Hi all, sorry in advance for placing a question here that is not directly on tboot, but I expect to find the highest density of experts here:
Is it feasible and did someone possibly try so far to do a measured launch of something from within a running Linux system, specifically one that was not booted via a chain of trust? According to my still limited understanding of TXT, there is no technical difference between launching from a boot loader or from a booted OS a bit later, right? As you may guess, the scenario is to lock-down some entity that is started by Linux (I'm thinking of our hypervisor Jailhouse [1] and its non-Linux guests) while keeping the kernel itself open. Alternatively, what would be required to re-use tboot for doing another MLE start after a verified Linux already booted? Thanks! Jan [1] https://github.com/siemens/jailhouse -- Siemens AG, Corporate Technology, CT RTC ITP SES-DE Corporate Competence Center Embedded Linux ------------------------------------------------------------------------------ "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
