2012/7/26 Jason Chow <jasonchow.pku@...>
> Hi Justin,
>
> Thank you for your suggestion. So make the KVM inline in the kernel as a
> whole rather than a later loaded module is the solution for tboot with kvm.
> Am I correct ?
>
> Regards,
> Jason
>
> 2012/7/26 Justin King-Lacroix <justin.king-lacroix@...>
>
>> Hi Jason,
>>
>> Tboot measures the kernel and the initrd/initramfs, so you should just
>> need to make sure the KVM modules are in it (and installed at boot, before
>> the root filesystem is mounted, of course).
>>
>> Regards,
>> Justin
>>
>>
>>
>> On 26/07/2012 2:44 PM, Jason Chow wrote:
>>
>> Hi,
>>
>> As we all know, tboot can work with bare linux kernel. Howerver, does
>> tboot support KVM as well as Xen ? Since kvm is treated as a kernel
>> module, which will not be measured during the process of trusted boot (In
>> my knowledge, only kernel will be measureed rather than kernel modules.).
>> How can tboot provide a clean hypervisor environment as well as Xen does ?
>> Is there any additional support in tboot to keep KVM module in a well-known
>> status.
>>
>>
>> Thanks and regards,
>> Jason
>>
>>
>> ------------------------------------------------------------------------------
>> Live Security Virtual Conference
>> Exclusive live event will cover all the ways today's security and
>> threat landscape has changed and how IT managers can respond. Discussions
>> will include endpoint security, mobile security and the latest in malware
>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>>
>>
>>
>> _______________________________________________
>> tboot-devel mailing listtboot-devel@... href="nethttps://lists.sourceforge.net/lists/listinfo/tboot-devel" target="_new">nethttps://lists.sourceforge.net/lists/listinfo/tboot-devel
>>
>>
>>
>
|