Is there an interest in broader architectural support in tboot?
Specifically, I am referring to support for trusted boot on AMD machines using
the AMD SKINIT instruction.
I have gotten something to "work" on an AMD eKabini platform using OSLO and
tboot, but my approach is a bit kludgy.
Open Secure Loader (OSLO) consists of a set of multiboot-compliant chain
loaders to perform a measured launch.
http://os.inf.tu-dresden.de/~kauer/oslo/
Currently, OSLO supports AMD platforms.
I used the "oslo", "beirut", and "pamplona" components from OSLO to perform a
measured launch (extending module
measurements into TPM PCRs). Then, control is transferred to tboot to launch
the Linux kernel.
In addition to being a bit kludgy, this approach is incomplete in a number of
ways. There is no log similar to the log in tboot
to allow the measurements to be replayed for verification. Further, I still
need to look deeper into DEV protection on AMD
platforms (similar to VTd on Intel).
Before proceeding, I wanted to confirm if there would be acceptance of such
extensions to tboot? If yes, I have some ideas
on how to proceed.
Regards,
Safayet N. Ahmed
Computer Engineer
General Electric Company, GE Global Research
GE imagination at work
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
