Hello, just a short question about some of the more bloody details of Intel TXT. There are 2 specs atm - Intel TXT SDG (May 2014, rev 11) and the Intel 64/IA-32 Arch SDM (June 2014, rev. 51). Both define the state of the platform after SINIT ran and returned control to the user (the mle). Both manuals contract each other. The Intel TXT SDG even contracts itself.
I'd like to know what I should use as reference and reliable
information.
My problem is, at compile-time I don't know at which address my MLE will
be located once it has been loaded. That means, I have to write
address-independent code, at least for the boot-strapping. For this I
need the value of EIP.
In the Intel TXT SDG it is specified that the value of EIP will also be
written to EBX. In the Instruction Manual EBX contains SINIT.BASE.
If I don't have access to the EIP through EBX, than I need a good stack
to make a call+pop to get the EIP value. Again, in the Intel TXT spec,
all segments but CS are "undefined" (also ESP/EBP). In the Instruction
Manual these are defined to be values supplied from SINIT (without
defining the value of ESP, but with EBP).
Further the Intel TXT SDG contracts itself in the same table. For EBX
it lists, that it contains the same value as EIP. But further down it
writes "SINIT.Base (EBX)", which is not the value of EIP (but which
would be correct according to the Instruction Manual).
So, what am I supposed to use? I need a valid address of my current
environment to boot-strap the rest (load gdt, set segement-registers,
...).
I would be very thankful for any concrete information. I only know tboot
and flicker as users of txt, where I can read the sources. Tboot knows
its place in memory from the start and doesn't need to find out the
value of EIP. flicker uses the call+pop idiom, which is not reliable
according to both specs (Instruction Manual defines a (sort of) valid
stack, but doesn't supply a value for ESP).
--
best regards,
- Benjamin Block
--
To understand a program you must become both the machine and the program.
pgptOWOnVuLfV.pgp
Description: PGP signature
------------------------------------------------------------------------------ Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
