Menu
▾
▴
Re: [Trustedgrub-users] FW: TrustedGRUB and Kernel update (Firmware Update) and PCR-14
|
From: Marcel S. <tru...@se...> - 2013-09-12 12:31:38
|
Hi Bill, sorry for the late response, I didn't see your mail earlier, since you haven't subscribed to the mailing list. Also, I pasted all your emails into this one... > Am I right that PCR-14 is calculated based on what menu.lst > specifies is the kernel and initramfs? I was previously under the > impression that PCR-14 could not be changed without tpm_create again. All the PCRs are freshly calculated each time your system boots. > A firmware update seems to be accomplished by having root privilege > to edit menu.lst and change the kernel information. What firmware update are you referring to? TrustedGRUB doesn't have a firmware. > To be more clear, we want the ability to incrementally change the > kernel without reloading the whole kernel. How would this work with > TrustedGRUB? How would you incrementally change the kernel? If you change the kernel, you have to reload it. If you therefore reboot your system, the new kernel will be measured by TrustedGRUB and extended into the according PCRs. > Someone please tell me if I was under the false impression that > during stages of the boot, the bootloader would verify the PCR > contents match certain values, like PCR 14 matches the kernel and > modules. No, the bootloader doesn't verify anything (except if you use the checkfile-functionality). What TrustedGRUB does is to load files, measure them and extend the hashes into your TPM. > What I have seen: > PCRs 12, 13, and 14 do not always stay the same between boots of the > system, based on alternative boots and checkfiles specified in > menu.lst. Moreover, the verification of the PCRs seems to be done > outside of TrustedGRUB. Correct, if you boot different files, the PCRs will be different. The verification has to be done externally (e.g. by remote attestation). If you want to locally enforce a certain configuration, you need to seal data (eg. a harddisk encryption key) to a certain PCR-configuration. > A program can always get the PCRs by reading /sys/class/misc/tpm0/device/pcrs yes. > When he says these registers CAN BE USED TO VERIFY, he seems to be > saying the verification is done outside TrustedGRUB. yes. As said before, TrustedGRUB only loads and hashes files upon boot time. No reference values (except in the checkfile) are used and no enforcement is done within TrustedGRUB. This all has to be done externally. Please notice the difference between Trusted Boot and Secure Boot. In case you'd like more information on TrustedGRUB and TPMs in general, I'd recommend the following document: https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/TSS_Apps/TSS-Apps_en.pdf?__blob=publicationFile http://projects.sirrix.com/trac/trustedgrub/wiki/Documentation Best regards Marcel |
