Menu
▾
▴
Re: [tboot-devel] Buying a machine that will actually work with TXT
|
From: Mike H. <mi...@pl...> - 2008-07-16 09:42:19
|
On Wed, Jul 16, 2008 at 8:43 AM, Martin Thiim <ma...@th...> wrote: > regarding the original posters mention of trusted graphics and input paths: Does anyone know what the status on this is? I know this is separate technology from TXT but certainly it is part of trusted computing. The "safer computing initiative" book talks a bit about this but the details are frustratingly absent. Essentially: - Yes it's a part of TXT - There is a defined mechanism for this (TGTT) - The process is that the video card is given restricted access to some section of a VMs memory space - The video card composites the trusted surface with the untrusted surface such that trusted surface is always top in the z-order No mention was made of how this would interact with composited desktops like Compiz, Aqua or Vista. I strongly suspect this straightforward implementation will have to be scrapped or at least augmented to allow for a VM to be bound to a secure OpenGL texture that the main untrusted OS can then composite into the final image. The trick being that the video card would have to somehow prevent the main VM from reading back any section of the screen that had been touched by the secure texture - including arbitrary transforms like reflection using pixel shaders. Ugh. Sounds complicated. I'll settle for a basic system that uses the technique described in the book for now, but obviously for production desktop use if you want to use a trusted graphics path then the issue of compositing will need to be addressed. The trusted channel to the keyboard seemed more fleshed out, there was a long discussion of how to handle laptop keyboards (as they aren't usb devices like on a desktop) although I don't remember the exact details of how you authenticate that the keyboard is a real hardware keyboard and not an emulation. |
