Add patches for Intel TXT support

Set of patches which adds TPM1.2 support for Intel TXT in GRUB2 for TrenchBoot. This is necessary to create Proof of Concept for TrenchBoot Anti Evil Maid for QubesOS. The TrenchBoot support hasn't been implemented and verified with TPM 1.2 on Intel TXT path. This changes ensures the TPM 1.2 is also supported for older Intel hardware with Intel TXT. Signed-off-by: Tomasz Żyjewski <[email protected]>
QubesOS · Mar 8, 2023 · 3e5c333 · 3e5c333
1 parent 2596baf
commit 3e5c333
Show file tree

Hide file tree

Showing 19 changed files with 5,823 additions and 0 deletions.
diff --git a/1101-i386-msr-Merge-rdmsr.h-and-wrmsr.h-into-msr.h.patch b/1101-i386-msr-Merge-rdmsr.h-and-wrmsr.h-into-msr.h.patch
@@ -0,0 +1,131 @@
+From a78796a23a33f12934ad45169be57735b05cdd81 Mon Sep 17 00:00:00 2001
+From: Daniel Kiper <[email protected]>
+Date: Tue, 17 Dec 2019 17:51:29 +0100
+Subject: [PATCH 1101/1118] i386/msr: Merge rdmsr.h and wrmsr.h into msr.h
+
+It does not make sense to have separate headers for separate static
+functions. Additionally, we have to add some constants with MSR addresses
+in subsequent patches. So, make one common place to store them.
+
+Signed-off-by: Daniel Kiper <[email protected]>
+---
+ grub-core/commands/i386/rdmsr.c      |  2 +-
+ grub-core/commands/i386/wrmsr.c      |  2 +-
+ include/grub/i386/{wrmsr.h => msr.h} | 16 +++++++++---
+ include/grub/i386/rdmsr.h            | 37 ----------------------------
+ 4 files changed, 15 insertions(+), 42 deletions(-)
+ rename include/grub/i386/{wrmsr.h => msr.h} (78%)
+ delete mode 100644 include/grub/i386/rdmsr.h
+
+diff --git a/grub-core/commands/i386/rdmsr.c b/grub-core/commands/i386/rdmsr.c
+index 46c4346da1b6..fa4622f9e8a1 100644
+--- a/grub-core/commands/i386/rdmsr.c
++++ b/grub-core/commands/i386/rdmsr.c
+@@ -26,7 +26,7 @@
+ #include <grub/extcmd.h>
+ #include <grub/i18n.h>
+ #include <grub/i386/cpuid.h>
+-#include <grub/i386/rdmsr.h>
++#include <grub/i386/msr.h>
+
+ GRUB_MOD_LICENSE("GPLv3+");
+
+diff --git a/grub-core/commands/i386/wrmsr.c b/grub-core/commands/i386/wrmsr.c
+index 1b143b8882a4..8f352f205ffd 100644
+--- a/grub-core/commands/i386/wrmsr.c
++++ b/grub-core/commands/i386/wrmsr.c
+@@ -27,7 +27,7 @@
+ #include <grub/lockdown.h>
+ #include <grub/i18n.h>
+ #include <grub/i386/cpuid.h>
+-#include <grub/i386/wrmsr.h>
++#include <grub/i386/msr.h>
+
+ GRUB_MOD_LICENSE("GPLv3+");
+
+diff --git a/include/grub/i386/wrmsr.h b/include/grub/i386/msr.h
+similarity index 78%
+rename from include/grub/i386/wrmsr.h
+rename to include/grub/i386/msr.h
+index dea60aed1fc0..7b52b5d61229 100644
+--- a/include/grub/i386/wrmsr.h
++++ b/include/grub/i386/msr.h
+@@ -16,14 +16,24 @@
+  *  along with GRUB.  If not, see <http://www.gnu.org/licenses/>.
+  */
+
+-#ifndef GRUB_WRMSR_H
+-#define GRUB_WRMSR_H 1
++#ifndef GRUB_I386_MSR_H
++#define GRUB_I386_MSR_H 1
+
+ /*
+  * TODO: Add a general protection exception handler.
+  *       Accessing a reserved or unimplemented MSR address results in a GP#.
+  */
+
++static inline grub_uint64_t
++grub_msr_read (grub_uint32_t msr_id)
++{
++  grub_uint32_t low, high;
++
++  asm volatile ("rdmsr" : "=a" (low), "=d" (high) : "c" (msr_id));
++
++  return ((grub_uint64_t) high << 32) | low;
++}
++
+ static inline void
+ grub_msr_write(grub_uint32_t msr_id, grub_uint64_t msr_value)
+ {
+@@ -32,4 +42,4 @@ grub_msr_write(grub_uint32_t msr_id, grub_uint64_t msr_value)
+   asm volatile ("wrmsr" : : "c" (msr_id), "a" (low), "d" (high));
+ }
+
+-#endif /* GRUB_WRMSR_H */
++#endif /* GRUB_I386_MSR_H */
+diff --git a/include/grub/i386/rdmsr.h b/include/grub/i386/rdmsr.h
+deleted file mode 100644
+index c0a0c717a0e9..000000000000
+--- a/include/grub/i386/rdmsr.h
++++ /dev/null
+@@ -1,37 +0,0 @@
+-/*
+- *  GRUB  --  GRand Unified Bootloader
+- *  Copyright (C) 2019  Free Software Foundation, Inc.
+- *
+- *  GRUB is free software: you can redistribute it and/or modify
+- *  it under the terms of the GNU General Public License as published by
+- *  the Free Software Foundation, either version 3 of the License, or
+- *  (at your option) any later version.
+- *
+- *  GRUB is distributed in the hope that it will be useful,
+- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+- *  GNU General Public License for more details.
+- *
+- *  You should have received a copy of the GNU General Public License
+- *  along with GRUB.  If not, see <http://www.gnu.org/licenses/>.
+- */
+-
+-#ifndef GRUB_RDMSR_H
+-#define GRUB_RDMSR_H 1
+-
+-/*
+- * TODO: Add a general protection exception handler.
+- *       Accessing a reserved or unimplemented MSR address results in a GP#.
+- */
+-
+-static inline grub_uint64_t
+-grub_msr_read (grub_uint32_t msr_id)
+-{
+-  grub_uint32_t low, high;
+-
+-  asm volatile ("rdmsr" : "=a" (low), "=d" (high) : "c" (msr_id));
+-
+-  return ((grub_uint64_t)high << 32) | low;
+-}
+-
+-#endif /* GRUB_RDMSR_H */
+-- 
+2.17.1
+
diff --git a/1102-i386-msr-Rename-grub_msr_read-and-grub_msr_write.patch b/1102-i386-msr-Rename-grub_msr_read-and-grub_msr_write.patch
@@ -0,0 +1,67 @@
+From 4529bfd79f5ba84a9fd11cef803bd8c8f8aa9f8f Mon Sep 17 00:00:00 2001
+From: Daniel Kiper <[email protected]>
+Date: Tue, 17 Dec 2019 20:02:37 +0100
+Subject: [PATCH 1102/1118] i386/msr: Rename grub_msr_read() and
+ grub_msr_write()
+
+... to grub_rdmsr() and grub_wrmsr() respectively. New names are more
+obvious than older ones.
