Re: [PATCH] intel_txt: add s3 userspace memory integrity verification

From: H. Peter Anvin
Date: Fri Dec 04 2009 - 17:46:56 EST

Next message: Ira W. Snyder: "[PATCH] 8250_pci: add support for MCS9865 / SYBA 6x Serial PortCard"
Previous message: Emese Revfy: "[PATCH 28/31] Constify struct super_operations for 2.6.32 v1"
In reply to: Pavel Machek: "Re: [PATCH] intel_txt: add s3 userspace memory integrityverification"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/04/2009 02:39 PM, Pavel Machek wrote:
>
> Having "security" technology that silently fails with funny bootloader
> is pretty bad, I'd say.
>

Yes, but this wouldn't be a silent failure -- such a boot loader
wouldn't be able to boot tboot itself either, nor would be able to boot
32-bit kernels (which, in fact, not all boot loaders can); the tboot
boot process in fact in many ways treats tboot itself as a 32-bit
primary kernel, with the Linux kernel as a secondary kernel.

So, this particular failure would not be silent by any means.

-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ira W. Snyder: "[PATCH] 8250_pci: add support for MCS9865 / SYBA 6x Serial PortCard"
Previous message: Emese Revfy: "[PATCH 28/31] Constify struct super_operations for 2.6.32 v1"
In reply to: Pavel Machek: "Re: [PATCH] intel_txt: add s3 userspace memory integrityverification"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]