| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 04 Dec 2009 14:46:03 -0800 From: "H. Peter Anvin" <hpa@...or.com> To: Pavel Machek <pavel@....cz> CC: "Cihula, Joseph" <joseph.cihula@...el.com>, "Wang, Shane" <shane.wang@...el.com>, "Rafael J. Wysocki" <rjw@...k.pl>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...e.hu>, "arjan@...ux.intel.com" <arjan@...ux.intel.com>, "andi@...stfloor.org" <andi@...stfloor.org>, "chrisw@...s-sol.org" <chrisw@...s-sol.org>, "jmorris@...ei.org" <jmorris@...ei.org>, "jbeulich@...ell.com" <jbeulich@...ell.com>, "peterm@...hat.com" <peterm@...hat.com> Subject: Re: [PATCH] intel_txt: add s3 userspace memory integrity verification On 12/04/2009 02:39 PM, Pavel Machek wrote: > > Having "security" technology that silently fails with funny bootloader > is pretty bad, I'd say. > Yes, but this wouldn't be a silent failure -- such a boot loader wouldn't be able to boot tboot itself either, nor would be able to boot 32-bit kernels (which, in fact, not all boot loaders can); the tboot boot process in fact in many ways treats tboot itself as a 32-bit primary kernel, with the Linux kernel as a secondary kernel. So, this particular failure would not be silent by any means. -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists