aboutsummaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
authorJoseph Cihula <joseph.cihula@intel.com>2009-06-30 22:31:07 -0400
committerH. Peter Anvin <hpa@zytor.com>2009-07-21 14:50:04 -0400
commit86886e55b273f565935491816c7c96b82469d4f8 (patch)
tree0045d68e4720f545f546e216c71104ab31d9d80c /kernel
parent840c2baf2d4cdf35ecc3b7fcbba7740f97de30a4 (diff)
x86, intel_txt: Intel TXT Sx shutdown support
Support for graceful handling of sleep states (S3/S4/S5) after an Intel(R) TXT launch. Without this patch, attempting to place the system in one of the ACPI sleep states (S3/S4/S5) will cause the TXT hardware to treat this as an attack and will cause a system reset, with memory locked. Not only may the subsequent memory scrub take some time, but the platform will be unable to enter the requested power state. This patch calls back into the tboot so that it may properly and securely clean up system state and clear the secrets-in-memory flag, after which it will place the system into the requested sleep state using ACPI information passed by the kernel. arch/x86/kernel/smpboot.c | 2 ++ drivers/acpi/acpica/hwsleep.c | 3 +++ kernel/cpu.c | 7 ++++++- 3 files changed, 11 insertions(+), 1 deletion(-) Signed-off-by: Joseph Cihula <joseph.cihula@intel.com> Signed-off-by: Shane Wang <shane.wang@intel.com> Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/cpu.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/kernel/cpu.c b/kernel/cpu.c
index 8ce10043e4ac..ff071e022a85 100644
--- a/kernel/cpu.c
+++ b/kernel/cpu.c
@@ -14,6 +14,7 @@
14#include <linux/kthread.h> 14#include <linux/kthread.h>
15#include <linux/stop_machine.h> 15#include <linux/stop_machine.h>
16#include <linux/mutex.h> 16#include <linux/mutex.h>
17#include <asm/tboot.h>
17 18
18#ifdef CONFIG_SMP 19#ifdef CONFIG_SMP
19/* Serializes the updates to cpu_online_mask, cpu_present_mask */ 20/* Serializes the updates to cpu_online_mask, cpu_present_mask */
@@ -376,7 +377,7 @@ static cpumask_var_t frozen_cpus;
376 377
377int disable_nonboot_cpus(void) 378int disable_nonboot_cpus(void)
378{ 379{
379 int cpu, first_cpu, error; 380 int cpu, first_cpu, error, num_cpus = 0;
380 381
381 error = stop_machine_create(); 382 error = stop_machine_create();
382 if (error) 383 if (error)
@@ -391,6 +392,7 @@ int disable_nonboot_cpus(void)
391 for_each_online_cpu(cpu) { 392 for_each_online_cpu(cpu) {
392 if (cpu == first_cpu) 393 if (cpu == first_cpu)
393 continue; 394 continue;
395 num_cpus++;
394 error = _cpu_down(cpu, 1); 396 error = _cpu_down(cpu, 1);
395 if (!error) { 397 if (!error) {
396 cpumask_set_cpu(cpu, frozen_cpus); 398 cpumask_set_cpu(cpu, frozen_cpus);
@@ -401,6 +403,9 @@ int disable_nonboot_cpus(void)
401 break; 403 break;
402 } 404 }
403 } 405 }
406 /* ensure all CPUs have gone into wait-for-SIPI */
407 error |= tboot_wait_for_aps(num_cpus);
408
404 if (!error) { 409 if (!error) {
405 BUG_ON(num_online_cpus() > 1); 410 BUG_ON(num_online_cpus() > 1);
406 /* Make sure the CPUs won't be enabled by someone else */ 411 /* Make sure the CPUs won't be enabled by someone else */