Secure Launch Boot Protocol Being Worked On For The Linux Kernel, Advancing TrenchBoot

Written by Michael Larabel in Linux Kernel on 11 March 2019 at 01:34 PM EDT. Add A Comment
LINUX KERNEL
Up for discussion on the Linux kernel mailing list is adding support for the Secure Launch boot protocol to Linux. This is part of the recent efforts to supporting Linux in "secure" boot environments around Intel Trusted Execution Technology and AMD SKINIT platform security.

Developers from Oracle and other organizations have been working on Secure Launch and the open-source Trenchboot to allow Linux to be booted directly into a secure environment like Intel TXT (Trusted Execution Technology) and AMD SKINIT. Changes to the Linux kernel as well as the (GRUB) boot-loader are required.

The proposed protocol support is outlined via this mailing list thread and actually is quite a small addition.

Trenchboot is the open-source initiative for carrying out various integrity actions on their system building upon boot integrity technologies from the likes of Intel and AMD. Some of the possible use-cases are outlined here.

Also on the open-source boot securing scene there's also been the recent work around Intel TXT support for Coreboot and measured boot support.
Add A Comment
Related News
Linux 6.6.66 LTS Kernel Released With New Hardware Support & Many Fixes
NTSYNC Linux Driver Updated With API Design Improvements
New Linux Patch Establishes "CONFIG_X86_64_NATIVE" For -march=native Kernel Builds
Perf Support For 2,048 CPU Cores Is Becoming Not Enough - Patches Bump Kernel Limit
Linux 6.13-rc2 Released With An Initial Batch Of Fixes
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features
NTSYNC Linux Patches Revived To Help Boost Steam Play Gaming Performance
Rust-Based, Memory-Safe PNG Decoders "Vastly Outperform" C-Based PNG Libraries