diff options
author | Shane Wang <shane.wang@intel.com> | 2010-03-10 01:36:10 -0500 |
---|---|---|
committer | H. Peter Anvin <hpa@zytor.com> | 2010-03-19 16:39:58 -0400 |
commit | 4bd96a7a8185755b091233b16034c7436cbf57af (patch) | |
tree | 5a6d1a5014a39f0463c79abda29a482f4dd52dd1 | |
parent | a3d3203e4bb40f253b1541e310dc0f9305be7c84 (diff) |
x86, tboot: Add support for S3 memory integrity protection
This patch adds support for S3 memory integrity protection within an Intel(R)
TXT launched kernel, for all kernel and userspace memory. All RAM used by the
kernel and userspace, as indicated by memory ranges of type E820_RAM and
E820_RESERVED_KERN in the e820 table, will be integrity protected.
The MAINTAINERS file is also updated to reflect the maintainers of the
TXT-related code.
All MACing is done in tboot, based on a complexity analysis and tradeoff.
v3: Compared with v2, this patch adds a check of array size in
tboot.c, and a note to specify which c/s of tboot supports this kind
of MACing in intel_txt.txt.
Signed-off-by: Shane Wang <shane.wang@intel.com>
LKML-Reference: <4B973DDA.6050902@intel.com>
Signed-off-by: Joseph Cihula <joseph.cihula@intel.com>
Acked-by: Pavel Machek <pavel@ucw.cz>
Acked-by: Rafael J. Wysocki <rjw@sisk.pl>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
-rw-r--r-- | Documentation/intel_txt.txt | 16 | ||||
-rw-r--r-- | MAINTAINERS | 11 | ||||
-rw-r--r-- | arch/x86/include/asm/e820.h | 7 | ||||
-rw-r--r-- | arch/x86/kernel/tboot.c | 20 |
4 files changed, 37 insertions, 17 deletions
diff --git a/Documentation/intel_txt.txt b/Documentation/intel_txt.txt index f40a1f030019..87c8990dbbd9 100644 --- a/Documentation/intel_txt.txt +++ b/Documentation/intel_txt.txt | |||
@@ -161,13 +161,15 @@ o In order to put a system into any of the sleep states after a TXT | |||
161 | has been restored, it will restore the TPM PCRs and then | 161 | has been restored, it will restore the TPM PCRs and then |
162 | transfer control back to the kernel's S3 resume vector. | 162 | transfer control back to the kernel's S3 resume vector. |
163 | In order to preserve system integrity across S3, the kernel | 163 | In order to preserve system integrity across S3, the kernel |
164 | provides tboot with a set of memory ranges (kernel | 164 | provides tboot with a set of memory ranges (RAM and RESERVED_KERN |
165 | code/data/bss, S3 resume code, and AP trampoline) that tboot | 165 | in the e820 table, but not any memory that BIOS might alter over |
166 | will calculate a MAC (message authentication code) over and then | 166 | the S3 transition) that tboot will calculate a MAC (message |
167 | seal with the TPM. On resume and once the measured environment | 167 | authentication code) over and then seal with the TPM. On resume |
168 | has been re-established, tboot will re-calculate the MAC and | 168 | and once the measured environment has been re-established, tboot |
169 | verify it against the sealed value. Tboot's policy determines | 169 | will re-calculate the MAC and verify it against the sealed value. |
170 | what happens if the verification fails. | 170 | Tboot's policy determines what happens if the verification fails. |
171 | Note that the c/s 194 of tboot which has the new MAC code supports | ||
172 | this. | ||
171 | 173 | ||
172 | That's pretty much it for TXT support. | 174 | That's pretty much it for TXT support. |
173 | 175 | ||
diff --git a/MAINTAINERS b/MAINTAINERS index 47cc449d89d8..d3072cb8805d 100644 --- a/MAINTAINERS +++ b/MAINTAINERS | |||
@@ -2940,6 +2940,17 @@ S: Odd Fixes | |||
2940 | F: Documentation/networking/README.ipw2200 | 2940 | F: Documentation/networking/README.ipw2200 |
