WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xense-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Xense-devel] [Q] about vTPM

from [Reiner Sailer] [Permanent Link][Original]
To: "Scarlata, Vincent R" <vincent.r.scarlata@xxxxxxxxx>
Subject: RE: [Xense-devel] [Q] about vTPM
From: Reiner Sailer <sailer@xxxxxxxxxx>
Date: Sat, 1 Jul 2006 14:58:31 -0400
Cc: David Safford <safford@xxxxxxxxxx>, Martin Hermanowski <lists@xxxxxxxxxxxxxxxxxxxxxxx>, xense-devel@xxxxxxxxxxxxxxxxxxx, Kylene J Hall <kylene@xxxxxxxxxx>
Delivery-date: Sat, 01 Jul 2006 11:58:45 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <D936D925018D154694D8A362EEB0892055ACD6@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xense-devel-request@lists.xensource.com?subject=help>
List-id: "A discussion list for those developing security enhancements for Xen." <xense-devel.lists.xensource.com>
List-post: <mailto:xense-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xense-devel-bounces@xxxxxxxxxxxxxxxxxxx

Vincent,

>This has 2 causes. One is that standard linux does not have a TPM
>measurement facility. If you want your OS measured, you will need to
>install something like IBM's Integrity Measurement Agent (IMA). Second,
this is a good point. There is no reason why Linux should not have an integrity module that offers generic integrity-related services (measurements included). Probably a good topic to discuss with the Linux Kernel community on the upcoming Ottawa Linux Symposium (OLS) in July. The core Linux kernel does support application access to the hardware TPM, so it seems natural to also support the core TPM operations in the kernel.

In fact, when we released the IBM Integrity Measurement Architecture  to the Linux Kernel Mailing list some time ago, the objective discussion went along these lines. Rather than being bound to the Linux Security Module inteface (currently IMA uses LSM), the better approach is to make it a core kernel service.

We have also discussed releasing an IMA patch exactly for the purpose cited in this mail threat ( we have experiment internally with it for some time) but we concluded that there should be a generic solution that is integrated into the core Linux kernel. There was not a lot of (positive :-) interest in this area at that time so priorities took over.

For those interested to learn more about the Integrity Measurement Architecture:
Open-source code: http://sourceforge.net/projects/linux-ima
Some descriptive information and code links:
http://domino.research.ibm.com/comm/research_people.nsf/pages/sailer.ima.html
and http://www.research.ibm.com/ssd_ima.

Reiner
__________________________________________________________
Reiner Sailer, Research Staff Member, Secure Systems Department
IBM T J Watson Research Ctr, 19 Skyline Drive, Hawthorne NY 10532
Phone: 914 784 6280  (t/l 863)  Fax: 914 784 6205, sailer@xxxxxxxxxx  
http://www.research.ibm.com/people/s/sailer/


"Scarlata, Vincent R" <vincent.r.scarlata@xxxxxxxxx>
Sent by: xense-devel-bounces@xxxxxxxxxxxxxxxxxxx

07/01/2006 01:21 PM

To
"Martin Hermanowski" <lists@xxxxxxxxxxxxxxxxxxxxxxx>
cc
xense-devel@xxxxxxxxxxxxxxxxxxx
Subject
RE: [Xense-devel] [Q] about vTPM





 

>-----Original Message-----
>From: xense-devel-bounces@xxxxxxxxxxxxxxxxxxx
>[mailto:xense-devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of
>Martin Hermanowski
>Sent: Saturday, July 01, 2006 6:43 AM
>To: Ronald Perez
>Cc: xense-devel@xxxxxxxxxxxxxxxxxxx
>Subject: Re: [Xense-devel] [Q] about vTPM
>
>One thing that surprised me after reading the report was, that the
>current vTPM implementation in xen-testing did not do any measurements
>to PCRs, and that it seems like the vTPM is created when the tpm-xen
>module is loaded in DomU, and not when the DomU is created.
>
>If I understood the vTPM architecture correctly, this is not
>implementation specific (this is only the vtpm_managerd part, right?),
>but a Xen issue.

I think a couple of different issues are being combined here.

1) As an artifact of xen's FE/BE structure and the way we *were*
signaling the vtpm manager about new domains, a new VTPM instance wasn't
created until the FE driver executed and told the BE about it. When
Dom0/DomU merged into one kernel tree, the FE has become a module, which
is far to late to start the vTPM. This, however, has changed in the
unstable tree. The instance is now created during domain construction
before the domain starts executing.

2) The boot process and xen and the currently trusted dom 0 are not
measured into the TPM. This requires you to install a TPM enhanced GRUB
on your system. This is not included in xen, but is a standard part of
TPM enabling your linux-based system.

3) When the guest comes up, PCRRead indicates that all the PCRs are
empty. This has 2 causes. One is that standard linux does not have a TPM
measurement facility. If you want your OS measured, you will need to
install something like IBM's Integrity Measurement Agent (IMA). Second,
we are currently not preloading any of the low PCRs with appropriate
boot information. This is mostly because we haven't bottomed out on what
they should be, and TCG hasn't declared the correct behavior in the form
of a spec. There are legitimate arguments in several different
directions, depending on a variety of factors. I would be happy to break
out into a discussion about various was to represent a virtual
environment in VTPM, but I would want to take it off the list as it is
not a xen discussion.

-Vinnie Scarlata
Trusted Platforms Lab
System Technology Lab, CTG
Intel Corporation

_______________________________________________
Xense-devel mailing list
Xense-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xense-devel
 
_______________________________________________
Xense-devel mailing list
Xense-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xense-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Xense-devel] [Q] about vTPM, Scarlata, Vincent R
Next by Date:  Re: [Xense-devel] [Q] about vTPM, Martin Hermanowski
Previous by Thread:  RE: [Xense-devel] [Q] about vTPM, Scarlata, Vincent R
Next by Thread:  Re: [Xense-devel] [Q] about vTPM, Martin Hermanowski
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy