From 69575d388603365f2afbf4166df93152df59b165 Mon Sep 17 00:00:00 2001
From: Shane Wang <shane.wang@intel.com>
Date: Tue, 1 Sep 2009 18:25:07 -0700
Subject: x86, intel_txt: clean up the impact on generic code, unbreak non-x86
Move tboot.h from asm to linux to fix the build errors of intel_txt
patch on non-X86 platforms. Remove the tboot code from generic code
init/main.c and kernel/cpu.c.
Signed-off-by: Shane Wang <shane.wang@intel.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
---
arch/x86/Kconfig | 4 +
arch/x86/include/asm/tboot.h | 197 ------------------------------------------
arch/x86/kernel/reboot.c | 3 +-
arch/x86/kernel/setup.c | 3 +-
arch/x86/kernel/smpboot.c | 2 +-
arch/x86/kernel/tboot.c | 58 ++++++++++---
drivers/acpi/acpica/hwsleep.c | 2 +-
drivers/pci/dmar.c | 2 +-
drivers/pci/intel-iommu.c | 2 +-
include/linux/tboot.h | 162 ++++++++++++++++++++++++++++++++++
init/main.c | 3 -
kernel/cpu.c | 6 +-
security/Kconfig | 2 +-
13 files changed, 221 insertions(+), 225 deletions(-)
delete mode 100644 arch/x86/include/asm/tboot.h
create mode 100644 include/linux/tboot.h
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 738bdc6b0f8b..b66f2102c35d 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -178,6 +178,10 @@ config ARCH_SUPPORTS_OPTIMIZED_INLINING
config ARCH_SUPPORTS_DEBUG_PAGEALLOC
def_bool y
+config HAVE_INTEL_TXT
+ def_bool y
+ depends on EXPERIMENTAL && DMAR && ACPI
+
# Use the generic interrupt handling code in kernel/irq/:
config GENERIC_HARDIRQS
bool
diff --git a/arch/x86/include/asm/tboot.h b/arch/x86/include/asm/tboot.h
deleted file mode 100644
index b13929d4e5f4..000000000000
--- a/arch/x86/include/asm/tboot.h
+++ /dev/null
@@ -1,197 +0,0 @@
-/*
- * tboot.h: shared data structure with tboot and kernel and functions
- * used by kernel for runtime support of Intel(R) Trusted
- * Execution Technology
- *
- * Copyright (c) 2006-2009, Intel Corporation
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms and conditions of the GNU General Public License,
- * version 2, as published by the Free Software Foundation.
- *
- * This program is distributed in the hope it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
- * more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
- *
- */
-
-#ifndef _ASM_TBOOT_H
-#define _ASM_TBOOT_H
-
-#include <acpi/acpi.h>
-
-/* these must have the values from 0-5 in this order */
-enum {
- TB_SHUTDOWN_REBOOT = 0,
- TB_SHUTDOWN_S5,
- TB_SHUTDOWN_S4,
- TB_SHUTDOWN_S3,
- TB_SHUTDOWN_HALT,
- TB_SHUTDOWN_WFS
-};
-
-#ifdef CONFIG_INTEL_TXT
-
-/* used to communicate between tboot and the launched kernel */
-
-#define TB_KEY_SIZE 64 /* 512 bits */
-
-#define MAX_TB_MAC_REGIONS 32
-
-struct tboot_mac_region {
- u64 start; /* must be 64 byte -aligned */
- u32 size; /* must be 64 byte -granular */
-} __packed;
-
-/* GAS - Generic Address Structure (ACPI 2.0+) */
-struct tboot_acpi_generic_address {
- u8 space_id;
- u8 bit_width;
- u8 bit_offset;
- u8 access_width;
- u64 address;
-} __packed;
-
-/*
- * combines Sx info from FADT and FACS tables per ACPI 2.0+ spec
- * (http://www.acpi.info/)
- */
-struct tboot_acpi_sleep_info {
- struct tboot_acpi_generic_address pm1a_cnt_blk;
- struct tboot_acpi_generic_address pm1b_cnt_blk;
- struct tboot_acpi_generic_address pm1a_evt_blk;
- struct tboot_acpi_generic_address pm1b_evt_blk;
- u16 pm1a_cnt_val;
- u16 pm1b_cnt_val;
- u64 wakeup_vector;
- u32 vector_width;
- u64 kernel_s3_resume_vector;
-} __packed;
-
-/*
- * shared memory page used for communication between tboot and kernel
- */
-struct tboot {
- /*
- * version 3+ fields:
- */
-
- /* TBOOT_UUID */
- u8 uuid[16];
-
- /* version number: 5 is current */
- u32 version;
-
- /* physical addr of tb_log_t log */
- u32 log_addr;
-
- /*
- * physical addr of entry point for tboot shutdown and
- * type of shutdown (TB_SHUTDOWN_*) being requested
- */
- u32 shutdown_entry;
- u32 shutdown_type;
-
- /* kernel-specified ACPI info for Sx shutdown */
- struct tboot_acpi_sleep_info acpi_sinfo;
-
- /* tboot location in memory (physical) */
- u32 tboot_base;
- u32 tboot_size;
-
- /* memory regions (phys addrs) for tboot to MAC on S3 */
- u8 num_mac_regions;
- struct tboot_mac_region mac_regions[MAX_TB_MAC_REGIONS];
-
-
- /*
- * version 4+ fields:
- */
-
- /* symmetric key for use by kernel; will be encrypted on S3 */
- u8 s3_key[TB_KEY_SIZE];
-
-
- /*
- * version 5+ fields:
- */
-
- /* used to 4byte-align num_in_wfs */
- u8 reserved_align[3];
-
- /* number of processors in wait-for-SIPI */
- u32 num_in_wfs;
-} __packed;
-
-/*
- * UUID for tboot data struct to facilitate matching
- * defined as {663C8DFF-E8B3-4b82-AABF-19EA4D057A08} by tboot, which is
- * represented as {} in the char array used here
- */
-#define TBOOT_UUID {0xff, 0x8d, 0x3c, 0x66, 0xb3, 0xe8, 0x82, 0x4b, 0xbf,\
- 0xaa, 0x19, 0xea, 0x4d, 0x5, 0x7a, 0x8}
-
-extern struct tboot *tboot;
-
-static inline int tboot_enabled(void)
-{
- return tboot != NULL;
-}
-
-extern void tboot_probe(void);
-extern void tboot_create_trampoline(void);
-extern void tboot_shutdown(u32 shutdown_type);
-extern void tboot_sleep(u8 sleep_state, u32 pm1a_control, u32 pm1b_control);
-extern int tboot_wait_for_aps(int num_aps);
-extern struct acpi_table_header *tboot_get_dmar_table(
- struct acpi_table_header *dmar_tbl);
-extern int tboot_force_iommu(void);
-
-#else /* CONFIG_INTEL_TXT */
-
-static inline int tboot_enabled(void)
-{
- return 0;
-}
-
-static inline void tboot_probe(void)
-{
-}
-
-static inline void tboot_create_trampoline(void)
-{
-}
-
-static inline void tboot_shutdown(u32 shutdown_type)
-{
-}
-
-static inline void tboot_sleep(u8 sleep_state, u32 pm1a_control,
- u32 pm1b_control)
-{
-}
-
-static inline int tboot_wait_for_aps(int num_aps)
-{
- return 0;
-}
-
-static inline struct acpi_table_header *tboot_get_dmar_table(
- struct acpi_table_header *dmar_tbl)
-{
- return dmar_tbl;
-}
-
-static inline int tboot_force_iommu(void)
-{
- return 0;
-}
-
-#endif /* !CONFIG_INTEL_TXT */
-
-#endif /* _ASM_TBOOT_H */
diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c
index 9de01c5d9794..18ce5c04242a 100644
--- a/arch/x86/kernel/reboot.c
+++ b/arch/x86/kernel/reboot.c
@@ -3,6 +3,7 @@
#include <linux/init.h>
#include <linux/pm.h>
#include <linux/efi.h>
+#include <linux/tboot.h>
#include <acpi/reboot.h>
#include <asm/io.h>
#include <asm/apic.h>
@@ -24,8 +25,6 @@
# include <asm/iommu.h>
#endif
-#include <asm/tboot.h>
-
/*
* Power off function, if any
*/
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
index 80d6e9e32483..6ce0d6f38f7f 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -66,6 +66,7 @@
#include <linux/percpu.h>
#include <linux/crash_dump.h>
+#include <linux/tboot.h>
#include <video/edid.h>
@@ -145,8 +146,6 @@ struct boot_params __initdata boot_params;
struct boot_params boot_params;
#endif
-#include <asm/tboot.h>
-
/*
* Machine setup..
