^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) =====================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) Intel(R) TXT Overview
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) =====================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) Intel's technology for safer computing, Intel(R) Trusted Execution
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) Technology (Intel(R) TXT), defines platform-level enhancements that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) provide the building blocks for creating trusted platforms.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) Intel TXT was formerly known by the code name LaGrande Technology (LT).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) Intel TXT in Brief:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) - Provides dynamic root of trust for measurement (DRTM)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) - Data protection in case of improper shutdown
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) - Measurement and verification of launched environment
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) Intel TXT is part of the vPro(TM) brand and is also available some
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) non-vPro systems. It is currently available on desktop systems
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) based on the Q35, X38, Q45, and Q43 Express chipsets (e.g. Dell
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) Optiplex 755, HP dc7800, etc.) and mobile systems based on the GM45,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) PM45, and GS45 Express chipsets.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) For more information, see http://www.intel.com/technology/security/.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) This site also has a link to the Intel TXT MLE Developers Manual,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) which has been updated for the new released platforms.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) Intel TXT has been presented at various events over the past few
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) years, some of which are:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) - LinuxTAG 2008:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) http://www.linuxtag.org/2008/en/conf/events/vp-donnerstag.html
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) - TRUST2008:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) http://www.trust-conference.eu/downloads/Keynote-Speakers/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) 3_David-Grawrock_The-Front-Door-of-Trusted-Computing.pdf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) - IDF, Shanghai:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) http://www.prcidf.com.cn/index_en.html
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) - IDFs 2006, 2007
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) (I'm not sure if/where they are online)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) Trusted Boot Project Overview
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) =============================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) Trusted Boot (tboot) is an open source, pre-kernel/VMM module that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) uses Intel TXT to perform a measured and verified launch of an OS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) kernel/VMM.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) It is hosted on SourceForge at http://sourceforge.net/projects/tboot.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) The mercurial source repo is available at http://www.bughost.org/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) repos.hg/tboot.hg.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) Tboot currently supports launching Xen (open source VMM/hypervisor
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) w/ TXT support since v3.2), and now Linux kernels.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) Value Proposition for Linux or "Why should you care?"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) =====================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) While there are many products and technologies that attempt to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) measure or protect the integrity of a running kernel, they all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) assume the kernel is "good" to begin with. The Integrity
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) Measurement Architecture (IMA) and Linux Integrity Module interface
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) are examples of such solutions.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) To get trust in the initial kernel without using Intel TXT, a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) static root of trust must be used. This bases trust in BIOS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) starting at system reset and requires measurement of all code
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) executed between system reset through the completion of the kernel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) boot as well as data objects used by that code. In the case of a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) Linux kernel, this means all of BIOS, any option ROMs, the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) bootloader and the boot config. In practice, this is a lot of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) code/data, much of which is subject to change from boot to boot
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) (e.g. changing NICs may change option ROMs). Without reference
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) hashes, these measurement changes are difficult to assess or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) confirm as benign. This process also does not provide DMA
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) protection, memory configuration/alias checks and locks, crash
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) protection, or policy support.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) By using the hardware-based root of trust that Intel TXT provides,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) many of these issues can be mitigated. Specifically: many
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) pre-launch components can be removed from the trust chain, DMA
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) protection is provided to all launched components, a large number
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) of platform configuration checks are performed and values locked,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) protection is provided for any data in the event of an improper
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) shutdown, and there is support for policy-based execution/verification.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) This provides a more stable measurement and a higher assurance of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) system configuration and initial state than would be otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) possible. Since the tboot project is open source, source code for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) almost all parts of the trust chain is available (excepting SMM and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) Intel-provided firmware).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) How Does it Work?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) =================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) - Tboot is an executable that is launched by the bootloader as
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) the "kernel" (the binary the bootloader executes).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) - It performs all of the work necessary to determine if the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) platform supports Intel TXT and, if so, executes the GETSEC[SENTER]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) processor instruction that initiates the dynamic root of trust.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) - If tboot determines that the system does not support Intel TXT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) or is not configured correctly (e.g. the SINIT AC Module was
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) incorrect), it will directly launch the kernel with no changes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) to any state.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) - Tboot will output various information about its progress to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) terminal, serial port, and/or an in-memory log; the output
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) locations can be configured with a command line switch.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) - The GETSEC[SENTER] instruction will return control to tboot and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) tboot then verifies certain aspects of the environment (e.g. TPM NV
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) lock, e820 table does not have invalid entries, etc.).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) - It will wake the APs from the special sleep state the GETSEC[SENTER]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) instruction had put them in and place them into a wait-for-SIPI
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) state.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) - Because the processors will not respond to an INIT or SIPI when
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) in the TXT environment, it is necessary to create a small VT-x
