Xen 		  
Home About Xen.org Xen Xen Summit Wiki Mailing List Bug Tracker Xen Downloads
 
   
 

xense-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xense-devel] RE: [Xen-devel] [PATCH] Intel(R) Trusted Execution Technol

from [Cihula, Joseph] [Permanent Link][Original]
To: "Keir Fraser" <Keir.Fraser@xxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>, <xense-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xense-devel] RE: [Xen-devel] [PATCH] Intel(R) Trusted Execution Technology support
From: "Cihula, Joseph" <joseph.cihula@xxxxxxxxx>
Date: Mon, 29 Oct 2007 12:26:57 -0700
Cc: "Xu, James" <james.xu@xxxxxxxxx>, "Wang, Shane" <shane.wang@xxxxxxxxx>, "Wei, Gang" <gang.wei@xxxxxxxxx>
Delivery-date: Mon, 29 Oct 2007 12:28:02 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <C34BDB16.F9D0%Keir.Fraser@xxxxxxxxxxxx>
List-help: <mailto:xense-devel-request@lists.xensource.com?subject=help>
List-id: "A discussion list for those developing security enhancements for Xen." <xense-devel.lists.xensource.com>
List-post: <mailto:xense-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=unsubscribe>
References: <D936D925018D154694D8A362EEB0892002C7C4B6@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <C34BDB16.F9D0%Keir.Fraser@xxxxxxxxxxxx>
Sender: xense-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcgYPKeHAh+s/rrjQ0OzxTZHSH6adQB0Zgj0AAzUsnAAA3v0QgAAvpSgAAB6yw4AAD/usAAAM7T7AACBpTAAAPRgXgABVtmQ
Thread-topic: [Xen-devel] [PATCH] Intel(R) Trusted Execution Technology support 
On Monday, October 29, 2007 11:47 AM, Keir Fraser wrote:
> On 29/10/07 18:34, "Cihula, Joseph" <joseph.cihula@xxxxxxxxx> wrote:
> 
>>> Okay, we should limit the scan to page-aligned addresses in UNUSABLE
regions
>>> below 1MB. It makes sense to put the UNUSABLE->RESERVED hack in Xen
itself,
>>> rather than in tboot. Once the interface is baked into 3.2.0 it's
not
>>> changing on our side.
>> 
>> I'd like to allow for the shared page to be moved to a higher memory
>> location in the future, so I'd prefer not to limit the search to
below
>> 1MB.  Since only tboot is using the UNUSABLE type and it should find
the
>> shared page in the first UNUSABLE section anyway (whether it gets
moved
>> or not), the search should still be quick.  Also, I'll only change
the
>> type from UNUSABLE->RESERVED if it is found in the lower 1MB.
> 
> Actually I have a better idea to avoid the scan entirely. tboot should
> append 'tboot=<address of shared area>' to Xen's command line (e.g.,
> tboot=0x71000). This gives a better more guaranteed handoff from tboot
to
> Xen, it avoids the user needing to manually add any options to Xen's
command
> line (we can make tboot= imply no-real-mode), and means that rather
than
> doing a scan we simply need to confirm the UUID is at the given
address.
> 
> I can easily do the Xen side of this if you agree it makes sense.

Sounds good.  I'll work up a patch for tboot and post a new tarball
tonight.

Joe

_______________________________________________
Xense-devel mailing list
Xense-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xense-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] [PATCH] Intel(R) Trusted Execution Technology support, Keir Fraser
Next by Date:  RE: [Xense-devel] RE: [Xen-devel] [PATCH] Intel(R) Trusted ExecutionTechnology support, Cihula, Joseph
Previous by Thread:  Re: [Xen-devel] [PATCH] Intel(R) Trusted Execution Technology support, Keir Fraser
Next by Thread:  RE: [Xense-devel] RE: [Xen-devel] [PATCH] Intel(R) Trusted ExecutionTechnology support, Cihula, Joseph
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , XenSource, Inc. All rights reserved. Note: the xen.org trademark policy
is changing. For information please email legalxen.org, Legal and Privacy