OK, great. We of course are using tboot for other works in progress but we are
not quite ready to move up to the latest xen unstable so I just wanted to know
there would be a pre-change release we could grab for the time being. When we
move forward to say 3.4 we will use the latest tboot.
Thanks
Ross
-----Original Message-----
From: Cihula, Joseph [mailto:joseph.cihula@xxxxxxxxx]
Sent: Thursday, January 29, 2009 10:05 AM
To: Ross Philipson; 'xen-devel@xxxxxxxxxxxxxxxxxxx';
xense-devel@xxxxxxxxxxxxxxxxxxx
Cc: Wang, Shane; Keir Fraser
Subject: RE: [PATCH v2] txt: 0/5 - Overview
> From: Ross Philipson [mailto:Ross.Philipson@xxxxxxxxxx]
> Sent: Thursday, January 29, 2009 5:58 AM
>
> Joe,
>
> So if I read this correctly, the current tboot.hg repo on bughost does not
> have the new
> patches and therefore will work with older versions on xen (without your
> latest patches),
> correct? Are you going to be putting the patches in the main tboot repo or
> are you going to
> branch it - how will you make tboot available for both cases?
>
> Thanks
> Ross
I will create a new tarball today for the latest pre-change tboot code and then
I will check in the changes once the corresponding Xen changes are accepted.
The next set of Linux patches will also be based on the new tboot code.
To the best of my knowledge, the only commercial distro with a Xen version
>=3.2 is SLES10SP2 and SLES11 and so I'm not intending to support the earlier
versions of tboot. Also, the Xen changes are not that large and are mostly
independent of anything in Xen that changed since 3.2, so it should not be hard
to backport them is there is interest.
Joe
> -----Original Message-----
> From: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
> [mailto:xen-devel-bounces@xxxxxxxxxxxxxxxxxxx] On
> Behalf Of Cihula, Joseph
> Sent: Thursday, January 29, 2009 3:55 AM
> To: 'xen-devel@xxxxxxxxxxxxxxxxxxx'; xense-devel@xxxxxxxxxxxxxxxxxxx
> Cc: Wang, Shane; Keir Fraser
> Subject: [Xen-devel] [PATCH v2] txt: 0/5 - Overview
>
> This patch series are changes to Xen to support new functionality, and a
> changed API, in the
> tboot project (see http://sourceforge.net/projects/tboot for more info about
> tboot). Some of
> these changes originated from comments received when the first set of Linux
> tboot/Intel(r) TXT
> patches were posted to LKML.
>
> Attached to this patch is a single patch to be applied to the current tip of
> the tboot source
> tree (located at http://www.bughost.org/repos.hg/tboot.hg). Due to the API
> change, for those
> who wish to test the patches, it would be best to apply all of the tboot
> patch at once and
> test with all of the Xen patches applied to Xen.
>
> Since the API changes are not backwards compatible, the resulting tboot will
> not work with a
> Xen that does not have the patches applied. Likewise, a Xen with these
> patches applied will
> not work with the un-patched tboot. To keep backward compatibility would
> have left the
> interface and code fairly ugly and didn't seem worth the trouble.
>
> The Xen patches are as follows:
>
> xen-txt-01-unified_shutdown_entry.patch - single tboot entry point for
> shutdown
> xen-txt-02c-acpi_gas_support.patch - ACPI Generic Address Structure
> for tboot shutdown
> xen-txt-03c-protect_txt_ranges.patch - explicitly protect TXT addr
> ranges from dom0
> xen-txt-04c-hypervisor_s3_integrity.patch - hypervisor integrity on S3
> xen-txt-05b-use_protected_dmar.patch - use TXT's DMA-protected DMAR
> table to setup VT-d
>
> We are currently working on a patch that will extend the S3 integrity to
> domains, as
> configurable via a domain's config file (and always for dom0).
>
> The patches apply cleanly to the latest xen-unstable (c/s 19104:31983c30c460).
>
> Joe and Shane
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|