On Wed, Aug 15, 2018 at 3:04 PM Jeremy Fields <[email protected]> wrote: > > Hello Grub developers;
Greetings Jeremy. > I'm working on a project similar to Intel's trusted boot (tboot) project (1) > that uses Intel's TXT features to call the special GETSEC[SENTER] > instruction. If I try to start Grub at any point after executing that > instruction, Grub loads in its minimal mode, cannot find any partitions, and > has almost no commands available. Grub works fine when utilizing AMD's > equivalent secure kernel initialize (SKINIT) function. I am glad to see others interested in using x86 late-launch capabilities. I too am working on late launch in an effort to make it more accessible across AMD and Intel, please see my presentation at PSEC[1] and the project git repo[2] or in depth details. The project is still in its infancy with my time split between code and documentation but we have a goal to have an end-to-end capability later this year. The part of the approach we are taking that might be of interest to you is that we are working to enable grub to initiate the late launch itself. I am not sure about your approach, but if you think the approach we are taking would work for you, we would enjoy more people/groups to join in. [1] https://www.platformsecuritysummit.com/2018/speaker/smith/ [2] https://github.com/TrenchBoot/trenchboot V/r, Daniel P. Smith _______________________________________________ Grub-devel mailing list [email protected] https://lists.gnu.org/mailman/listinfo/grub-devel
