2009
09.22

Running Xen 3.4.1 with TXT on Ubuntu Server 9.04

Category: Uncategorized / Tags: no tag / Add Comment
No better way to learn about Intel's Trusted Execution Technology than to dive in head first.

I've been chasing dependencies for a few days, but finally have a TXT-enabled Xen running Ubuntu 9.04 as a Dom0.

Here's what I did:
  1. Started with an install of Ubuntu Jaunty Server 9.04 
  2. Followed the instructions here to build a xenified kernel (2.6.30.2) (via the first option)
  3. Followed the instructions here to build prevu Xen 3.4.1 (Xen 3.4 is suggested by the latest tboot release).
  4. Grabbed tboot-20090330 from tboot.sourceforge.net.  Building tboot did require some involvement because on Ubuntu there were a number of missing #defines and warnings that I wanted to resolve.
  5. Grabbed the appropriate SINIT module from the tboot repository, gunzip'd it and placed the .BIN in the /boot directory
  6. Used this guide to help with the TPM configuration
Along the way I kept testing the builds to confirm that the intermediate steps work (the new kernel, Xen, etc).

Ultimately, I was able to boot with TXT using the following GRUB entry:

title           Trusted Xen 3.4, Ubuntu 9.04, kernel 2.6.30.2
uuid            642bfebd-8665-4acb-b561-7b3cd0e87752
kernel          /boot/tboot.gz logging=serial,vga,memory
module          /boot/xen-3.4.gz noreboot iommu=required
module          /boot/vmlinuz-2.6.30.2 root=/dev/sda1 ro console=tty0 noreboot
module          /boot/initrd-2.6.30.2.img
module          /boot/GM45_PM45_SINIT_19.BIN
quiet

Now I'm still struggling with some policy management, but that's small stuff compared to the heavy lifting need to get here.  

Posted via email from Brad’s posterous

Share and Enjoy:
  • Print this article!
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • Twitter

No Comment.

Add Your Comment

Your Comment

You must be logged in to post a comment.