* Re: [RFC][PATCH][1/4] Intel(R) Trusted Execution Technology support: xen [not found] <D936D925018D154694D8A362EEB0892002463CFC@orsmsx416.amr.corp.intel.com> @ 2007-08-30 10:16 ` Keir Fraser 2007-08-30 16:17 ` Cihula, Joseph 2007-08-31 11:19 ` Keir Fraser 0 siblings, 2 replies; 6+ messages in thread From: Keir Fraser @ 2007-08-30 10:16 UTC (permalink / raw) To: Cihula, Joseph, xen-devel, xense-devel Cc: Xu, James, Wang, Shane, Wei, Gang, Zhai, Edwin On 29/8/07 01:26, "Cihula, Joseph" <joseph.cihula@intel.com> wrote: > Changes to Xen for Intel(R <<txt-xen-0828_01-xen.patch>> ) TXT support. Is there any documentation for the processor changes for TXT support (e.g., the additions to IA32_FEATURE_CONTROL_MSR, among others)? Googling for TXT is not very helpful. :-) -- Keir ^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: [RFC][PATCH][1/4] Intel(R) Trusted Execution Technology support: xen 2007-08-30 10:16 ` [RFC][PATCH][1/4] Intel(R) Trusted Execution Technology support: xen Keir Fraser @ 2007-08-30 16:17 ` Cihula, Joseph 2007-08-30 17:59 ` Keir Fraser 2007-08-31 11:19 ` Keir Fraser 1 sibling, 1 reply; 6+ messages in thread From: Cihula, Joseph @ 2007-08-30 16:17 UTC (permalink / raw) To: Keir Fraser, xen-devel, xense-devel Cc: Xu, James, Wang, Shane, Wei, Gang, Zhai, Edwin Keir Fraser <mailto:keir@xensource.com> scribbled on Thursday, August 30, 2007 3:17 AM: > On 29/8/07 01:26, "Cihula, Joseph" <joseph.cihula@intel.com> wrote: > >> Changes to Xen for Intel(R <<txt-xen-0828_01-xen.patch>> ) TXT >> support. > > Is there any documentation for the processor changes for TXT support > (e.g., the additions to IA32_FEATURE_CONTROL_MSR, among others)? Googling > for TXT is not very helpful. :-) > > -- Keir The Intel(R) TXT Preliminary Architecture Specification, at http://www.intel.com/technology/security/ (specifically: http://download.intel.com/technology/security/downloads/31516804.pdf), documents the changes to the MSR, etc. Joe ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [RFC][PATCH][1/4] Intel(R) Trusted Execution Technology support: xen 2007-08-30 16:17 ` Cihula, Joseph @ 2007-08-30 17:59 ` Keir Fraser 2007-08-30 18:13 ` Keir Fraser 0 siblings, 1 reply; 6+ messages in thread From: Keir Fraser @ 2007-08-30 17:59 UTC (permalink / raw) To: Cihula, Joseph, xen-devel, xense-devel Cc: Xu, James, Wang, Shane, Wei, Gang, Zhai, Edwin On 30/8/07 17:17, "Cihula, Joseph" <joseph.cihula@intel.com> wrote: >>> Changes to Xen for Intel(R <<txt-xen-0828_01-xen.patch>> ) TXT >>> support. >> >> Is there any documentation for the processor changes for TXT support >> (e.g., the additions to IA32_FEATURE_CONTROL_MSR, among others)? > Googling >> for TXT is not very helpful. :-) Okay, current situation on the Xen path is that it's all checked in except: * the changes to shutdown.c and smp.c * the bits that actually interface with sboot (that's most of the bits inside CONFIG_TXT). For the former, I'd like it to be a separate cleanup patch, with some explanation of why it's required. For example, whay is the code movement in smp.c required at all? For the latter, I would like Xen to have its own asm-x86/sboot.h, even though this causes a small amount of code duplication outside of th esboot module itself. It is supposed to become a stable interface after all. The bit syou need from uuid.h can also be included in Xen's sboot.h. All the names you create in Xen's sboot.h should have a suitable common prefix on them. I guess mle_ might do the trick, although I don't actually know what MLE stands for?! That's all for now. The sboot module itself is scary