On Tue, 2009-09-15 at 16:03 +0800, zhangkai108 wrote:
> I am doing a project with IMA. Now, I meet a problem. I need
> your help. I have read the paper " Design and Implementation of a
> TCG-based Integrity Measurement Architecture", there is a passage in
> section " 5.3 Measurement Bypass-Protection", which says " Whenever we
> encounter a situation in which our measurement architecture cannot
> provide correct measurements or is potentially being bypassed, we
> invalidate the TPM aggregate by extending it with random values
> without extending the measurement list and deleting the random value
> to protect
> it from later use. Thus, from this time on, validations of the
> aggregate will fail against the measurement list. We do not interfere
> with the system (non-intrusive) but we disable such a system from
> successful attestation until it reboots. In our experiments, none of
> these mechanisms was triggered throughout normal system usage but only
> by malicious or very unusual behavior."
> I don't have hardware TPM, so I using the virtual TPM instead.
> Sometimes, when guest os startup, the invalidate_pcr is called, the
> debug messages are in accessory, I add some debug messages in
> ima_extend function.
> Why my guest os can cause invalidate_pcr is called? Would you
> like to help me? Thank you.
There are two reasons for the IMA measurement list to be invalidated:
open_writers or ToMToU. In the first case, open_writers, something is
opening the file for read, that has already been opened for write. In
the latter case, Time of Measure Time of Use (ToMToU), the file is
already open for read and is now being opened for write. Both reasons
add an entry to the measurement list containing a 0 hash value, but the
PCR is extended with 0xFF's.
The cause for the invalidations can be found in
either /var/log/audit/audit.log, if you're running auditd, or
in /var/log/messages. You can search for "invalid_pcr".
The LTP IMA testsuite includes programs to generate invalidations and
verify the measurement list.