Re: [tboot-devel] new release of tboot and SINIT AC modules

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

>> I cannot find the "Developer guide" at
>>  http://www.intel.com/technology/security/. Perhaps it is not ready
>>  yet??
>>
>
> ah, it is still under the old name "Intel(R) Trusted Execution
> Technology Preliminary Architecture Specification"

Yes, sorry about that.  I've already asked that the link be fixed.

Joe

-----Original Message-----
From: Jun Koi [mailto:jun...@gm...] 
Sent: Sunday, June 15, 2008 7:03 PM
To: Cihula, Joseph
Cc: tbo...@li...
Subject: Re: [tboot-devel] new release of tboot and SINIT AC modules

On 6/16/08, Jun Koi <jun...@gm...> wrote:
> On 6/14/08, Cihula, Joseph <jos...@in...> wrote:
>  > I have just checked in a new release of the tboot project.  The
changes
>  >  are quite significant and numerous:
>  >         Removed support for Technology Enabling Platform (TEP)
>  >         Removed support for SINIT AC module versions <16 (i.e. <=
>  >  20070910)
>  >         Updated per changes in May 2008 Intel(R) TXT MLE
Developer's
>  >  Manual:
>  >             Updated to MLE (header) version 2.0
>  >             Updated OsSinitData, SinitMleData structs
>  >             Updated AC module InfoTable struct
>  >             Support Capabilities fields
>  >             Support MONITOR-based RLP wakeup
>  >         Added acminfo app to parse and display AC module
information
>  >         Updated for v3 of BiosData struct
>  >         Reduced TPM-related serial output
>  >         Fixed sealing of hashes for restoring PCRs after S3 resume
>  >         Misc. fixes and code cleanup
>  >
>  >  The most important of the changes is that the new code no longer
>  >  supports either the TEP or older SINIT ACMs.  So along with the
new
>  >  tboot code I have also posted new versions of the SINIT ACM for
the
>  >  Intel(r) Q35 and X38 chipsets (and a guide that helps to determine
which
>  >  one to use for a given platform).  One of these new SINITs *must*
be
>  >  used with the new tboot code--using the previous tboot code with
the new
>  >  SINIT or using the new tboot with the previous SINIT will both
result in
>  >  failure of the launch.
>  >
>  >  The TXT Preliminary Architecture Specification has also been
updated.
>  >  The content on the SMX instructions is now in the "Intel(r) 64 and
IA-32
>  >  Architectures Software Developer's Manual" volume 2B Chapt. 6.  In
place
>  >  of the Preliminary Architecture Spec is the "Intel(r) Trusted
Execution
>  >  Technology Measured Launched Environment Developer's Guide", still
>  >  located at http://www.intel.com/technology/security/.
>
>
> I cannot find the "Developer guide" at
>  http://www.intel.com/technology/security/. Perhaps it is not ready
>  yet??
>

ah, it is still under the old name "Intel(R) Trusted Execution
Technology Preliminary Architecture Specification"

Thanks,
Jun