Oracle Engineers Send Out Linux Patches For Trenchboot Secure Late-Launch Kernel Support
Written by Michael Larabel in Linux Security on 25 March 2020 at 06:46 PM EDT. 6 Comments
Going back to over a year ago were discussions by Oracle engineers and others about a secure launch boot protocol for the Linux kernel to in turn tie into the Trenchboot open-source project working on various system integrity features. We are now finally seeing new patches out of Oracle for wiring more Trenchboot support into the Linux kernel.

Trenchboot is a cross-platform framework for incorporating boot integrity technologies like Intel Boot Guard, Intel TXT, and AMD SKINIT. Trenchboot is ultimately aiming for multiple use-cases from two-factor authentication for travel laptops to crowd sourcing integrity handling. Those unfamiliar with the project can learn more at

Patches sent out today by Oracle's Ross Philipson and based upon work by Apertus Solutions' Daniel P. Smith allow secure late-launch kernel support.
The Trenchboot project focus on boot security has led to the enabling of the Linux kernel to be directly invocable by the x86 Dynamic Launch instruction(s) for establishing a Dynamic Root of Trust for Measurement (DRTM). The dynamic launch will be initiated by a boot loader with associated support added to it, for example the first targeted boot loader will be GRUB2. An integral part of establishing the DRTM involves measuring everything that is intended to be run (kernel image, initrd, etc) and everything that will configure that kernel to run (command line, boot params, etc) into specific PCRs, the DRTM PCRs (17-22), in the TPM. Another key aspect is the dynamic launch is rooted in hardware. On Intel this is done using the GETSEC instruction set provided by Intel's TXT and the SKINIT instruction provided by AMD's AMD-V. Information on these technologies can be readily found online.

To enable the kernel to be launched by GETSEC or SKINIT, a stub must be built into the setup section of the compressed kernel to handle the specific state that the late launch process leaves the BSP. This is a lot like the EFI stub that is found in the same area. Also this stub must measure everything that is going to be used as early as possible. This stub code and subsequent code must also deal with the specific state that the late launch leaves the APs in.

For now these "request for comments" patches is only wired up for Intel TXT while an AMD version is in progress. Oracle has also been working on Intel TXT / AMD SKINIT and Trenchboot support over on the GRUB boot-loader side as well.

For now no upstream developers have commented on the proposal but we'll see where this leads with this Trenchboot / Secure Launch functionality for the Linux kernel potentially coming together this year.
Related News
About The Author
Author picture

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter or contacted via

Popular News This Week