|
|
|
|
|
|
|
|
|
|
xen-devel
[Xen-devel] RE: [PATCH v2] txt: 0/5 - Overview
Joe,
So if I read this correctly, the current tboot.hg repo on bughost does not have
the new patches and therefore will work with older versions on xen (without
your latest patches), correct? Are you going to be putting the patches in the
main tboot repo or are you going to branch it - how will you make tboot
available for both cases?
Thanks
Ross
-----Original Message-----
From: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
[mailto:xen-devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Cihula, Joseph
Sent: Thursday, January 29, 2009 3:55 AM
To: 'xen-devel@xxxxxxxxxxxxxxxxxxx'; xense-devel@xxxxxxxxxxxxxxxxxxx
Cc: Wang, Shane; Keir Fraser
Subject: [Xen-devel] [PATCH v2] txt: 0/5 - Overview
This patch series are changes to Xen to support new functionality, and a
changed API, in the tboot project (see http://sourceforge.net/projects/tboot
for more info about tboot). Some of these changes originated from comments
received when the first set of Linux tboot/Intel(r) TXT patches were posted to
LKML.
Attached to this patch is a single patch to be applied to the current tip of
the tboot source tree (located at http://www.bughost.org/repos.hg/tboot.hg).
Due to the API change, for those who wish to test the patches, it would be best
to apply all of the tboot patch at once and test with all of the Xen patches
applied to Xen.
Since the API changes are not backwards compatible, the resulting tboot will
not work with a Xen that does not have the patches applied. Likewise, a Xen
with these patches applied will not work with the un-patched tboot. To keep
backward compatibility would have left the interface and code fairly ugly and
didn't seem worth the trouble.
The Xen patches are as follows:
xen-txt-01-unified_shutdown_entry.patch - single tboot entry point for
shutdown
xen-txt-02c-acpi_gas_support.patch - ACPI Generic Address Structure for
tboot shutdown
xen-txt-03c-protect_txt_ranges.patch - explicitly protect TXT addr ranges
from dom0
xen-txt-04c-hypervisor_s3_integrity.patch - hypervisor integrity on S3
xen-txt-05b-use_protected_dmar.patch - use TXT's DMA-protected DMAR table
to setup VT-d
We are currently working on a patch that will extend the S3 integrity to
domains, as configurable via a domain's config file (and always for dom0).
The patches apply cleanly to the latest xen-unstable (c/s 19104:31983c30c460).
Joe and Shane
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
|
|