The latest kernel patches are a second revision to patches sent out last year around the Trenchboot launch support for enhancing the integrity and security of the boot process. This kernel work goes along with Trenchboot support happening for GRUB.
Trenchboot continues to be worked on for providing boot integrity technologies that allow for multiple roots of trust around boot security and integrity. Oracle engineers on Friday sent out their latest Linux kernel patches so it can enjoy a “Secure Launch” by the project’s x86 dynamic launch measurements code.
The kernel patches involve dealing with boot time measurements of everything to be run and everything that configures the kernel to run while storing those measurements within the trusted platform module (TPM). Trenchboot also relies upon Intel’s TXT/GETSEC and AMD SKINIT instructions for establishing the initial hardware-based measurements.
The changes with this latest series of kernel patches vary quite a bit and include preventing kernel address space layout randomization (KASLR) from being used during a Secure Launch, forcing IOMMU not to use pass-through mode during the Secure Launch, security audit changes, and a wide range of other changes.
The News Highlights
- Oracle distributes the most recent Linux patches so that Trenchboot may safely launch the kernel
- Check the latest update on Security news
For Latest News Follow us on Google News
- Show all
- Trending News
- Popular By week