Xen project Mailing List

Re: [Xen-devel] [PATCH] Intel(R) Trusted Execution Technology support

To: "Cihula, Joseph" <joseph.cihula@xxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>, <xense-devel@xxxxxxxxxxxxxxxxxxx>

From: Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>

Date: Sun, 28 Oct 2007 06:24:49 +0000

Cc: "Xu, James" <james.xu@xxxxxxxxx>, "Wang, Shane" <shane.wang@xxxxxxxxx>, "Wei, Gang" <gang.wei@xxxxxxxxx>

Delivery-date: Sat, 27 Oct 2007 23:20:08 -0700

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Thread-index: AcgYPKeHAh+s/rrjQ0OzxTZHSH6adQANNIIDABnLhfAAFKWFxQ==

Thread-topic: [Xen-devel] [PATCH] Intel(R) Trusted Execution Technology support

On 27/10/07 20:39, "Cihula, Joseph" <joseph.cihula@xxxxxxxxx> wrote: >> If that's the only reason, we could add another command-line option, > or a >> multiboot info flag, to prevent just the e820 part of real-mode > execution. >> Then you could still set video mode and get disc EDD info even when > running >> on tboot. > > It isn't the only reason: the current tboot code will measure and > verify xen and dom0; if we let xen call into BIOS then we will be > transferring control to code that has not been verified. > > If it is very important to initialize the video and disc from BIOS, we > could copy that code into tboot and execute it before tboot launches the > measured environment. Is this necessary on current model systems (since > TXT is only available on Intel Core 2 -based systems)? It'd be nice to have, but it's not essential. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.