WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xense-devel] [PATCH] txt: 0/6 - Overview

To: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>, "xense-devel@xxxxxxxxxxxxxxxxxxx" <xense-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xense-devel] [PATCH] txt: 0/6 - Overview
From: "Cihula, Joseph" <joseph.cihula@xxxxxxxxx>
Date: Mon, 19 Jan 2009 21:48:25 -0800
Accept-language: en-US
Acceptlanguage: en-US
Cc: "Wang, Shane" <shane.wang@xxxxxxxxx>, Keir Fraser <keir.fraser@xxxxxxxxxxxxx>
Delivery-date: Mon, 19 Jan 2009 21:48:51 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xense-devel-request@lists.xensource.com?subject=help>
List-id: "A discussion list for those developing security enhancements for Xen." <xense-devel.lists.xensource.com>
List-post: <mailto:xense-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xense-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Acl6wrZF3qA/YFnRTEidQHJFdKgwug==
Thread-topic: [PATCH] txt: 0/6 - Overview
This patch series are changes to Xen to support new functionality, and a 
changed API, in the tboot project (see http://sourceforge.net/projects/tboot 
for more info about tboot).  Some of these changes originated from comments 
received when the first set of Linux tboot/Intel(r) TXT patches were posted to 
LKML.

Attached to this patch is a single patch to be applied to the current tip of 
the tboot source tree (located at http://www.bughost.org/repos.hg/tboot.hg).  
Due to the API change, for those who wish to test the patches, it would be best 
to apply all of the tboot patch at once and test with all of the Xen patches 
applied to Xen.

Since the API changes are not backwards compatible, the resulting tboot will 
not work with a Xen that does not have the patches applied.  Likewise, a Xen 
with these patches applied will not work with the un-patched tboot.  To keep 
backward compatibility would have left the interface and code fairly ugly and 
didn't seem worth the trouble.

The Xen patches are as follows:

xen-txt-01-xen_phys_addr_start_fix.patch  - "fix" xen_phys_start for 32b builds
xen-txt-02-protect_txt_ranges.patch       - explicitly protect TXT addr ranges 
from dom0
xen-txt-03-use_protected_dmar.patch       - use TXT's DMA-protected DMAR table 
to setup VT-d
xen-txt-04-acpi_gas_support.patch         - ACPI Generic Address Structure for 
tboot shutdown
xen-txt-05-unified_shutdown_entry.patch   - single tboot entry point for 
shutdown
xen-txt-06-hypervisor_s3_integrity.patch  - hypervisor integrity on S3

We are currently working on a patch that will extend the S3 integrity to 
domains, as configurable via a domain's config file (and always for dom0).

The patches apply cleanly to the latest xen-unstable.

Joe and Shane

Attachment: tboot-latest.patch
Description: tboot-latest.patch

_______________________________________________
Xense-devel mailing list
Xense-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xense-devel
<Prev in Thread] Current Thread [Next in Thread>