diff -r b28ae5f00553 Makefile --- a/Makefile Tue Oct 23 09:26:43 2007 +0100 +++ b/Makefile Mon Oct 29 11:03:54 2007 -0700 @@ -103,7 +103,7 @@ world: # clean doesn't do a kclean .PHONY: clean -clean:: +clean:: $(MAKE) -C xen clean $(MAKE) -C tools clean $(MAKE) -C docs clean @@ -153,6 +153,11 @@ help: @echo ' prep-kernels - prepares kernel directories, does not build' @echo ' uninstall - attempt to remove installed Xen tools' @echo ' (use with extreme care!)' + @echo + @echo 'Trusted Boot (tboot) targets:' + @echo ' build-tboot - download and build the tboot module' + @echo ' install-tboot - download, build, and install the tboot module' + @echo ' clean-tboot - clean the tboot module if it exists' @echo @echo 'Environment:' @echo ' XEN_PYTHON_NATIVE_INSTALL=y' @@ -194,8 +199,43 @@ uninstall: rm -rf $(D)/usr/share/xen rm -rf $(D)/usr/share/man/man1/xen* rm -rf $(D)/usr/share/man/man8/xen* + rm -rf $(D)/boot/tboot* # Legacy targets for compatibility .PHONY: linux26 linux26: $(MAKE) 'KERNELS=linux-2.6*' kernels + + +# +# tboot targets +# + +TBOOT_TARFILE = tboot-20071029.tar.gz +TBOOT_BASE_URL = http://downloads.sourceforge.net/tboot + +.PHONY: build-tboot +build-tboot: download_tboot + $(MAKE) -C tboot build + +.PHONY: install-tboot +install-tboot: download_tboot + $(MAKE) -C tboot install + +.PHONY: clean-tboot +clean-tboot: + [ ! -d tboot ] || $(MAKE) -C tboot clean + +.PHONY: distclean-tboot +distclean-tboot: + [ ! -d tboot ] || $(MAKE) -C tboot distclean + +.PHONY: download_tboot +download_tboot: tboot/Makefile + +tboot/Makefile: tboot/$(TBOOT_TARFILE) + [ -e tboot/Makefile ] || tar -xzf tboot/$(TBOOT_TARFILE) -C tboot/ --strip-components 1 + +tboot/$(TBOOT_TARFILE): + mkdir -p tboot + wget -O tboot/$(TBOOT_TARFILE) $(TBOOT_BASE_URL)/$(TBOOT_TARFILE) diff -r b28ae5f00553 README --- a/README Tue Oct 23 09:26:43 2007 +0100 +++ b/README Mon Oct 29 17:49:01 2007 -0700 @@ -202,3 +202,29 @@ Xend (the Xen daemon) has the following * For optional XenAPI support in XM, PyXML: URL: http://pyxml.sourceforge.net YUM: PyXML + + +Intel(R) Trusted Execution Technology Support +============================================= + +Intel's technology for safer computing, Intel(R) Trusted Execution Technology +(Intel(R) TXT), defines platform-level enhancements that provide the building +blocks for creating trusted platforms. For more information, see +http://www.intel.com/technology/security/. + +Intel(R) TXT support is provided by the Trusted Boot (tboot) module in +conjunction with minimal logic in the Xen hypervisor. + +Tboot is an open source, pre- kernel/VMM module that uses Intel(R) TXT to +perform a measured and verified launch of an OS kernel/VMM. + +The Trusted Boot module is available from +http://sourceforge.net/projects/tboot. This project hosts the code in a +mercurial repo at http://tboot.sourceforge.net/hg/tboot.hg and contains +tarballs of the source. Instructions in the tboot README describe how +to modify grub.conf to use tboot to launch Xen. + +There are optional targets as part of Xen's top-level makefile that will +downlaod and build tboot: install-tboot, build-tboot, dist-tboot, clean-tboot. +These will download the latest tar file from the SourceForge site using wget, +then build/install/dist according to Xen's settings.