[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 01/22] x86/include/asm/intel-txt.h: constants and accessors for TXT registers and heap

To: Sergii Dmytruk <sergii.dmytruk@xxxxxxxxx>
From: Rich Persaud <persaur@xxxxxxxxx>
Date: Mon, 19 May 2025 16:55:13 -0400
Cc: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Ross Philipson <ross.philipson@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Lukasz Hawrylko <lukasz@xxxxxxxxxxx>, Mateusz Mówka <mateusz.mowka@xxxxxxxxx>, trenchboot-devel@xxxxxxxxxxxxxxxx
Delivery-date: Mon, 19 May 2025 20:55:44 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On May 19, 2025, at 9:43 AM, Sergii Dmytruk <sergii.dmytruk@xxxxxxxxx> wrote:
> 
> On Sun, May 18, 2025 at 07:31:49PM -0400, Rich Persaud wrote:
>> If there's no stable URL for the TXT spec, can we mirror the relevant
>> doc(s) somewhere in the Xen docs tree? A trusted archive of the spec
>> for trusted execution.
>> 
>> Rich
> 
> By "unversioned link to Software Development Guide" I meant
> https://www.intel.com/content/www/us/en/content-details/315168/
> which always provides the latest version.

By "trusted archive of the spec" I meant a server under control of Intel or the 
Xen community, hosting the specific version(s) of the spec that have been 
implemented in the Xen tree.  

Unless Intel reference PDFs are digitally signed by an Intel certificate, we 
should not be linking to non-Intel mirrors of Intel PDFs, which could be 
targeted by attackers to relay malware onto the workstations of developers of 
trusted execution software. If Intel reference PDFs are signed, we should 
include instructions for verifying their authenticity, if we are linking to 
non-Intel sources.

Rich

References:
- Re: [PATCH v2 01/22] x86/include/asm/intel-txt.h: constants and accessors for TXT registers and heap
  - From: Sergii Dmytruk

Prev by Date: [PATCH v3 5/5] xen/console: rename console_rx to console_domid
Next by Date: Re: [PATCH] xen: Give compile.h header guards
Previous by thread: Re: [PATCH v2 01/22] x86/include/asm/intel-txt.h: constants and accessors for TXT registers and heap
Next by thread: [PATCH v2 02/22] include/xen/slr-table.h: Secure Launch Resource Table definitions
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.