No edit summary |
|||
(25 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
== | == Introduction == | ||
Trusted Boot is a technique... | Trusted Boot is a technique... | ||
== Prerequisites == | == Prerequisites == | ||
yum install openssl | yum install tboot openssl trousers kernel-modules-extra | ||
== Installation == | == Installation == | ||
The following will provide a trusted boot setup with checksums on the initramd and kernel. | The following will provide a trusted boot setup with checksums on the initramd and kernel. | ||
=== Take ownership of the TPM === | |||
tpm_takeownership -z | |||
=== Ensure Proper SINIT ACM === | |||
See http://software.intel.com/en-us/articles/intel-trusted-execution-technology | |||
Some hardware platforms include the SINIT ACM in BIOS. Most do not. You may download all of the ACM modules into /boot and list them all as modules in your grub.conf. tboot will pick the right module for your platform. | |||
=== Create VLP === | |||
In order to create a VLP we need the path to the initial ram disk and kernel, as well as the kernel line in grub.conf. | |||
Create a new verified launch policy. | |||
tb_polgen --create --type nonfatal vl.pol | |||
Add the kernel hash / grub command to our VLP | |||
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "$grub_cmdline" --image $kernel_file vl.pol | |||
Add the initramd to VLP | |||
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image $initramd_file vl.pol | |||
Hash tboot.gz | |||
lcp_mlehash -c "logging=vga,serial,memory" /boot/tboot.gz > mle_hash | |||
lcp_crtpolelt --create --type mle --ctrl 0x00 --minver 17 --out mle.elt mle_hash | |||
Find your system's pcr values. They may alternatively be in /sys/bus/pnp/devices/00:0a/pcrs | |||
cat /sys/devices/platform/tpm_tis/pcrs | grep -e PCR-00 -e PCR-01 > pcrs | |||
Create the Launch Policy | |||
lcp_crtpolelt --create --type pconf --out pconf.elt pcrs | |||
Note: the following command uses a default uuid. You may want to replace tboot with your systems uuid. | |||
lcp_crtpolelt --create --type custom --out custom.elt --uuid tboot vl.pol | |||
lcp_crtpollist --create --out list_unsig.lst mle.elt pconf.elt | |||
openssl genrsa -out privkey.pem 2048 | |||
openssl rsa -pubout -in privkey.pem -out pubkey.pem | |||
cp list_unsig.lst list_sig.lst | |||
lcp_crtpollist --sign --pub pubkey.pem --priv privkey.pem --out list_sig.lst | |||
lcp_crtpol2 --create --type list --pol list.pol --data list.data list_{unsig,sig}.lst | |||
tcsd | |||
=== Load LCP into TPM NVRAM === | |||
lcp_writepol -z -i owner -f list.pol | |||
lcp_writepol -z -i 0x20000001 -f vl.pol | |||
=== Create new grub.conf entry === | |||
<pre> | |||
title tboot | |||
root (hd0,0) | |||
kernel /tboot.gz loglvl=all logging=serial,vga,memory vga_delay=1 | |||
module /vmlinuz-3.3.4-5.tis.fc17.x86_64 root=/dev/sda3 intel_iommu=on ro | |||
module /initramfs-3.3.4-5.tis.fc17.x86_64.img | |||
module /2nd_gen_i5_i7_SINIT_51.BIN | |||
module /list.data | |||
</pre> | |||
== LCP == | |||
Add more in depth information about launch control policy here. | |||
== TPM PCRs == | |||
{| | |||
! PCR !! Values | |||
|- | |||
| 0 || CRTM, BIOS, and Host Platform Extensions | |||
|- | |||
| 1 || Host Platform Configuration (BIOS Data) | |||
|- | |||
| 2 || Option ROM Code | |||
|- | |||
| 3 || Option ROM Configuration and Data | |||
|- | |||
| 4 || IPL Code (usually the MBR) | |||
|- | |||
| 5 || IPL Code Configuration and Data (Partition Table?) | |||
|- | |||
| 6 || State Transition and Wake Events | |||
|- | |||
| 7 || Host Platform Manufactuer Control | |||
|- | |||
| 10 || IMA Measurement List | |||
|- | |||
| 17 || TXT Stuff ?!?! | |||
|- | |||
| 18 || SHA-1 Hash of MLE (Kernel and initrd? Defined by LCP?) | |||
|} | |||
== Notes == | |||
We may need to modprobe tpm --force=1 | |||
Latest revision as of 15:32, 22 June 2012
Introduction
Trusted Boot is a technique...
