review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Jithu Joseph <jithu.joseph@intel.com>
	Fri, 6 May 2022 22:54:05 +0000 (15:54 -0700)
committer	Hans de Goede <hdegoede@redhat.com>
	Thu, 12 May 2022 13:35:29 +0000 (15:35 +0200)
commit	684ec215706d449f78da232aae125c0bc14f22a9
tree	3dbb408fabbced2f83e38c1e59f94c66b23c5a96	tree \| snapshot
parent	846e751ff37e8ab2d161de04314435f9c1d729ca	commit \| diff

platform/x86/intel/ifs: Authenticate and copy to secured memory

The IFS image contains hashes that will be used to authenticate the ifs
test chunks. First, use WRMSR to copy the hashes and enumerate the number
of test chunks, chunk size and the maximum number of cores that can run
scan test simultaneously.

Next, use WRMSR to authenticate each and every scan test chunk which is
stored in the IFS image. The CPU will check if the test chunks match
the hashes, otherwise failure is indicated to system software. If the test
chunk is authenticated, it is automatically copied to secured memory.

Use schedule_work_on() to perform the hash copy and authentication. Note
this needs only be done on the first logical cpu of each socket.

Reviewed-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Jithu Joseph <jithu.joseph@intel.com>
Co-developed-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
Acked-by: Hans de Goede <hdegoede@redhat.com>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lore.kernel.org/r/20220506225410.1652287-8-tony.luck@intel.com
Signed-off-by: Hans de Goede <hdegoede@redhat.com>

drivers/platform/x86/intel/ifs/ifs.h		diff \| blob \| history
drivers/platform/x86/intel/ifs/load.c		diff \| blob \| history