Michal Camacho Romero committed [6a08bb] on Code

Remove redundant logs from the supports_txt function

Trusted Boot released /tboot-1.11.12-pub-key.key

Trusted Boot released /tboot-1.11.12.tar.gz

Trusted Boot released /tboot-1.11.12.tar.gz.gpg

Michal Camacho Romero committed [54ea68] on Code

Added tag v1.11.12 for changeset 174b80ceb338

Michal Camacho Romero committed [174b80] on Code

Version 1.11.12

Michal Camacho Romero committed [6be653] on Code

Provide DMA protection for global variable, holding the number of e820 entries.

Michal Camacho Romero committed [558924] on Code

Secure pointer to the TBOOT Log base from unauthorized DMA access

Michal Camacho Romero committed [7ce962] on Code

Fix SGX status verification

Michal Camacho Romero committed [55c408] on Code

Fix lcptools-v2 compilation error, caused by incorrect size of digest buffer

Trusted Boot released /tboot-1.11.11.tar.gz

Trusted Boot released /tboot-1.11.11-pub-key.key

Trusted Boot released /tboot/tboot-1.11.11.tar.gz

Trusted Boot released /tboot-1.11.11.tar.gz.gpg

Michal Camacho Romero committed [540822] on Code

Added tag v1.11.11 for changeset 94c0de658794

Michal Camacho Romero committed [94c0de] on Code

Version 1.11.11

Michal Camacho Romero committed [7e9fd4] on Code

Version 1.11.11

Michal Camacho Romero committed [123246] on Code

Disable CET in the TBOOT shutdown handler

Michal Camacho Romero committed [6aefe8] on Code

Downgrade MinMleHdr version from 2.3 to 2.2

Michal Camacho Romero committed [561c48] on Code

Verify MinMleHeader version, before TPR support disabling

Michal Camacho Romero committed [f24ac8] on Code

Disable TPR support in ACM capabilities (TXT Heap/OsSinitData)

Michal Camacho Romero committed [f26f17] on Code

Fix force_pmrs option verification procedure

Michal Camacho Romero committed [d51277] on Code

Enable to force PMR using, instead of TPRs

Trusted Boot released /tboot-1.11.0-pub-key.key

Trusted Boot released /tboot-1.11.10.tar.gz.gpg

Trusted Boot released /tboot-1.11.10.tar.gz

Adam Pawlicki committed [522008] on Code

Added tag v1.11.10 for changeset 4bf2e3819723

Adam Pawlicki committed [4bf2e3] on Code

Version 1.11.10

Adam Pawlicki committed [7d7d95] on Code

Remove unneccesary printk under mutex

Adam Pawlicki committed [7c7739] on Code

Fix hang during waking up from TXT sleep on Simics

spexagon posted a comment on discussion Help

We've had working tboot configs on many computers with kernels going back since Linux kernel 3.x. However now starting with 6.8, tboot hangs if we boot on high resolution monitors (5120x2160 @ 120hz) for example. When using kernel 6.8, simply connecting to an older 1920x1080 monitor (with hdmi or displayport) allows the boot to go forward like normal. For some of our high resolution monitor machines, we just connect with HDMI to get it working (which boots the EFI loader at stretched lower resolution...

Trusted Boot released /tboot-1.11.9.tar.gz.gpg

Trusted Boot released /tboot/tboot-1.11.9.tar.gz

Mateusz Mówka committed [e15574] on Code

Added tag v1.11.9 for changeset 93a7c3451154

Mateusz Mówka committed [b75d2e] on Code

Removed tag v1.11.9

Mateusz Mówka committed [93a7c3] on Code

Version 1.11.9.

Mateusz Mówka committed [202142] on Code

Added tag v1.11.9 for changeset 656ba831c3bb

Mateusz Mówka committed [656ba8] on Code

Restore call to configure_vtd.

Michal Camacho Romero committed [379173] on Code

Added tag v1.11.8 for changeset ba65f5eab8dc

Michal Camacho Romero committed [ba65f5] on Code

Version 1.11.8

Michal Camacho Romero committed [789d2d] on Code

Increase DIRECTMAP size from 64 MB to 128 MB

Trusted Boot released /tboot/tboot-1.11.7.tar.gz

Trusted Boot released /tboot-1.11.7.tar.gz.gpg

Adam Pawlicki committed [d0671b] on Code

Added tag v1.11.7 for changeset 8a1423750815

Adam Pawlicki committed [8a1423] on Code

Version 1.11.7

Adam Pawlicki committed [b992d4] on Code

Workaround to make utils buildable.

Trusted Boot released /tboot-1.11.6.tar.gz.gpg

Trusted Boot released /pub.key

Trusted Boot released /tboot/tboot-1.11.6.tar.gz

Mateusz Mówka committed [d093b8] on Code

Added tag v1.11.6 for changeset 9b2748d651ee

Mateusz Mówka committed [9b2748] on Code

Version 1.11.6

Mateusz Mówka committed [b6f26b] on Code

Merge TBOOT_TPR_support branch into default.

Trusted Boot released /tboot-1.11.5.tar.gz.gpg

Trusted Boot updated /gpg_public.key

Trusted Boot released /tboot/tboot-1.11.5.tar.gz

Adam Pawlicki committed [2b6385] on Code

Added tag v1.11.5 for changeset 8da449815519

Adam Pawlicki committed [8da449] on Code

Version 1.11.5

Adam Pawlicki committed [faf748] on Code

Move ACM modules above TBOOT

Mateusz Mówka committed [038263] on Code

Remove unnecessary OPENSSL_free from lcputils.c

Trusted Boot released /Documentation/LCPTOOLS-V2-usage_09052024.pdf

Trusted Boot released /LCPTOOLS-V2-usage_09052024.pdf

Mateusz Mówka committed [9e73e0] on Code

Add TPR (TXT Protected Range) support.

Trusted Boot released /tboot-1.11.4.tar.gz.gpg

Michal Camacho Romero committed [caa503] on Code

Added tag v1.11.4 for changeset 71ca80014ced

Michal Camacho Romero committed [71ca80] on Code

Version 1.11.4

Michal Camacho Romero committed [082851] on Code

Eliminate compilation errors, caused by the unsupported movl and pushl CPU instructions.

Michal Camacho Romero committed [adcc9a] on Code

Set for the compiler the x86-64 target architecture.

Michal Camacho Romero committed [909398] on Code

Increase the TBOOT log section size from 32KB to 64KB.

Michal Camacho Romero committed [abe5b6] on Code

Added tag v1.11.3 for changeset 52979e1dd702

Michal Camacho Romero committed [05b424] on Code

Removed tag v.1.11.3

Trusted Boot released /tboot/tboot-1.11.3.tar.gz

Trusted Boot released /tboot-1.11.3.tar.gz

Trusted Boot released /tboot-1.11.3.tar.gz.gpg

Michal Camacho Romero committed [35b6cb] on Code

Added tag v.1.11.3 for changeset 52979e1dd702

Michal Camacho Romero committed [52979e] on Code

Version 1.11.3

Michal Camacho Romero committed [36d48d] on Code

Increase the maximal APIC ID value from 1024 to 8192.

Michał Żygowski modified a comment on discussion Help

Hi Mateusz, Thank you for your response. I just managed to find this out last weekend :( It seems coreboot already locks the SMRAMC register, however there was another trap waiting for me. The D_LCK bit needs to be set with PCI I/O access instead of ECAM: https://github.com/Dasharo/coreboot/commit/c7540a73860d653988d21565b892c8427709088d Also I wish the ACM error spreadsheet be consistent with Intel datasheets, i.e. at least change DLCK to D_LCK or to SMRAMC.D_LCK in the spreadhseet. It would already...

Michał Żygowski posted a comment on discussion Help

Hi Mateusz, Thank you for your response. I just managed to find this out last weekend :( It seems coreboot already locks the SMRAMC register, however there was another trap waiting for me. The D_CLK bit needs to be set with PCI I/O access instead of ECAM: https://github.com/Dasharo/coreboot/commit/c7540a73860d653988d21565b892c8427709088d Also I wish the ACM error spreadsheet be consistent with Intel datasheets, i.e. at least change DLCK to D_LCK or to SMRAMC.D_CLK in the spreadhseet. It would already...

Mateusz Mówka posted a comment on discussion Help

Hi, sorry for the long wait. This is related to D_LCK bit in the SMRAMC register - https://www.intel.com/content/www/us/en/products/docs/processors/core/core-technical-resources.html see datasheet volume 2 for 10th Gen Intel Core CPU Families, section 3.29 SINIT ACM module expects BIOS to set the D_LCK bit, else an error is generated. Best regards, Mateusz

Michał Żygowski posted a comment on discussion Help

Hello TBOOT community, When I was trying to use TBOOT to perform Intel TXT Measured Launch with Ubuntu Linux, my platform resets right after invoking GETSEC SENTER. From the decoded error code (TXT.ERRORCODE raw value 0xc0007851) I got error class 5, major 0x1e. The ACM error spreadsheet says ERR_DLCK_CONFIG - "DLOCK bit state unexpected", but I am not sure what should be the expected state. May I get more detailed explanation how to solve this error and what the expected state of DLOCK is? Also...

Trusted Boot released /tboot-v1.11.2.tar.gz.gpg

Trusted Boot released /gpg_public.key

Trusted Boot released /tboot/tboot-1.11.2.tar.gz

Michal Camacho Romero committed [3b563d] on Code

Eliminate maybe-uninitialized error for the ‘use_only_version' variable.

Mateusz Mówka committed [700414] on Code

Added tag v1.11.2 for changeset efb362b60b34

Mateusz Mówka committed [efb362] on Code

Version 1.11.2

Michal Camacho Romero committed [322f67] on Code

Fix the RAM memory allocation algorithm for the initrd.

Trusted Boot released /tboot/tboot-1.11.1.tar.gz

Trusted Boot released /tboot-1.11.1.tar.gz.gpg

Paweł Randzio committed [c0fc38] on Code

Version v1.11.1

Paweł Randzio committed [20d511] on Code

Added tag v1.11.1 for changeset c0fc38b9d2a9

Paweł Randzio committed [dcc226] on Code

Revert change for log memory extension

Trusted Boot released /tboot/tboot-1.11.0.tar.gz

Trusted Boot released /tboot-1.11.0.tar.gz.gpg

Paweł Randzio committed [4a904a] on Code

Added tag v1.11.0 for changeset 4af1bd83b21b

Paweł Randzio committed [4af1bd] on Code

Version v1.11.0

Paweł Randzio committed [b06289] on Code

Extend low memory range reserved for logs

Paweł Randzio committed [be0a89] on Code

Flush TPM context after loading objects for integrity verification

Paweł Randzio committed [5780c9]

Removal of "agile" option for Extending PCR Policy

Paweł Randzio committed [7ab3f0]

Add deprecation warning for "agile" extend policy option