*/
diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c
index 61cc40887c48..7d9d8eea20a0 100644
--- a/arch/x86/kernel/smpboot.c
+++ b/arch/x86/kernel/smpboot.c
@@ -47,6 +47,7 @@
#include <linux/bootmem.h>
#include <linux/err.h>
#include <linux/nmi.h>
+#include <linux/tboot.h>
#include <asm/acpi.h>
#include <asm/desc.h>
@@ -62,7 +63,6 @@
#include <asm/vmi.h>
#include <asm/apic.h>
#include <asm/setup.h>
-#include <asm/tboot.h>
#include <asm/uv/uv.h>
#include <linux/mc146818rtc.h>
diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c
index c2e760ca7b01..86c9f91b48ae 100644
--- a/arch/x86/kernel/tboot.c
+++ b/arch/x86/kernel/tboot.c
@@ -22,11 +22,14 @@
#include <linux/dma_remapping.h>
#include <linux/init_task.h>
#include <linux/spinlock.h>
+#include <linux/delay.h>
#include <linux/sched.h>
#include <linux/init.h>
#include <linux/dmar.h>
+#include <linux/cpu.h>
#include <linux/pfn.h>
#include <linux/mm.h>
+#include <linux/tboot.h>
#include <asm/trampoline.h>
#include <asm/processor.h>
@@ -36,7 +39,6 @@
#include <asm/fixmap.h>
#include <asm/proto.h>
#include <asm/setup.h>
-#include <asm/tboot.h>
#include <asm/e820.h>
#include <asm/io.h>
@@ -154,13 +156,10 @@ static int map_tboot_pages(unsigned long vaddr, unsigned long start_pfn,
return 0;
}
-void tboot_create_trampoline(void)
+static void tboot_create_trampoline(void)
{
u32 map_base, map_size;
- if (!tboot_enabled())
- return;
-
/* Create identity map for tboot shutdown code. */
map_base = PFN_DOWN(tboot->tboot_base);
map_size = PFN_UP(tboot->tboot_size);
@@ -295,21 +294,58 @@ void tboot_sleep(u8 sleep_state, u32 pm1a_control, u32 pm1b_control)
tboot_shutdown(acpi_shutdown_map[sleep_state]);
}
-int tboot_wait_for_aps(int num_aps)
+static atomic_t ap_wfs_count;
+
+static int tboot_wait_for_aps(int num_aps)
{
unsigned long timeout;
+ timeout = AP_WAIT_TIMEOUT*HZ;
+ while (atomic_read((atomic_t *)&tboot->num_in_wfs) != num_aps &&
+ timeout) {
+ mdelay(1);
+ timeout--;
+ }
+
+ if (timeout)
+ pr_warning("tboot wait for APs timeout\n");
+
+ return !(atomic_read((atomic_t *)&tboot->num_in_wfs) == num_aps);
+}
+
+static int __cpuinit tboot_cpu_callback(struct notifier_block *nfb,
+ unsigned long action, void *hcpu)
+{
+ switch (action) {
+ case CPU_DYING:
+ atomic_inc(&ap_wfs_count);
+ if (num_online_cpus() == 1)
+ if (tboot_wait_for_aps(atomic_read(&ap_wfs_count)))
+ return NOTIFY_BAD;
+ break;
+ }
+ return NOTIFY_OK;
+}
+
+static struct notifier_block tboot_cpu_notifier __cpuinitdata =
+{
+ .notifier_call = tboot_cpu_callback,
+};
+
+static __init int tboot_late_init(void)
+{
if (!tboot_enabled())
return 0;
- timeout = jiffies + AP_WAIT_TIMEOUT*HZ;
- while (atomic_read((atomic_t *)&tboot->num_in_wfs) != num_aps &&
- time_before(jiffies, timeout))
- cpu_relax();
+ tboot_create_trampoline();
- return time_before(jiffies, timeout) ? 0 : 1;
+ atomic_set(&ap_wfs_count, 0);
+ register_hotcpu_notifier(&tboot_cpu_notifier);
+ return 0;
}
+late_initcall(tboot_late_init);
+
/*
* TXT configuration registers (offsets from TXT_{PUB, PRIV}_CONFIG_REGS_BASE)
*/
diff --git a/drivers/acpi/acpica/hwsleep.c b/drivers/acpi/acpica/hwsleep.c
index 8c01dd3724e0..cc22f9a585b0 100644
--- a/drivers/acpi/acpica/hwsleep.c
+++ b/drivers/acpi/acpica/hwsleep.c
