxxxxxxx>
---
  arch/x86/kernel/Makefile   |   1 +
  arch/x86/kernel/setup.c    |   3 +
  arch/x86/kernel/slaunch.c  | 525 +++++++++++++++++++++++++++++++++++++
  drivers/iommu/intel/dmar.c |   4 +
  4 files changed, 533 insertions(+)
  create mode 100644 arch/x86/kernel/slaunch.c

diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile
index 5d128167e2e2..b35ca99ab0a0 100644
--- a/arch/x86/kernel/Makefile
+++ b/arch/x86/kernel/Makefile
@@ -76,6 +76,7 @@ obj-$(CONFIG_X86_32)		+= tls.o
  obj-$(CONFIG_IA32_EMULATION)	+= tls.o
  obj-y				+= step.o
  obj-$(CONFIG_INTEL_TXT)		+= tboot.o
+obj-$(CONFIG_SECURE_LAUNCH)	+= slaunch.o

Hmm... should that be CONFIG_X86_SECURE_LAUNCH?

Further thoughts on this after discussions...

The Secure Launch feature will cover other architectures beyond x86 in the future. We may have to rework/move the config settings at that point but for now I don't think we want to change it.

Thanks
Ross


Just asking...

BR, Jarkko






[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux