Activity for Trusted Boot
-
Trusted Boot released /tboot-1.11.0-pub-key.key
-
-
-
Adam Pawlicki committed [522008] on Code
Added tag v1.11.10 for changeset 4bf2e3819723
-
Adam Pawlicki committed [4bf2e3] on Code
Version 1.11.10
-
Adam Pawlicki committed [7d7d95] on Code
Remove unneccesary printk under mutex
-
Adam Pawlicki committed [7c7739] on Code
Fix hang during waking up from TXT sleep on Simics
-
spexagon posted a comment on discussion Help
We've had working tboot configs on many computers with kernels going back since Linux kernel 3.x. However now starting with 6.8, tboot hangs if we boot on high resolution monitors (5120x2160 @ 120hz) for example. When using kernel 6.8, simply connecting to an older 1920x1080 monitor (with hdmi or displayport) allows the boot to go forward like normal. For some of our high resolution monitor machines, we just connect with HDMI to get it working (which boots the EFI loader at stretched lower resolution...
-
-
-
Mateusz Mówka committed [e15574] on Code
Added tag v1.11.9 for changeset 93a7c3451154
-
Removed tag v1.11.9
-
Version 1.11.9.
-
Added tag v1.11.9 for changeset 656ba831c3bb
-
Restore call to configure_vtd.
-
Michal Camacho Romero committed [379173] on Code
Added tag v1.11.8 for changeset ba65f5eab8dc
-
Version 1.11.8
-
Increase DIRECTMAP size from 64 MB to 128 MB
-
-
-
Adam Pawlicki committed [d0671b] on Code
Added tag v1.11.7 for changeset 8a1423750815
-
Version 1.11.7
-
Workaround to make utils buildable.
-
-
-
-
Added tag v1.11.6 for changeset 9b2748d651ee
-
Version 1.11.6
-
Merge TBOOT_TPR_support branch into default.
-
-
-
-
Added tag v1.11.5 for changeset 8da449815519
-
Version 1.11.5
-
Move ACM modules above TBOOT
-
Remove unnecessary OPENSSL_free from lcputils.c
-
-
-
Add TPR (TXT Protected Range) support.
-
-
Added tag v1.11.4 for changeset 71ca80014ced
-
Version 1.11.4
-
Eliminate compilation errors, caused by the unsupported movl and pushl CPU instructions.
-
Set for the compiler the x86-64 target architecture.
-
Increase the TBOOT log section size from 32KB to 64KB.
-
Added tag v1.11.3 for changeset 52979e1dd702
-
Removed tag v.1.11.3
-
-
-
-
Added tag v.1.11.3 for changeset 52979e1dd702
-
Version 1.11.3
-
Increase the maximal APIC ID value from 1024 to 8192.
-
Michał Żygowski modified a comment on discussion Help
Hi Mateusz, Thank you for your response. I just managed to find this out last weekend :( It seems coreboot already locks the SMRAMC register, however there was another trap waiting for me. The D_LCK bit needs to be set with PCI I/O access instead of ECAM: https://github.com/Dasharo/coreboot/commit/c7540a73860d653988d21565b892c8427709088d Also I wish the ACM error spreadsheet be consistent with Intel datasheets, i.e. at least change DLCK to D_LCK or to SMRAMC.D_LCK in the spreadhseet. It would already...
-
Hi Mateusz, Thank you for your response. I just managed to find this out last weekend :( It seems coreboot already locks the SMRAMC register, however there was another trap waiting for me. The D_CLK bit needs to be set with PCI I/O access instead of ECAM: https://github.com/Dasharo/coreboot/commit/c7540a73860d653988d21565b892c8427709088d Also I wish the ACM error spreadsheet be consistent with Intel datasheets, i.e. at least change DLCK to D_LCK or to SMRAMC.D_CLK in the spreadhseet. It would already...
-
Hi, sorry for the long wait. This is related to D_LCK bit in the SMRAMC register - https://www.intel.com/content/www/us/en/products/docs/processors/core/core-technical-resources.html see datasheet volume 2 for 10th Gen Intel Core CPU Families, section 3.29 SINIT ACM module expects BIOS to set the D_LCK bit, else an error is generated. Best regards, Mateusz
-
Hello TBOOT community, When I was trying to use TBOOT to perform Intel TXT Measured Launch with Ubuntu Linux, my platform resets right after invoking GETSEC SENTER. From the decoded error code (TXT.ERRORCODE raw value 0xc0007851) I got error class 5, major 0x1e. The ACM error spreadsheet says ERR_DLCK_CONFIG - "DLOCK bit state unexpected", but I am not sure what should be the expected state. May I get more detailed explanation how to solve this error and what the expected state of DLOCK is? Also...
-
-
-
-
Eliminate maybe-uninitialized error for the ‘use_only_version' variable.
-
Added tag v1.11.2 for changeset efb362b60b34
-
Version 1.11.2
-
Fix the RAM memory allocation algorithm for the initrd.
-
-
-
Paweł Randzio committed [c0fc38] on Code
Version v1.11.1
-
Added tag v1.11.1 for changeset c0fc38b9d2a9
-
Revert change for log memory extension
-
-
-
Added tag v1.11.0 for changeset 4af1bd83b21b
-
Version v1.11.0
-
Extend low memory range reserved for logs
-
Flush TPM context after loading objects for integrity verification
-
Removal of "agile" option for Extending PCR Policy
-
Add deprecation warning for "agile" extend policy option
-
Add prints for ACM Info Table ver 9+
-
Implement ACM flexible info table handling
-
Alex Olson committed [480689]
Correct IDT exception handler addresses
-
Timo Lindfors committed [68f37d]
Remove references to __DATE__ to make the build reproducible
-
Use CPPFLAGS supplied by the environment during the build
-
Allow selecting only SINIT modules that match platform
-
Introduce GRUB_TBOOT_SINIT_LIST for selecting SINIT modules to use
-
Ignore modules that overlap with internal data structures
-
txt-acminfo: Map TXT heap using mmap
-
Fixed a typo in man page for lcp2_crtpollist
-
-
-
-
Version v1.10.5
-
Added tag v1.10.5 for changeset 9c406d761d2e
-
Reverted changeset [f90511] due to Tboot losing its in-memory logs
-
Fixed mlehash.c for GCC12 retaining functionality
-
Reverted changes for GCC12 in mlehash.c
-
-
-
Version v1.10.4
-
Added tag v1.10.4 for changeset 89db8ce6884c
-
Alex Olson committed [60cda1]
make efi_memmap_reserve handle gaps like e820_protect_region already does
1 >
