[GRUB PATCH RFC 00/18] i386: Intel TXT secure launcher

From: Daniel Kiper
Date: Mon May 04 2020 - 19:23:47 EST

Next message: Daniel Kiper: "[GRUB PATCH RFC 16/18] i386/txt: Add Intel TXT ACM module support"
Previous message: Daniel Kiper: "[GRUB PATCH RFC 11/18] efi: Add a function to read EFI variables with attributes"
Next in thread: Daniel Kiper: "[GRUB PATCH RFC 03/18] i386/msr: Extract and improve MSR support detection code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

This is an RFC patchset for the GRUB introducing the Intel TXT secure launcher.
This is a part of larger work known as the TrenchBoot. Patchset can be split
into two distinct parts:
- 01-12: preparatory patches,
- 13-18: the Intel TXT secure launcher itself.

The initial implementation of the Intel TXT secure launcher works. However,
there are still some missing bits and pieces, e.g.:
- SINIT ACM auto loader,
- lack of RMRR support,
- lack of support for MLEs larger than 1 GiB,
- lack of TPM 1.2 support.
- various fixes and cleanups.

Commands introduced by this patchset: tpm_type, slaunch, slaunch_module (not
required on server platforms) and slaunch_state (useful for checking platform
configuration and state; based on tboot's txt-stat).

Daniel

Next message: Daniel Kiper: "[GRUB PATCH RFC 16/18] i386/txt: Add Intel TXT ACM module support"
Previous message: Daniel Kiper: "[GRUB PATCH RFC 11/18] efi: Add a function to read EFI variables with attributes"
Next in thread: Daniel Kiper: "[GRUB PATCH RFC 03/18] i386/msr: Extract and improve MSR support detection code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]