Menu
▾
▴
Re: [tboot-devel] late launch
|
From: Cihula, J. <jos...@in...> - 2008-11-19 13:05:19
|
> From: Lil Evil [mailto:Lil...@gm...] > Sent: Wednesday, November 19, 2008 3:21 AM > > Well, but I don't care what else is running as long as my hypervsior (call it MLE or whatever > you want) is measured. > We only need assurance of a trusted hypervisor, the code running previously can be untrusted > as long as it is sufficiently isolated from the rest. > > lIl The only project I know of that is using Intel(R) TXT in a late launch (post-OS) model is Flicker (http://sparrow.ece.cmu.edu/group/flicker.html). It's author, Jonathan McCune, often posts here and could give you more details about it. The late launch model is where a DRTM provides the most value over a static root of trust, as it is not even really possible to extend the SRTM to this point for most OSes. Joe > > -------- Original-Nachricht -------- > > Datum: Wed, 19 Nov 2008 09:17:20 +0800 > > Von: "Wang, Shane" <sha...@in...> > > An: Lil Evil <Lil...@gm...> > > Betreff: RE: [tboot-devel] late launch > > > Oh, but tboot targets at DRTM originally. > > The machine runs at unmeasured environment first and calls getsec[senter] > > to enter SINIT and measure untrusted tboot so as to build the root of > > trust. > > The only difference I can figure out is that tboot is close to the machine > > reset. > > Our method is simple since it is enough for SINIT to measure tboot only, > > since only tboot is in the memory. Simple as it is, it is also a kind of > > DRTM not static RTM. > > > > Anyway, with this mechanism, you can put your code after OS boots up. But > > this will make measurement complex, since so many things are in the memory. > > (I think this is what you want). Of course, that is also a kind of DRTM. > > > > You have to say both are all DRTM. How to implement, it is up to you:) > > > > Shane > > > > Lil Evil wrote: > > > Hi Shane, > > > > > > Well, with late launch I meant, the DRTM allows the platform to > > > perform a measured launch at any time. For instance, I have performed > > > my normal unmeasured boot process and now I decided to start my MLE. > > > > > > I was looking for a PoC or similar projects which already worked on > > > s.th. like this. > > > Obviously tboot would not be the right project name for it. > > > > > > I started working on it, but I suppose it is not necessary to > > > reinvent the wheel. > > > I think I saw s.b. posting on the mailing list about it already.... > > > > > > thanks > > > lIl > > > > > > -------- Original-Nachricht -------- > > >> Datum: Tue, 18 Nov 2008 13:54:53 +0800 > > >> Von: "Wang, Shane" <sha...@in...> > > >> An: Lil Evil <Lil...@gm...>, "tbo...@li..." > > >> <tbo...@li...> Betreff: Re: [tboot-devel] late > > >> launch > > > > > >> What do you mean of "late launch"? > > >> I assume it should not be "post launch". > > >> > > >> Shane > > >> > > >> Lil Evil wrote: > > >>> Hi, > > >>> > > >>> I was wondering whats the status and/or roadmap for late launch with > > >>> tboot, as I was looking at getting some kind of late launch to > > >>> work? I do believe some people on this mailing list are working on > > >>> a late launch proof of concept? What's the status there? > > >>> > > >>> > > >>> thanks > > >>> lIl > > >> > > >> > > >> > > ------------------------------------------------------------------------- > > >> This SF.Net email is sponsored by the Moblin Your Move Developer's > > >> challenge > > >> Build the coolest Linux based applications with Moblin SDK & win > > >> great > > >> prizes > > >> Grand prize is a trip for two to an Open Source event anywhere in the > > >> world > > >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ > > >> _______________________________________________ > > >> tboot-devel mailing list > > >> tbo...@li... > > >> https://lists.sourceforge.net/lists/listinfo/tboot-devel > > -- > Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: > http://www.gmx.net/de/go/multimessenger > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > tboot-devel mailing list > tbo...@li... > https://lists.sourceforge.net/lists/listinfo/tboot-devel |
