From: Roman Shaposhnik <roman@zededa.com>
To: Rich Persaud <persaur@gmail.com>
Cc: Daniel Smith <dpsmith@apertussolutions.com>,
xen-devel@lists.xenproject.org
Subject: Re: [Xen-devel] [BUG] After upgrade to Xen 4.12.0 iommu=no-igfx
Date: Thu, 25 Jul 2019 18:13:32 -0700 [thread overview]
Message-ID: <CAMmSBy_-EMjA5-MtDsE-ckrXJvmp8VT_=c-beYZt14+OzwxtDQ@mail.gmail.com> (raw)
In-Reply-To: <56D3EEF5-A08A-4894-B21F-9FDA1717B566@gmail.com>
On Wed, Jul 24, 2019 at 10:42 AM Rich Persaud <persaur@gmail.com> wrote:
>
> On Jul 19, 2019, at 15:31, Roman Shaposhnik <roman@zededa.com> wrote:
>
> Hi!
>
> we're using Xen on Advantech ARK-2250 Embedded Box PC:
> https://www.elmark.com.pl/web/uploaded/karty_produktow/advantech/ark-2250l/ark-2250l_instrukcja-uzytkownika.pdf
>
>
> Roman,
>
> Good to see Xen being used on fanless devices.
Oh, there's WAY more of those in EVE under Xen management ;-)
https://wiki.lfedge.org/display/EVE/Hardware+Platforms+Supporting+EVE
> Does the AMI BIOS for the i7 6600U Skylake CPU [1] variant of ARK-2250 [2]
> support Intel TXT DRTM and discrete TPM, which would enable boot integrity [3] protection for Xen, read-only dom0 and stateless VMs?
> Boot integrity is valuable on edge devices.
Funny you should mention this -- that's exactly what we're playing
with right now in LF Edge Project EVE. Do you want to pop up on the
mailing list or slack channel there? (not sure this is the right topic
for Xen-devel).
And just so that we're on the same page, here's what we are after when
it comes to root of trust in EVE (I really need to do a write up on
this soon):
* measured boot (we're really not interested secure boot that much)
* measured boot of the DomUs
* proxy TPM to the DomUs
> [1] CPU spec: https://ark.intel.com/content/www/us/en/ark/products/88192/intel-core-i7-6600u-processor-4m-cache-up-to-3-40-ghz.html
>
> [2] PC spec: https://www.advantech.com/products/ark-2000_series_embedded_box_pcs/ark-2250l/mod_66ebc4e0-9a0c-489c-96a5-70a8054e9037
>
> [3] TrenchBoot, Xen Summit 2019, https://youtube.com/watch?v=f0LZFSq4Ack
Thanks for the notes! Much appreciated!
Thanks,
Roman.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
prev parent reply other threads:[~2019-07-26 1:14 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-19 19:31 [Xen-devel] [BUG] After upgrade to Xen 4.12.0 iommu=no-igfx Roman Shaposhnik
2019-07-19 20:02 ` Roman Shaposhnik
2019-07-22 8:20 ` Paul Durrant
2019-07-22 11:48 ` Roger Pau Monné
2019-07-22 11:54 ` Paul Durrant
2019-07-22 13:48 ` Roger Pau Monné
2019-07-22 14:03 ` Paul Durrant
2019-07-22 14:39 ` Roger Pau Monné
2019-07-22 15:02 ` Paul Durrant
2019-07-22 15:21 ` Roger Pau Monné
2019-07-22 23:36 ` Roman Shaposhnik
2019-07-22 23:47 ` Andrew Cooper
2019-07-23 17:32 ` Roman Shaposhnik
2019-07-23 17:35 ` Andrew Cooper
2019-07-23 17:48 ` Roman Shaposhnik
2019-07-23 17:50 ` Andrew Cooper
2019-07-23 17:58 ` Roman Shaposhnik
2019-07-23 18:12 ` Andrew Cooper
2019-07-23 18:25 ` Roman Shaposhnik
2019-07-26 7:58 ` Jan Beulich
2019-07-30 17:56 ` Roman Shaposhnik
2019-07-31 8:34 ` Jan Beulich
2019-07-31 8:58 ` Andrew Cooper
2019-07-31 9:30 ` Jan Beulich
2019-07-31 19:37 ` Roman Shaposhnik
2019-07-24 12:00 ` Jan Beulich
2019-07-24 12:04 ` Jan Beulich
2019-07-24 11:23 ` Andrew Cooper
2019-07-24 11:40 ` Andrew Cooper
2019-07-24 14:11 ` Roger Pau Monné
2019-07-26 0:47 ` Roman Shaposhnik
2019-07-26 9:35 ` Roger Pau Monné
2019-07-30 9:21 ` Roger Pau Monné
2019-07-30 17:55 ` Roman Shaposhnik
2019-07-31 8:31 ` Jan Beulich
2019-07-31 8:36 ` Roger Pau Monné
2019-07-31 8:43 ` Roger Pau Monné
2019-07-31 19:35 ` Roman Shaposhnik
2019-07-31 19:46 ` Andrew Cooper
2019-07-31 21:03 ` Roman Shaposhnik
2019-08-01 8:15 ` Roger Pau Monné
2019-08-01 18:25 ` Roman Shaposhnik
2019-08-02 8:05 ` Roger Pau Monné
2019-08-06 16:17 ` Roger Pau Monné
2019-08-06 21:48 ` Roman Shaposhnik
2019-08-07 7:08 ` Jan Beulich
2019-08-07 9:57 ` Roger Pau Monné
2019-08-07 10:03 ` Jan Beulich
2019-08-07 7:35 ` Roger Pau Monné
2019-08-07 8:31 ` Jan Beulich
2019-08-07 10:17 ` Roger Pau Monné
2019-08-12 8:57 ` Roger Pau Monné
2019-08-13 19:24 ` Roman Shaposhnik
2019-08-14 8:06 ` Roger Pau Monné
2019-08-19 5:00 ` Roman Shaposhnik
2019-08-19 8:16 ` Roger Pau Monné
2019-08-20 2:03 ` Roman Shaposhnik
2019-08-01 7:35 ` Jan Beulich
2019-07-31 19:30 ` Roman Shaposhnik
2019-08-01 8:45 ` Roger Pau Monné
2019-08-01 18:19 ` Roman Shaposhnik
2019-07-20 16:39 ` Andrew Cooper
2019-07-22 8:03 ` Paul Durrant
2019-07-24 17:42 ` Rich Persaud
2019-07-26 1:13 ` Roman Shaposhnik [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAMmSBy_-EMjA5-MtDsE-ckrXJvmp8VT_=c-beYZt14+OzwxtDQ@mail.gmail.com' \
--to=roman@zededa.com \
--cc=dpsmith@apertussolutions.com \
--cc=persaur@gmail.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).