lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <4A4024C5.3020702@intel.com>
Date:	Mon, 22 Jun 2009 17:41:41 -0700
From:	Joseph Cihula <joseph.cihula@...el.com>
To:	linux-kernel@...r.kernel.org, mingo@...e.hu, arjan@...ux.intel.com,
	hpa@...or.com, andi@...stfloor.org
CC:	chrisw@...s-sol.org, jmorris@...ei.org, jbeulich@...ell.com,
	peterm@...hat.com, joseph.cihula@...el.com, gang.wei@...el.com,
	shane.wang@...el.com
Subject: [RFC v5][PATCH 4/4] intel_txt: force IOMMU on for Intel(R) TXT launch

The tboot module will DMA protect all of memory in order to ensure the that
kernel will be able to initialize without compromise (from DMA).  Consequently,
the kernel must enable Intel(R) Virtualization Technology for Directed I/O
(VT-d or Intel IOMMU) in order to replace this broad protection with the
appropriate page-granular protection.  Otherwise DMA devices will be unable
to read or write from memory and the kernel will eventually panic.

Because runtime IOMMU support is configurable by command line options, this
patch will force it to be enabled regardless of the options specified, and will
log a message if it was required to force it on.


 dmar.c        |    8 ++++++++
 intel-iommu.c |   28 ++++++++++++++++++++++++++--
 2 files changed, 34 insertions(+), 2 deletions(-)

Signed-off-by: Joseph Cihula <joseph.cihula@...el.com>
Signed-off-by: Shane Wang <shane.wang@...el.com>

---

diff -uprN -X linus-2.6.git/Documentation/dontdiff linus-2.6.git/drivers/pci/dmar.c linus-2.6.git-txt/drivers/pci/dmar.c
--- linus-2.6.git/drivers/pci/dmar.c	2009-06-19 13:32:14.000000000 -0700
+++ linus-2.6.git-txt/drivers/pci/dmar.c	2009-06-21 23:22:08.000000000 -0700
@@ -33,6 +33,7 @@
 #include <linux/timer.h>
 #include <linux/irq.h>
 #include <linux/interrupt.h>
+#include <asm/tboot.h>
 
 #undef PREFIX
 #define PREFIX "DMAR:"
@@ -329,6 +330,13 @@ parse_dmar_table(void)
 	 */
 	dmar_table_detect();
 
+	/*
+	 * ACPI tables may not be DMA protected by tboot, so use DMAR copy
+	 * SINIT saved in SinitMleData in TXT heap (which is DMA protected)
+	 */
+	if (tboot_in_measured_env())
+		dmar_tbl = tboot_get_dmar_table();
+
 	dmar = (struct acpi_table_dmar *)dmar_tbl;
 	if (!dmar)
 		return -ENODEV;
diff -uprN -X linus-2.6.git/Documentation/dontdiff linus-2.6.git/drivers/pci/intel-iommu.c linus-2.6.git-txt/drivers/pci/intel-iommu.c
--- linus-2.6.git/drivers/pci/intel-iommu.c	2009-06-19 13:32:14.000000000 -0700
+++ linus-2.6.git-txt/drivers/pci/intel-iommu.c	2009-06-22 15:12:35.000000000 -0700
@@ -38,6 +38,7 @@
 #include <linux/intel-iommu.h>
 #include <linux/sysdev.h>
 #include <asm/cacheflush.h>
+#include <asm/tboot.h>
 #include <asm/iommu.h>
 #include "pci.h"
 
@@ -2771,12 +2772,33 @@ static int __init init_iommu_sysfs(void)
 int __init intel_iommu_init(void)
 {
 	int ret = 0;
+	int force_on = 0;
 
-	if (dmar_table_init())
+	/* VT-d is required for a TXT/tboot launch, so enforce that */
+	if (tboot_in_measured_env()) {
+		if (no_iommu || swiotlb || dmar_disabled)
+			pr_warning("intel_txt: Forcing Intel-IOMMU to enabled\n");
+		{
+			dmar_disabled = 0;
+#ifdef CONFIG_SWIOTLB
+			swiotlb = 0;
+#endif
+			no_iommu = 0;
+			force_on = 1;
+		}
+	}
+
+	if (dmar_table_init()) {
+		if (force_on)
+			panic("intel_txt: Failed to initialize DMAR table\n");
 		return 	-ENODEV;
+	}
 
-	if (dmar_dev_scope_init())
+	if (dmar_dev_scope_init()) {
+		if (force_on)
+			panic("intel_txt: Failed to initialize DMAR device scope\n");
 		return 	-ENODEV;
+	}
 
 	/*
 	 * Check the need for DMA-remapping initialization now.
@@ -2792,6 +2814,8 @@ int __init intel_iommu_init(void)
 
 	ret = init_dmars();
 	if (ret) {
+		if (force_on)
+			panic("intel_txt: Failed to initialize DMARs\n");
 		printk(KERN_ERR "IOMMU: dmar init failed\n");
 		put_iova_domain(&reserved_iova_list);
 		iommu_exit_mempool();

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