On 21/04/2025 9:52 pm, Dave Hansen wrote: > On 4/21/25 09:26, Ross Philipson wrote: >> The larger focus of the TrenchBoot project (https://github.com/TrenchBoot) >> is to >> enhance the boot security and integrity in a unified manner. > Hey Folks, > > It isn't immediately apparent what these 5,000 lines of code do which is > new, why they are important to users and who will use them. I've > wondered this from v1 and I was hoping it would have gotten better by > v14, but alas... > > Purely from the amount of interest and review tags and the whole "v14" > thing, it doesn't look like this is very important to anyone. Not to be > to flippant about it, but if nobody else cares, why should I (or the > other x86 maintainers)?
The very-tl;dr is: This is an implementation of Intel TXT which isn't a piece of abandonware with unaddressed CVEs (i.e. isn't tboot). AMD and ARM support of equivalent technologies will be coming next. ~Andrew
