On 3/22/24 10:18, H. Peter Anvin wrote:
On March 21, 2024 6:45:48 AM PDT, "Daniel P. Smith"
wrote:
Hi Ard!
On 2/15/24 02:56, Ard Biesheuvel wrote:
On Wed, 14 Feb 2024 at 23:31, Ross Philipson wrote:
From: Arvind Sankar
There are use cases for storing the offset o
Hi Ard,
On 2/23/24 04:36, Ard Biesheuvel wrote:
On Thu, 22 Feb 2024 at 14:58, Daniel P. Smith
wrote:
On 2/15/24 03:40, Ard Biesheuvel wrote:
On Wed, 14 Feb 2024 at 23:32, Ross Philipson wrote:
From: "Daniel P. Smith"
The Secure Launch platform module is a late init modu
Hi Ard!
On 2/15/24 02:56, Ard Biesheuvel wrote:
On Wed, 14 Feb 2024 at 23:31, Ross Philipson wrote:
From: Arvind Sankar
There are use cases for storing the offset of a symbol in kernel_info.
For example, the trenchboot series [0] needs to store the offset of the
Measured Launch Environment
On 2/15/24 03:40, Ard Biesheuvel wrote:
On Wed, 14 Feb 2024 at 23:32, Ross Philipson wrote:
From: "Daniel P. Smith"
The Secure Launch platform module is a late init module. During the
init call, the TPM event log is read and measurements taken in the
early boot stub code a
st to help is no small undertaking.
V/r,
Daniel P. Smith
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
On 6/16/23 16:15, Matthew Garrett wrote:
On Fri, Jun 16, 2023 at 04:01:09PM -0400, Daniel P. Smith wrote:
On 5/15/23 21:43, Matthew Garrett wrote:
On Mon, May 15, 2023 at 08:41:00PM -0400, Daniel P. Smith wrote:
On 5/15/23 17:22, Matthew Garrett wrote:
What if I don't use grub, but use
On 5/15/23 21:43, Matthew Garrett wrote:
On Mon, May 15, 2023 at 08:41:00PM -0400, Daniel P. Smith wrote:
On 5/15/23 17:22, Matthew Garrett wrote:
What if I don't use grub, but use something that behaves equivalently?
Which value should be used here?
Generally we would request
On 6/16/23 12:54, Matthew Garrett wrote:
On Fri, Jun 16, 2023 at 12:44:27PM -0400, Daniel P. Smith wrote:
On 5/12/23 06:47, Matthew Garrett wrote:
On Thu, May 04, 2023 at 02:50:11PM +, Ross Philipson wrote:
+Secure Launch does not interoperate with KASLR. If possible, the MLE should
On 5/12/23 06:47, Matthew Garrett wrote:
On Thu, May 04, 2023 at 02:50:11PM +, Ross Philipson wrote:
+Secure Launch does not interoperate with KASLR. If possible, the MLE should be
+built with KASLR disabled::
Why does Secure Launch not interoperate with KASLR?
Re: IOMMUs
Until the
On 5/12/23 12:22, Ross Philipson wrote:
On 5/12/23 07:43, Matthew Garrett wrote:
On Thu, May 04, 2023 at 02:50:22PM +, Ross Philipson wrote:
The Secure Launch MLE environment uses PCRs that are only accessible
from
the DRTM locality 2. By default the TPM drivers always initialize the
On 5/15/23 14:16, Ross Philipson wrote:
On 5/12/23 07:40, Matthew Garrett wrote:
On Thu, May 04, 2023 at 02:50:20PM +, Ross Philipson wrote:
If the MLE kernel is being powered off, rebooted or halted,
then SEXIT must be called. Note that the SEXIT GETSEC leaf
can only be called after a
On 5/12/23 12:17, Ross Philipson wrote:
On 5/12/23 07:26, Matthew Garrett wrote:
On Thu, May 04, 2023 at 02:50:16PM +, Ross Philipson wrote:
+static void sl_find_event_log(struct slr_table *slrt)
If this is called after the EFI stub then we're presumably
post-ExitBootServices and we're
On 5/10/23 23:33, Herbert Xu wrote:
Ross Philipson wrote:
+static void __sha_transform(u32 *digest, const char *data)
+{
+ u32 ws[SHA1_WORKSPACE_WORDS];
+
+ sha1_transform(digest, data, ws);
+
+ memzero_explicit(ws, sizeof(ws));
+}
+
+void early_sha1_init(struct sha1_state
On 5/15/23 17:22, Matthew Garrett wrote:
On Mon, May 15, 2023 at 05:15:15PM -0400, Daniel P. Smith wrote:
On 5/12/23 06:55, Matthew Garrett wrote:
On Thu, May 04, 2023 at 02:50:13PM +, Ross Philipson wrote:
+#define SLR_TABLE_MAGIC0x4452544d
From convention I'd expect
On 5/9/23 21:21, Eric Biggers wrote:
On Thu, May 04, 2023 at 02:50:15PM +, Ross Philipson wrote:
From: "Daniel P. Smith"
The SHA algorithms are necessary to measure configuration information into
the TPM as early as possible before using the values. This implement
On 5/12/23 06:55, Matthew Garrett wrote:
On Thu, May 04, 2023 at 02:50:13PM +, Ross Philipson wrote:
+#define SLR_TABLE_MAGIC0x4452544d
From convention I'd expect this to be 0x534c5254, but not really an
issue.
Apologies, but which convention?
+/* SLR defined
On 5/10/23 19:04, Jarkko Sakkinen wrote:
On Thu May 4, 2023 at 5:50 PM EEST, Ross Philipson wrote:
Introduce the Secure Launch Resource Table which forms the formal
interface between the pre and post launch code.
Signed-off-by: Ross Philipson
---
include/linux/slr_table.h | 270
On 5/5/23 12:34, Simon Horman wrote:
On Thu, May 04, 2023 at 02:50:15PM +, Ross Philipson wrote:
From: "Daniel P. Smith"
The SHA algorithms are necessary to measure configuration information into
the TPM as early as possible before using the values. This implement
everal use cases
that are not otherwise possible. Please see my response to Paul Moore
or visit trenchboot.org/events to see the numerous talks on usages and
capabilities that are possible because of DRTM.
V/r,
Daniel P. Smith
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
19 matches
Mail list logo