@@ -45,7 +45,7 @@
#include <acpi/acpi.h>
#include "accommon.h"
#include "actables.h"
-#include <asm/tboot.h>
+#include <linux/tboot.h>
#define _COMPONENT ACPI_HARDWARE
ACPI_MODULE_NAME("hwsleep")
diff --git a/drivers/pci/dmar.c b/drivers/pci/dmar.c
index 0cbc5fd26c3c..ab99783dccec 100644
--- a/drivers/pci/dmar.c
+++ b/drivers/pci/dmar.c
@@ -33,7 +33,7 @@
#include <linux/timer.h>
#include <linux/irq.h>
#include <linux/interrupt.h>
-#include <asm/tboot.h>
+#include <linux/tboot.h>
#undef PREFIX
#define PREFIX "DMAR:"
diff --git a/drivers/pci/intel-iommu.c b/drivers/pci/intel-iommu.c
index 2dc72a6d7412..833509b53527 100644
--- a/drivers/pci/intel-iommu.c
+++ b/drivers/pci/intel-iommu.c
@@ -37,8 +37,8 @@
#include <linux/iommu.h>
#include <linux/intel-iommu.h>
#include <linux/sysdev.h>
+#include <linux/tboot.h>
#include <asm/cacheflush.h>
-#include <asm/tboot.h>
#include <asm/iommu.h>
#include "pci.h"
diff --git a/include/linux/tboot.h b/include/linux/tboot.h
new file mode 100644
index 000000000000..bf2a0c748878
--- /dev/null
+++ b/include/linux/tboot.h
@@ -0,0 +1,162 @@
+/*
+ * tboot.h: shared data structure with tboot and kernel and functions
+ * used by kernel for runtime support of Intel(R) Trusted
+ * Execution Technology
+ *
+ * Copyright (c) 2006-2009, Intel Corporation
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#ifndef _LINUX_TBOOT_H
+#define _LINUX_TBOOT_H
+
+/* these must have the values from 0-5 in this order */
+enum {
+ TB_SHUTDOWN_REBOOT = 0,
+ TB_SHUTDOWN_S5,
+ TB_SHUTDOWN_S4,
+ TB_SHUTDOWN_S3,
+ TB_SHUTDOWN_HALT,
+ TB_SHUTDOWN_WFS
+};
+
+#ifdef CONFIG_INTEL_TXT
+#include <acpi/acpi.h>
+/* used to communicate between tboot and the launched kernel */
+
+#define TB_KEY_SIZE 64 /* 512 bits */
+
+#define MAX_TB_MAC_REGIONS 32
+
+struct tboot_mac_region {
+ u64 start; /* must be 64 byte -aligned */
+ u32 size; /* must be 64 byte -granular */
+} __packed;
+
+/* GAS - Generic Address Structure (ACPI 2.0+) */
+struct tboot_acpi_generic_address {
+ u8 space_id;
+ u8 bit_width;
+ u8 bit_offset;
+ u8 access_width;
+ u64 address;
+} __packed;
+
+/*
+ * combines Sx info from FADT and FACS tables per ACPI 2.0+ spec
+ * (http://www.acpi.info/)
+ */
+struct tboot_acpi_sleep_info {
+ struct tboot_acpi_generic_address pm1a_cnt_blk;
+ struct tboot_acpi_generic_address pm1b_cnt_blk;
+ struct tboot_acpi_generic_address pm1a_evt_blk;
+ struct tboot_acpi_generic_address pm1b_evt_blk;
+ u16 pm1a_cnt_val;
+ u16 pm1b_cnt_val;
+ u64 wakeup_vector;
+ u32 vector_width;
+ u64 kernel_s3_resume_vector;
+} __packed;
+
+/*
+ * shared memory page used for communication between tboot and kernel
+ */
+struct tboot {
+ /*
+ * version 3+ fields:
+ */
+
+ /* TBOOT_UUID */
+ u8 uuid[16];
+
+ /* version number: 5 is current */
+ u32 version;
+
+ /* physical addr of tb_log_t log */
+ u32 log_addr;
+
+ /*
+ * physical addr of entry point for tboot shutdown and
+ * type of shutdown (TB_SHUTDOWN_*) being requested
+ */
+ u32 shutdown_entry;
+ u32 shutdown_type;
+
+ /* kernel-specified ACPI info for Sx shutdown */
+ struct tboot_acpi_sleep_info acpi_sinfo;
+
+ /* tboot location in memory (physical) */
+ u32 tboot_base;
+ u32 tboot_size;
+
+ /* memory regions (phys addrs) for tboot to MAC on S3 */
+ u8 num_mac_regions;
