diff options
-rw-r--r-- | arch/x86/Kconfig | 4 | ||||
-rw-r--r-- | arch/x86/kernel/reboot.c | 3 | ||||
-rw-r--r-- | arch/x86/kernel/setup.c | 3 | ||||
-rw-r--r-- | arch/x86/kernel/smpboot.c | 2 | ||||
-rw-r--r-- | arch/x86/kernel/tboot.c | 58 | ||||
-rw-r--r-- | drivers/acpi/acpica/hwsleep.c | 2 | ||||
-rw-r--r-- | drivers/pci/dmar.c | 2 | ||||
-rw-r--r-- | drivers/pci/intel-iommu.c | 2 | ||||
-rw-r--r-- | include/linux/tboot.h (renamed from arch/x86/include/asm/tboot.h) | 57 | ||||
-rw-r--r-- | init/main.c | 3 | ||||
-rw-r--r-- | kernel/cpu.c | 6 | ||||
-rw-r--r-- | security/Kconfig | 2 |
12 files changed, 70 insertions, 74 deletions
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 738bdc6..b66f210 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -178,6 +178,10 @@ config ARCH_SUPPORTS_OPTIMIZED_INLINING config ARCH_SUPPORTS_DEBUG_PAGEALLOC def_bool y +config HAVE_INTEL_TXT + def_bool y + depends on EXPERIMENTAL && DMAR && ACPI + # Use the generic interrupt handling code in kernel/irq/: config GENERIC_HARDIRQS bool diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 9de01c5..18ce5c0 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -3,6 +3,7 @@ #include <linux/init.h> #include <linux/pm.h> #include <linux/efi.h> +#include <linux/tboot.h> #include <acpi/reboot.h> #include <asm/io.h> #include <asm/apic.h> @@ -24,8 +25,6 @@ # include <asm/iommu.h> #endif -#include <asm/tboot.h> - /* * Power off function, if any */ diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c index 80d6e9e..6ce0d6f 100644 --- a/arch/x86/kernel/setup.c +++ b/arch/x86/kernel/setup.c @@ -66,6 +66,7 @@ #include <linux/percpu.h> #include <linux/crash_dump.h> +#include <linux/tboot.h> #include <video/edid.h> @@ -145,8 +146,6 @@ struct boot_params __initdata boot_params; struct boot_params boot_params; #endif -#include <asm/tboot.h> - /* * Machine setup.. */ diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c index 61cc408..7d9d8ee 100644 --- a/arch/x86/kernel/smpboot.c +++ b/arch/x86/kernel/smpboot.c @@ -47,6 +47,7 @@ #include <linux/bootmem.h> #include <linux/err.h> #include <linux/nmi.h> +#include <linux/tboot.h> #include <asm/acpi.h> #include <asm/desc.h> @@ -62,7 +63,6 @@ #include <asm/vmi.h> #include <asm/apic.h> #include <asm/setup.h> -#include <asm/tboot.h> #include <asm/uv/uv.h> #include <linux/mc146818rtc.h> diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c index c2e760c..86c9f91 100644 --- a/arch/x86/kernel/tboot.c +++ b/arch/x86/kernel/tboot.c @@ -22,11 +22,14 @@ #include <linux/dma_remapping.h> #include <linux/init_task.h> #include <linux/spinlock.h> +#include <linux/delay.h> #include <linux/sched.h> #include <linux/init.h> #include <linux/dmar.h> +#include <linux/cpu.h> #include <linux/pfn.h> #include <linux/mm.h> +#include <linux/tboot.h> #include <asm/trampoline.h> #include <asm/processor.h> @@ -36,7 +39,6 @@ #include <asm/fixmap.h> #include <asm/proto.h> #include <asm/setup.h> -#include <asm/tboot.h> #include <asm/e820.h> #include <asm/io.h> @@ -154,13 +156,10 @@ static int map_tboot_pages(unsigned long vaddr, unsigned long start_pfn, return 0; } -void tboot_create_trampoline(void) +static void tboot_create_trampoline(void) { u32 map_base, map_size; - if (!tboot_enabled()) - return; - /* Create identity map for tboot shutdown code. */ map_base = PFN_DOWN(tboot->tboot_base); map_size = PFN_UP(tboot->tboot_size); @@ -295,21 +294,58 @@ void tboot_sleep(u8 sleep_state, u32 pm1a_control, u32 pm1b_control) tboot_shutdown(acpi_shutdown_map[sleep_state]); } -int tboot_wait_for_aps(int num_aps) +static atomic_t ap_wfs_count; + +static int tboot_wait_for_aps(int num_aps) { unsigned long timeout; + timeout = AP_WAIT_TIMEOUT*HZ; + while (atomic_read((atomic_t *)&tboot->num_in_wfs) != num_aps && + timeout) { + mdelay(1); + timeout--; + } + + if (timeout) + pr_warning("tboot wait for APs timeout\n"); + + return !(atomic_read((atomic_t *)&tboot->num_in_wfs) == num_aps); +} + +static int __cpuinit tboot_cpu_callback(struct notifier_block *nfb, + unsigned long action, void *hcpu) +{ + switch (action) { + case CPU_DYING: + atomic_inc(&ap_wfs_count); + if (num_online_cpus() == 1) + if (tboot_wait_for_aps(atomic_read(&ap_wfs_count))) + return NOTIFY_BAD; + break; + } + return NOTIFY_OK; +} + +static struct notifier_block tboot_cpu_notifier __cpuinitdata = +{ + .notifier_call = tboot_cpu_callback, +}; + +static __init int tboot_late_init(void) +{ if (!tboot_enabled()) return 0; - timeout = jiffies + AP_WAIT_TIMEOUT*HZ; - while (atomic_read((atomic_t *)&tboot->num_in_wfs) != num_aps && - time_before(jiffies, timeout)) - cpu_relax(); + tboot_create_trampoline(); - return time_before(jiffies, timeout) ? 0 : 1; + atomic_set(&ap_wfs_count, 0); + register_hotcpu_notifier(&tboot_cpu_notifier); + return 0; } +late_initcall(tboot_late_init); + /* * TXT configuration registers (offsets from TXT_{PUB, PRIV}_CONFIG_REGS_BASE) */ diff --git a/drivers/acpi/acpica/hwsleep.c b/drivers/acpi/acpica/hwsleep.c index 8c01dd3..cc22f9a 100644 --- a/drivers/acpi/acpica/hwsleep.c +++ b/drivers/acpi/acpica/hwsleep.c @@ -45,7 +45,7 @@ #include <acpi/acpi.h> #include "accommon.h" #include "actables.h" -#include <asm/tboot.h> +#include <linux/tboot.h> #define _COMPONENT ACPI_HARDWARE ACPI_MODULE_NAME("hwsleep") diff --git a/drivers/pci/dmar.c b/drivers/pci/dmar.c index 0cbc5fd..ab99783 100644 --- a/drivers/pci/dmar.c +++ b/drivers/pci/dmar.c @@ -33,7 +33,7 @@ #include <linux/timer.h> #include <linux/irq.h> #include <linux/interrupt.h> -#include <asm/tboot.h> +#include <linux/tboot.h> #undef PREFIX #define PREFIX "DMAR:" diff --git a/drivers/pci/intel-iommu.c b/drivers/pci/intel-iommu.c index 2dc72a6..833509b 100644 --- a/drivers/pci/intel-iommu.c +++ b/drivers/pci/intel-iommu.c @@ -37,8 +37,8 @@ #include <linux/iommu.h> #include <linux/intel-iommu.h> #include <linux/sysdev.h> +#include <linux/tboot.h> #include <asm/cacheflush.h> -#include <asm/tboot.h> #include <asm/iommu.h> #include "pci.h" diff --git a/arch/x86/include/asm/tboot.h b/include/linux/tboot.h index b13929d..bf2a0c7 100644 --- a/arch/x86/include/asm/tboot.h +++ b/include/linux/tboot.h @@ -20,10 +20,8 @@ * */ -#ifndef _ASM_TBOOT_H -#define _ASM_TBOOT_H - -#include <acpi/acpi.h> +#ifndef _LINUX_TBOOT_H +#define _LINUX_TBOOT_H /* these must have the values from 0-5 in this order */ enum { @@ -36,7 +34,7 @@ enum { }; #ifdef CONFIG_INTEL_TXT - +#include <acpi/acpi.h> /* used to communicate between tboot and the launched kernel */ #define TB_KEY_SIZE 64 /* 512 bits */ @@ -144,54 +142,21 @@ static inline int tboot_enabled(void) } extern void tboot_probe(void); -extern void tboot_create_trampoline(void); extern void tboot_shutdown(u32 shutdown_type); extern void tboot_sleep(u8 sleep_state, u32 pm1a_control, u32 pm1b_control); -extern int tboot_wait_for_aps(int num_aps); extern struct acpi_table_header *tboot_get_dmar_table( struct acpi_table_header *dmar_tbl); extern int tboot_force_iommu(void); -#else /* CONFIG_INTEL_TXT */ - -static inline int tboot_enabled(void) -{ - return 0; -} - -static inline void tboot_probe(void) -{ -} - -static inline void tboot_create_trampoline(void) -{ -} - -static inline void tboot_shutdown(u32 shutdown_type) -{ -} - -static inline void tboot_sleep(u8 sleep_state, u32 pm1a_control, - u32 pm1b_control) -{ -} - -static inline int tboot_wait_for_aps(int num_aps) -{ - return 0; -} +#else -static inline struct acpi_table_header *tboot_get_dmar_table( - struct acpi_table_header *dmar_tbl) -{ - return dmar_tbl; -} - -static inline int tboot_force_iommu(void) -{ - return 0; -} +#define tboot_probe() do { } while (0) +#define tboot_shutdown(shutdown_type) do { } while (0) +#define tboot_sleep(sleep_state, pm1a_control, pm1b_control) \ + do { } while (0) +#define tboot_get_dmar_table(dmar_tbl) (dmar_tbl) +#define tboot_force_iommu() 0 #endif /* !CONFIG_INTEL_TXT */ -#endif /* _ASM_TBOOT_H */ +#endif /* _LINUX_TBOOT_H */ diff --git a/init/main.c b/init/main.c index 56ada27..2c5ade7 100644 --- a/init/main.c +++ b/init/main.c @@ -73,7 +73,6 @@ #include <asm/io.h> #include <asm/bugs.h> #include <asm/setup.h> -#include <asm/tboot.h> #include <asm/sections.h> #include <asm/cacheflush.h> @@ -716,8 +715,6 @@ asmlinkage void __init start_kernel(void) ftrace_init(); - tboot_create_trampoline(); - /* Do the rest non-__init'ed, we're now alive */ rest_init(); } diff --git a/kernel/cpu.c b/kernel/cpu.c index ff071e0..67a6007 100644 --- a/kernel/cpu.c +++ b/kernel/cpu.c @@ -14,7 +14,6 @@ #include <linux/kthread.h> #include <linux/stop_machine.h> #include <linux/mutex.h> -#include <asm/tboot.h> #ifdef CONFIG_SMP /* Serializes the updates to cpu_online_mask, cpu_present_mask */ @@ -377,7 +376,7 @@ static cpumask_var_t frozen_cpus; int disable_nonboot_cpus(void) { - int cpu, first_cpu, error, num_cpus = 0; + int cpu, first_cpu, error; error = stop_machine_create(); if (error) @@ -392,7 +391,6 @@ int disable_nonboot_cpus(void) for_each_online_cpu(cpu) { if (cpu == first_cpu) continue; - num_cpus++; error = _cpu_down(cpu, 1); if (!error) { cpumask_set_cpu(cpu, frozen_cpus); @@ -403,8 +401,6 @@ int disable_nonboot_cpus(void) break; } } - /* ensure all CPUs have gone into wait-for-SIPI */ - error |= tboot_wait_for_aps(num_cpus); if (!error) { BUG_ON(num_online_cpus() > 1); diff --git a/security/Kconfig b/security/Kconfig index 6631774..5721847 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -115,7 +115,7 @@ config SECURITY_ROOTPLUG config INTEL_TXT bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)" - depends on EXPERIMENTAL && X86 && DMAR && ACPI + depends on HAVE_INTEL_TXT help This option enables support for booting the kernel with the Trusted Boot (tboot) module. This will utilize |