Re: enable CONFIG_INTEL_TXT
[Posted April 7, 2010 by jake]
| From: |
| Stephen Smalley <sds-+05T5uksL2qpZYMLLGbcSA-AT-public.gmane.org> |
| To: |
| James Morris <jmorris-gx6/JNMH7DfYtjvyW6yDsg-AT-public.gmane.org> |
| Subject: |
| Re: enable CONFIG_INTEL_TXT |
| Date: |
| Thu, 01 Apr 2010 09:38:02 -0400 |
| Cc: |
| gcwilson-r/Jw6+rmf7HQT0dZR+AlfA-AT-public.gmane.org, kernel-TuqUDEhatI4ANWPb/1PvSmm0pvjS0E/A-AT-public.gmane.org,
Eric Paris <eparis-H+wXaHxf7aLQT0dZR+AlfA-AT-public.gmane.org> |
On Thu, 2010-04-01 at 15:02 +1100, James Morris wrote:
> On Wed, 31 Mar 2010, Eric Paris wrote:
>
> > Simple answer is 'because Intel says so.' I'm sorry but I don't think
> > I'm allowed to divulge any reasons Intel may or may not have shared with
> > Red Hat.
>
> It seems odd to me that the full design and operation of a security
> mechanism is not being made available, and that the reasons for this
> are also not able to be divulged.
>
> Note that an SINIT AC module was recently reverse engineered, found to be
> buggy, and then used break TXT:
>
> http://theinvisiblethings.blogspot.com/2009/12/another-tx...
>
> I really hope the secrecy of the AC module is not part of its security
> design.
>
> In any case, I don't see any technical reason not to enable the option.
As far as I know the security of TXT in no way relies upon keeping the
SINIT module closed source.
--
Stephen Smalley
National Security Agency