Menu
▾
▴
Re: [tboot-devel] How to validate the PCR measured by TXT?
|
From: Jun K. <jun...@gm...> - 2008-05-16 07:55:04
|
Hi Joseph, >>> In case of Static-RTM, we can validate the PCR values by using >>> the BIOS eventlog stored at ACPI table. >>> But for Dynamic-RTM we don't have such eventlog. >> >> Do you know if there is any good reason why tboot doesn't log events >> into eventlog? > > Did you mean why tboot doesn't copy the extend information into the BIOS > event log or why TXT itself doesn't put them there? > > For the former, it is a combination of lack of time, issues with the > eventlog, and motivation. Regarding the eventlog, the current TCG > specification does not provide for BIOS to indicate where the log data > ends. There is a soon-to-be-released update for the spec that will > specify that the end space be filled with ff's, but that will require > updated BIOSes. Regarding motivation, it wasn't clear how useful or > important it would be. > > The values for PCR 17 and 18 are available in the SinitMleData struct in > the TXT heap. So MLEs can access it and expose it to whatever SW needs > it. > > For TXT not doing it, the reasons are very similar. In addition, we > didn't want to tie the launch process to BIOS and its configuration. > I think again about the above comment: we dont want to tie with BIOS, thus we must not call BIOS functions to measure/extend configuration data. Therefore, it is a good idea for the next code launched by tboot (like Xen or a particular OS) should not use BIOS at all, right? If so, I suppose that all the Xen code now already removed all the calls to BIOS??? Many thanks, Jun |
