Menu
▾
▴
linux-ima-user — Q&A for users of IMA
This list is closed, nobody may subscribe to it.
| 2007 |
Jan
|
Feb
(10) |
Mar
(26) |
Apr
(8) |
May
(3) |
Jun
|
Jul
(26) |
Aug
(10) |
Sep
|
Oct
|
Nov
(2) |
Dec
(4) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2008 |
Jan
|
Feb
(13) |
Mar
(4) |
Apr
(3) |
May
(5) |
Jun
|
Jul
(7) |
Aug
(8) |
Sep
(5) |
Oct
(16) |
Nov
|
Dec
(6) |
| 2009 |
Jan
(2) |
Feb
|
Mar
(3) |
Apr
|
May
|
Jun
(19) |
Jul
(4) |
Aug
|
Sep
(13) |
Oct
(10) |
Nov
(12) |
Dec
(2) |
| 2010 |
Jan
|
Feb
(2) |
Mar
(17) |
Apr
(28) |
May
|
Jun
(17) |
Jul
(11) |
Aug
(12) |
Sep
(2) |
Oct
|
Nov
|
Dec
(1) |
| 2011 |
Jan
|
Feb
|
Mar
(20) |
Apr
(10) |
May
(1) |
Jun
|
Jul
|
Aug
(15) |
Sep
(14) |
Oct
(2) |
Nov
|
Dec
|
| 2012 |
Jan
(1) |
Feb
(53) |
Mar
(15) |
Apr
(4) |
May
(2) |
Jun
(13) |
Jul
|
Aug
|
Sep
(12) |
Oct
|
Nov
|
Dec
(6) |
| 2013 |
Jan
(7) |
Feb
(8) |
Mar
(4) |
Apr
(5) |
May
|
Jun
|
Jul
|
Aug
(5) |
Sep
(6) |
Oct
|
Nov
(5) |
Dec
(8) |
| 2014 |
Jan
(17) |
Feb
(24) |
Mar
(8) |
Apr
(7) |
May
(18) |
Jun
(15) |
Jul
(5) |
Aug
(2) |
Sep
(49) |
Oct
(28) |
Nov
(7) |
Dec
(30) |
| 2015 |
Jan
(40) |
Feb
|
Mar
(9) |
Apr
(2) |
May
(9) |
Jun
(31) |
Jul
(33) |
Aug
(5) |
Sep
(20) |
Oct
|
Nov
(3) |
Dec
(12) |
| 2016 |
Jan
(14) |
Feb
(29) |
Mar
(10) |
Apr
(4) |
May
(4) |
Jun
|
Jul
(5) |
Aug
(19) |
Sep
(21) |
Oct
(2) |
Nov
(36) |
Dec
(30) |
| 2017 |
Jan
(101) |
Feb
(12) |
Mar
(7) |
Apr
(2) |
May
(29) |
Jun
(22) |
Jul
(7) |
Aug
(93) |
Sep
(27) |
Oct
(39) |
Nov
|
Dec
|
|
From: adrian g. <adr...@gm...> - 2008-10-14 07:58:51
|
hi, i tried again to verify the measurements, this time in C:
i followed closely to the pseudo code provided in the ima INSTALL file:
char fileName[50] = "ascii_runtime_measurements";
unsigned char* buf, event;
memset(PCR, 0, SHA_DIGEST_LENGTH);
while(fgets(event, 1024, fd_bin_measurements) != NULL) {
buf = event + 3; // skip to the start of the hash
for(j = 0; j < SHA_DIGEST_LENGTH; j++){
strncpy(testText, buf + 2*j, 2);
intResult = convertToInt(testText); //change 2 bytes of char,
take it as a hex number and change it to int
// intResult
will be between 0 to 255.
memset(tempPointer + j, intResult, 1);
}
SHA1_Init(&c);
SHA1_Update(&c, PCR, SHA_DIGEST_LENGTH);
SHA1_Update(&c, tempPointer, SHA_DIGEST_LENGTH);
SHA1_Final(PCR, &c);
}
i assume using the ascii file is alright and i checked the convertToInt
function and it converts correctly.
i also ran it several times since a new version of my program generates a
new reading.
thank you- adrian
On Wed, Oct 8, 2008 at 10:58 AM, adrian golding <adr...@gm...>wrote:
> i am trying to write a simple python script to verify my measurements list
> with PCR10 but it doesn't match. Anybody see the mistake?
> thank you - adrian
>
> previousPCRValue = "0000000000000000000000000000000000000000"
>
> for line in obtainedFile.readlines():
>
> lineArray = str.split(line)
> # using ascii measurements file, lineArray[1] is the hash value
>
> # concatenation
> combineHex = previousPCRValue + lineArray[1]
> # change to binary
> combineBinary = binascii.unhexlify(combineHex)
> # hash it
> computedHash = hashlib.sha1(combineBinary)
> # change it to hex
> previousPCRValue = computedHash.hexdigest()
>
>
>
|
|
From: adrian g. <adr...@gm...> - 2008-10-10 12:19:11
|
please disregard my last mail. wasn't thinking properly when typing in the recipient. -adrian On Fri, Oct 10, 2008 at 7:44 PM, adrian golding <adr...@gm...>wrote: > hello hal, i was reading another thread about verifying the quote: > > http://sourceforge.net/mailarchive/message.php?msg_id=4525A0BC.9000007%40ece.cmu.edu > > with regards to this call: > Tspi_GetAttribData(hKey, > TSS_TSPATTRIB_RSAKEY_INFO, > TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, > >> &BlobLength, &BLOB); > > > &BlobLength is an unsigned int, and &BLOB a BYTE array. Please correct me > if i'm wrong, BLOB would be a BIGNUM, and BlobLength the length of BLOB. > However, when i print out BlobLength, it seems too large (4131212846) for > BLOB. and when i tried to verify if the exponent is 65537 by calling > GetAttribData with the flag TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT instead, the > length of the BIGNUM is also very huge (134516825). > > thanks - adrian > > On Fri, Oct 10, 2008 at 2:41 PM, adrian golding <adr...@gm...>wrote: > >> hello hal, i was reading another thread about verifying the quote: >> >> http://sourceforge.net/mailarchive/message.php?msg_id=4525A0BC.9000007%40ece.cmu.edu >> >> with regards to this call: >> Tspi_GetAttribData(hKey, >> TSS_TSPATTRIB_RSAKEY_INFO, >> TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, >> >>> &BlobLength, &BLOB); >> >> >> &BlobLength is an unsigned int, and &BLOB a BYTE array. Please correct me >> if i'm wrong, BLOB would be a BIGNUM, and BlobLength the length of BLOB. >> However, when i print out BlobLength, it seems too large (4131212846) for >> BLOB. and when i tried to verify if the exponent is 65537 by calling >> GetAttribData with the flag TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT instead, the >> length of the BIGNUM is also very huge (134516825). >> >> thanks - adrian >> >> >> On Fri, Oct 10, 2008 at 3:08 AM, Hal Finney <hal...@gm...> wrote: >> >>> Hi Adrian - >>> >>> One thing to keep in mind on Quote. For a Quote to be truly >>> meaningful, the verifier needs to be confident that it is a TPM key - >>> that is, that the private key is protected by the TPM and will never >>> be readable outside the TPM. This basically means that it must be a >>> non-migratable key, and it must have been generated on the TPM. Note, >>> this is not enough by itself, there are a lot of other requirements >>> that might have to be met, depending on the situation. >>> >>> I am not familiar with any openssl create_tpm_key() function. If it >>> generates the key on the TPM, that might be suitable; but if it >>> generates an off-chip key and then loads that onto the TPM, it would >>> not be appropriate. >>> >>> For the other approach, generating a key on the TPM and then getting >>> an X.509 certificate for it, keep in mind that an X.509 certificate is >>> a rather inconvenient object for passing around keys. The only reason >>> people use it is because it's what everyone uses. An X.509 cert does >>> not just hold a key, it also has some kind of name or identity field, >>> and further, it has a signature by (generally) some other key which >>> binds the target key and target identity information. It's a very >>> complex object. If all you want to do is to tell the other guy your >>> public key, I'd probably suggest rolling your own format and just send >>> the modulus in some form. But if you have to be X.509 compatible then >>> you'll have to go through a lot of work. >>> >>> The first step (after generating the key) would be to read the key >>> modulus using: >>> >>> Tspi_GetAttribData(hKey, >>> TSS_TSPATTRIB_RSAKEY_INFO, >>> TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, >>> &BlobLength, &BLOB); >>> >>> Once you have the modulus, you could insert it into an openssl RSA >>> structure, and set the exponent field in that struct to 65537. From >>> there, you will need to assemble an openssl X509 certificate >>> structure, and then ultimately call the openssl X509_sign() function. >>> >>> Frankly, I don't understand how people manage to use openssl. There's >>> no documentation for any of this stuff, that I can find! I always have >>> to study the openssl source code to figure out how to use it, on those >>> rare occasions when I am forced by circumstances to do so. Consider >>> even something as mundane as creating an RSA key and creating a valid >>> X.509 certificate to hold it. Forget about the TPM, just think about >>> doing that step. The functionality exists in the openssl library to >>> accomplish this, but I don't know of a single piece of documentation >>> that tells how. (There do exist various HOWTOs across the web on how >>> to do it from the openssl command line, but I haven't found anything >>> about using the library.) >>> >>> Anyway, the bottom line is that generating the TPM key is easy. >>> Creating X.509 certificates is hard. If you can figure out how to >>> create X.509 certs, without involving the TPM, maybe with help from >>> people on the openssl mailing lists, then it will be easy to modify >>> that program to create the key on the TPM, copy the modulus field into >>> whatever openssl structure needs it, and you're good to go. >>> >>> Hal >>> >>> >>> >>> On Wed, Oct 8, 2008 at 8:22 PM, adrian golding <adr...@gm...> >>> wrote: >>> > hello, with the Tspi_TPM_Quote01.c example and as a starting point, if >>> i >>> > want to let a remote party verify the quote, and i intend to send the >>> > TSS_VALIDATION object as well as a certificate of my public key >>> (self-signed >>> > for now) over. How do i either: >>> > 1) create keys using openssl's create_tpm_key and load the key into my >>> > quoting application before it signs the PCR? >>> > or >>> > 2) using the Tspi_Key_CreateKey function in Tspi_TPM_Quote01.c to >>> generate >>> > the keys, and create a certificate with my public key so i could send >>> it to >>> > the remote party? >>> > which way would be more encouraged? >>> > >>> > thanks - adrian >>> >> >> > |
|
From: adrian g. <adr...@gm...> - 2008-10-10 12:06:22
|
hello hal, i was reading another thread about verifying the quote: http://sourceforge.net/mailarchive/message.php?msg_id=4525A0BC.9000007%40ece.cmu.edu with regards to this call: Tspi_GetAttribData(hKey, TSS_TSPATTRIB_RSAKEY_INFO, TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, > &BlobLength, &BLOB); &BlobLength is an unsigned int, and &BLOB a BYTE array. Please correct me if i'm wrong, BLOB would be a BIGNUM, and BlobLength the length of BLOB. However, when i print out BlobLength, it seems too large (4131212846) for BLOB. and when i tried to verify if the exponent is 65537 by calling GetAttribData with the flag TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT instead, the length of the BIGNUM is also very huge (134516825). thanks - adrian On Fri, Oct 10, 2008 at 2:41 PM, adrian golding <adr...@gm...>wrote: > hello hal, i was reading another thread about verifying the quote: > > http://sourceforge.net/mailarchive/message.php?msg_id=4525A0BC.9000007%40ece.cmu.edu > > with regards to this call: > Tspi_GetAttribData(hKey, > TSS_TSPATTRIB_RSAKEY_INFO, > TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, > >> &BlobLength, &BLOB); > > > &BlobLength is an unsigned int, and &BLOB a BYTE array. Please correct me > if i'm wrong, BLOB would be a BIGNUM, and BlobLength the length of BLOB. > However, when i print out BlobLength, it seems too large (4131212846) for > BLOB. and when i tried to verify if the exponent is 65537 by calling > GetAttribData with the flag TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT instead, the > length of the BIGNUM is also very huge (134516825). > > thanks - adrian > > > On Fri, Oct 10, 2008 at 3:08 AM, Hal Finney <hal...@gm...> wrote: > >> Hi Adrian - >> >> One thing to keep in mind on Quote. For a Quote to be truly >> meaningful, the verifier needs to be confident that it is a TPM key - >> that is, that the private key is protected by the TPM and will never >> be readable outside the TPM. This basically means that it must be a >> non-migratable key, and it must have been generated on the TPM. Note, >> this is not enough by itself, there are a lot of other requirements >> that might have to be met, depending on the situation. >> >> I am not familiar with any openssl create_tpm_key() function. If it >> generates the key on the TPM, that might be suitable; but if it >> generates an off-chip key and then loads that onto the TPM, it would >> not be appropriate. >> >> For the other approach, generating a key on the TPM and then getting >> an X.509 certificate for it, keep in mind that an X.509 certificate is >> a rather inconvenient object for passing around keys. The only reason >> people use it is because it's what everyone uses. An X.509 cert does >> not just hold a key, it also has some kind of name or identity field, >> and further, it has a signature by (generally) some other key which >> binds the target key and target identity information. It's a very >> complex object. If all you want to do is to tell the other guy your >> public key, I'd probably suggest rolling your own format and just send >> the modulus in some form. But if you have to be X.509 compatible then >> you'll have to go through a lot of work. >> >> The first step (after generating the key) would be to read the key >> modulus using: >> >> Tspi_GetAttribData(hKey, >> TSS_TSPATTRIB_RSAKEY_INFO, >> TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, >> &BlobLength, &BLOB); >> >> Once you have the modulus, you could insert it into an openssl RSA >> structure, and set the exponent field in that struct to 65537. From >> there, you will need to assemble an openssl X509 certificate >> structure, and then ultimately call the openssl X509_sign() function. >> >> Frankly, I don't understand how people manage to use openssl. There's >> no documentation for any of this stuff, that I can find! I always have >> to study the openssl source code to figure out how to use it, on those >> rare occasions when I am forced by circumstances to do so. Consider >> even something as mundane as creating an RSA key and creating a valid >> X.509 certificate to hold it. Forget about the TPM, just think about >> doing that step. The functionality exists in the openssl library to >> accomplish this, but I don't know of a single piece of documentation >> that tells how. (There do exist various HOWTOs across the web on how >> to do it from the openssl command line, but I haven't found anything >> about using the library.) >> >> Anyway, the bottom line is that generating the TPM key is easy. >> Creating X.509 certificates is hard. If you can figure out how to >> create X.509 certs, without involving the TPM, maybe with help from >> people on the openssl mailing lists, then it will be easy to modify >> that program to create the key on the TPM, copy the modulus field into >> whatever openssl structure needs it, and you're good to go. >> >> Hal >> >> >> >> On Wed, Oct 8, 2008 at 8:22 PM, adrian golding <adr...@gm...> >> wrote: >> > hello, with the Tspi_TPM_Quote01.c example and as a starting point, if i >> > want to let a remote party verify the quote, and i intend to send the >> > TSS_VALIDATION object as well as a certificate of my public key >> (self-signed >> > for now) over. How do i either: >> > 1) create keys using openssl's create_tpm_key and load the key into my >> > quoting application before it signs the PCR? >> > or >> > 2) using the Tspi_Key_CreateKey function in Tspi_TPM_Quote01.c to >> generate >> > the keys, and create a certificate with my public key so i could send it >> to >> > the remote party? >> > which way would be more encouraged? >> > >> > thanks - adrian >> > > |
|
From: adrian g. <adr...@gm...> - 2008-10-10 06:42:03
|
hello hal, i was reading another thread about verifying the quote: http://sourceforge.net/mailarchive/message.php?msg_id=4525A0BC.9000007%40ece.cmu.edu with regards to this call: Tspi_GetAttribData(hKey, TSS_TSPATTRIB_RSAKEY_INFO, TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, > &BlobLength, &BLOB); &BlobLength is an unsigned int, and &BLOB a BYTE array. Please correct me if i'm wrong, BLOB would be a BIGNUM, and BlobLength the length of BLOB. However, when i print out BlobLength, it seems too large (4131212846) for BLOB. and when i tried to verify if the exponent is 65537 by calling GetAttribData with the flag TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT instead, the length of the BIGNUM is also very huge (134516825). thanks - adrian On Fri, Oct 10, 2008 at 3:08 AM, Hal Finney <hal...@gm...> wrote: > Hi Adrian - > > One thing to keep in mind on Quote. For a Quote to be truly > meaningful, the verifier needs to be confident that it is a TPM key - > that is, that the private key is protected by the TPM and will never > be readable outside the TPM. This basically means that it must be a > non-migratable key, and it must have been generated on the TPM. Note, > this is not enough by itself, there are a lot of other requirements > that might have to be met, depending on the situation. > > I am not familiar with any openssl create_tpm_key() function. If it > generates the key on the TPM, that might be suitable; but if it > generates an off-chip key and then loads that onto the TPM, it would > not be appropriate. > > For the other approach, generating a key on the TPM and then getting > an X.509 certificate for it, keep in mind that an X.509 certificate is > a rather inconvenient object for passing around keys. The only reason > people use it is because it's what everyone uses. An X.509 cert does > not just hold a key, it also has some kind of name or identity field, > and further, it has a signature by (generally) some other key which > binds the target key and target identity information. It's a very > complex object. If all you want to do is to tell the other guy your > public key, I'd probably suggest rolling your own format and just send > the modulus in some form. But if you have to be X.509 compatible then > you'll have to go through a lot of work. > > The first step (after generating the key) would be to read the key > modulus using: > > Tspi_GetAttribData(hKey, > TSS_TSPATTRIB_RSAKEY_INFO, > TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, > &BlobLength, &BLOB); > > Once you have the modulus, you could insert it into an openssl RSA > structure, and set the exponent field in that struct to 65537. From > there, you will need to assemble an openssl X509 certificate > structure, and then ultimately call the openssl X509_sign() function. > > Frankly, I don't understand how people manage to use openssl. There's > no documentation for any of this stuff, that I can find! I always have > to study the openssl source code to figure out how to use it, on those > rare occasions when I am forced by circumstances to do so. Consider > even something as mundane as creating an RSA key and creating a valid > X.509 certificate to hold it. Forget about the TPM, just think about > doing that step. The functionality exists in the openssl library to > accomplish this, but I don't know of a single piece of documentation > that tells how. (There do exist various HOWTOs across the web on how > to do it from the openssl command line, but I haven't found anything > about using the library.) > > Anyway, the bottom line is that generating the TPM key is easy. > Creating X.509 certificates is hard. If you can figure out how to > create X.509 certs, without involving the TPM, maybe with help from > people on the openssl mailing lists, then it will be easy to modify > that program to create the key on the TPM, copy the modulus field into > whatever openssl structure needs it, and you're good to go. > > Hal > > > > On Wed, Oct 8, 2008 at 8:22 PM, adrian golding <adr...@gm...> > wrote: > > hello, with the Tspi_TPM_Quote01.c example and as a starting point, if i > > want to let a remote party verify the quote, and i intend to send the > > TSS_VALIDATION object as well as a certificate of my public key > (self-signed > > for now) over. How do i either: > > 1) create keys using openssl's create_tpm_key and load the key into my > > quoting application before it signs the PCR? > > or > > 2) using the Tspi_Key_CreateKey function in Tspi_TPM_Quote01.c to > generate > > the keys, and create a certificate with my public key so i could send it > to > > the remote party? > > which way would be more encouraged? > > > > thanks - adrian > |
|
From: adrian g. <adr...@gm...> - 2008-10-08 02:58:38
|
i am trying to write a simple python script to verify my measurements list
with PCR10 but it doesn't match. Anybody see the mistake?
thank you - adrian
previousPCRValue = "0000000000000000000000000000000000000000"
for line in obtainedFile.readlines():
lineArray = str.split(line)
# using ascii measurements file, lineArray[1] is the hash value
# concatenation
combineHex = previousPCRValue + lineArray[1]
# change to binary
combineBinary = binascii.unhexlify(combineHex)
# hash it
computedHash = hashlib.sha1(combineBinary)
# change it to hex
previousPCRValue = computedHash.hexdigest()
|
|
From: adrian g. <adr...@gm...> - 2008-10-02 02:57:30
|
hi, i wonder if it is possible, taking openoffice2.0 as an example, that we can use ima to detect an attack (on openoffice)? If so, do i have to measure additional files? Since most of the measurements are dynamically linked libraries, there will be no changes in measurements if i make trivial changes to options/configurations in the application. I am wondering in what general cases, for an application like openoffice (or any other large application), when we can expect a legitimate change in the measurements. One obvious case i can think of is updating to a newer version of the application. thanks - adrian |
|
From: adrian g. <adr...@gm...> - 2008-09-23 08:54:49
|
hello, in that huge measurement list, which libraries/files contains the code that will request for measurements later on after the OS starts? To put it another way, which files are the ones i have to look out for to ensure the code measuring other programs/libraries later on is of high integrity? - adrian |
|
From: adrian g. <adr...@gm...> - 2008-09-23 04:57:58
|
> hello, i had installed the latest version of Trousers, IMA kernel patch, > trusted grub and tpm manager seems to be working fine. I also manage to > view the list of measurements on the executables that tried to extend PCR10. > but i realised that my PCR10 is not being extended at all; it remained > at 0 when i looked at the list of PCR values from tpm manager. Am i missing > something? thanks, adrian |
|
From: Lavina J. <lav...@gm...> - 2008-08-27 08:50:25
|
Hi, The binary format described in /Documentation/ima/INSTALL is as follows: PCR# Digest Flags Filename Separator 32 bit || 20*8 bit || 32 bit || char[x<=40] || '\0' I tried reading the binary file and figured out the format is actually slightly different. There is a 32 bit field (all zeros) after PCR#, filenames include full path rather than just the name and are greater than 40 characters as well. The separator is '\n'. So the format is as follows: PCR# Zeros Digest Flags Filename Separator 32 bit || 32 bit || 20*8 bit || 32 bit || char[x] || '\n' This works for me but I wonder why is it different from what is documented. Is it dependent on kernel or platform? Kind Regards, Lavina On Wed, Jul 30, 2008 at 6:23 AM, Reiner Sailer <sa...@us...> wrote: > The format of the binary measurements is in the Documentation/ima/INSTALL > file after patching the kernel. I believe the binary format is described is > section 5. > > The binary format for each measurement has one variable length field (the > name and path of the file being measured) which is the last parameter. > > There should also be some open-source code in the TrouSerS TSS stack > implementation that reads those measurements, but I have not looked at this > so this is a guess. > [TrouSerS: http://trousers.sourceforge.net/] > > Reiner > > > > > From: "Lavina Jain" <lav...@gm...> > > To: lin...@li... > > Cc: lav...@gm... > > Date: 07/30/2008 03:25 AM > > Subject: [Linux-ima-user] Reading binary_runtime_measurements in a > structure > > > > > > > Hi, > > I was wondering whether it is possible to read an entry in > binary_runtime_measurements in a C structure using a C program. Can > somebody please explain the format of the binary file. > > Is there any application or code already available that verifies a PCR > aggregate against measurement list. > > Kind Regards, > Lavina > > -- > "Unravelling life's mysteries and discovering life's secrets may take the > courage and determination found only in a self-motivated pursuit." > - Peter McWilliams > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > Linux-ima-user mailing list > Lin...@li... > https://lists.sourceforge.net/lists/listinfo/linux-ima-user > > > > -- "Unravelling life's mysteries and discovering life's secrets may take the courage and determination found only in a self-motivated pursuit." - Peter McWilliams |
|
From: Lavina J. <lav...@gm...> - 2008-08-15 19:18:07
|
Hi Reiner, Many thanks for the description of Quote operation and pointing to the TCG document that describes it. I could understand and implement Quote operation and it's verification. I am using trousers and the commands worked as per TCG documents. Kind Regards, Lavina On Wed, Jul 30, 2008 at 6:12 AM, Reiner Sailer <sa...@us...> wrote: > In case you are using TrouSerS or another TSS stack to access the TPM > (i.e., if you do not directly address the TPM driver) please refer to the > mailing list and specs for your TSS stack. There might be variations from > the TPM command parameters. > > E.g., TrouSerS on sourceforge has a separate web page: > http://trousers.sourceforge.net/ > > Reiner > > > > From: "Lavina Jain" <lav...@gm...> > > To: lin...@li... > > Cc: lav...@gm... > > Date: 07/30/2008 02:52 AM > > Subject: [Linux-ima-user] TPM Quote: data signed is different from > PcrRead > > > > > > > > Hi, > > It looks like the data signed by Tspi_TPM_Quote is not the same as PCR > value. I wrote a small program that reads PCR 10, and then gets Quote of > PCR > Composite consisting of only PCR 10. The data signed differs from the > output > of Tspi_TPM_PcrRead. > > Following is the part of my code doing this: > > --------------------------------------------------------------------------------- > > // read PCR 10 > printf("Read PCR..."); > UINT32 len; > BYTE *value = (BYTE *)malloc(sizeof(BYTE)); > int i; > for(i = 10; i <= 10; i++) { > retCode = Tspi_TPM_PcrRead(hTPM, i, &len, &value); > PRINT_RETCODE(retCode); > if(retCode == TSS_SUCCESS) { > printf("PCR i: %d, len: %d\n", i, len); > printf("value: "); > // print in hex format > printHex(value, len); > } > } > > // Create PCR composite object consisting PCR 10 > printf("Create PCR composite object..."); > TSS_HPCRS hPcrComposite; > retCode = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS, 0, > &hPcrComposite); > PRINT_RETCODE(retCode); > > UINT32 pcrIndex; > for (pcrIndex = 10; pcrIndex <= 10; pcrIndex++) { > Tspi_PcrComposite_SelectPcrIndex(hPcrComposite,pcrIndex); > } > > // 20-byte input (challenge) to Quote command > BYTE *buf = (BYTE *)malloc(20); > TSS_VALIDATION validationData; > validationData.rgbExternalData = (BYTE *)malloc(20 * sizeof(BYTE)); > memset(validationData.rgbExternalData, 1, 20); > printf("20-byte hash input to Quote: "); > printHex(validationData.rgbExternalData, 20); > > // Obtain Quote > printf("Quote PCR..."); > retCode = Tspi_TPM_Quote(hTPM, hAIK, hPcrComposite, &validationData); > printf("Data signed: \n"); > printHex(validationData.rgbData, validationData.ulDataLength); > > ----------------------------------------------------------------------------------------------------------------------------- > > > The results are as follows: > Value of PCR 10 read by Tspi_TPM_PcrRead is: > ce24d4cfe4d39e2da331326d44680a4946bb7486 > > Data signed is: > 0101000051554f54abbf4dd198d4df503f7a25291f332fa70a237bc601010101 > 01010101010101010101010101010101 > > I know that first 4 bytes (01010000) is the version. Next 4 bytes > (51554f54) > is the ordinal. Last 20 bytes is the input that I had given to the Quote > command. > Can somebody please explain how is the remaining 20 bytes > (abbf4dd198d4df503f7a25291f332fa70a237bc6) obtained from PCR registers? > > Kind Regards, > Lavina > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > Linux-ima-user mailing list > Lin...@li... > https://lists.sourceforge.net/lists/listinfo/linux-ima-user > > > > -- "Unravelling life's mysteries and discovering life's secrets may take the courage and determination found only in a self-motivated pursuit." - Peter McWilliams |
|
From: fan h. <hef...@gm...> - 2008-08-01 08:46:21
|
I finally got the answer that the vtpm_manager (run in the Dom0) can not response the pcr_read request in time. There is no problem in IMA and vtpm, i just insert a mdelay() function in ima_init.c to gernerate a 10 seconds pause before IMA init. And everything is ok. Test mode without tpm support also works fine. I think there is no need to make new patch, IMA works perfectly in domU and dom0. |
|
From: Reiner S. <sa...@us...> - 2008-07-30 13:40:43
|
I look into this. Might take a little while.
First guess is that the vtpm does not return the same code as IMA expects
as you also seem to mention below. IMA tests at this point if the TPM is
there simply by trying to read a PCR and expecting non-error code in
return.
While there is no public patch available, I am trying to get you some more
information about what has to be adjusted.
First suggestion: configure IMA in test mode so that the kernel does not
panic if it does not find TPM. You can see with dmesg | grep IMA if the TPM
is not found (i.e., if IMA switches in bypass mode or not).
Does your vTPM work inside DomU without IMA? Can you read PCRs and extend
PCRs during and after boot?
Reiner
From: "fan he" <hef...@gm...>
To: lin...@li...
Date: 07/29/2008 06:23 AM
Subject: [Linux-ima-user] IMA in DomU xen-3.2
Hi
I'm using xen-3.2.0 with IMA patched on, my kernel version is 2.6.18.8:
CentOS 5.2.
I can see that the IMA works well after i make tpm as a kernel module in
Dom0.
The patch(ibm_ima_v7.2_2.6.18.3.patch) seems change the module_init to
fs_initcall in tpm_tis and other vendor's drivers. However, the front-end
tpm driver inside the DomU is different. There are only tpm_xen and
tpm_vtpm, and the entry locate in the former, so i try to manually change
the init type from module_init to fs_initcall in tpm_xen.c, i intend to
initial the tpm driver before the IMA. But, it didn't work. Show as follow:
-----------------------------------------------------
Started domain fc8
Linux version 2.6.18.8-xenU (.ro...@lo...)
(gcc version 4.1.2 20071124 (Red Hat 4.1.2-42)) #4 SMP Mon Jul 28 21:20:05
CST 2008
BIOS-provided physical RAM map:
Xen: 0000000000000000 - 0000000020800000 (usable)
0MB HIGHMEM available.
520MB LOWMEM available.
NX (Execute Disable) protection: active
Allocating PCI resources starting at 30000000 (gap: 20800000:df800000)
Detected 2992.736 MHz processor.
Built 1 zonelists. Total pages: 133120
Kernel command line: root=LABEL=/ ima=1 selinux=0
Enabling fast FPU save and restore... done.
Enabling unmasked SIMD FPU exception support... done.
Initializing CPU#0
PID hash table entries: 4096 (order: 12, 16384 bytes)
Xen reported: 2992.500 MHz processor.
Console: colour dummy device 80x25
Dentry cache hash table entries: 131072 (order: 7, 524288 bytes)
Inode-cache hash table entries: 65536 (order: 6, 262144 bytes)
Software IO TLB disabled
vmalloc area: e1000000-f53fe000, maxmem 2d7fe000
Memory: 510096k/532480k available (1955k kernel code, 14104k reserved, 519k
data, 148k init, 0k highmem)
Checking if this processor honours the WP bit even in supervisor mode...
Ok.
Calibrating delay using timer specific routine.. 5990.76 BogoMIPS
(lpj=29953849)
Security Framework v1.0.0 initialized
Mount-cache hash table entries: 512
CPU: Trace cache: 12K uops, L1 D cache: 16K
CPU: L2 cache: 2048K
Checking 'hlt' instruction... OK.
SMP alternatives: switching to UP code
Brought up 1 CPUs
migration_cost=0
checking if image is initramfs... it is
Freeing initrd memory: 4596k freed
NET: Registered protocol family 16
SMP alternatives: switching to SMP code
Initializing CPU#1
CPU: Trace cache: 12K uops, L1 D cache: 16K
CPU: L2 cache: 2048K
migration_cost=1580
Brought up 2 CPUs
suspend: event channel 9
xen_mem: Initialising balloon driver.
xen_tpm_fr: Initialising the vTPM driver.
NET: Registered protocol family 2
IP route cache hash table entries: 32768 (order: 5, 131072 bytes)
TCP established hash table entries: 131072 (order: 8, 1048576 bytes)
TCP bind hash table entries: 65536 (order: 7, 524288 bytes)
TCP: Hash tables configured (established 131072 bind 65536)
TCP reno registered
Initializing Cryptographic API
IBM Integrity Measurement Architecture (IBM IMA v7.2 11/22/2006).
Kernel panic - not syncing: IMA: TPM/no support and IMA not in test mode!
