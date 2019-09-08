Kernel: soliddriver-checks, "sev_secret", and Trenchboot
-
Introduction to soliddriver-checks
The OS kernel is central and fundamental to system functionality and integrity. A user needs to be able to trust in the security and stability of the OS kernel at the heart of their mission critical systems. This trustworthiness extends just the same to kernel modules delivered by third party vendors. Such third party modules (often device drivers) are necessary to exploit products and features that are not supported directly with the SUSE kernels.
-
Linux "sev_secret" Patches For Tapping Confidential Computing Secret Areas In AMD SEV - Phoronix [Ed: "Confidential Computing" has nothing to do with confidentiality, it's just a brand [1, 2]]
The latest AMD SEV work happening to the Linux kernel for benefiting EPYC servers with virtualization is the new "sev_secret" module for allowing guests to access confidential computing secret areas.
AMD Secure Encrypted Virtualization does allow guest VM owners to inject "secrets" into the virtual machines without the host or hypervisor being able to read those secrets. At present though the Linux kernel doesn't allow accessing of these secrets from within guest virtual machines.
-
Oracle Sends Out Newest Patches For Trenchboot / Secure Launch For The Linux Kernel - Phoronix
For more than one year now Oracle engineers have been working on Trenchboot support for securely booting the Linux kernel. Sent out today is the third revision of this work for establishing a dynamic root of trust for measurement.
Trenchboot is centered around improving boot security and integrity. Oracle engineers have been involved with working on Trenchboot integration for the GRUB boot-loader and related components, including this Linux kernel support that has yet to land. Trenchboot relies on Intel's TXT/SKINIT and AMD-V support for the hardware support around the integrity measurements.
-
- Login or register to post comments
- Printer-friendly version
- 492 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
PgBouncer 1.16.0 released
PgBouncer 1.16.0 has been released. This release contains a number of new features and important fixes. Highlights are: TLS settings can now be updated and reloaded in a running instance. The maximum length of passwords has been increased to accommodate requirements of cloud services. Cancel request handling has been improved in various ways and should be much more robust now. Also: PostgreSQL Weekly News - August 8, 2021
Which OS is best for you? Fedora vs CentOS
Till now CentOS was supposed to be a downstream and stable OS. But as Red Hat already releases CentOS Stream, you must start looking for an alternative. Fedora is always one of the best choices for testing environments. Fedora is ideal for DevOps users and newbies. For a lot of users, CentOS is the first choice, such users can go for oracle. Both of the OS have their specific segments. Fedora and CentOS both have good community support and contribution. CentOS has good compatibility for even basic configurations and consumes very lesser resources. Fedora can be is used as a generic OS for laptops.
Games: Steam Deck, Polychromatic 0.7, and Configuring Your Gaming Mouse Under Linux With Piper
Videos/Audiocasts/Shows: KDE Gear, "Stable" Distros, and Late Night Linux
Recent comments
57 min 6 sec ago
12 hours 39 min ago
13 hours 47 min ago
1 day 14 min ago
1 day 2 hours ago
1 day 3 hours ago
1 day 12 hours ago
1 day 14 hours ago
1 day 14 hours ago
2 days 31 min ago