Re: [RFC v4][PATCH 2/2] intel_txt: Intel(R) TXT and tboot kernelsupport

[Pavel Machek]

> > > > Linux support for Intel(R) Trusted Execution Technology.
> > > 
> > > > Signed-off-by:  Joseph Cihula <joseph.cihula@xxxxxxxxx>
> > > > Signed-off-by:  Shane Wang <shane.wang@xxxxxxxxx>
> > > > Signed-off-by:  Gang Wei <gang.wei@xxxxxxxxx>
> > > 
> > > Reviewed-by: James Morris <jmorris@xxxxxxxxx>
> > > 
> > > There have been no comments on this since you posted it, so we might 
> > > assume there are no further technical issues.
> > 
> > I believe the code at best useless and at worst dangerous. We don't
> > merge useless code to the kernel.
> > 
> > What are non-evil uses of this code?
> 
> Yes, most of the uses contemplated for this are for evil DRM schemes.  On the
> other hand, the code is equally useful to help make sure that mo miscreant has
> snuck evil DRM (or other evil code) in behind my back.
> 
> "Somebody has screwed with this kernel image, and you're not booting what you
> thought you were booting."
> 
> Seems worth it to me.

Unfortunately, I do not think you can boot linux kernel under TXT
sandbox. (Is there some code that you can boot under TXT sandbox? If
so, where?)
									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/