Oracle Updates TrenchBoot For The Linux Kernel To Advance Boot Security & Integrity
([Oracle] 61 Minutes Ago
TrenchBoot v10)
- Reference: 0001487825
- News link: https://www.phoronix.com/news/Oracle-TrenchBoot-v10
- Source link:
Oracle engineers continue working on the TrenchBoot initiative to advance boot security and integrity for Linux. The tenth iteration of the TrenchBoot patches were posted this week as it works its way toward the mainline kernel.
For years we have been talking about [1]TrenchBoot and its now up to its "v10" patches as it aims to be integrated in the mainline Linux kernel. TrenchBoot remains dedicated to establishing a hardware Root of Trust for Measurement on both AMD and Intel servers plus Arm servers too moving into the future. The Linux kernel side TrenchBoot work remains focused on Dynamic Launch (Secure Launch) enablement.
TrenchBoot also ties into the bootloader and other software components for this greater boot security and integrity by combining both hardware and software features.
With the TrenchBoot v10 patches for the Linux kernel are a variety of code clean-ups and other alterations that were requested during prior code review:
Changes in v10:
- Removed patch #1 from previous set that forced the kernel_info section at a fixed offset.
- Add changes from Ard Biesheuvel to use the link step to generate the proper relative offsets for the MLE header in the kernel_info section.
- Fix sizes and alignment slightly in the SLR table. Add comments to the SLR header to indicate it is defined by the TrenchBoot project.
- Remove incorrect extra pop instruction noted in the head_64.S changes.
- Use the prefix tpm/tpm2 to distinguish between TPM versions as is done in the rest of the TPM related code.
- Rework the TPM locality setting/reporting changes to use "default" locality as opposed to "preferred". Remove uneeded extra locality function in the TPM interface (call the chip function directly).
- Adopt comment/documentation changes to code and commit message per requests from the community.
- Use u64 for the boot params physical address to avoid truncating pointers during casts.
- Split adding of new MSR registers into its own patch.
- Attempt to further address justification for using SHA-1 algorithm. Pick up some code suggestions for the SHA-1 patch.
- Introduct slaunch_is_txt_launch() function per Jarkko Sakkinen's suggestion.
- Implement minor changes to the EFI stub code per suggestions.
Those interested in boot security/integrity can see more via the [2]v10 patches for TrenchBoot. Hopefully it won't be too much longer before finally seeing TrenchBoot Dynamic Launch support in the mainline kernel. For those learning about TrenchBoot for the first time, more background information is available on the project via [3]TrenchBoot.org .
[1] https://www.phoronix.com/search/TrenchBoot
[2] https://lore.kernel.org/lkml/20240826223835.3928819-1-ross.philipson@oracle.com/
[3] https://trenchboot.org/
For years we have been talking about [1]TrenchBoot and its now up to its "v10" patches as it aims to be integrated in the mainline Linux kernel. TrenchBoot remains dedicated to establishing a hardware Root of Trust for Measurement on both AMD and Intel servers plus Arm servers too moving into the future. The Linux kernel side TrenchBoot work remains focused on Dynamic Launch (Secure Launch) enablement.
TrenchBoot also ties into the bootloader and other software components for this greater boot security and integrity by combining both hardware and software features.
With the TrenchBoot v10 patches for the Linux kernel are a variety of code clean-ups and other alterations that were requested during prior code review:
Changes in v10:
- Removed patch #1 from previous set that forced the kernel_info section at a fixed offset.
- Add changes from Ard Biesheuvel to use the link step to generate the proper relative offsets for the MLE header in the kernel_info section.
- Fix sizes and alignment slightly in the SLR table. Add comments to the SLR header to indicate it is defined by the TrenchBoot project.
- Remove incorrect extra pop instruction noted in the head_64.S changes.
- Use the prefix tpm/tpm2 to distinguish between TPM versions as is done in the rest of the TPM related code.
- Rework the TPM locality setting/reporting changes to use "default" locality as opposed to "preferred". Remove uneeded extra locality function in the TPM interface (call the chip function directly).
- Adopt comment/documentation changes to code and commit message per requests from the community.
- Use u64 for the boot params physical address to avoid truncating pointers during casts.
- Split adding of new MSR registers into its own patch.
- Attempt to further address justification for using SHA-1 algorithm. Pick up some code suggestions for the SHA-1 patch.
- Introduct slaunch_is_txt_launch() function per Jarkko Sakkinen's suggestion.
- Implement minor changes to the EFI stub code per suggestions.
Those interested in boot security/integrity can see more via the [2]v10 patches for TrenchBoot. Hopefully it won't be too much longer before finally seeing TrenchBoot Dynamic Launch support in the mainline kernel. For those learning about TrenchBoot for the first time, more background information is available on the project via [3]TrenchBoot.org .
[1] https://www.phoronix.com/search/TrenchBoot
[2] https://lore.kernel.org/lkml/20240826223835.3928819-1-ross.philipson@oracle.com/
[3] https://trenchboot.org/
phoronix