big. :-/ Oh, you can find the current tip to re-merge against at http://xenbits.xensource.com/staging/xen-unstable.hg -- Keir ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [RFC][PATCH][1/4] Intel(R) Trusted Execution Technology support: xen 2007-08-30 17:59 ` Keir Fraser @ 2007-08-30 18:13 ` Keir Fraser 2007-08-30 18:17 ` Keir Fraser 0 siblings, 1 reply; 6+ messages in thread From: Keir Fraser @ 2007-08-30 18:13 UTC (permalink / raw) To: Cihula, Joseph, xen-devel, xense-devel Cc: Xu, James, Wang, Shane, Wei, Gang, Zhai, Edwin On 30/8/07 18:59, "Keir Fraser" <keir@xensource.com> wrote: > That's all for now. The sboot module itself is scary big. :-/ Actually, to that end, do you have any documentation to go with this patchset? It'd be kind of nice to know how to use sboot, what security guarantees it can provide, how to use the toolset, etc etc. Otherwise we're going to have 20kloc added to our tree that noone knows how to use! Which I think means some documentation has to be a pre-condition for acceptance. Thanks, Keir ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [RFC][PATCH][1/4] Intel(R) Trusted Execution Technology support: xen 2007-08-30 18:13 ` Keir Fraser @ 2007-08-30 18:17 ` Keir Fraser 0 siblings, 0 replies; 6+ messages in thread From: Keir Fraser @ 2007-08-30 18:17 UTC (permalink / raw) To: Cihula, Joseph, xen-devel, xense-devel Cc: Xu, James, Wang, Shane, Wei, Gang, Zhai, Edwin On 30/8/07 19:13, "Keir Fraser" <Keir.Fraser@cl.cam.ac.uk> wrote: >> That's all for now. The sboot module itself is scary big. :-/ > > Actually, to that end, do you have any documentation to go with this > patchset? It'd be kind of nice to know how to use sboot, what security > guarantees it can provide, how to use the toolset, etc etc. Otherwise we're > going to have 20kloc added to our tree that noone knows how to use! Which I > think means some documentation has to be a pre-condition for acceptance. The patch summary email is a nice start, by the way, but I think you need something in our docs directory that goes into a bit more detail. Perhaps some use cases for sboot? How to use the tools? A plain text file would be fine -- it's just the content I care about. -- Keir ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [RFC][PATCH][1/4] Intel(R) Trusted Execution Technology support: xen 2007-08-30 10:16 ` [RFC][PATCH][1/4] Intel(R) Trusted Execution Technology support: xen Keir Fraser 2007-08-30 16:17 ` Cihula, Joseph @ 2007-08-31 11:19 ` Keir Fraser 1 sibling, 0 replies; 6+ messages in thread From: Keir Fraser @ 2007-08-31 11:19 UTC (permalink / raw) To: Cihula, Joseph, xen-devel, xense-devel Cc: Xu, James, Wang, Shane, Wei, Gang, Zhai, Edwin Regarding the sboot module itself, I wonder what all the arrays of magic numbers that make up the bulk of tpm.c are for? Also, given that Xen does not depend on sboot (unless you want its features of course) and sboot does not depend on Xen, it might be best to place sboot and tools in their own repository? We'd be happy to host it and have a link on the front page of the xenbits website. -- Keir ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2007-08-31 11:19 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <D936D925018D154694D8A362EEB0892002463CFC@orsmsx416.amr.corp.intel.com>
2007-08-30 10:16 ` [RFC][PATCH][1/4] Intel(R) Trusted Execution Technology support: xen Keir Fraser
2007-08-30 16:17 ` Cihula, Joseph
2007-08-30 17:59 ` Keir Fraser
2007-08-30 18:13 ` Keir Fraser
2007-08-30 18:17 ` Keir Fraser
2007-08-31 11:19 ` Keir Fraser
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.