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) guest for the APs. When they run in this guest, they will
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) simply wait for the INIT-SIPI-SIPI sequence, which will cause
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) VMEXITs, and then disable VT and jump to the SIPI vector. This
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) approach seemed like a better choice than having to insert
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) special code into the kernel's MP wakeup sequence.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) - Tboot then applies an (optional) user-defined launch policy to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) verify the kernel and initrd.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) - This policy is rooted in TPM NV and is described in the tboot
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) project. The tboot project also contains code for tools to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) create and provision the policy.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) - Policies are completely under user control and if not present
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) then any kernel will be launched.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) - Policy action is flexible and can include halting on failures
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) or simply logging them and continuing.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) - Tboot adjusts the e820 table provided by the bootloader to reserve
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) its own location in memory as well as to reserve certain other
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) TXT-related regions.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) - As part of its launch, tboot DMA protects all of RAM (using the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) VT-d PMRs). Thus, the kernel must be booted with 'intel_iommu=on'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) in order to remove this blanket protection and use VT-d's
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) page-level protection.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) - Tboot will populate a shared page with some data about itself and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) pass this to the Linux kernel as it transfers control.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) - The location of the shared page is passed via the boot_params
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) struct as a physical address.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) - The kernel will look for the tboot shared page address and, if it
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) exists, map it.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) - As one of the checks/protections provided by TXT, it makes a copy
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) of the VT-d DMARs in a DMA-protected region of memory and verifies
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) them for correctness. The VT-d code will detect if the kernel was
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) launched with tboot and use this copy instead of the one in the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) ACPI table.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) - At this point, tboot and TXT are out of the picture until a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) shutdown (S<n>)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) - In order to put a system into any of the sleep states after a TXT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) launch, TXT must first be exited. This is to prevent attacks that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) attempt to crash the system to gain control on reboot and steal
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) data left in memory.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) - The kernel will perform all of its sleep preparation and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) populate the shared page with the ACPI data needed to put the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) platform in the desired sleep state.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) - Then the kernel jumps into tboot via the vector specified in the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) shared page.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) - Tboot will clean up the environment and disable TXT, then use the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) kernel-provided ACPI information to actually place the platform
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) into the desired sleep state.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) - In the case of S3, tboot will also register itself as the resume
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) vector. This is necessary because it must re-establish the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) measured environment upon resume. Once the TXT environment
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) has been restored, it will restore the TPM PCRs and then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) transfer control back to the kernel's S3 resume vector.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) In order to preserve system integrity across S3, the kernel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) provides tboot with a set of memory ranges (RAM and RESERVED_KERN
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) in the e820 table, but not any memory that BIOS might alter over
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) the S3 transition) that tboot will calculate a MAC (message
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) authentication code) over and then seal with the TPM. On resume
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) and once the measured environment has been re-established, tboot
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) will re-calculate the MAC and verify it against the sealed value.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) Tboot's policy determines what happens if the verification fails.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) Note that the c/s 194 of tboot which has the new MAC code supports
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) this.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) That's pretty much it for TXT support.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) Configuring the System
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) ======================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) This code works with 32bit, 32bit PAE, and 64bit (x86_64) kernels.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) In BIOS, the user must enable: TPM, TXT, VT-x, VT-d. Not all BIOSes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) allow these to be individually enabled/disabled and the screens in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) which to find them are BIOS-specific.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) grub.conf needs to be modified as follows::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) title Linux 2.6.29-tip w/ tboot
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) root (hd0,0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) kernel /tboot.gz logging=serial,vga,memory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) module /vmlinuz-2.6.29-tip intel_iommu=on ro
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) root=LABEL=/ rhgb console=ttyS0,115200 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) module /initrd-2.6.29-tip.img
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) module /Q35_SINIT_17.BIN
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) The kernel option for enabling Intel TXT support is found under the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) Security top-level menu and is called "Enable Intel(R) Trusted
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) Execution Technology (TXT)". It is considered EXPERIMENTAL and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) depends on the generic x86 support (to allow maximum flexibility in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) kernel build options), since the tboot code will detect whether the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) platform actually supports Intel TXT and thus whether any of the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) kernel code is executed.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) The Q35_SINIT_17.BIN file is what Intel TXT refers to as an
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) Authenticated Code Module. It is specific to the chipset in the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) system and can also be found on the Trusted Boot site. It is an
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) (unencrypted) module signed by Intel that is used as part of the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) DRTM process to verify and configure the system. It is signed
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) because it operates at a higher privilege level in the system than
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) any other macrocode and its correct operation is critical to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) establishment of the DRTM. The process for determining the correct
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) SINIT ACM for a system is documented in the SINIT-guide.txt file
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) that is on the tboot SourceForge site under the SINIT ACM downloads.
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags