Re: [tboot-devel] PCR event log after TXT launch

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On Fri, Sep 28, 2012 at 9:26 PM, Wei, Gang <gan...@in...> wrote:
> I am current trying to make a TXT driver and it will expose the TXT event
> log(located in TXT heap) via sysfs interface to userspace.

That sounds good, thanks Jimmy.

Kent

> Jimmy
>
> Kent Yoder wrote on 2012-09-28:
>>> We had discussion about the event log before.
>>> I think standard structure is desirable for this TXT event log.
>>
>>   Thanks for the context, Seiji.  I agree, something in the PCClient
>> standard structure would be good - it could be consumed by trousers
>> without modifications. This could be exposed automatically if we had a
>> kernel module for it. Does integrating that into intel_iommu.ko make
>> sense?
>>
>> Kent
>>
>>> On Sat, Apr 26, 2008 at 4:40 AM, Cihula, Joseph <jos...@in...>
>> wrote:
>>>> On Friday, April 25, 2008 7:47 AM, Jun Koi wrote:
>>>>> On 4/17/08, Seiji Munetoh <sei...@gm...> wrote:
>>>>>> Hi Folks,
>>>>>>
>>>>>>  Is there any way to validate the PCR[17] and PCR18] values?
>>>>>>
>>>>>>  In case of Static-RTM, we can validate the PCR values by using
>>>>>>  the BIOS eventlog stored at ACPI table.
>>>>>>  But for Dynamic-RTM we don't have such eventlog.
>>>>>
>>>>> Do you know if there is any good reason why tboot doesn't log events
>>>>> into eventlog?
>>>>
>>>> Did you mean why tboot doesn't copy the extend information into the BIOS
>>>> event log or why TXT itself doesn't put them there?
>>>>
>>>> For the former, it is a combination of lack of time, issues with the
>>>> eventlog, and motivation.  Regarding the eventlog, the current TCG
>>>> specification does not provide for BIOS to indicate where the log data
>>>> ends.  There is a soon-to-be-released update for the spec that will
>>>> specify that the end space be filled with ff's, but that will require
>>>> updated BIOSes.  Regarding motivation, it wasn't clear how useful or
>>>> important it would be.
>>>>
>>>> The values for PCR 17 and 18 are available in the SinitMleData struct in
>>>> the TXT heap.  So MLEs can access it and expose it to whatever SW needs
>>>> it.
>>>>
>>>> For TXT not doing it, the reasons are very similar.  In addition, we
>>>> didn't want to tie the launch process to BIOS and its configuration.
>>>>
>>>> Joe
>>>
>>> --
>>> Seiji
>>>
>>> P.S. OpenPTS is generating the eventlog from txt-stat message as a
>>> quick-and-dirty way.
>>>
>>>
>>> On Thu, Sep 27, 2012 at 3:44 AM, Kent Yoder <shp...@gm...>
>> wrote:
>>>> Hi,
>>>>
>>>>   Is there a standard way of grabbing the event log after a TXT
>>>> launch?  I see it looks like it lives in the os_mle_data_t struct on
>>>> the txt heap, but there doesn't seem to be a way to print it from
>>>> txt-stat. Is the code missing or can I dump it some other way?
>>>>
>>>> Thanks,
>>>> Kent
>>>>
>>>> --
>>>> IBM LTC Security

-- 
IBM LTC Security