I am current trying to make a TXT driver and it will expose the TXT event log(located in TXT heap) via sysfs interface to userspace.
Jimmy Kent Yoder wrote onĀ 2012-09-28: >> We had discussion about the event log before. >> I think standard structure is desirable for this TXT event log. > > Thanks for the context, Seiji. I agree, something in the PCClient > standard structure would be good - it could be consumed by trousers > without modifications. This could be exposed automatically if we had a > kernel module for it. Does integrating that into intel_iommu.ko make > sense? > > Kent > >> On Sat, Apr 26, 2008 at 4:40 AM, Cihula, Joseph <joseph.cih...@intel.com> > wrote: >>> On Friday, April 25, 2008 7:47 AM, Jun Koi wrote: >>>> On 4/17/08, Seiji Munetoh <seiji.mune...@gmail.com> wrote: >>>>> Hi Folks, >>>>> >>>>> Is there any way to validate the PCR[17] and PCR18] values? >>>>> >>>>> In case of Static-RTM, we can validate the PCR values by using >>>>> the BIOS eventlog stored at ACPI table. >>>>> But for Dynamic-RTM we don't have such eventlog. >>>> >>>> Do you know if there is any good reason why tboot doesn't log events >>>> into eventlog? >>> >>> Did you mean why tboot doesn't copy the extend information into the BIOS >>> event log or why TXT itself doesn't put them there? >>> >>> For the former, it is a combination of lack of time, issues with the >>> eventlog, and motivation. Regarding the eventlog, the current TCG >>> specification does not provide for BIOS to indicate where the log data >>> ends. There is a soon-to-be-released update for the spec that will >>> specify that the end space be filled with ff's, but that will require >>> updated BIOSes. Regarding motivation, it wasn't clear how useful or >>> important it would be. >>> >>> The values for PCR 17 and 18 are available in the SinitMleData struct in >>> the TXT heap. So MLEs can access it and expose it to whatever SW needs >>> it. >>> >>> For TXT not doing it, the reasons are very similar. In addition, we >>> didn't want to tie the launch process to BIOS and its configuration. >>> >>> Joe >> >> -- >> Seiji >> >> P.S. OpenPTS is generating the eventlog from txt-stat message as a >> quick-and-dirty way. >> >> >> On Thu, Sep 27, 2012 at 3:44 AM, Kent Yoder <shpedoi...@gmail.com> > wrote: >>> Hi, >>> >>> Is there a standard way of grabbing the event log after a TXT >>> launch? I see it looks like it lives in the os_mle_data_t struct on >>> the txt heap, but there doesn't seem to be a way to print it from >>> txt-stat. Is the code missing or can I dump it some other way? >>> >>> Thanks, >>> Kent >>> >>> -- >>> IBM LTC Security
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------------------------------------------ How fast is your code? 3 out of 4 devs don\\\'t know how their code performs in production. Find out how slow your code is with AppDynamics Lite. http://ad.doubleclick.net/clk;262219672;13503038;z? http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
