WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xense-devel

[Xense-devel] [PATCH] Intel(R) Trusted Execution Technology support

To: <xen-devel@xxxxxxxxxxxxxxxxxxx>, <xense-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xense-devel] [PATCH] Intel(R) Trusted Execution Technology support
From: "Cihula, Joseph" <joseph.cihula@xxxxxxxxx>
Date: Fri, 26 Oct 2007 18:56:56 -0700
Cc: "Xu, James" <james.xu@xxxxxxxxx>, "Wang, Shane" <shane.wang@xxxxxxxxx>, "Wei, Gang" <gang.wei@xxxxxxxxx>
Delivery-date: Fri, 26 Oct 2007 18:57:48 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xense-devel-request@lists.xensource.com?subject=help>
List-id: "A discussion list for those developing security enhancements for Xen." <xense-devel.lists.xensource.com>
List-post: <mailto:xense-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xense-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcgYPKeHAh+s/rrjQ0OzxTZHSH6adQ==
Thread-topic: [PATCH] Intel(R) Trusted Execution Technology support
Attached is a patch that adds Intel(R) Trusted Execution Technology
(Intel(R) TXT) support to Xen.  Intel(R) TXT was formerly known by the
codename LaGrande Technology (LT).

This version of the patch adds new functionality and re-structuring to
the previous version (which was posted in Aug.).

Intel(R) TXT in Brief:
----------------------
o  Provides dynamic root of trust for measurement (DRTM)
o  DMA protection (on SDV3/TEP platforms only)
o  Data protection in case of improper shutdown
o  Verification and enforcement of launched environment

For more information, see http://www.intel.com/technology/security/.
This site also has a link to the Intel(R) TXT Preliminary Architecture
Specification, which has been updated for the new released platforms.


Patch Overview:
--------------
The bulk of the TXT code is now hosted at its own SourceForge site,
http://sourceforge.net/projects/tboot.  This project hosts the code in a
mercurial repo at http://tboot.sourceforge.net/hg/tboot.hg and contains
tarballs of the source.  This site is still very new, so please forgive
its incompleteness.  Questions on just tboot should be sent to
tboot-devel@xxxxxxxxxxxxxxxxxxxxx or posted to the tboot project forum.

This patch is now only the Xen changes necessary to integrate with
tboot.  The top-level Makefile will 'wget' the tboot source tarball from
SourceForge, untar it, and then build.  Per feedback on the previous
patch, the changes are no longer built conditionally (but the code is
only executed if a measured launch was performed).  This patch applies
cleanly against c/s 16157:b28ae5f00553.

In addition to this re-structuring, the following additional
functionality has been added:
o  Support for S3/S4/S5
o  Verified Launch.  Tboot will extend verification from the MLE
(itself, as verified by TXT LCP) to the Xen and dom0, using policies
similar to the LCP and also stored in TPM NV.  These policies can be
created and managed by the tb_polgen tool and provisioned into TPM NV
using the lcptools.

There is more information about the functionality within the tboot/docs
files as well as configuration information and policy instructions.  The
documentation will be improved and flushed out over time so please
excuse its current spartan form.


Instructions for Use:
---------------------
o  The new tboot module must be added as the 'kernel' in the grub.conf
file.  The existing 'kernel' entry should follow as a 'module'.  The
SINIT AC module (available with systems that support TXT) must be added
to the grub.conf boot config as the last module, e.g.:
       title Xen 3.1.0 w/ Intel(R) Trusted Execution Technology
           root (hd0,1)
           kernel /tboot.gz
           module /xen.gz no-real-mode dom0_mem=524288 com1=115200,8n1
           module /vmlinuz-2.6.18-xen root=/dev/VolGroup00/LogVol00 ro
           module /initrd-2.6.18-xen.img
           module /BRLK_SINIT_20070910_release.BIN

o  Xen's command line must include the 'no-real-mode' option to prevent
Xen from reading the e820 table from BIOS.  The TXT code makes
modifications to the table passed via GRUB that the Xen portions of the
code need.

o  Progress of the launch process is indicated via debug printk's to
COM1 (hardcoded).  These appear before the normal "(XEN)" output and are
prefixed by "TBOOT:".  Though tboot does initialize the COM port, it is
best if this is also done by GRUB - grub.conf should have:
       serial --speed=115200 --unit=0
       terminal console serial

Attachment: txt-xen-1026.patch
Description: txt-xen-1026.patch

_______________________________________________
Xense-devel mailing list
Xense-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xense-devel