Re: [PATCH v9 09/19] x86: Secure Launch kernel late boot stub

From: Jarkko Sakkinen
Date: Thu Aug 15 2024 - 14:35:26 EST


On Mon Aug 12, 2024 at 10:02 PM EEST, wrote:
> On 6/4/24 3:59 PM, Jarkko Sakkinen wrote:
> > On Fri May 31, 2024 at 4:03 AM EEST, Ross Philipson wrote:
> >> The routine slaunch_setup is called out of the x86 specific setup_arch()
> >> routine during early kernel boot. After determining what platform is
> >> present, various operations specific to that platform occur. This
> >> includes finalizing setting for the platform late launch and verifying
> >> that memory protections are in place.
> >>
> >> For TXT, this code also reserves the original compressed kernel setup
> >> area where the APs were left looping so that this memory cannot be used.
> >>
> >> Signed-off-by: Ross Philipson <ross.philipson@xxxxxxxxxx>
> >> ---
> >> arch/x86/kernel/Makefile | 1 +
> >> arch/x86/kernel/setup.c | 3 +
> >> arch/x86/kernel/slaunch.c | 525 +++++++++++++++++++++++++++++++++++++
> >> drivers/iommu/intel/dmar.c | 4 +
> >> 4 files changed, 533 insertions(+)
> >> create mode 100644 arch/x86/kernel/slaunch.c
> >>
> >> diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile
> >> index 5d128167e2e2..b35ca99ab0a0 100644
> >> --- a/arch/x86/kernel/Makefile
> >> +++ b/arch/x86/kernel/Makefile
> >> @@ -76,6 +76,7 @@ obj-$(CONFIG_X86_32) += tls.o
> >> obj-$(CONFIG_IA32_EMULATION) += tls.o
> >> obj-y += step.o
> >> obj-$(CONFIG_INTEL_TXT) += tboot.o
> >> +obj-$(CONFIG_SECURE_LAUNCH) += slaunch.o
> >
> > Hmm... should that be CONFIG_X86_SECURE_LAUNCH?
>
> Further thoughts on this after discussions...
>
> The Secure Launch feature will cover other architectures beyond x86 in
> the future. We may have to rework/move the config settings at that point
> but for now I don't think we want to change it.

OK got it.

BR, Jarkko