Xen project Mailing List

Re: Working Group for Secure Boot

To: Bob Eshleman <bobbyeshleman@xxxxxxxxx>

Date: Fri, 12 Mar 2021 09:05:58 +0100

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, piotr.krol@xxxxxxxxx, Olivier Lambert <olivier.lambert@xxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Fri, 12 Mar 2021 08:06:07 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 11.03.2021 19:34, Bob Eshleman wrote: > We would like to start a working group for secure boot support in Xen > to coordinate the various interested parties and set out a plan for > the feature and its implications for the whole Xen system. > > The end goal is a full implementation that restricts the interfaces > dom0 has to affect Xen, akin to Linux's lockdown LSM. This implicates > important parts of the ABI (e.g., /dev/xen/privcmd/) and so will > require input from the greater community. > > I'm not familiar with how working groups function in the Xen project, > so this email also opens the floor for suggestions as to how this might > be managed. > > We'd love to hear from anyone interested in such a group and how the > community as a whole feels about such an effort. I'm definitely interested, but I'm uncertain if a WG is the way to go here. There may be a lot of corners to touch, and hence a lot of people to consult. While it may be possible to have a pretty large WG for this reason, it may well be better to have the discussions on xen-devel right away, and form WGs only when more narrow sub-aspects need sorting out. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.