+ struct tboot_mac_region mac_regions[MAX_TB_MAC_REGIONS];
+
+
+ /*
+ * version 4+ fields:
+ */
+
+ /* symmetric key for use by kernel; will be encrypted on S3 */
+ u8 s3_key[TB_KEY_SIZE];
+
+
+ /*
+ * version 5+ fields:
+ */
+
+ /* used to 4byte-align num_in_wfs */
+ u8 reserved_align[3];
+
+ /* number of processors in wait-for-SIPI */
+ u32 num_in_wfs;
+} __packed;
+
+/*
+ * UUID for tboot data struct to facilitate matching
+ * defined as {663C8DFF-E8B3-4b82-AABF-19EA4D057A08} by tboot, which is
+ * represented as {} in the char array used here
+ */
+#define TBOOT_UUID {0xff, 0x8d, 0x3c, 0x66, 0xb3, 0xe8, 0x82, 0x4b, 0xbf,\
+ 0xaa, 0x19, 0xea, 0x4d, 0x5, 0x7a, 0x8}
+
+extern struct tboot *tboot;
+
+static inline int tboot_enabled(void)
+{
+ return tboot != NULL;
+}
+
+extern void tboot_probe(void);
+extern void tboot_shutdown(u32 shutdown_type);
+extern void tboot_sleep(u8 sleep_state, u32 pm1a_control, u32 pm1b_control);
+extern struct acpi_table_header *tboot_get_dmar_table(
+ struct acpi_table_header *dmar_tbl);
+extern int tboot_force_iommu(void);
+
+#else
+
+#define tboot_probe() do { } while (0)
+#define tboot_shutdown(shutdown_type) do { } while (0)
+#define tboot_sleep(sleep_state, pm1a_control, pm1b_control) \
+ do { } while (0)
+#define tboot_get_dmar_table(dmar_tbl) (dmar_tbl)
+#define tboot_force_iommu() 0
+
+#endif /* !CONFIG_INTEL_TXT */
+
+#endif /* _LINUX_TBOOT_H */
diff --git a/init/main.c b/init/main.c
index 56ada27c4f47..2c5ade79eb81 100644
--- a/init/main.c
+++ b/init/main.c
@@ -73,7 +73,6 @@
#include <asm/io.h>
#include <asm/bugs.h>
#include <asm/setup.h>
-#include <asm/tboot.h>
#include <asm/sections.h>
#include <asm/cacheflush.h>
@@ -716,8 +715,6 @@ asmlinkage void __init start_kernel(void)
ftrace_init();
- tboot_create_trampoline();
-
/* Do the rest non-__init'ed, we're now alive */
rest_init();
}
diff --git a/kernel/cpu.c b/kernel/cpu.c
index ff071e022a85..67a60076dd7e 100644
--- a/kernel/cpu.c
+++ b/kernel/cpu.c
@@ -14,7 +14,6 @@
#include <linux/kthread.h>
#include <linux/stop_machine.h>
#include <linux/mutex.h>
-#include <asm/tboot.h>
#ifdef CONFIG_SMP
/* Serializes the updates to cpu_online_mask, cpu_present_mask */
@@ -377,7 +376,7 @@ static cpumask_var_t frozen_cpus;
int disable_nonboot_cpus(void)
{
- int cpu, first_cpu, error, num_cpus = 0;
+ int cpu, first_cpu, error;
error = stop_machine_create();
if (error)
@@ -392,7 +391,6 @@ int disable_nonboot_cpus(void)
for_each_online_cpu(cpu) {
if (cpu == first_cpu)
continue;
- num_cpus++;
error = _cpu_down(cpu, 1);
if (!error) {
cpumask_set_cpu(cpu, frozen_cpus);
@@ -403,8 +401,6 @@ int disable_nonboot_cpus(void)
break;
}
}
- /* ensure all CPUs have gone into wait-for-SIPI */
- error |= tboot_wait_for_aps(num_cpus);
if (!error) {
BUG_ON(num_online_cpus() > 1);
diff --git a/security/Kconfig b/security/Kconfig
index 6631774672c1..5721847a7a62 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -115,7 +115,7 @@ config SECURITY_ROOTPLUG
config INTEL_TXT
bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)"
- depends on EXPERIMENTAL && X86 && DMAR && ACPI
+ depends on HAVE_INTEL_TXT
help
This option enables support for booting the kernel with the
Trusted Boot (tboot) module. This will utilize
--
cgit v1.2.3