From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1LangY-0006I6-5V for mharc-grub-devel@gnu.org; Sat, 21 Feb 2009 03:58:10 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LangW-0006Fr-Ej for grub-devel@gnu.org; Sat, 21 Feb 2009 03:58:08 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LangU-0006Cl-H8 for grub-devel@gnu.org; Sat, 21 Feb 2009 03:58:07 -0500 Received: from [199.232.76.173] (port=36435 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LangU-0006Cb-D8 for grub-devel@gnu.org; Sat, 21 Feb 2009 03:58:06 -0500 Received: from xsmtp1.ethz.ch ([82.130.70.13]:49117) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1LangT-0001rj-VU for grub-devel@gnu.org; Sat, 21 Feb 2009 03:58:06 -0500 Received: from xfe1.d.ethz.ch ([82.130.124.41]) by xsmtp1.ethz.ch with Microsoft SMTPSVC(6.0.3790.3959); Sat, 21 Feb 2009 09:58:04 +0100 Received: from [192.168.2.105] ([81.221.97.38]) by xfe1.d.ethz.ch over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Sat, 21 Feb 2009 09:58:04 +0100 Message-ID: <499FC1BC.1050007@student.ethz.ch> Date: Sat, 21 Feb 2009 09:56:28 +0100 From: Jan Alsenz User-Agent: Thunderbird 2.0.0.19 (X11/20090104) MIME-Version: 1.0 To: The development of GRUB 2 References: <499F25B0.8000202@gmail.com> <499F376C.60906@student.ethz.ch> <499F3FB9.9070304@gmail.com> <499F4B86.2000904@student.ethz.ch> In-Reply-To: <499F4B86.2000904@student.ethz.ch> X-Enigmail-Version: 0.95.7 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig3520CDFD29DBF5A13A40B117" X-OriginalArrivalTime: 21 Feb 2009 08:58:04.0336 (UTC) FILETIME=[81AF3B00:01C99402] X-detected-operating-system: by monty-python.gnu.org: Windows 2000 SP4, XP SP1+ Subject: Re: SHA-1 MBR X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Feb 2009 08:58:08 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig3520CDFD29DBF5A13A40B117 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: quoted-printable >>> If not, who checks the MBR? >> This can't be done by grub because it happens before any part of grub = is >> loaded. to verify grub you need to rely on vendor/platform-specific >> mechanisms. >> I personally find "tpm without tpm" more attractive because it can be >> easily reused on another platform or any alternative to tpm (perhaps >> anybody here or coreboot folks will come up with something). >> Additionally it workarounds many bios and tpm bugs. >> I will continue working on sha-1 boot. My goal is to load core.img >> checked. After that point there is much more space and any signature >> based solution can be used. > Yes, that was my point. You need a trusted first step. > But the only thing besides a TPM, that can be used for this is the BIOS= , which > can be flashed. > And even, if we assume, that we can construct a BIOS that only boots if= the MBR > hash matches and can not be flashed prior to this point, there are stil= l two > points missing: > - After the system has started, the BIOS could be flashed. This is a ve= ry > possible scenario in a multi user environment. Ok, I revoke that statement! This is most likely equivalent to being able to just read out the disk encryption keys from memory, which we considered out of scope. So if you can get the BIOS right, this might actually work for our scenar= io! Greets, Jan --------------enig3520CDFD29DBF5A13A40B117 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkmfwcYACgkQfZylhtn4XvcblQCcDRmFi/K4wjLVKtTJsQmUHy7h p/EAnRVR4m4wR4fE9+ZbUh/VZtUhzDUL =GN84 -----END PGP SIGNATURE----- --------------enig3520CDFD29DBF5A13A40B117--