lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 10 May 2013 01:50:05 +0000
From:	"Ren, Qiaowei" <qiaowei.ren@...el.com>
To:	Matthew Garrett <matthew.garrett@...ula.com>
CC:	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"platform-driver-x86@...r.kernel.org" 
	<platform-driver-x86@...r.kernel.org>,
	"Wei, Gang" <gang.wei@...el.com>
Subject: RE: [PATCH 3/4] driver: provide sysfs interfaces to access TXT log

On 2013-05-09, Matthew Garrett wrote:
> On Thu, 2013-05-09 at 08:05 +0000, Ren, Qiaowei wrote:
> > On 2013-05-08, Matthew Garrett wrote:
> > > How different are these logs to the TPM measurements exported via
> > > securityfs?
> >
> > These logs come from tboot (Trusted Boot, an open source, pre-kernel/VMM
> module that uses IntelĀ® Trusted Execution Technology (IntelĀ® TXT) to perform a
> measured and verified launch of an OS kernel/VMM.), and should be different
> from those TPM measurements (from BIOS?) exported via security.
> 
> Different in what way? What are they actually logging?

Tboot log should also contain txt heap memory content, a lot of event log, etc.

> > > So I write a value here and then I see different chunks of log? This
> > > doesn't seem like an optimal interface. What do these logs actually
> > > contain? How do I know which block I should be reading?
> >
> > Yes. Since total log size is bigger than one page 4K, the log have to be
> displayed in 4K-block indexed by block_index.
> > These logs will be very helpful for txt related debugging.
> 
> If they're only intended for debugging then sysfs probably isn't the best place
> for them. debugfs might make more sense.

Yes. Debugfs seems to be better choice. Maybe we need to further consider the purpose of outputting tboot log. So I will temporarily remove this feature from this patch.

Thanks,
Qiaowei

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