[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [RFC v1 0/8] Prototype for kexec signature verification within Xen



>>> Eric DeVolder <eric.devolder@xxxxxxxxxx> 01/14/19 8:48 PM >>>
>On April 20, 2018, I posted to xen-devel an RFC inquiring about
>support for signature verification of kexec within Xen:
>
>https://lists.xenproject.org/archives/html/xen-devel/2018-04/msg01655.html
>
>Since then, I've worked towards a solution. For the purposes of
>understanding signature verification, I built a standalone utility to
>parse the xen.mb.efi PECOFF file, hash it contents, and extract its
>digitial certificate and perform the Authenticode signature
>verification. Once this was all working, I integrated the files into
>Xen.

Perhaps I'm just lacking some context, but neither the mail referenced
above nor my looking at the Linux code reveal any connection to PE-COFF.
How's that file format becoming of interest here all of the sudden?

Jan



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.