[tboot-devel] Enabling TXT in Linux kernel 2.6.37

Fri, 21 Jan 2011 08:46:08 -0800 

I was originally going to post "how do I enable TXT in Linux kernel
2.6.37?" but I figured it out.  As the process was rather non-obvious,
I post here with hopes that this information will be useful.

Working with the vanilla linux-2.6.37.tar.bz2 from kernel.org...

Documentation/intel_txt.txt does not actually explain how to enable
Linux kernel support.

Searching for "TXT" using the "/" feature in `make menuconfig` gives
the following:

--------------------------------------------
Symbol: INTEL_TXT [=n]
 Type  : boolean
 Prompt: Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)
   Defined at security/Kconfig:106
   Depends on: HAVE_INTEL_TXT [=n]
   Location:
     -> Security options


 Symbol: HAVE_INTEL_TXT [=n]
 Type  : boolean
--------------------------------------------

However, the "Enable Intel(R) Trusted Execution Technology (Intel(R)
TXT)" does not actually appear by default.

After recursively grepping Kconfig files, I found that HAVE_INTEL_TXT
is defined in
arch/x86/Kconfig:

config HAVE_INTEL_TXT
        def_bool y
        depends on EXPERIMENTAL && DMAR && ACPI

...however the search result page (i.e., using "/" in `make
menuconfig`) does not show these dependencies.  The search result page
for CONFIG_DMAR does suggest that CONFIG_PCI_MSI is necessary, and
after enabling CONFIG_PCI_MSI, CONFIG_DMAR becomes available, and
after enabling that, then CONFIG_INTEL_TXT becomes available back in
the Security Options menu.

I'm not very knowledgeable about the internals of the kernel config /
build process, but it seems like there is probably some kind of parse
error or missing information in arch/x86/Kconfig.  I have a few
minutes and I'll see if I can figure it out and perhaps create a
patch.

Cheers,
-Jon

------------------------------------------------------------------------------
Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
Finally, a world-class log management solution at an even better price-free!
Download using promo code Free_Logger_4_Dev2Dev. Offer expires 
February 28th, so secure your free ArcSight Logger TODAY! 
http://p.sf.net/sfu/arcsight-sfd2d
_______________________________________________
tboot-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/tboot-devel

Reply via email to