WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

RE: RE: [Xen-devel] Help: Could anybody k now about the Intel' s "LaGran

To: <xenway@xxxxxxx>
Subject: RE: RE: [Xen-devel] Help: Could anybody k now about the Intel' s "LaGrande" techno l ogies? Did the Xen be under development u sing this stuff?
From: "Cihula, Joseph" <joseph.cihula@xxxxxxxxx>
Date: Mon, 15 Jan 2007 21:13:01 -0800
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx, xense-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 15 Jan 2007 21:15:12 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <45AB4B21.000150.07279@xxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <45AB4B21.000150.07279@xxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Acc4iMMEZ6lfKjgEQ1C9AL4Z6nvSKAAZCXPw
Thread-topic: RE: [Xen-devel] Help: Could anybody k now about the Intel' s "LaGrande" techno l ogies? Did the Xen be under development u sing this stuff?
(Including xense-devel again.)
 
 
On Monday, January 15, 2007 1:37 AM,  xenway@xxxxxxx wrote:
>       Hi, Joseph
>           I really appreciate your help :)
>           I have read the web page you mentioned before. It seems that
you integrate it
> into Xen as Secure Boot interacting with TPM module or something like
that, don't you :) 

The current patch integrates the TXT code into the Xen binary, invoked
at the very beginning of launch.

>           The goal of  our project is that we have studied the
framework of Microsoft(R)'s
> "NGSCB". We are trying to implement a rough prototype or something
alike in Linux or *nix
> rather than Windows(R) where "NGSCB" was going. However, the "NGSCB"
needs some hardware
> supports such as "Trusted Mode", "Memory Protection", "DMA Control"
and "Secure Path to the
> User", etc. Fortunately, the Intel(R) Corp has developed their
technologies called "Lagrande"
> which can feed the needs of Nexus which is the secure kernel of the
"NGSCB". The "NGSCB" is
> not described clearly by Microsoft :(. We can't find more details
about that stuff. Finally,
> we found some stuff which came out  from  the "Intel  Developer
Center" like "Domain Manager"
> and "SENTER Progress", etc. The project "NGSCB" seems to be defunct
and there is no further
> information about that, on the other hand, the Intel(R) Corp seems to
continue its works on
> hardware support to "NGSCB". So we found out some stuff about the
"Lagrande" technologies in
> the Xen communities. 
>           We are curious that whether the patch you contribute to the
Xen is the beginning of
> building a prototype of "Domain Manager" or something alike? If not,
what is the goal of
> integrating "Lagrande" into Xen? Could you give me further information
about that?

The term "domain manager" that you're referring to was the term used in
place of VMM in some of our early slides.  So our TXT work with Xen is
not to replace Xen (the hypervisor), but rather to enhance it to support
TXT.

You can get more up to date information from this past Fall's Intel
Developer Forum (IDF) at:
http://www.intel.com/idf/us/fall2006/index.htm.  There were two sessions
specifically on TXT.

>           By the way, the Intel(R) Corp has announced its "Lagrande"
technologies, has it
> been integrated into some processors? Has the motherboard's chips  the
functions like
> "IOMMU" and "DMA Protection" to support "Curtained Memory"?

A TXT-capable system is available for purchase; please visit
http://www.mpccorp.com/clientpro_txt for details.

>           The next work we are going to do is to find out whether it
is feasible to introduce
> the Xen to construct our secure kernel. Do you have some constructive
advices for us?
> Thanks a lot :)

My foils from this past Xen Summit
(http://www.xensource.com/files/summit_3/Xen_support_for_LaGrande_Techno
logy.pdf) describe how to enable Xen for TXT are a good basis for
enabling any VMM or kernel to use TXT.

Joe

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread] Current Thread [Next in Thread>