Seiji Munetoh
seiji****@gmail*****
Fri Oct 2 07:53:29 JST 2009
On Thu, Oct 1, 2009 at 9:51 PM, <openpts �� bohme.org> wrote: > Hi, I am working through setting up a Linux system using the TPM chip to > ensure integrity of the installed software. Have used the instructions > to build a grub 0.97 with the grub-ima-1.1.0 patch, and it is booting > and running. This is really difficult stuff, and I am very impressed at > the work done so far. I agree. > My question: What is measured at each stage of the boot? The > documentation says 'measures MBR' but what it really does is measures an > 8-byte header plus the first 446 bytes of the MBR - not just the 512 > bytes of the actual MBR. TCG spec said 446-Bytes of MBR.(except partition table) But the real world is depend on BIOS implementation. > The goal is to be able to figure out what each PCR value should be, so I > can use those values to seal data while installing software, or while > upgrading an existing system with new software. To do that, I need to > be able to hash the same set of values that the boot sequence is going > to measure, so I generate the same set of resulting PCR values. I can > do this during the software installation or upgrade, so I can measure > files on the disk just like GRUB will on the next reboot. So you can successfully update the sealed data prior to the next boot. > Here's what I see being measured into PCR-4: > > 1. BIOS measures hash first 446 bytes of the MBR > 2. GRUB stage1 measures 496 bytes of sector 1 of HDD (stage1.5) > 3. GRUB measures rest of stage1.5 > 4. GRUB measures all of stage2 > > > I know exactly what values are used for steps 1, 2 and 4. The question > is, what exact offsets and byte counts are being measured for step 3? > I'm guessing that it is being done in stage2/start.S but have no easy > way to see what values it is using. "grub-install" process modifies the stage files and copy them to your HDD from sector 0 to the size of stage1(MBR) + stage1.5. I had used "dd" command to get the installed stage image. then validate the measured digest. Probably you needs raw hdd access to calculate the next PCR value after grub-install. > Can anyone offer any information, or a pointer to where this is documented? I wrote paper about this. hope this help. http://www.trl.ibm.com/projects/watc/20061130d-WATC-Munetoh-Paper.pdf http://www.trl.ibm.com/projects/watc/20061130d-WATC-Munetoh.pdf The problem is we can't predict the measured value of new BIOS image. MS BitLocker support several recovery/re-seal ways for this. regards, -- Seiji Munetoh
Fork