summaryrefslogtreecommitdiff
path: root/arch/x86/include/asm/e820.h
diff options
context:
space:
mode:
authorShane Wang <shane.wang@intel.com>2010-03-10 14:36:10 +0800
committerH. Peter Anvin <hpa@zytor.com>2010-03-19 13:39:58 -0700
commit4bd96a7a8185755b091233b16034c7436cbf57af (patch)
tree5a6d1a5014a39f0463c79abda29a482f4dd52dd1 /arch/x86/include/asm/e820.h
parenta3d3203e4bb40f253b1541e310dc0f9305be7c84 (diff)
downloadlwn-4bd96a7a8185755b091233b16034c7436cbf57af.tar.gz
lwn-4bd96a7a8185755b091233b16034c7436cbf57af.zip
x86, tboot: Add support for S3 memory integrity protection
This patch adds support for S3 memory integrity protection within an Intel(R) TXT launched kernel, for all kernel and userspace memory. All RAM used by the kernel and userspace, as indicated by memory ranges of type E820_RAM and E820_RESERVED_KERN in the e820 table, will be integrity protected. The MAINTAINERS file is also updated to reflect the maintainers of the TXT-related code. All MACing is done in tboot, based on a complexity analysis and tradeoff. v3: Compared with v2, this patch adds a check of array size in tboot.c, and a note to specify which c/s of tboot supports this kind of MACing in intel_txt.txt. Signed-off-by: Shane Wang <shane.wang@intel.com> LKML-Reference: <4B973DDA.6050902@intel.com> Signed-off-by: Joseph Cihula <joseph.cihula@intel.com> Acked-by: Pavel Machek <pavel@ucw.cz> Acked-by: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Diffstat (limited to 'arch/x86/include/asm/e820.h')
-rw-r--r--arch/x86/include/asm/e820.h7
1 files changed, 6 insertions, 1 deletions
diff --git a/arch/x86/include/asm/e820.h b/arch/x86/include/asm/e820.h
index 0e22296790d3..ec8a52d14ab1 100644
--- a/arch/x86/include/asm/e820.h
+++ b/arch/x86/include/asm/e820.h
@@ -45,7 +45,12 @@
#define E820_NVS 4
#define E820_UNUSABLE 5
-/* reserved RAM used by kernel itself */
+/*
+ * reserved RAM used by kernel itself
+ * if CONFIG_INTEL_TXT is enabled, memory of this type will be
+ * included in the S3 integrity calculation and so should not include
+ * any memory that BIOS might alter over the S3 transition
+ */
#define E820_RESERVED_KERN 128
#ifndef __ASSEMBLY__