grub-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A _good_ and valid use for TPM


From: phcoder
Subject: Re: A _good_ and valid use for TPM
Date: Thu, 19 Feb 2009 17:29:06 +0100
User-agent: Thunderbird 2.0.0.19 (X11/20090105)

As I understand from his letters and from a quick look at tgrub all he needs is to ensure the chain of verification. It seems that tgrub never reads tpm key. Even if we one finds tpm acceptable way to check OS integrity I don't see why we would rely on it if more universal approach is possible I outlined how it can be checked that if core.img is untampered then OS isn't tampered with. I also think I might have a way to extend this chain back to mbr by using following ideas: 1) padding in sha1 isn't necessarry in this case since we always load fixed amount of sectors. 2) BPB blocks can be reclaimed. If grub boot is in partition then mbr may haven't checked it 3) only one read is necessary in first sector. All real reading function can be moved to loaded sector. So only sha1 implementation is really needed to be done in mbr. 4) I find it very important that the verification can be overriden by manually giving password. This probably won't be possible so I propose to make 2 mbrs: one with all features current mbr has (the default one) and another basic one (e.g. no chs) but with sha1 in it. Default to use is the first one but a user may explicitely override it

1. The disk must be encrypted.
2. The system must be able to boot without human interaction.  That is,
   a user cannot be prompted for a passphrase or key.
The both goals together are theoretically unachievable technics like replacing ram (or gpu memory) with non-volatile storage is always available or the method of additional energy. All tpm does is to store it in obfuscated way and providing access to it in clear way if some conditions are met.
Ideally this condition is B="my system is untampered"
BIOS has the duty to verify the condition A="mbr is untampered"

So actually what he needs is that grub ensures (A=>B)
Intermediary condition is "core.img" is untampered. I already outlined how to ensure C=>B without any sacrifices. Ensuring A=>C may require some sacrifices that's why I propose to have two versions of mbr sector. I find that the feature A=>B / C=>B is useful also in many ways not limited to tpm scenarios. Look at the following case: One has installed grub locally on small disk or in flash memory (e.g. coreboot) in otherwise lightweight terminal. Now he wants to boot the OS from remote server over unsecure network.

In the same time he can always choose to boot unsigned OS by providing his password
Regards
Vladimir 'phcoder' Serbinenko




reply via email to

[Prev in Thread] Current Thread [Next in Thread]