2941 | F: drivers/net/wireless/ipw2x00/ipw2200.* | 2941 | F: drivers/net/wireless/ipw2x00/ipw2200.* |
2942 | 2942 | ||
2943 | INTEL(R) TRUSTED EXECUTION TECHNOLOGY (TXT) | ||
2944 | M: Joseph Cihula <joseph.cihula@intel.com> | ||
2945 | M: Shane Wang <shane.wang@intel.com> | ||
2946 | L: tboot-devel@lists.sourceforge.net | ||
2947 | W: http://tboot.sourceforge.net | ||
2948 | T: Mercurial http://www.bughost.org/repos.hg/tboot.hg | ||
2949 | S: Supported | ||
2950 | F: Documentation/intel_txt.txt | ||
2951 | F: include/linux/tboot.h | ||
2952 | F: arch/x86/kernel/tboot.c | ||
2953 | |||
2943 | INTEL WIRELESS WIMAX CONNECTION 2400 | 2954 | INTEL WIRELESS WIMAX CONNECTION 2400 |
2944 | M: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com> | 2955 | M: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com> |
2945 | M: linux-wimax@intel.com | 2956 | M: linux-wimax@intel.com |
diff --git a/arch/x86/include/asm/e820.h b/arch/x86/include/asm/e820.h index 0e22296790d3..ec8a52d14ab1 100644 --- a/arch/x86/include/asm/e820.h +++ b/arch/x86/include/asm/e820.h | |||
@@ -45,7 +45,12 @@ | |||
45 | #define E820_NVS 4 | 45 | #define E820_NVS 4 |
46 | #define E820_UNUSABLE 5 | 46 | #define E820_UNUSABLE 5 |
47 | 47 | ||
48 | /* reserved RAM used by kernel itself */ | 48 | /* |
49 | * reserved RAM used by kernel itself | ||
50 | * if CONFIG_INTEL_TXT is enabled, memory of this type will be | ||
51 | * included in the S3 integrity calculation and so should not include | ||
52 | * any memory that BIOS might alter over the S3 transition | ||
53 | */ | ||
49 | #define E820_RESERVED_KERN 128 | 54 | #define E820_RESERVED_KERN 128 |
50 | 55 | ||
51 | #ifndef __ASSEMBLY__ | 56 | #ifndef __ASSEMBLY__ |
diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c index 86c9f91b48ae..cc2c60474fd0 100644 --- a/arch/x86/kernel/tboot.c +++ b/arch/x86/kernel/tboot.c | |||
@@ -175,6 +175,9 @@ static void add_mac_region(phys_addr_t start, unsigned long size) | |||
175 | struct tboot_mac_region *mr; | 175 | struct tboot_mac_region *mr; |
176 | phys_addr_t end = start + size; | 176 | phys_addr_t end = start + size; |
177 | 177 | ||
178 | if (tboot->num_mac_regions >= MAX_TB_MAC_REGIONS) | ||
179 | panic("tboot: Too many MAC regions\n"); | ||
180 | |||
178 | if (start && size) { | 181 | if (start && size) { |
179 | mr = &tboot->mac_regions[tboot->num_mac_regions++]; | 182 | mr = &tboot->mac_regions[tboot->num_mac_regions++]; |
180 | mr->start = round_down(start, PAGE_SIZE); | 183 | mr->start = round_down(start, PAGE_SIZE); |
@@ -184,18 +187,17 @@ static void add_mac_region(phys_addr_t start, unsigned long size) | |||
184 | 187 | ||
185 | static int tboot_setup_sleep(void) | 188 | static int tboot_setup_sleep(void) |
186 | { | 189 | { |
190 | int i; | ||
191 | |||
187 | tboot->num_mac_regions = 0; | 192 | tboot->num_mac_regions = 0; |
188 | 193 | ||
189 | /* S3 resume code */ | 194 | for (i = 0; i < e820.nr_map; i++) { |
190 | add_mac_region(acpi_wakeup_address, WAKEUP_SIZE); | 195 | if ((e820.map[i].type != E820_RAM) |
196 | && (e820.map[i].type != E820_RESERVED_KERN)) | ||
197 | continue; | ||
191 | 198 | ||
192 | #ifdef CONFIG_X86_TRAMPOLINE | 199 | add_mac_region(e820.map[i].addr, e820.map[i].size); |
193 | /* AP trampoline code */ | 200 | } |
194 | add_mac_region(virt_to_phys(trampoline_base), TRAMPOLINE_SIZE); | ||
195 | #endif | ||
196 | |||
197 | /* kernel code + data + bss */ | ||
198 | add_mac_region(virt_to_phys(_text), _end - _text); | ||
199 | 201 | ||
200 | tboot->acpi_sinfo.kernel_s3_resume_vector = acpi_wakeup_address; | 202 | tboot->acpi_sinfo.kernel_s3_resume_vector = acpi_wakeup_address; |
201 | 203 | ||