From: Cihula, J. <jos...@in...> - 2009-01-07 07:25:49
|
> From: Hal Finney [mailto:hal...@gm...] > Sent: Tuesday, January 06, 2009 7:26 PM > > There is one aspect of tboot security which I always wondered about. > Maybe someone could reassure me that it is OK. > > Shouldn't the MLE check to see that the page tables are/were set up > correctly? It seems that TXT envisions that the MLE will turn on > paging, but I don't think tboot does so, it stays in physical memory > mode. However, TXT measures the MLE via the page tables. My concern is > whether a malicious tboot could move pages 2-n of the MLE up one page, > insert malicious code in the 2nd physical page, and set up the page > tables to skip the page with the malicious code. Then TXT, following > the page tables, would measure the same hash value as unmodified > tboot, but when the code executed and crossed over from the 1st page > into the 2nd page, it would start executing malicious code. > > To prevent this, the MLE should check, within page 1, that the page > table used for measurement matches what it was supposed to be. I'm not > certain, but I don't think there is such a check in tboot. Is this an > issue? This has been on my todo list for a while now but I haven't gotten to it yet (it *is* covered in the MLE Developers Manual, however). Now that I just finished a few patches (and one more to come that requires Xen support), I should be able to knock this out pretty soon. Joe |