+
+Signed-off-by: Daniel Kiper <[email protected]>
+---
+ grub-core/commands/i386/rdmsr.c | 2 +-
+ grub-core/commands/i386/wrmsr.c | 2 +-
+ include/grub/i386/msr.h         | 4 ++--
+ 3 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/grub-core/commands/i386/rdmsr.c b/grub-core/commands/i386/rdmsr.c
+index fa4622f9e8a1..89ece7657f27 100644
+--- a/grub-core/commands/i386/rdmsr.c
++++ b/grub-core/commands/i386/rdmsr.c
+@@ -76,7 +76,7 @@ grub_cmd_msr_read (grub_extcmd_context_t ctxt, int argc, char **argv)
+   if (*ptr != '\0')
+     return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("invalid argument"));
+
+-  value = grub_msr_read (addr);
++  value = grub_rdmsr (addr);
+
+   if (ctxt->state[0].set)
+     {
+diff --git a/grub-core/commands/i386/wrmsr.c b/grub-core/commands/i386/wrmsr.c
+index 8f352f205ffd..cf6bf6c8fe43 100644
+--- a/grub-core/commands/i386/wrmsr.c
++++ b/grub-core/commands/i386/wrmsr.c
+@@ -77,7 +77,7 @@ grub_cmd_msr_write (grub_command_t cmd __attribute__ ((unused)), int argc, char
+   if (*ptr != '\0')
+     return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("invalid argument"));
+
+-  grub_msr_write (addr, value);
++  grub_wrmsr (addr, value);
+
+   return GRUB_ERR_NONE;
+ }
+diff --git a/include/grub/i386/msr.h b/include/grub/i386/msr.h
+index 7b52b5d61229..4fba1b8e0d04 100644
+--- a/include/grub/i386/msr.h
++++ b/include/grub/i386/msr.h
+@@ -25,7 +25,7 @@
+  */
+
+ static inline grub_uint64_t
+-grub_msr_read (grub_uint32_t msr_id)
++grub_rdmsr (grub_uint32_t msr_id)
+ {
+   grub_uint32_t low, high;
+
+@@ -35,7 +35,7 @@ grub_msr_read (grub_uint32_t msr_id)
+ }
+
+ static inline void
+-grub_msr_write(grub_uint32_t msr_id, grub_uint64_t msr_value)
++grub_wrmsr (grub_uint32_t msr_id, grub_uint64_t msr_value)
+ {
+   grub_uint32_t low = msr_value, high = msr_value >> 32;
+
+-- 
+2.17.1
+
diff --git a/1103-i386-msr-Extract-and-improve-MSR-support-detection-c.patch b/1103-i386-msr-Extract-and-improve-MSR-support-detection-c.patch
@@ -0,0 +1,137 @@
+From ccee3f6377ecf0fba2edda7518911b3167657838 Mon Sep 17 00:00:00 2001
+From: Daniel Kiper <[email protected]>
+Date: Sat, 25 Apr 2020 16:43:52 +0200
+Subject: [PATCH 1103/1118] i386/msr: Extract and improve MSR support detection
+ code
+
+Currently rdmsr and wrmsr commands have own MSR support detection code.
+This code is the same. So, it is duplicated. Additionally, this code
+cannot be reused by others. Hence, extract this code to a function and
+make it public. By the way, improve a code a bit.
+
+Additionally, use GRUB_ERR_BAD_DEVICE instead of GRUB_ERR_BUG to signal
+an error because errors encountered by this new routine are not bugs.
+
+Signed-off-by: Daniel Kiper <[email protected]>
+---
+ grub-core/commands/i386/rdmsr.c | 21 +++++----------------
+ grub-core/commands/i386/wrmsr.c | 21 +++++----------------
+ include/grub/i386/msr.h         | 29 +++++++++++++++++++++++++++++
+ 3 files changed, 39 insertions(+), 32 deletions(-)
+
+diff --git a/grub-core/commands/i386/rdmsr.c b/grub-core/commands/i386/rdmsr.c
+index 89ece7657f27..2e42f6197648 100644
+--- a/grub-core/commands/i386/rdmsr.c
++++ b/grub-core/commands/i386/rdmsr.c
+@@ -42,27 +42,16 @@ static const struct grub_arg_option options[] =
+ static grub_err_t
+ grub_cmd_msr_read (grub_extcmd_context_t ctxt, int argc, char **argv)
+ {
