On Sun, May 19, 2013 at 10:15 AM, Wei, Gang <gang....@intel.com> wrote:
> henry del wrote on 2013-05-18:
> >> Thank you for your prompt reply. Yet I have another question.
> >> According to the TXT spec, if GETSEC[SENTER] leaf function has not been
> >> used to launch a measured environment, it's impossible to make use of
> >> locality 1-4. Because registers in the private space can only be
> >> accessed after a measured environment has been established, while these
> >> registers control whether to unlock the locality 1-4. That means that
> >> if bitvisor wants to use PCR, locality of which is above 0, bitvisor
> >> need to support txt. Is that correct?
>
> >Correct. PCR17~22 can't be extended in locality 0.
>
> >> So if I port xen/arch/x86/tboot.c and relevant files into
> bitvisor
> >> and modify the grub.lst, this way will work for bitvisor?
>
> >Yes.
> I have compared the tboot implementation in kernel 3.2.2 to that of xen,
> they are much different. The important files: tboot.c and tboot.h are
> supported differently in xen and kernel.
>
I think that both xen and kernel have full control of hardware sources
when booted separatedly by tboot. Why do xen and linux kernel have a
different implementation of tboot? Or is it enough for me only to refer to
tboot support in xen when I work for bitvisor?
thanks.
henry
> >Jimmy
>
------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
