From: Jan Alsenz <janalsenz@student.ethz.ch>
To: grub-devel <Grub-devel@gnu.org>
Cc: Alex Besogonov <alex.besogonov@gmail.com>
Subject: Re: A _good_ and valid use for TPM
Date: Fri, 20 Feb 2009 08:47:19 +0100 [thread overview]
Message-ID: <499E6007.9050902@student.ethz.ch> (raw)
In-Reply-To: <f9ca530f0902191703r48015c32h7d54cfac9b32cae3@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1773 bytes --]
Alex Besogonov wrote:
[skip]
>>> As far as I understand - no.
>> Actually - it is.
>> Check the "TCG PC Client Specific Implementation Specification for Conventional
>> Bios" or "TCG PC Specific Implementation Specification" at
>> https://www.trustedcomputinggroup.org/specs/PCClient/
>> and look for CRTM (Core Root of Trust for Measurement)
> Yes, BIOS is a root of trust, but not the Core Root. BIOS itself is
> checked before execution (pages 20 and onwards in the "TCG PC Client
> Specific Implementation Specification for Conventional Bios" spec),
> even before dynamic memory is initialized.
Well on page 32 they list two options, how to implement the CRTM:
BIOS Boot Block or entire BIOS
Since the BIOS is usually updateable, it seems that most manufacturers opt for
BIOS Boot Block, which I assume will be something like: "lets put the first
sector of the BIOS in ROM"
(of course it might be something else completely, but I doubt it)
>>> First, I don't think it's possible to implement SHA-1 hashing in MBR -
>>> there's probably just not enough space left in 512-byte code segment
>>> for that.
>> I am very sure of that.
> Well, I spoke phcoder on Jabber - there might be a way to do this.
> He's going to investigate it.
Sounds interesting.
>>> Second, the only safe action non TPM-aware MBR can perform if it
>>> detects tampering is just shutting down hard. Everything else is
>>> dangerous.
>> Yeah, but an attacker could patch that out too.
> Not if we first measure the MBR. It can be done without any
> TPM-specific code in the MBR if I'm not very mistaken.
Could you elaborate on that?
E.g. where do you measure the MBR from?
> PS: thanks for detailed explanation!
Sure, glad I could help!
Greets,
Jan
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 197 bytes --]
next prev parent reply other threads:[~2009-02-20 7:49 UTC|newest]
Thread overview: 74+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-02-19 17:43 A _good_ and valid use for TPM Alex Besogonov
2009-02-19 19:30 ` phcoder
2009-02-19 21:00 ` Alex Besogonov
2009-02-20 0:29 ` Jan Alsenz
2009-02-20 1:03 ` Alex Besogonov
2009-02-20 7:47 ` Jan Alsenz [this message]
2009-02-22 1:14 ` Alex Besogonov
2009-02-27 19:59 ` Robert Millan
2009-02-21 13:46 ` Robert Millan
2009-02-21 14:20 ` Jan Alsenz
2009-02-21 14:34 ` Robert Millan
2009-02-21 15:00 ` Jan Alsenz
2009-02-21 20:08 ` Robert Millan
2009-02-22 1:21 ` Alex Besogonov
2009-02-22 9:44 ` phcoder
2009-02-22 14:49 ` Michal Suchanek
2009-02-22 15:33 ` phcoder
2009-02-23 2:34 ` step21
2009-02-23 13:35 ` Michal Suchanek
2009-02-27 20:07 ` Robert Millan
2009-02-27 20:03 ` Robert Millan
2009-02-21 16:29 ` Alex Besogonov
2009-02-21 17:03 ` phcoder
2009-02-21 20:23 ` Robert Millan
2009-02-21 20:21 ` Robert Millan
2009-02-22 1:26 ` Alex Besogonov
2009-02-27 20:13 ` Robert Millan
2009-02-20 7:45 ` Michael Gorven
2009-02-20 11:27 ` phcoder
2009-02-20 12:12 ` Michael Gorven
2009-02-20 17:31 ` Jan Alsenz
2009-02-20 18:35 ` Vesa Jääskeläinen
2009-02-20 19:35 ` Jan Alsenz
2009-02-21 13:59 ` Robert Millan
2009-02-21 13:51 ` Robert Millan
2009-02-21 15:29 ` Michael Gorven
2009-02-21 20:31 ` Robert Millan
2009-02-21 20:43 ` Michael Gorven
2009-02-21 21:04 ` Robert Millan
2009-02-21 21:17 ` Jan Alsenz
2009-02-21 21:27 ` phcoder
2009-02-21 21:32 ` Robert Millan
2009-02-21 21:57 ` Jan Alsenz
2009-02-21 23:19 ` Robert Millan
2009-02-21 21:04 ` Jan Alsenz
2009-02-21 21:27 ` Robert Millan
2009-02-22 2:10 ` Isaac Dupree
2009-02-27 20:28 ` Robert Millan
2009-02-21 16:48 ` Alex Besogonov
2009-02-21 20:39 ` Robert Millan
2009-02-22 1:02 ` Alex Besogonov
2009-02-27 20:33 ` Robert Millan
2009-02-21 16:58 ` Alex Besogonov
2009-02-21 17:08 ` phcoder
2009-02-21 20:43 ` Robert Millan
2009-02-21 13:31 ` Robert Millan
-- strict thread matches above, loose matches on Subject: below --
2009-02-21 2:27 Alex Besogonov
2009-02-18 14:10 Alex Besogonov
2009-02-18 14:52 ` Isaac Dupree
2009-02-18 15:10 ` Alex Besogonov
2009-02-18 22:03 ` Isaac Dupree
2009-02-19 9:46 ` Alex Besogonov
2009-02-18 9:10 Alex Besogonov
2009-02-18 12:16 ` phcoder
[not found] ` <499C7809.6030203@student.ethz.ch>
2009-02-19 10:21 ` Alex Besogonov
2009-02-19 15:05 ` phcoder
2009-02-19 15:38 ` Colin D Bennett
2009-02-19 16:29 ` phcoder
2009-02-21 13:38 ` Robert Millan
2009-02-21 13:43 ` phcoder
2009-02-21 14:00 ` Jan Alsenz
2009-02-19 15:44 ` Michal Suchanek
2009-02-19 16:02 ` phcoder
2009-02-21 13:22 ` Robert Millan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=499E6007.9050902@student.ethz.ch \
--to=janalsenz@student.ethz.ch \
--cc=Grub-devel@gnu.org \
--cc=alex.besogonov@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.