Sep 20 – 24, 2021
US/Pacific timezone

TrenchBoot Secure Launch upstreaming

Sep 22, 2021, 9:10 AM
Microconference4/Virtual-Room (LPC Virtual)


LPC Virtual

System Boot and Security MC System Boot and Security MC


Ross Philipson (Oracle) Daniel Smith (Apertus Solutions, LLC)


The ability to do a Trusted Computing Group (TCG) Dynamic Launch of a system has been commercially available in x86 processors since 2006 with the introduction of Intel TXT for Intel processors and by AMD-V for AMD processors. Over the years the technology has mainly been used by limited number of security-sensitive projects. The TrenchBoot Project has been working to make the underlying hardware technology more integrated and to be an out-of-the box solution usable by the general Open-Source Operating System user. Towards that goal the project has been working to upstream a into the Linux kernel the ability to be directly launched by a TCG Dynamic Launch in a unified manner. The first patchset submitted is focused in enable this approach for Intel TXT, with support for AMD and Arm to come soon after. This purpose of this topic is to engage the Linux developer community for feedback on the current patches and discuss ways in which progress towards merging could be made.

I agree to abide by the anti-harassment policy I agree

Primary authors

Ross Philipson (Oracle) Daniel Smith (Apertus Solutions, LLC)

Presentation materials

Diamond Sponsor

Platinum Sponsor

Gold Sponsors

Silver Sponsors

Speaker Gift Sponsor

T-Shirt Sponsor

Conference Services provided by