+-  grub_uint32_t manufacturer[3], max_cpuid, a, b, c, features, addr;
++  grub_err_t err;
++  grub_uint32_t addr;
+   grub_uint64_t value;
+   const char *ptr;
+   char buf[sizeof("1122334455667788")];
+
+-  /*
+-   * The CPUID instruction should be used to determine whether MSRs
+-   * are supported. (CPUID.01H:EDX[5] = 1)
+-   */
+-  if (! grub_cpu_is_cpuid_supported ())
+-    return grub_error (GRUB_ERR_BUG, N_("unsupported instruction"));
++  err = grub_cpu_is_msr_supported ();
+
+-  grub_cpuid (0, max_cpuid, manufacturer[0], manufacturer[2], manufacturer[1]);
+-
+-  if (max_cpuid < 1)
+-    return grub_error (GRUB_ERR_BUG, N_("unsupported instruction"));
+-
+-  grub_cpuid (1, a, b, c, features);
+-
+-  if (!(features & (1 << 5)))
+-    return grub_error (GRUB_ERR_BUG, N_("unsupported instruction"));
++  if (err != GRUB_ERR_NONE)
++    return grub_error (err, N_("RDMSR is unsupported"));
+
+   if (argc != 1)
+     return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("one argument expected"));
+diff --git a/grub-core/commands/i386/wrmsr.c b/grub-core/commands/i386/wrmsr.c
+index cf6bf6c8fe43..7fbedaed95ba 100644
+--- a/grub-core/commands/i386/wrmsr.c
++++ b/grub-core/commands/i386/wrmsr.c
+@@ -36,26 +36,15 @@ static grub_command_t cmd_write;
+ static grub_err_t
+ grub_cmd_msr_write (grub_command_t cmd __attribute__ ((unused)), int argc, char **argv)
+ {
+-  grub_uint32_t manufacturer[3], max_cpuid, a, b, c, features, addr;
++  grub_err_t err;
++  grub_uint32_t addr;
+   grub_uint64_t value;
+   const char *ptr;
+
+-  /*
+-   * The CPUID instruction should be used to determine whether MSRs
+-   * are supported. (CPUID.01H:EDX[5] = 1)
+-   */
+-  if (!grub_cpu_is_cpuid_supported ())
+-    return grub_error (GRUB_ERR_BUG, N_("unsupported instruction"));
++  err = grub_cpu_is_msr_supported ();
+
+-  grub_cpuid (0, max_cpuid, manufacturer[0], manufacturer[2], manufacturer[1]);
+-
+-  if (max_cpuid < 1)
+-    return grub_error (GRUB_ERR_BUG, N_("unsupported instruction"));
+-
+-  grub_cpuid (1, a, b, c, features);
+-
+-  if (!(features & (1 << 5)))
+-    return grub_error (GRUB_ERR_BUG, N_("unsupported instruction"));
++  if (err != GRUB_ERR_NONE)
++    return grub_error (err, N_("WRMSR is unsupported"));
+
+   if (argc != 2)
+     return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("two arguments expected"));
+diff --git a/include/grub/i386/msr.h b/include/grub/i386/msr.h
+index 4fba1b8e0d04..1e838c022f41 100644
+--- a/include/grub/i386/msr.h
++++ b/include/grub/i386/msr.h
+@@ -19,6 +19,35 @@
+ #ifndef GRUB_I386_MSR_H
+ #define GRUB_I386_MSR_H 1
+
++#include <grub/err.h>
++#include <grub/i386/cpuid.h>
++#include <grub/types.h>
++
++static inline grub_err_t
++grub_cpu_is_msr_supported (void)
++{
++  grub_uint32_t eax, ebx, ecx, edx;
++
++  /*
++   * The CPUID instruction should be used to determine whether MSRs
++   * are supported, CPUID.01H:EDX[5] = 1.
++   */
++  if (!grub_cpu_is_cpuid_supported ())
++    return GRUB_ERR_BAD_DEVICE;
++
++  grub_cpuid (0, eax, ebx, ecx, edx);
++
++  if (eax < 1)
++    return GRUB_ERR_BAD_DEVICE;
++
++  grub_cpuid (1, eax, ebx, ecx, edx);
++
++  if (!(edx & (1 << 5)))
++    return GRUB_ERR_BAD_DEVICE;
++
++  return GRUB_ERR_NONE;
++}
++
+ /*
+  * TODO: Add a general protection exception handler.
+  *       Accessing a reserved or unimplemented MSR address results in a GP#.
+-- 
+2.17.1
+