Re: [PATCH v7 02/13] Documentation/x86: Secure Launch kernel documentation

st to help is no small undertaking. V/r, Daniel P. Smith

Re: [PATCH v4 00/14] x86: Trenchboot secure dynamic launch Linux kernel support

Paul, Apologies for missing your follow-up questions. Hopefully, the below answers will help. On 1/21/22 16:39, Paul Moore wrote: > On Mon, Dec 6, 2021 at 3:56 PM Paul Moore wrote: >> On Thu, Dec 2, 2021 at 11:11 AM Daniel P. Smith >> wrote: >>> Hi Paul! >> >&g

Re: [PATCH v4 00/14] x86: Trenchboot secure dynamic launch Linux kernel support

ted in priority and as a result there is a short-term solution to quickly enable relaunch with longer term direct integration into kexec. Finally if your schedule allows it and it is not too much to ask, it would be greatly appreciated if some code review could be provided. Otherwise thank you for taking the time that you have to review the approach. V/r, Daniel P. Smith Apertus Solutions, LLC ___ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/iommu

Re: [PATCH v4 14/14] tpm: Allow locality 2 to be set when initializing the TPM for Secure Launch

On 8/27/21 9:30 AM, Jason Gunthorpe wrote: > On Fri, Aug 27, 2021 at 09:28:37AM -0400, Ross Philipson wrote: >> The Secure Launch MLE environment uses PCRs that are only accessible from >> the DRTM locality 2. By default the TPM drivers always initialize the >> locality to 0. When a Secure Launch

Re: [PATCH v3 00/14] x86: Trenchboot secure dynamic launch Linux kernel support

On 8/10/21 12:23 PM, Jarkko Sakkinen wrote: > On Mon, Aug 09, 2021 at 12:38:42PM -0400, Ross Philipson wrote: >> The focus of Trechboot project (https://github.com/TrenchBoot) is to >> enhance the boot security and integrity. This requires the linux kernel >

Re: [PATCH v2 12/12] iommu: Do not allow IOMMU passthrough with Secure Launch

any discussions or working groups that might be looking into unifying how all these security technologies should be configuring the Linux kernel. V/r, Daniel P. Smith ___ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mai

Re: [PATCH 05/13] x86: Add early TPM1.2/TPM2.0 interface support for Secure Launch

On 9/25/20 1:43 AM, Jarkko Sakkinen wrote: > On Thu, Sep 24, 2020 at 10:58:33AM -0400, Ross Philipson wrote: >> From: "Daniel P. Smith" >> >> This commit introduces an abstraction for TPM1.2 and TPM2.0 devices >> above the TPM hardware interface. >> &

Re: [PATCH 05/13] x86: Add early TPM1.2/TPM2.0 interface support for Secure Launch

On 9/25/20 1:43 AM, Jarkko Sakkinen wrote: > On Thu, Sep 24, 2020 at 10:58:33AM -0400, Ross Philipson wrote: >> From: "Daniel P. Smith" >> >> This commit introduces an abstraction for TPM1.2 and TPM2.0 devices >> above the TPM hardware interface. >> &

Re: [PATCH 00/13] x86: Trenchboot secure dynamic launch Linux kernel support

On 9/25/20 1:30 AM, Jarkko Sakkinen wrote: > On Thu, Sep 24, 2020 at 10:58:28AM -0400, Ross Philipson wrote: >> The Trenchboot project focus on boot security has led to the enabling of >> the Linux kernel to be directly invocable by the x86 Dynamic Launch >> instruction(s) for establishing a