I got an kernel panic but the line "xen_tpm_fr: Initialising the vTPM
driver" is just before the IMA, and i try to catch the rc value from the
tpm_pcr_read, it is 10, and then by be32_to_cpu it is 31 at last, i should
get a 0 to pass through the ima_measure_init. Why is that? IMA can't
connect to tpm as it did in the Dom0,? I think the architecture is
different.
I have no idea about using the IMA in DomU. Is there a special patch in
xen3.2? Do i need to make more changes in tpm-front driver? Can the IMA
work in DomU at present?
Thanks
Oscar
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's
challenge
Build the coolest Linux based applications with Moblin SDK & win great
prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Linux-ima-user mailing list
Lin...@li...
https://lists.sourceforge.net/lists/listinfo/linux-ima-user
|
|
From: Reiner S. <sa...@us...> - 2008-07-30 13:27:35
|
The format of the binary measurements is in the Documentation/ima/INSTALL file after patching the kernel. I believe the binary format is described is section 5. The binary format for each measurement has one variable length field (the name and path of the file being measured) which is the last parameter. There should also be some open-source code in the TrouSerS TSS stack implementation that reads those measurements, but I have not looked at this so this is a guess. [TrouSerS: http://trousers.sourceforge.net/] Reiner From: "Lavina Jain" <lav...@gm...> To: lin...@li... Cc: lav...@gm... Date: 07/30/2008 03:25 AM Subject: [Linux-ima-user] Reading binary_runtime_measurements in a structure Hi, I was wondering whether it is possible to read an entry in binary_runtime_measurements in a C structure using a C program. Can somebody please explain the format of the binary file. Is there any application or code already available that verifies a PCR aggregate against measurement list. Kind Regards, Lavina -- "Unravelling life's mysteries and discovering life's secrets may take the courage and determination found only in a self-motivated pursuit." - Peter McWilliams ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Linux-ima-user mailing list Lin...@li... https://lists.sourceforge.net/lists/listinfo/linux-ima-user |
|
From: Reiner S. <sa...@us...> - 2008-07-30 13:16:15
|
In case you are using TrouSerS or another TSS stack to access the TPM (i.e., if you do not directly address the TPM driver) please refer to the mailing list and specs for your TSS stack. There might be variations from the TPM command parameters. E.g., TrouSerS on sourceforge has a separate web page: http://trousers.sourceforge.net/ Reiner From: "Lavina Jain" <lav...@gm...> To: lin...@li... Cc: lav...@gm... Date: 07/30/2008 02:52 AM Subject: [Linux-ima-user] TPM Quote: data signed is different from PcrRead Hi, It looks like the data signed by Tspi_TPM_Quote is not the same as PCR value. I wrote a small program that reads PCR 10, and then gets Quote of PCR Composite consisting of only PCR 10. The data signed differs from the output of Tspi_TPM_PcrRead. Following is the part of my code doing this: --------------------------------------------------------------------------------- // read PCR 10 printf("Read PCR..."); UINT32 len; BYTE *value = (BYTE *)malloc(sizeof(BYTE)); int i; for(i = 10; i <= 10; i++) { retCode = Tspi_TPM_PcrRead(hTPM, i, &len, &value); PRINT_RETCODE(retCode); if(retCode == TSS_SUCCESS) { printf("PCR i: %d, len: %d\n", i, len); printf("value: "); // print in hex format printHex(value, len); } } // Create PCR composite object consisting PCR 10 printf("Create PCR composite object..."); TSS_HPCRS hPcrComposite; retCode = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS, 0, &hPcrComposite); PRINT_RETCODE(retCode); UINT32 pcrIndex; for (pcrIndex = 10; pcrIndex <= 10; pcrIndex++) { Tspi_PcrComposite_SelectPcrIndex(hPcrComposite,pcrIndex); } // 20-byte input (challenge) to Quote command BYTE *buf = (BYTE *)malloc(20); TSS_VALIDATION validationData; validationData.rgbExternalData = (BYTE *)malloc(20 * sizeof(BYTE)); memset(validationData.rgbExternalData, 1, 20); printf("20-byte hash input to Quote: "); printHex(validationData.rgbExternalData, 20); // Obtain Quote printf("Quote PCR..."); retCode = Tspi_TPM_Quote(hTPM, hAIK, hPcrComposite, &validationData); printf("Data signed: \n"); printHex(validationData.rgbData, validationData.ulDataLength); ----------------------------------------------------------------------------------------------------------------------------- The results are as follows: Value of PCR 10 read by Tspi_TPM_PcrRead is: ce24d4cfe4d39e2da331326d44680a4946bb7486 Data signed is: 0101000051554f54abbf4dd198d4df503f7a25291f332fa70a237bc601010101 01010101010101010101010101010101 I know that first 4 bytes (01010000) is the version. Next 4 bytes (51554f54) is the ordinal. Last 20 bytes is the input that I had given to the Quote command. Can somebody please explain how is the remaining 20 bytes (abbf4dd198d4df503f7a25291f332fa70a237bc6) obtained from PCR registers? Kind Regards, Lavina ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Linux-ima-user mailing list Lin...@li... https://lists.sourceforge.net/lists/listinfo/linux-ima-user |
|
From: Reiner S. <sa...@us...> - 2008-07-30 13:07:51
|
Should be in the TCG TPM specification: https://www.trustedcomputinggroup.org/specs/TPM/mainP3Commandsrev103.zip page 161, quote output values. Look also attached gif, a copy from the spec (copyright TCG). You see how the output is generated in 'actions'. TPM_PCR_COMPOSITE should include the selected PCR values as you see them when reading the PCR. In front of the List of PCR entries, you will find the PCR selector telling you which PCRs are represented in the list (bit =1 means PCR present in list, bit position gives you PCR number). (Embedded image moved to file: pic08853.gif) __________________________________________________________ Reiner Sailer, RSM and Manager Security Services (GSAL) Team IBM T J Watson Research Ctr, 19 Skyline Drive, Hawthorne NY 10532 Phone: 914 784 6280 (t/l 863) Fax: 914 784 6205, sa...@us... http://www.research.ibm.com/people/s/sailer/ From: "Lavina Jain" <lav...@gm...> To: lin...@li... Cc: lav...@gm... Date: 07/30/2008 02:52 AM Subject: [Linux-ima-user] TPM Quote: data signed is different from PcrRead Hi, It looks like the data signed by Tspi_TPM_Quote is not the same as PCR value. I wrote a small program that reads PCR 10, and then gets Quote of PCR Composite consisting of only PCR 10. The data signed differs from the output of Tspi_TPM_PcrRead. Following is the part of my code doing this: --------------------------------------------------------------------------------- // read PCR 10 printf("Read PCR..."); UINT32 len; BYTE *value = (BYTE *)malloc(sizeof(BYTE)); int i; for(i = 10; i <= 10; i++) { retCode = Tspi_TPM_PcrRead(hTPM, i, &len, &value); PRINT_RETCODE(retCode); if(retCode == TSS_SUCCESS) { printf("PCR i: %d, len: %d\n", i, len); printf("value: "); // print in hex format printHex(value, len); } } // Create PCR composite object consisting PCR 10 printf("Create PCR composite object..."); TSS_HPCRS hPcrComposite; retCode = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS, 0, &hPcrComposite); PRINT_RETCODE(retCode); UINT32 pcrIndex; for (pcrIndex = 10; pcrIndex <= 10; pcrIndex++) { Tspi_PcrComposite_SelectPcrIndex(hPcrComposite,pcrIndex); } // 20-byte input (challenge) to Quote command BYTE *buf = (BYTE *)malloc(20); TSS_VALIDATION validationData; validationData.rgbExternalData = (BYTE *)malloc(20 * sizeof(BYTE)); memset(validationData.rgbExternalData, 1, 20); printf("20-byte hash input to Quote: "); printHex(validationData.rgbExternalData, 20); // Obtain Quote printf("Quote PCR..."); retCode = Tspi_TPM_Quote(hTPM, hAIK, hPcrComposite, &validationData); printf("Data signed: \n"); printHex(validationData.rgbData, validationData.ulDataLength); ----------------------------------------------------------------------------------------------------------------------------- The results are as follows: Value of PCR 10 read by Tspi_TPM_PcrRead is: ce24d4cfe4d39e2da331326d44680a4946bb7486 Data signed is: 0101000051554f54abbf4dd198d4df503f7a25291f332fa70a237bc601010101 01010101010101010101010101010101 I know that first 4 bytes (01010000) is the version. Next 4 bytes (51554f54) is the ordinal. Last 20 bytes is the input that I had given to the Quote command. Can somebody please explain how is the remaining 20 bytes (abbf4dd198d4df503f7a25291f332fa70a237bc6) obtained from PCR registers? Kind Regards, Lavina ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Linux-ima-user mailing list Lin...@li... https://lists.sourceforge.net/lists/listinfo/linux-ima-user |
|
From: Lavina J. <lav...@gm...> - 2008-07-30 07:24:32
|
Hi, I was wondering whether it is possible to read an entry in binary_runtime_measurements in a C structure using a C program. Can somebody please explain the format of the binary file. Is there any application or code already available that verifies a PCR aggregate against measurement list. Kind Regards, Lavina -- "Unravelling life's mysteries and discovering life's secrets may take the courage and determination found only in a self-motivated pursuit." - Peter McWilliams |
|
From: Lavina J. <lav...@gm...> - 2008-07-30 06:52:02
|
Hi,
It looks like the data signed by Tspi_TPM_Quote is not the same as PCR
value. I wrote a small program that reads PCR 10, and then gets Quote of PCR
Composite consisting of only PCR 10. The data signed differs from the output
of Tspi_TPM_PcrRead.
Following is the part of my code doing this:
---------------------------------------------------------------------------------
// read PCR 10
printf("Read PCR...");
UINT32 len;
BYTE *value = (BYTE *)malloc(sizeof(BYTE));
int i;
for(i = 10; i <= 10; i++) {
retCode = Tspi_TPM_PcrRead(hTPM, i, &len, &value);
PRINT_RETCODE(retCode);
if(retCode == TSS_SUCCESS) {
printf("PCR i: %d, len: %d\n", i, len);
printf("value: ");
// print in hex format
printHex(value, len);
}
}
// Create PCR composite object consisting PCR 10
printf("Create PCR composite object...");
TSS_HPCRS hPcrComposite;
retCode = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS, 0,
&hPcrComposite);
PRINT_RETCODE(retCode);
UINT32 pcrIndex;
for (pcrIndex = 10; pcrIndex <= 10; pcrIndex++) {
Tspi_PcrComposite_SelectPcrIndex(hPcrComposite,pcrIndex);
}
// 20-byte input (challenge) to Quote command
BYTE *buf = (BYTE *)malloc(20);
TSS_VALIDATION validationData;
validationData.rgbExternalData = (BYTE *)malloc(20 * sizeof(BYTE));
memset(validationData.rgbExternalData, 1, 20);
printf("20-byte hash input to Quote: ");
printHex(validationData.rgbExternalData, 20);
// Obtain Quote
printf("Quote PCR...");
retCode = Tspi_TPM_Quote(hTPM, hAIK, hPcrComposite, &validationData);
printf("Data signed: \n");
printHex(validationData.rgbData, validationData.ulDataLength);
-----------------------------------------------------------------------------------------------------------------------------
The results are as follows:
Value of PCR 10 read by Tspi_TPM_PcrRead is:
ce24d4cfe4d39e2da331326d44680a4946bb7486
Data signed is:
0101000051554f54abbf4dd198d4df503f7a25291f332fa70a237bc601010101
01010101010101010101010101010101
I know that first 4 bytes (01010000) is the version. Next 4 bytes (51554f54)
is the ordinal. Last 20 bytes is the input that I had given to the Quote
command.
Can somebody please explain how is the remaining 20 bytes
(abbf4dd198d4df503f7a25291f332fa70a237bc6) obtained from PCR registers?
Kind Regards,
Lavina
|
|
From: fan h. <hef...@gm...> - 2008-07-29 10:23:29
|
Hi
I'm using xen-3.2.0 with IMA patched on, my kernel version is
2.6.18.8CentOS 5.2.
I can see that the IMA works well after i make tpm as a kernel module in
Dom0.
The patch(ibm_ima_v7.2_2.6.18.3.patch) seems change the module_init to
fs_initcall in tpm_tis and other vendor's drivers. However, the front-end
tpm driver inside the DomU is different. There are only tpm_xen and
tpm_vtpm, and the entry locate in the former, so i try to manually change
the init type from module_init to fs_initcall in tpm_xen.c, i intend to
initial the tpm driver before the IMA. But, it didn't work. Show as follow:
-----------------------------------------------------
Started domain fc8
Linux version 2.6.18.8-xenU (ro...@lo...)
(gcc version 4.1.2 20071124 (Red Hat 4.1.2-42)) #4 SMP Mon Jul 28 21:20:05
CST 2008
BIOS-provided physical RAM map:
Xen: 0000000000000000 - 0000000020800000 (usable)
0MB HIGHMEM available.
520MB LOWMEM available.
NX (Execute Disable) protection: active
Allocating PCI resources starting at 30000000 (gap: 20800000:df800000)
Detected 2992.736 MHz processor.
Built 1 zonelists. Total pages: 133120
Kernel command line: root=LABEL=/ ima=1 selinux=0
Enabling fast FPU save and restore... done.
Enabling unmasked SIMD FPU exception support... done.
Initializing CPU#0
PID hash table entries: 4096 (order: 12, 16384 bytes)
Xen reported: 2992.500 MHz processor.
Console: colour dummy device 80x25
Dentry cache hash table entries: 131072 (order: 7, 524288 bytes)
Inode-cache hash table entries: 65536 (order: 6, 262144 bytes)
Software IO TLB disabled
vmalloc area: e1000000-f53fe000, maxmem 2d7fe000
Memory: 510096k/532480k available (1955k kernel code, 14104k reserved, 519k
data, 148k init, 0k highmem)
Checking if this processor honours the WP bit even in supervisor mode... Ok.
Calibrating delay using timer specific routine.. 5990.76 BogoMIPS
(lpj=29953849)
Security Framework v1.0.0 initialized
Mount-cache hash table entries: 512
CPU: Trace cache: 12K uops, L1 D cache: 16K
CPU: L2 cache: 2048K
Checking 'hlt' instruction... OK.
SMP alternatives: switching to UP code
Brought up 1 CPUs
migration_cost=0
checking if image is initramfs... it is
Freeing initrd memory: 4596k freed
NET: Registered protocol family 16
SMP alternatives: switching to SMP code
Initializing CPU#1
CPU: Trace cache: 12K uops, L1 D cache: 16K
CPU: L2 cache: 2048K
migration_cost=1580
Brought up 2 CPUs
suspend: event channel 9
xen_mem: Initialising balloon driver.
xen_tpm_fr: Initialising the vTPM driver.
NET: Registered protocol family 2
IP route cache hash table entries: 32768 (order: 5, 131072 bytes)
TCP established hash table entries: 131072 (order: 8, 1048576 bytes)
TCP bind hash table entries: 65536 (order: 7, 524288 bytes)
TCP: Hash tables configured (established 131072 bind 65536)
TCP reno registered
Initializing Cryptographic API
IBM Integrity Measurement Architecture (IBM IMA v7.2 11/22/2006).
Kernel panic - not syncing: IMA: TPM/no support and IMA not in test mode!
I got an kernel panic but the line "xen_tpm_fr: Initialising the vTPM
driver" is just before the IMA, and i try to catch the rc value from the
tpm_pcr_read, it is 10, and then by be32_to_cpu it is 31 at last, i should
get a 0 to pass through the ima_measure_init. Why is that? IMA can't connect
to tpm as it did in the Dom0,? I think the architecture is different.
I have no idea about using the IMA in DomU. Is there a special patch in
xen3.2? Do i need to make more changes in tpm-front driver? Can the IMA work
in DomU at present?
Thanks
Oscar
|
|
From: Lavina J. <lav...@gm...> - 2008-05-11 10:31:34
|
Thanks Reiner, I will look into these options. - Lavina On Sat, May 10, 2008 at 9:34 AM, Reiner Sailer <sa...@us...> wrote: > Hi Lavina, > > IMA does simply require that there is a device interface such as a > hardware > TPM offers. This can either be implemented by a kernel driver based on a > real Hardware TPM or by a kernel driver based on a 'vritual TPM' (software > TPM). Hence, IMA runs within a virtual machines but to leverage it for > attestation, the VM must have configured either a hardware or a virtual > TPM. IMA runs the same way inside a VM as it runs inside a normal Linux > Kernel. > > Trust model: > There have been multiple approaches. Here what we have been thinking > about: > http://www.usenix.org/events/sec06/tech/full_papers/berger/berger.pdf > > Xen Implementation of vTPM (there is a xen-user mailing list if you have > deeper questions about the Xen-vTPM): > > http://www.cl.cam.ac.uk/research/srg/netos/xen/readmes/user/user.html#SECTION03240000000000000000 > > Reiner > __________________________________________________________ > Reiner Sailer, RSM and Manager Security Services (GSAL) Team > IBM T J Watson Research Ctr, 19 Skyline Drive, Hawthorne NY 10532 > Phone: 914 784 6280 (t/l 863) Fax: 914 784 6205, sa...@us... > http://www.research.ibm.com/people/s/sailer/ > > > |------------> > | From: | > |------------> > > >------------------------------------------------------------------------------------------------------------------------------------------| > |"Lavina Jain" <lav...@gm...> > | > > >------------------------------------------------------------------------------------------------------------------------------------------| > |------------> > | To: | > |------------> > > >------------------------------------------------------------------------------------------------------------------------------------------| > |Reiner Sailer/Watson/IBM@IBMUS > | > > >------------------------------------------------------------------------------------------------------------------------------------------| > |------------> > | Cc: | > |------------> > > >------------------------------------------------------------------------------------------------------------------------------------------| > |lin...@li... > | > > >------------------------------------------------------------------------------------------------------------------------------------------| > |------------> > | Date: | > |------------> > > >------------------------------------------------------------------------------------------------------------------------------------------| > |05/10/2008 03:50 AM > | > > >------------------------------------------------------------------------------------------------------------------------------------------| > |------------> > | Subject: | > |------------> > > >------------------------------------------------------------------------------------------------------------------------------------------| > |Re: [Linux-ima-user] no TPM chip found > | > > >------------------------------------------------------------------------------------------------------------------------------------------| > > > > > > Hi Reiner, > > Many thanks. Compiling TPM into the kernel worked. I was earlier loading > it > as a module. > Another question: Does IMA work in a virtual machine? Or for that matter > is > there any way to talk to TPM (using trousers or tpm-tools) from a virtual > machine. I guess this depends on the virtualization tool being used. I > have > not been able to figure out a way to access the underlying TPM chip > directly from a virtual machine. > > Another approach could be to write an application which talks to TPM in > host OS and then let an application in guest OS call this application in > host OS. Can you please give me some pointers in this direction? > > Kind Regards, > Lavina > > On Fri, May 9, 2008 at 10:09 PM, Reiner Sailer <sa...@us...> wrote: > Hi Lavina, > > did you compile the TPM into the kernel or is it loaded as a module? It > must be compiled into the kernel. > > IMA requires the TPM to be available early at boot time before modules > can > be loaded. > > Reiner > __________________________________________________________ > Reiner Sailer, RSM and Manager Security Services (GSAL) Team > IBM T J Watson Research Ctr, 19 Skyline Drive, Hawthorne NY 10532 > Phone: 914 784 6280 (t/l 863) Fax: 914 784 6205, sa...@us... > http://www.research.ibm.com/people/s/sailer/ > > > > From: "Lavina Jain" <lav...@gm...> > > To: lin...@li... > > Date: 05/09/2008 06:49 AM > > Subject: [Linux-ima-user] no TPM chip found > > > > > > > Hi, > > I compiled new kernel with ima support by applying > ibm-ima-patch-2.6.22.9.patch and following the instructions in the > INSTALL > file. I am able to boot the new kernel, but it cannot find the TPM chip > on > my laptop. > The output of "dmesg | grep IMA" is as follows: > > [ 5.360000] IBM Integrity Measurement Architecture (IBM IMA v8.3 > 10/09/2007). > [ 5.360000] IMA (test mode) > [ 5.360000] IMA (TPM/BYPASS - no TPM chip found) > > I am using Lenovo X61 laptop that has Atmel TPM chip. I am able to talk > to > TPM using trousers and tpm-tools. Commands like tpm_version are working. > Modules tpm_bios, tpm and tpm_tis are loaded. Any ideas why IMA cannot > find > the TPM chip? > > Kind Regards, > Lavina > > -- > "Unravelling life's mysteries and discovering life's secrets may take the > courage and determination found only in a self-motivated pursuit." > - Peter McWilliams > ------------------------------------------------------------------------- > This SF.net email is sponsored by the 2008 JavaOne(SM) Conference > Don't miss this year's exciting event. There's still time to save $100. > Use priority code J8TL2D2. > > http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone > > _______________________________________________ > Linux-ima-user mailing list > Lin...@li... > https://lists.sourceforge.net/lists/listinfo/linux-ima-user > > > > > > > -- > "Unravelling life's mysteries and discovering life's secrets may take the > courage and determination found only in a self-motivated pursuit." > - Peter McWilliams > > > -- "Unravelling life's mysteries and discovering life's secrets may take the courage and determination found only in a self-motivated pursuit." - Peter McWilliams |
|
From: Reiner S. <sa...@us...> - 2008-05-10 17:18:52
|
Hi Lavina, IMA does simply require that there is a device interface such as a hardware TPM offers. This can either be implemented by a kernel driver based on a real Hardware TPM or by a kernel driver based on a 'vritual TPM' (software TPM). Hence, IMA runs within a virtual machines but to leverage it for attestation, the VM must have configured either a hardware or a virtual TPM. IMA runs the same way inside a VM as it runs inside a normal Linux Kernel. Trust model: There have been multiple approaches. Here what we have been thinking about: http://www.usenix.org/events/sec06/tech/full_papers/berger/berger.pdf Xen Implementation of vTPM (there is a xen-user mailing list if you have deeper questions about the Xen-vTPM): http://www.cl.cam.ac.uk/research/srg/netos/xen/readmes/user/user.html#SECTION03240000000000000000 Reiner __________________________________________________________ Reiner Sailer, RSM and Manager Security Services (GSAL) Team IBM T J Watson Research Ctr, 19 Skyline Drive, Hawthorne NY 10532 Phone: 914 784 6280 (t/l 863) Fax: 914 784 6205, sa...@us... http://www.research.ibm.com/people/s/sailer/ |------------> | From: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |"Lavina Jain" <lav...@gm...> | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | To: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |Reiner Sailer/Watson/IBM@IBMUS | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Cc: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |lin...@li... | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Date: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |05/10/2008 03:50 AM | >------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Subject: | |------------> >------------------------------------------------------------------------------------------------------------------------------------------| |Re: [Linux-ima-user] no TPM chip found | >------------------------------------------------------------------------------------------------------------------------------------------| Hi Reiner, Many thanks. Compiling TPM into the kernel worked. I was earlier loading it as a module. Another question: Does IMA work in a virtual machine? Or for that matter is there any way to talk to TPM (using trousers or tpm-tools) from a virtual machine. I guess this depends on the virtualization tool being used. I have not been able to figure out a way to access the underlying TPM chip directly from a virtual machine. Another approach could be to write an application which talks to TPM in host OS and then let an application in guest OS call this application in host OS. Can you please give me some pointers in this direction? Kind Regards, Lavina On Fri, May 9, 2008 at 10:09 PM, Reiner Sailer <sa...