Hi all,
Sorry for being late to the party. Ard cc'ed me in a prior mail, but that
got lost along the way
On Wed, Sep 21, 2022 at 05:41:14PM +0200, Ard Biesheuvel wrote:
> On Wed, 21 Sept 2022 at 14:27, Gerd Hoffmann wrote:
> >
> > On Wed, Sep 21, 2022 at 11:24:11AM +, Lu, Ken wrote:
> > >
On Wed, 21 Sept 2022 at 14:27, Gerd Hoffmann wrote:
>
> On Wed, Sep 21, 2022 at 11:24:11AM +, Lu, Ken wrote:
> > >
> > > > But either in GenericQemuLoadImageLib, it can do measurement for
> > > command line and initrd, correct?
> > >
> > > Yes, it could. But why given that the linux kernel
On Wed, Sep 21, 2022 at 11:24:11AM +, Lu, Ken wrote:
> >
> > > But either in GenericQemuLoadImageLib, it can do measurement for
> > command line and initrd, correct?
> >
> > Yes, it could. But why given that the linux kernel efi stub measures
> > anyway?
> If the final decision is the
>
> > But either in GenericQemuLoadImageLib, it can do measurement for
> command line and initrd, correct?
>
> Yes, it could. But why given that the linux kernel efi stub measures anyway?
If the final decision is the measurement should be done by efi stub in Linux
kernel. Do we also need
On Tue, Sep 20, 2022 at 02:30:01PM +, Lu, Ken wrote:
> > > So there are two types loaders:
> > > 1. QemuKernelLoaderFsDxe - this way just put kernel/initrd blob into a
> > > FS
> > for any future's usage, may be continue boot or not.
> > > 2. QemuLoadKernelImage,-this is consumed
> > So there are two types loaders:
> > 1. QemuKernelLoaderFsDxe - this way just put kernel/initrd blob into a FS
> for any future's usage, may be continue boot or not.
> > 2. QemuLoadKernelImage,-this is consumed by TryRunningQemuKernel()
> - standard Qemu direct boot path
>
> Nope.
> > Hi Ard, I think it better let creator to measure instead of consumer to
> > measure
> like today's implementation in grub[1]. The creator here means who load/create
> it. In direct boot, it is OVMF read kernel command line and initrd image. In
> grub
> boot, it is grub2. Because the number
> >
>
> Not fundamentally, no. But between the measurement of the image itself (which
> the firmware should do) and the measurement of the initrd and command line
> (which the EFI stub will do), I'm not sure there is that much left.
> In general, I think the combinatorial explosion of CC
> > Hi Ard, I think it better let creator to measure instead of consumer
> > to measure like today's implementation in grub[1]. The creator here
> > means who load/create it. In direct boot, it is OVMF read kernel
> > command line and initrd image.
>
> Nope. OVMF just places kernel, initrd and
> -Original Message-
> From: Ard Biesheuvel
> Sent: Monday, September 19, 2022 2:59 PM
> To: Xu, Min M
> Cc: devel@edk2.groups.io; Ard Biesheuvel ; Aktas,
> Erdem ; James Bottomley ;
> Yao, Jiewen ; Gerd Hoffmann ; Lu,
> Ken
> Subject: Re: [edk2-devel] measure
On Tue, 20 Sept 2022 at 15:24, Lu, Ken wrote:
>
> > > Hi Ard, I think it better let creator to measure instead of consumer to
> > > measure
> > like today's implementation in grub[1]. The creator here means who
> > load/create
> > it. In direct boot, it is OVMF read kernel command line and
On Tue, 20 Sept 2022 at 15:44, James Bottomley wrote:
>
> [pjones added because he's done a huge amount of work to get shim to
> measure stuff correctly]
> On Tue, 2022-09-20 at 13:24 +, Lu, Ken wrote:
> > > > Hi Ard, I think it better let creator to measure instead of
> > > > consumer to
On Tue, Sep 20, 2022 at 01:38:05PM +, Lu, Ken wrote:
> > > Hi Ard, I think it better let creator to measure instead of consumer
> > > to measure like today's implementation in grub[1]. The creator here
> > > means who load/create it. In direct boot, it is OVMF read kernel
> > > command line
[pjones added because he's done a huge amount of work to get shim to
measure stuff correctly]
On Tue, 2022-09-20 at 13:24 +, Lu, Ken wrote:
> > > Hi Ard, I think it better let creator to measure instead of
> > > consumer to measure
> > like today's implementation in grub[1]. The creator here
Hi,
> Hi Ard, I think it better let creator to measure instead of consumer
> to measure like today's implementation in grub[1]. The creator here
> means who load/create it. In direct boot, it is OVMF read kernel
> command line and initrd image.
Nope. OVMF just places kernel, initrd and
;
> > Yao, Jiewen ; Gerd Hoffmann ; Lu,
> > Ken
> > Subject: Re: [edk2-devel] measurement to command-line/initrd for loading
> > kernel via -kernel option
> >
> > On Mon, 19 Sept 2022 at 04:13, Xu, Min M wrote:
> > >
> > > On September 18, 2022 8:52
(cc Ilias, Matt, Peter[], Daniel[])
On Tue, 20 Sept 2022 at 02:20, Xu, Min M wrote:
>
> On September 19, 2022 2:59 PM, Ard Biesheuvel wrote:
> > On Mon, 19 Sept 2022 at 04:13, Xu, Min M wrote:
> > >
> > > On September 18, 2022 8:52 PM, Ard Biesheuvel wrote:
> > > > Hello Min Xu,
> > > >
> > > >
On September 19, 2022 2:59 PM, Ard Biesheuvel wrote:
> On Mon, 19 Sept 2022 at 04:13, Xu, Min M wrote:
> >
> > On September 18, 2022 8:52 PM, Ard Biesheuvel wrote:
> > > Hello Min Xu,
> > >
> > > On Sat, 17 Sept 2022 at 04:53, Xu, Min M wrote:
> > > >
> > > > Hi, Ard
> > > >
> > > > I am
On Mon, 19 Sept 2022 at 04:13, Xu, Min M wrote:
>
> On September 18, 2022 8:52 PM, Ard Biesheuvel wrote:
> > Hello Min Xu,
> >
> > On Sat, 17 Sept 2022 at 04:53, Xu, Min M wrote:
> > >
> > > Hi, Ard
> > >
> > > I am checking the measurement behavior when loading the kernel via the
> > QEMU
On September 18, 2022 8:52 PM, Ard Biesheuvel wrote:
> Hello Min Xu,
>
> On Sat, 17 Sept 2022 at 04:53, Xu, Min M wrote:
> >
> > Hi, Ard
> >
> > I am checking the measurement behavior when loading the kernel via the
> QEMU -kernel option. I find it is implemented by below 2 driver/lib:
> >
> > -
Hello Min Xu,
On Sat, 17 Sept 2022 at 04:53, Xu, Min M wrote:
>
> Hi, Ard
>
> I am checking the measurement behavior when loading the kernel via the QEMU
> -kernel option. I find it is implemented by below 2 driver/lib:
>
> - OvmfPkg/QemuKernelLoaderFsDxe
>
> This is a separate DXE driver that
Hi, Ard
I am checking the measurement behavior when loading the kernel via the QEMU
-kernel option. I find it is implemented by below 2 driver/lib:
- OvmfPkg/QemuKernelLoaderFsDxe
This is a separate DXE driver that exposes the virtual SimpleFileSystem
implementation that carries the kernel and
22 matches
Mail list logo
