On Thu, Dec 19, 2024 at 11:42:13AM -0800, Ross Philipson wrote:
> DRTM needs to be able to set the locality used by kernel. Provide
> a one-shot function tpm_chip_set_locality() for the purpose.
>
> Signed-off-by: Ross Philipson
> Signed-off-by: Jarkko Sakkinen
> ---
> drivers/char/tpm/tpm-chip
On Thu, Dec 19, 2024 at 11:42:12AM -0800, Ross Philipson wrote:
> From: "Daniel P. Smith"
>
> Validate that the input locality is within the correct range, as specified
> by TCG standards, and increase the locality count also for the positive
> localities.
>
> Signed-off-by: Daniel P. Smith
> S
On Thu, Dec 19, 2024 at 11:42:07AM -0800, Ross Philipson wrote:
> The routine slaunch_setup is called out of the x86 specific setup_arch()
> routine during early kernel boot. After determining what platform is
> present, various operations specific to that platform occur. This
> includes finalizing
On Thu, Dec 19, 2024 at 11:42:06AM -0800, Ross Philipson wrote:
> The Secure Launch (SL) stub provides the entry point for Intel TXT (and
> later AMD SKINIT) to vector to during the late launch. The symbol
Does "to vector to" translate into to jump into during late launch? :-)
Given the complicat
On Thu, Dec 19, 2024 at 11:42:05AM -0800, Ross Philipson wrote:
> The MLE (measured launch environment) header must be locatable by the
> boot loader and TXT must be setup to do a launch with this header's
(cutting the hairs) nit: /TXT/Intel TXT/
> location. While the offset to the kernel_info st
On Thu, Dec 19, 2024 at 11:42:04AM -0800, Ross Philipson wrote:
> These values are needed by Secure Launch to locate particular CPUs
> during AP startup and to restore the MTRR state after a TXT launch.
Hmm... does the first part with like locating particular CPU cores?
I'd start also the sentenc
One quick review note:
On Fri, Mar 07, 2025 at 12:57:35AM +, Pratyush Yadav wrote:
> +/**
> + * struct fdbox - A box of FDs.
> + * @name: Name of the box. Must be unique.
> + * @rwsem: Used to ensure exclusive access to the box during SEAL/UNSEAL
> + * operations.
> + * @dev: Backing d
On Thu, Dec 19, 2024 at 11:42:03AM -0800, Ross Philipson wrote:
> From: "Daniel P. Smith"
>
> The SHA-256 algorithm is necessary to measure configuration information into
> the TPM as early as possible before using the values. This implementation
> uses the established approach of #including the
On Thu, Dec 19, 2024 at 11:42:02AM -0800, Ross Philipson wrote:
> From: "Daniel P. Smith"
>
> Secure Launch is written to be compliant with the Intel TXT Measured Launch
> Developer's Guide. The MLE Guide dictates that the system can be configured to
> use both the SHA-1 and SHA-2 hashing algorit
On Thu, Dec 19, 2024 at 11:42:01AM -0800, Ross Philipson wrote:
> Introduce the main Secure Launch header file used in the early SL stub
> and the early setup code.
Just would need a *short* description of what slaunch.h holds. I guess
it holds Intel TXT micro-arhitectural data structures? Anythin
On Thu, Dec 19, 2024 at 11:42:00AM -0800, Ross Philipson wrote:
> Introduce the Secure Launch Resource Table which forms the formal
> interface between the pre and post launch code.
>
> Signed-off-by: Ross Philipson
Is this interface kernel specific or uarch specific? I'd just
explicitly state t
This series introduces the File Descriptor Box (FDBox), along with
support in memfd and shmem for persisting memfds over KHO using FDBox.
FDBox is a mechanism for userspace to name file descriptors and give
them over to the kernel to hold. They can later be retrieved by passing
in the same name. T
On March 6, 2025 4:57:36 PM PST, Pratyush Yadav wrote:
>With FDBox in place, add documentation that describes what it is and how
>it is used, along with its UAPI and in-kernel API.
>
>Since the document refers to KHO, add a reference tag in kho/index.rst.
>
>Signed-off-by: Pratyush Yadav
>---
> D
With FDBox in place, add documentation that describes what it is and how
it is used, along with its UAPI and in-kernel API.
Since the document refers to KHO, add a reference tag in kho/index.rst.
Signed-off-by: Pratyush Yadav
---
Documentation/filesystems/locking.rst | 21 +++
Documentation/kh
For applications with a large amount of memory that takes time to
rebuild, reboots to consume kernel upgrades can be very expensive. FDBox
allows preserving file descriptors over kexec using KHO. Combining that
with memfd gives those applications reboot-persistent memory that they
can use to quickl
The File Descriptor Box (FDBox) is a mechanism for userspace to name
file descriptors and give them over to the kernel to hold. They can
later be retrieved by passing in the same name.
The primary purpose of FDBox is to be used with Kexec Handover (KHO).
There are many kinds anonymous file descrip
In a following patch, support for preserving a shmem file over kexec
handover (KHO) will be added. When a shmem file is to be preserved over
KHO, its pages must be removed from the inode's page cache and kept
reserved. That work is very similar to what shmem_undo_range() does. The
only extra thing
For applications with a large amount of memory that takes time to
rebuild, reboots to consume kernel upgrades can be very expensive. FDBox
allows preserving file descriptors over kexec using KHO. Combining that
with memfd gives those applications reboot-persistent memory that they
can use to quickl
Hello,
My name is Barry at Investment Consult, we are a consultancy and
brokerage Firm specializing in Growth Financial Loan and joint
partnership venture. We specialize in investments in all Private
and public sectors in a broad range of areas within our Financial
Investment Services.
We are ex
On 3/5/2025 4:27 AM, Mimi Zohar wrote:
On Wed, 2025-03-05 at 20:08 +0800, Baoquan He wrote:
On 03/04/25 at 11:03am, steven chen wrote:
Carrying the IMA measurement list across kexec requires allocating a
buffer and copying the measurement records. Separate allocating the
buffer and copying the
20 matches
Mail list logo
