[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Working Group for Secure Boot

  • To: Bob Eshleman <bobbyeshleman@xxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Date: Fri, 12 Mar 2021 10:40:52 -0500
  • Arc-authentication-results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@xxxxxxxxxxxxxxxxxxxx; dmarc=pass header.from=<dpsmith@xxxxxxxxxxxxxxxxxxxx> header.from=<dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1615563658; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=9sc5kpJKzRcEJczYNIdpfGixV50ZE7JUprDPzxxFia8=; b=Ppl1aBuKtyAUeC4DrMc2Bv/P8I3yGAbWkSYvCCV/FsphFRenGPatU5U4qNN9a7wxCFi0Quxjiusia6YqgjHDX+wqYp20MWRSMv7QMWIpMUsrqwz3/toPpQat+grKwxGwZoaEuiG4GLCv86pnzRIhlXyI3hEIP7hYzW18EN2+ft8=
  • Arc-seal: i=1; a=rsa-sha256; t=1615563658; cv=none; d=zohomail.com; s=zohoarc; b=daQN2bBCxHYHiko7j9A6jSW+rksJv91VxZ1VZAEyYwMoeWMIi4En+znZ8Gi4YdbnYE4j/PO2PLgOPe1YoGm9zqywnEQrC5UBmlSHiuCAVJfHbgiRdPb5LniMUs0CVybl1GJQ7mzmMmB5Ic1NA/0sNy+w3PJXrG0r/z7waWSbxCw=
  • Delivery-date: Fri, 12 Mar 2021 15:41:17 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 3/11/21 1:34 PM, Bob Eshleman wrote:
> Hey all,
> 
> We would like to start a working group for secure boot support in Xen
> to coordinate the various interested parties and set out a plan for
> the feature and its implications for the whole Xen system.
> 
> The end goal is a full implementation that restricts the interfaces
> dom0 has to affect Xen, akin to Linux's lockdown LSM.  This implicates
> important parts of the ABI (e.g., /dev/xen/privcmd/) and so will
> require input from the greater community.
> 
> I'm not familiar with how working groups function in the Xen project,
> so this email also opens the floor for suggestions as to how this might
> be managed.
> 
> We'd love to hear from anyone interested in such a group and how the
> community as a whole feels about such an effort.
> 
> Best regards.
> 
> ---
> 
> Bobby Eshleman
> SE at Vates SAS
> 

Yes, please count me in since it will definitely overlap with the work I
am doing under DomB/Hyperlaunch as well as planned work under the
TrenchBoot project.

V/r,
Daniel P. Smith

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.