From: Hal F. <hal...@gm...> - 2009-01-07 03:26:04
|
There is one aspect of tboot security which I always wondered about. Maybe someone could reassure me that it is OK. Shouldn't the MLE check to see that the page tables are/were set up correctly? It seems that TXT envisions that the MLE will turn on paging, but I don't think tboot does so, it stays in physical memory mode. However, TXT measures the MLE via the page tables. My concern is whether a malicious tboot could move pages 2-n of the MLE up one page, insert malicious code in the 2nd physical page, and set up the page tables to skip the page with the malicious code. Then TXT, following the page tables, would measure the same hash value as unmodified tboot, but when the code executed and crossed over from the 1st page into the 2nd page, it would start executing malicious code. To prevent this, the MLE should check, within page 1, that the page table used for measurement matches what it was supposed to be. I'm not certain, but I don't think there is such a check in tboot. Is this an issue? Hal Finney |