[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20230410225936.8940-6-chang.seok.bae@intel.com>
Date: Mon, 10 Apr 2023 15:59:29 -0700
From: "Chang S. Bae" <chang.seok.bae@...el.com>
To: linux-kernel@...r.kernel.org, linux-crypto@...r.kernel.org,
dm-devel@...hat.com
Cc: ebiggers@...nel.org, gmazyland@...il.com, luto@...nel.org,
dave.hansen@...ux.intel.com, tglx@...utronix.de, bp@...e.de,
mingo@...nel.org, x86@...nel.org, herbert@...dor.apana.org.au,
ardb@...nel.org, dan.j.williams@...el.com, bernie.keany@...el.com,
charishma1.gairuboyina@...el.com,
lalithambika.krishnakumar@...el.com, chang.seok.bae@...el.com,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
"H. Peter Anvin" <hpa@...or.com>,
Peter Zijlstra <peterz@...radead.org>
Subject: [PATCH v6 05/12] x86/msr-index: Add MSRs for Key Locker internal wrapping key
The CPU state that contains the internal wrapping key is in the same power
domain as the cache. So any sleep state that would invalidate the cache
(like S3) also invalidates the state of the wrapping key.
But, since the state is inaccessible to software, it needs a special
mechanism to save and restore the key during deep sleep.
A set of new MSRs are provided as an abstract interface to save and restore
the wrapping key, and to check the key status.
The wrapping key is saved in a platform-scoped state of non-volatile media.
The backup itself and its path from the CPU are encrypted and integrity
protected.
But this storage's non-volatility is not architecturally guaranteed across
off states, such as S5 and G3.
The MSRs will be used to back up the key for S3/4 sleep states. Then the
kernel code writes one of them to restore the key in each CPU state.
Signed-off-by: Chang S. Bae <chang.seok.bae@...el.com>
Reviewed-by: Dan Williams <dan.j.williams@...el.com>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: Ingo Molnar <mingo@...hat.com>
Cc: Borislav Petkov <bp@...en8.de>
Cc: Dave Hansen <dave.hansen@...ux.intel.com>
Cc: "H. Peter Anvin" <hpa@...or.com>
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: x86@...nel.org
Cc: linux-kernel@...r.kernel.org
---
Changes from RFC v2:
* Update the changelog. (Dan Williams)
* Rename the MSRs. (Dan Williams)
---
arch/x86/include/asm/msr-index.h | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
index ad35355ee43e..4fa3b9e26162 100644
--- a/arch/x86/include/asm/msr-index.h
+++ b/arch/x86/include/asm/msr-index.h
@@ -1115,4 +1115,10 @@
* a #GP
*/
+/* MSRs for managing an internal wrapping key for Key Locker. */
+#define MSR_IA32_IWKEY_COPY_STATUS 0x00000990
+#define MSR_IA32_IWKEY_BACKUP_STATUS 0x00000991
+#define MSR_IA32_BACKUP_IWKEY_TO_PLATFORM 0x00000d91
+#define MSR_IA32_COPY_IWKEY_TO_LOCAL 0x00000d92
+
#endif /* _ASM_X86_MSR_INDEX_H */
--
2.17.1
Powered by blists - more mailing lists