[PATCH v11 01/20] Documentation/x86: Secure Launch kernel documentation

Elliott, Robert (Servers) elliott at hpe.com
Fri Nov 1 12:31:06 PDT 2024


> diff --git a/Documentation/security/launch-integrity/index.rst
> b/Documentation/security/launch-integrity/index.rst
> new file mode 100644
> +++ b/Documentation/security/launch-integrity/index.rst
...

> +This document serves to establish a common understanding of what a system
> +launch is, the integrity concern for system launch, and why using a Root of Trust
> +(RoT) from a Dynamic Launch may be desirable. Throughout this document,
> +terminology from the Trusted Computing Group (TCG) and National Institute for
> +Science and Technology (NIST) is used to ensure that vendor natural language is
> +used to describe and reference security-related concepts.

NIST = National Institute of Standards and Technology

> +Glossary
> +========

> +    - NIST CNSSI No. 4009 -
> https://www.cnss.gov/CNSS/issuances/Instructions.cfm

That is not a NIST publication.

CNSS = Committee on National Security Systems.
I = Instruction.
NIST is just a non-voting observer of that committee.

That web site uses a root certificate that is not recognized by most
browsers. 

The NIST glossary includes all the CNSSI 4009, NIST SP, and NIST IR
terms, and is more easily accessible (but the entries are subject
to change as the source material changes).
https://csrc.nist.gov/glossary

That currently covers all the terms except "transitive trust"
from TCG.

> +    - NIST Special Publication 800-160 (VOLUME 1 ) -
> https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-160v1.pdf

That's been replaced by v1r1.

The NIST-recommended URL is
https://doi.org/10.6028/NIST.SP.800-160v1r1

> +    - NIST SP 800-30 Rev. 1 -
> https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf

The NIST-recommended URL is:
https://doi.org/10.6028/NIST.SP.800-30r1

> +    - NIST SP 800-57 Part 1 Rev. 5 -
> https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf

The NIST-recommended URL is:
https://doi.org/10.6028/NIST.SP.800-57pt1r5

> +    - NISTIR 8320A -
> https://nvlpubs.nist.gov/nistpubs/ir/2021/NIST.IR.8320A.pdf

The NIST-recommended URL is:
https://doi.org/10.6028/NIST.IR.8320A




More information about the kexec mailing list