RE: [GIT PULL] x86/txt for v2.6.32

From: Wang, Shane
Date: Tue Sep 29 2009 - 22:18:27 EST

Next message: Mike Frysinger: "Re: [PATCH] Fix half-Y2K38 problem in timecompare_update while calculating offset"
Previous message: Robert Hancock: "Re: [PATCH] asus_atk0110: add support for Asus P7P55D"
In reply to: Arjan van de Ven: "Re: [GIT PULL] x86/txt for v2.6.32"
Next in thread: Pavel Machek: "Re: [GIT PULL] x86/txt for v2.6.32"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Arjan van de Ven wrote:
> On Tue, 29 Sep 2009 19:13:18 +0200
> Pavel Machek <pavel@xxxxxx> wrote:
>
>> Ok, and what prevents me from commenting out the MAC checking code?
>>
>
> because the bios verified some code that verified the kernel which
> includes the MAC checking code .. as part of returning from S3 ?

Yes, S3 sleep/resume cause another cycle to build the measured environment.
i.e. SINIT will verify tboot, tboot will verify kernel mem, kernel will verify userspace mem.
If you comment out the MAC checking code in any party, the chain will lost and S3 resume will fail.

Thanks.
Shane

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mike Frysinger: "Re: [PATCH] Fix half-Y2K38 problem in timecompare_update while calculating offset"
Previous message: Robert Hancock: "Re: [PATCH] asus_atk0110: add support for Asus P7P55D"
In reply to: Arjan van de Ven: "Re: [GIT PULL] x86/txt for v2.6.32"
Next in thread: Pavel Machek: "Re: [GIT PULL] x86/txt for v2.6.32"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]