[RFC PATCH 01/12] x86: Secure Launch Kconfig

From: Ross Philipson
Date: Wed Mar 25 2020 - 15:44:39 EST

Next message: Ross Philipson: "[RFC PATCH 02/12] x86: Secure Launch main header file"
Previous message: Ross Philipson: "[RFC PATCH 07/12] x86: Secure Launch kernel early boot stub"
In reply to: Ross Philipson: "[RFC PATCH 07/12] x86: Secure Launch kernel early boot stub"
Next in thread: Daniel Kiper: "Re: [RFC PATCH 01/12] x86: Secure Launch Kconfig"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Initial bits to bring in Secure Launch functionality. Add Kconfig
options for compiling in/out the Secure Launch code.

Signed-off-by: Ross Philipson <ross.philipson@xxxxxxxxxx>
---
arch/x86/Kconfig | 11 +++++++++++
1 file changed, 11 insertions(+)

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 5e8949953660..7f3406a9948b 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -2014,6 +2014,17 @@ config EFI_MIXED

If unsure, say N.

+config SECURE_LAUNCH
+ bool "Secure Launch support"
+ default n
+ depends on X86_64
+ help
+ This Secure Launch kernel feature allows a bzImage to be loaded
+ directly through Intel TXT or AMD SKINIT measured launch. This
+ allows extablishing a Dynamic Root of Trust Measurement (DRTM)
+ of all the modules and configuration information used for
+ boooting the operating system.
+
config SECCOMP
def_bool y
prompt "Enable seccomp to safely compute untrusted bytecode"
--
2.25.1

Next message: Ross Philipson: "[RFC PATCH 02/12] x86: Secure Launch main header file"
Previous message: Ross Philipson: "[RFC PATCH 07/12] x86: Secure Launch kernel early boot stub"
In reply to: Ross Philipson: "[RFC PATCH 07/12] x86: Secure Launch kernel early boot stub"
Next in thread: Daniel Kiper: "Re: [RFC PATCH 01/12] x86: Secure Launch Kconfig"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]