Prerequisites
yum install tboot openssl trousers kernel-modules-extra
Installation
The following will provide a trusted boot setup with checksums on the initramd and kernel.
Take ownership of the TPM
tpm_takeownership -z
Ensure Proper SINIT ACM
See http://software.intel.com/en-us/articles/intel-trusted-execution-technology
Some hardware platforms include the SINIT ACM in BIOS. Most do not. You may download all of the ACM modules into /boot and list them all as modules in your grub.conf. tboot will pick the right module for your platform.
Create VLP
In order to create a VLP we need the path to the initial ram disk and kernel, as well as the kernel line in grub.conf.
Create a new verified launch policy.
tb_polgen --create --type nonfatal vl.pol
Add the kernel hash / grub command to our VLP
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "$grub_cmdline" --image $kernel_file vl.pol
Add the initramd to VLP
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image $initramd_file vl.pol
Hash tboot.gz
lcp_mlehash -c "logging=vga,serial,memory" /boot/tboot.gz > mle_hash
lcp_crtpolelt --create --type mle --ctrl 0x00 --minver 17 --out mle.elt mle_hash
Find your system's pcr values. They may alternatively be in /sys/bus/pnp/devices/00:0a/pcrs
cat /sys/devices/platform/tpm_tis/pcrs | grep -e PCR-00 -e PCR-01 > pcrs
Create the Launch Policy
lcp_crtpolelt --create --type pconf --out pconf.elt pcrs
Note: the following command uses a default uuid. You may want to replace tboot with your systems uuid.
lcp_crtpolelt --create --type custom --out custom.elt --uuid tboot vl.pol
lcp_crtpollist --create --out list_unsig.lst mle.elt pconf.elt
openssl genrsa -out privkey.pem 2048
openssl rsa -pubout -in privkey.pem -out pubkey.pem
cp list_unsig.lst list_sig.lst
lcp_crtpollist --sign --pub pubkey.pem --priv privkey.pem --out list_sig.lst
lcp_crtpol2 --create --type list --pol list.pol --data list.data list_{unsig,sig}.lst
tcsd
Load LCP into TPM NVRAM
lcp_writepol -z -i owner -f list.pol
lcp_writepol -z -i 0x20000001 -f vl.pol
Create new grub.conf entry
title tboot root (hd0,0) kernel /tboot.gz loglvl=all logging=serial,vga,memory vga_delay=1 module /vmlinuz-3.3.4-5.tis.fc17.x86_64 root=/dev/sda3 intel_iommu=on ro module /initramfs-3.3.4-5.tis.fc17.x86_64.img module /2nd_gen_i5_i7_SINIT_51.BIN module /list.data
LCP
Add more in depth information about launch control policy here.
TPM PCRs
PCR | Values |
---|---|
0 | CRTM, BIOS, and Host Platform Extensions |
1 | Host Platform Configuration (BIOS Data) |
2 | Option ROM Code |
3 | Option ROM Configuration and Data |
4 | IPL Code (usually the MBR) |
5 | IPL Code Configuration and Data (Partition Table?) |
6 | State Transition and Wake Events |
7 | Host Platform Manufactuer Control |
10 | IMA Measurement List |
17 | TXT Stuff ?!?! |
18 | SHA-1 Hash of MLE (Kernel and initrd? Defined by LCP?) |
Notes
We may need to modprobe tpm --force=1