| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 19 Jun 2009 11:34:14 -0700 From: Chris Wright <chrisw@...s-sol.org> To: Pavel Machek <pavel@....cz> Cc: James Morris <jmorris@...ei.org>, Joseph Cihula <joseph.cihula@...el.com>, Ingo Molnar <mingo@...e.hu>, linux-kernel@...r.kernel.org, arjan@...ux.intel.com, hpa@...or.com, andi@...stfloor.org, Chris Wright <chrisw@...s-sol.org>, jbeulich@...ell.com, peterm@...hat.com, gang.wei@...el.com, shane.wang@...el.com Subject: Re: [RFC v4][PATCH 2/2] intel_txt: Intel(R) TXT and tboot kernel support * Pavel Machek (pavel@....cz) wrote: > What are non-evil uses of this code? The most common use case I've heard requested from real live customers[1] is...you guessed it...trusted boot. This is typically in the context of virtualization and data centers or clouds. The concerns being addressed are: * confidence that the hardware is running the VMM that the hardware owner configured it w/, since they are on the hook for providing a safe service for each VM running on that hardware * flip side of that is an additional layer protecting against malicious VM that is using some VMM hole to try and subvert the host w/ a VMM of their own thanks, -chris -- [1] as opposed to hardware vendors pushing a feature -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists