[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 04/22] x86/boot/slaunch-early: implement early initialization

To: ross.philipson@xxxxxxxxxx
From: Sergii Dmytruk <sergii.dmytruk@xxxxxxxxx>
Date: Fri, 13 Jun 2025 01:08:14 +0300
Authentication-results: garm.ovh; auth=pass (GARM-104R00552f3c3cb-35ac-4ffc-9653-035e0927df60, 8533DEE15F76005A048BC18D4BF0E94304C9A0EA) smtp.auth=sergii.dmytruk@xxxxxxxxx
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, trenchboot-devel@xxxxxxxxxxxxxxxx
Delivery-date: Thu, 12 Jun 2025 22:08:55 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Thu, Jun 12, 2025 at 09:30:55AM -0700, ross.philipson@xxxxxxxxxx wrote:
> On 6/11/25 3:14 PM, Sergii Dmytruk wrote:
> > On Tue, Jun 03, 2025 at 09:17:29AM -0700, ross.philipson@xxxxxxxxxx wrote:
> > > > +void asmlinkage slaunch_early_init(uint32_t load_base_addr,
> > > > +                                   uint32_t tgt_base_addr,
> > > > +                                   uint32_t tgt_end_addr,
> > > > +                                   struct early_init_results *result)
> > > > +{
> > > > +    void *txt_heap;
> > > > +    const struct txt_os_mle_data *os_mle;
> > > > +    const struct slr_table *slrt;
> > > > +    const struct slr_entry_intel_info *intel_info;
> > > > +
> > > > +    txt_heap = txt_init();
> > > > +    os_mle = txt_os_mle_data_start(txt_heap);
> > > > +
> > > > +    result->slrt_pa = os_mle->slrt;
> > > > +    result->mbi_pa = 0;
> > > > +
> > > > +    slrt = (const struct slr_table *)(uintptr_t)os_mle->slrt;
> > > > +
> > > > +    intel_info = (const struct slr_entry_intel_info *)
> > > > +        slr_next_entry_by_tag(slrt, NULL, SLR_ENTRY_INTEL_INFO);
> > > > +    if ( intel_info == NULL || intel_info->hdr.size != 
> > > > sizeof(*intel_info) )
> > > > +        return;
> > > 
> > > Since these are the x86/TXT bits, it seems at this point, not finding the
> > > TXT info structure would be fatal, no?
> > 
> > It is fatal, but early code doesn't have means for reporting errors
> > nicely, so it just continues.  You think it's better to reboot right
> > away?
> 
> I was trying to track down where you make the first determination that a TXT
> secure launch is supposed to be done. I think it is before this point so if
> that is the case, I think this should be fatal here.

Yes, this code is invoked only if Slaunch is in progress (Xen was
invoked through Slaunch-specific entry point).  Will add rebooting.

Regards

References:
- Re: [PATCH v3 04/22] x86/boot/slaunch-early: implement early initialization
  - From: ross . philipson
- Re: [PATCH v3 04/22] x86/boot/slaunch-early: implement early initialization
  - From: Sergii Dmytruk
- Re: [PATCH v3 04/22] x86/boot/slaunch-early: implement early initialization
  - From: ross . philipson

Prev by Date: Re: [PATCH] docs: UEFI Secure Boot security policy
Next by Date: Re: [PATCH v3 04/22] x86/boot/slaunch-early: implement early initialization
Previous by thread: Re: [PATCH v3 04/22] x86/boot/slaunch-early: implement early initialization
Next by thread: [ANNOUNCE] Call for agenda items for June 5, 2025 Xen Community Call @ 15:00 UTC
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.