@us...> wrote: Hi Lavina, did you compile the TPM into the kernel or is it loaded as a module? It must be compiled into the kernel. IMA requires the TPM to be available early at boot time before modules can be loaded. Reiner __________________________________________________________ Reiner Sailer, RSM and Manager Security Services (GSAL) Team IBM T J Watson Research Ctr, 19 Skyline Drive, Hawthorne NY 10532 Phone: 914 784 6280 (t/l 863) Fax: 914 784 6205, sa...@us... http://www.research.ibm.com/people/s/sailer/ From: "Lavina Jain" <lav...@gm...> To: lin...@li... Date: 05/09/2008 06:49 AM Subject: [Linux-ima-user] no TPM chip found Hi, I compiled new kernel with ima support by applying ibm-ima-patch-2.6.22.9.patch and following the instructions in the INSTALL file. I am able to boot the new kernel, but it cannot find the TPM chip on my laptop. The output of "dmesg | grep IMA" is as follows: [ 5.360000] IBM Integrity Measurement Architecture (IBM IMA v8.3 10/09/2007). [ 5.360000] IMA (test mode) [ 5.360000] IMA (TPM/BYPASS - no TPM chip found) I am using Lenovo X61 laptop that has Atmel TPM chip. I am able to talk to TPM using trousers and tpm-tools. Commands like tpm_version are working. Modules tpm_bios, tpm and tpm_tis are loaded. Any ideas why IMA cannot find the TPM chip? Kind Regards, Lavina -- "Unravelling life's mysteries and discovering life's secrets may take the courage and determination found only in a self-motivated pursuit." - Peter McWilliams ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Linux-ima-user mailing list Lin...@li... https://lists.sourceforge.net/lists/listinfo/linux-ima-user -- "Unravelling life's mysteries and discovering life's secrets may take the courage and determination found only in a self-motivated pursuit." - Peter McWilliams |
|
From: Lavina J. <lav...@gm...> - 2008-05-10 07:48:25
|
Hi Reiner, Many thanks. Compiling TPM into the kernel worked. I was earlier loading it as a module. Another question: Does IMA work in a virtual machine? Or for that matter is there any way to talk to TPM (using trousers or tpm-tools) from a virtual machine. I guess this depends on the virtualization tool being used. I have not been able to figure out a way to access the underlying TPM chip directly from a virtual machine. Another approach could be to write an application which talks to TPM in host OS and then let an application in guest OS call this application in host OS. Can you please give me some pointers in this direction? Kind Regards, Lavina On Fri, May 9, 2008 at 10:09 PM, Reiner Sailer <sa...@us...> wrote: > Hi Lavina, > > did you compile the TPM into the kernel or is it loaded as a module? It > must be compiled into the kernel. > > IMA requires the TPM to be available early at boot time before modules can > be loaded. > > Reiner > __________________________________________________________ > Reiner Sailer, RSM and Manager Security Services (GSAL) Team > IBM T J Watson Research Ctr, 19 Skyline Drive, Hawthorne NY 10532 > Phone: 914 784 6280 (t/l 863) Fax: 914 784 6205, sa...@us... > http://www.research.ibm.com/people/s/sailer/ > > > > From: "Lavina Jain" <lav...@gm...> > > To: lin...@li... > > Date: 05/09/2008 06:49 AM > > Subject: [Linux-ima-user] no TPM chip found > > > > > > > Hi, > > I compiled new kernel with ima support by applying > ibm-ima-patch-2.6.22.9.patch and following the instructions in the INSTALL > file. I am able to boot the new kernel, but it cannot find the TPM chip on > my laptop. > The output of "dmesg | grep IMA" is as follows: > > [ 5.360000] IBM Integrity Measurement Architecture (IBM IMA v8.3 > 10/09/2007). > [ 5.360000] IMA (test mode) > [ 5.360000] IMA (TPM/BYPASS - no TPM chip found) > > I am using Lenovo X61 laptop that has Atmel TPM chip. I am able to talk to > TPM using trousers and tpm-tools. Commands like tpm_version are working. > Modules tpm_bios, tpm and tpm_tis are loaded. Any ideas why IMA cannot find > the TPM chip? > > Kind Regards, > Lavina > > -- > "Unravelling life's mysteries and discovering life's secrets may take the > courage and determination found only in a self-motivated pursuit." > - Peter McWilliams > ------------------------------------------------------------------------- > This SF.net email is sponsored by the 2008 JavaOne(SM) Conference > Don't miss this year's exciting event. There's still time to save $100. > Use priority code J8TL2D2. > > http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone > _______________________________________________ > Linux-ima-user mailing list > Lin...@li... > https://lists.sourceforge.net/lists/listinfo/linux-ima-user > > > > -- "Unravelling life's mysteries and discovering life's secrets may take the courage and determination found only in a self-motivated pursuit." - Peter McWilliams |
|
From: Reiner S. <sa...@us...> - 2008-05-10 05:14:06
|
Hi Lavina, did you compile the TPM into the kernel or is it loaded as a module? It must be compiled into the kernel. IMA requires the TPM to be available early at boot time before modules can be loaded. Reiner __________________________________________________________ Reiner Sailer, RSM and Manager Security Services (GSAL) Team IBM T J Watson Research Ctr, 19 Skyline Drive, Hawthorne NY 10532 Phone: 914 784 6280 (t/l 863) Fax: 914 784 6205, sa...@us... http://www.research.ibm.com/people/s/sailer/ From: "Lavina Jain" <lav...@gm...> To: lin...@li... Date: 05/09/2008 06:49 AM Subject: [Linux-ima-user] no TPM chip found Hi, I compiled new kernel with ima support by applying ibm-ima-patch-2.6.22.9.patch and following the instructions in the INSTALL file. I am able to boot the new kernel, but it cannot find the TPM chip on my laptop. The output of "dmesg | grep IMA" is as follows: [ 5.360000] IBM Integrity Measurement Architecture (IBM IMA v8.3 10/09/2007). [ 5.360000] IMA (test mode) [ 5.360000] IMA (TPM/BYPASS - no TPM chip found) I am using Lenovo X61 laptop that has Atmel TPM chip. I am able to talk to TPM using trousers and tpm-tools. Commands like tpm_version are working. Modules tpm_bios, tpm and tpm_tis are loaded. Any ideas why IMA cannot find the TPM chip? Kind Regards, Lavina -- "Unravelling life's mysteries and discovering life's secrets may take the courage and determination found only in a self-motivated pursuit." - Peter McWilliams ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Linux-ima-user mailing list Lin...@li... https://lists.sourceforge.net/lists/listinfo/linux-ima-user |
|
From: Lavina J. <lav...@gm...> - 2008-05-09 10:48:17
|
Hi, I compiled new kernel with ima support by applying ibm-ima-patch-2.6.22.9.patch and following the instructions in the INSTALL file. I am able to boot the new kernel, but it cannot find the TPM chip on my laptop. The output of "dmesg | grep IMA" is as follows: [ 5.360000] IBM Integrity Measurement Architecture (IBM IMA v8.3 10/09/2007). [ 5.360000] IMA (test mode) [ 5.360000] IMA (TPM/BYPASS - no TPM chip found) I am using Lenovo X61 laptop that has Atmel TPM chip. I am able to talk to TPM using trousers and tpm-tools. Commands like tpm_version are working. Modules tpm_bios, tpm and tpm_tis are loaded. Any ideas why IMA cannot find the TPM chip? Kind Regards, Lavina -- "Unravelling life's mysteries and discovering life's secrets may take the courage and determination found only in a self-motivated pursuit." - Peter McWilliams |
|
From: Seiji M. <sei...@gm...> - 2008-04-08 04:36:44
|
Hi, 2008/4/8, xiaolin CHANG <xia...@gm...>: > The system halts after the following message is shown > tpm_tis tpm_tis : tpm_transmit : tpm_send : error 4294967234 . > > Why the system can not start? due to IMA TPM loading order ?? Probably, tpm_tis driver has problem. try with the following kernel option tpm_tis.force=1 tpm_tis.interrupts=0, -- Seiji |
|
From: xiaolin C. <xia...@gm...> - 2008-04-08 04:33:08
|
hi, Could anyone help me? I use kernel-2.6.22.9. Then I patch ibm-ima-patch-2.6.22.9.patch to the kernel. New kernel compilation is ok. What I have done: 1) make menuconfig a) crypto->SHA1 is (y) b) security->Default Linux Capabilities (n) c) choose (y) for "TCG run-time Integrity Measurement Architecture" d) choose (y) for "IMA test mode" e) choose (*) for TPM hardware Support except atmel TPM interface 2)make 3) I reboot with IMA=1 and Selinux=0 The system halts after the following message is shown tpm_tis tpm_tis : tpm_transmit : tpm_send : error 4294967234 . Why the system can not start? due to IMA TPM loading order ?? Thanks. --bjtu |
32 messages has been excluded from this view by a project administrator.
