On 2013-05-08, Matthew Garrett wrote:
> On Tue, 2013-05-07 at 22:55 +0800, Qiaowei Ren wrote:
>
> > +What: /sys/devices/platform/intel_txt/parameter/acm_max_size
> > +Date: May 2013
> > +KernelVersion: 3.9
> > +Contact: "Qiaowei Ren" <qiaowei.ren@xxxxxxxxx>
> > +Description: The "acm_max_size" property will show max size of
> > + authenticated code execution area.
>
> What would userspace use this for?
These sysfs files are just export SMX & TXT related information to userspace. So that other developers (or OSV & ISV) can be able to develop txt related applications or tools based on these information.
> > +What: /sys/devices/platform/intel_txt/parameter/acm_mem_types
> > +Date: May 2013
> > +KernelVersion: 3.9
> > +Contact: "Qiaowei Ren" <qiaowei.ren@xxxxxxxxx>
> > +Description: The "acm_max_types" property will show external memory
> > + types supported during AC mode.
>
> Or this? And what's AC mode?
It means that the property will show supportable memory types for memory mapped outside of the authenticated code execution area.
> > + __asm__ __volatile__ (IA32_GETSEC_OPCODE "\n"
> > + : "=a"(eax), "=b"(ebx), "=c"(ecx)
> > + : "a"(IA32_GETSEC_PARAMETERS), "b"(index));
> > +
> > + *param_type = eax & 0x1f;
> > + *peax = eax;
> > + *pebx = ebx;
> > + *pecx = ecx;
>
> Should there be a check for failure here? Is it possible for this operation to fail?
You mean GETSEC instruction? I don't notice related description in manual. Next function get_parameters() will process return eax/ebx/ecx returned by this instruction.
> > + write_cr4(read_cr4() | CR4_SMXE);
>
> Whoo. This needs at least a giant comment and probably some locking, but if
> this is supposed to be set during runtime then it should be done in core
> architecture code rather than just in this driver.
Oh. This code should be removed, because tboot code have set SMXE bit.
Thanks,
Qiaowei
��.n��������+%�������w��{.n������_���v��z����n�r�������&��z�ޗ�zf���h���~����������_��+v���)ߣ�
