[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v2 00/19] i386: Intel TXT and AMD SKINIT secure launcher
From: |
Sergii Dmytruk |
Subject: |
[PATCH v2 00/19] i386: Intel TXT and AMD SKINIT secure launcher |
Date: |
Sat, 2 Nov 2024 00:52:10 +0200 |
Hello,
Continuing upstreaming [TrenchBoot] code changes. More context can be found in
the cover letter for [v1].
How the patches look now:
1. [01-03] Various additions in preparation for later commits
2. [04-05] TPM-related part (`tpm` module rename, addition of a simple TPM
driver) (relatively small in size)
3. [06-07] SecureLaunch with its SLRT (lots of definitions)
4. [08-12] Support for Intel TXT D-RTM (the bulk of the patches)
5. [13] Implementation of SecureLaunch commands
6. [14-15] Multiboot2 support for Intel TXT (medium)
7. [16-19] Support for AMD SKINIT D-RTM (medium size when combined)
This set of changes can also be viewed on GitHub at [TrenchBoot/grub].
Best regards,
Sergii
Changes in v2:
- 5 patches landed as a separate [generic-x86] series
- 3 patches were in [generic-x86] as well, got Reviewed-Bys and returned here;
one of them was extracted out of a different patch
- patches related to modules received some documentation additions
- several commit messages became more verbose
- some commits have seen cosmetic changes with no impact on functionality
- a leak fix got dropped to be sent separately (it's not really related to the
rest of changes)
[TrenchBoot]: https://trenchboot.org/
[v1]: https://lists.gnu.org/archive/html/grub-devel/2024-08/msg00088.html
[TrenchBoot/grub]:
https://github.com/TrenchBoot/grub/compare/6c5d4b3...tb-2.12-97-v2
[generic-x86]:
https://lists.gnu.org/archive/html/grub-devel/2024-10/msg00055.html
Daniel Kiper (3):
mmap: Add grub_mmap_get_lowest() and grub_mmap_get_highest()
i386/tpm: Rename tpm module to tpm_verifier
i386/tpm: Add TPM TIS and CRB driver
Krystian Hebel (4):
i386/memory: Define GRUB_PAGE_MASK and GRUB_PAGE_{UP,DOWN} macros
i386/skinit: Add AMD SKINIT implementation
i386/slaunch: Add support for AMD SKINIT
multiboot2: Support AMD SKINIT
Michał Żygowski (2):
i386/txt: Initialize TPM 1.2 event log in TXT heap
multiboot2: Implement TXT slaunch support
Ross Philipson (9):
i386: Add CRx, MMIO, MSR and extend CPUID definitions
include/grub: Introduce Secure Launch Resource Table (SLRT)
i386/slaunch: Add Secure Launch header
i386/txt: Add Intel TXT definitions header file
i386/txt: Add Intel TXT core implementation
i386/txt: Add Intel TXT ACM module support
i386/txt: Add Intel TXT verification routines
i386/slaunch: Add secure launch framework and commands
i386/linux: Add support for AMD SKINIT
Sergii Dmytruk (1):
multiboot: Make GRUB_MULTIBOOT(make_mbi) return MBI's size
docs/grub.texi | 32 +-
grub-core/Makefile.am | 6 +
grub-core/Makefile.core.def | 18 +-
grub-core/commands/i386/tpm.c | 151 +++
grub-core/commands/{tpm.c => tpm_verifier.c} | 6 +-
grub-core/lib/i386/relocator32.S | 14 +
grub-core/loader/i386/bsd.c | 4 +
grub-core/loader/i386/coreboot/chainloader.c | 2 +
grub-core/loader/i386/linux.c | 337 +++++-
grub-core/loader/i386/multiboot_mbi.c | 4 +-
grub-core/loader/i386/pc/plan9.c | 3 +-
grub-core/loader/i386/skinit.c | 156 +++
grub-core/loader/i386/slaunch.c | 337 ++++++
grub-core/loader/i386/txt/acmod.c | 605 ++++++++++
grub-core/loader/i386/txt/txt.c | 1110 ++++++++++++++++++
grub-core/loader/i386/txt/verify.c | 277 +++++
grub-core/loader/i386/xnu.c | 3 +
grub-core/loader/multiboot.c | 34 +-
grub-core/loader/multiboot_elfxx.c | 88 +-
grub-core/loader/multiboot_mbi2.c | 118 +-
grub-core/mmap/mmap.c | 83 ++
include/grub/file.h | 3 +
include/grub/i386/cpuid.h | 11 +
include/grub/i386/crfr.h | 127 ++
include/grub/i386/linux.h | 14 +-
include/grub/i386/memory.h | 5 +
include/grub/i386/mmio.h | 72 ++
include/grub/i386/msr.h | 63 +
include/grub/i386/skinit.h | 36 +
include/grub/i386/slaunch.h | 90 ++
include/grub/i386/tpm.h | 35 +
include/grub/i386/txt.h | 742 ++++++++++++
include/grub/memory.h | 3 +
include/grub/multiboot.h | 2 +-
include/grub/multiboot2.h | 5 +-
include/grub/slr_table.h | 328 ++++++
36 files changed, 4892 insertions(+), 32 deletions(-)
create mode 100644 grub-core/commands/i386/tpm.c
rename grub-core/commands/{tpm.c => tpm_verifier.c} (97%)
create mode 100644 grub-core/loader/i386/skinit.c
create mode 100644 grub-core/loader/i386/slaunch.c
create mode 100644 grub-core/loader/i386/txt/acmod.c
create mode 100644 grub-core/loader/i386/txt/txt.c
create mode 100644 grub-core/loader/i386/txt/verify.c
create mode 100644 include/grub/i386/crfr.h
create mode 100644 include/grub/i386/mmio.h
create mode 100644 include/grub/i386/skinit.h
create mode 100644 include/grub/i386/slaunch.h
create mode 100644 include/grub/i386/tpm.h
create mode 100644 include/grub/i386/txt.h
create mode 100644 include/grub/slr_table.h
base-commit: bd2d85a141236f454485b995c3a024669cd5a017
prerequisite-patch-id: 450e6ee179d407f3718821303500f65cb955b5db
--
2.47.0
- [PATCH v2 00/19] i386: Intel TXT and AMD SKINIT secure launcher,
Sergii Dmytruk <=
- [PATCH v2 02/19] mmap: Add grub_mmap_get_lowest() and grub_mmap_get_highest(), Sergii Dmytruk, 2024/11/01
- [PATCH v2 01/19] i386/memory: Define GRUB_PAGE_MASK and GRUB_PAGE_{UP, DOWN} macros, Sergii Dmytruk, 2024/11/01
- [PATCH v2 03/19] i386: Add CRx, MMIO, MSR and extend CPUID definitions, Sergii Dmytruk, 2024/11/01
- [PATCH v2 04/19] i386/tpm: Rename tpm module to tpm_verifier, Sergii Dmytruk, 2024/11/01
- [PATCH v2 12/19] i386/txt: Initialize TPM 1.2 event log in TXT heap, Sergii Dmytruk, 2024/11/01
- [PATCH v2 14/19] multiboot: Make GRUB_MULTIBOOT(make_mbi) return MBI's size, Sergii Dmytruk, 2024/11/01
- [PATCH v2 15/19] multiboot2: Implement TXT slaunch support, Sergii Dmytruk, 2024/11/01
- [PATCH v2 17/19] i386/slaunch: Add support for AMD SKINIT, Sergii Dmytruk, 2024/11/01
- [PATCH v2 19/19] i386/linux: Add support for AMD SKINIT, Sergii Dmytruk, 2024/11/01
- [PATCH v2 18/19] multiboot2: Support AMD SKINIT, Sergii Dmytruk, 2024/11/01