This is a patch to support Trusted Boot
using a security chip on PC
platform.
Recently, a number of PC platforms support
security chip
(TPM, Trusted Platform Module). For
more detail about this security
technology, the specifications and documentation
are available from
TCG (Trusted Computing Group) site:
https://www.trustedcomputinggroup.org/downloads/specifications/pcclient/pcclient
TPM chip supports unique security capabilities,
RTM (Root of Trust
for Measurement) and RTR (Root of Trust
for Reporting).
It protect an integrity of the platform
and we will be able to detect
unexpected modification against the
software components.
Transitive Trust is a new concept and
achieved by special boot
sequence from initial boot code through
the run-time environment.
The BIOS has been support this capability.
Starting from the initial
boot code, The MBR (stage1) has been
measured by BIOS.
IBM colleagues submitted the IBM Integrity
Measurement
Architecture (IMA) to LKML (e.g. http://lkml.org/lkml/2005/5/20/59),
This is a kernel extension to support
the integrity measurement of the
user space executable. However the security
requirement is this Linux
kernel must be measured by its bootloader,
otherwise integrity
information does not bind with hardware-based
root of trust and not
fully protected by TPM. Thus we made
this patch.
To build the Transitive Trust, each
stage are first measured before
execution control is transferred basically,
The measurement
operation flow for grub legacy is as
follows.
0) BIOS measures stage1
1) stag 1 measures 1st. sector of stage1.5
and jump to stage 1.5
2) 1st. sector of stage1.5 measures
rest of stage 1.5
3) stage1.5 measures stage2
4) stage2 measures grub.conf
5) stage2 measures kernel and module
images.
6) stage2 boots measured operating system
To get the space in stage1(MBR), we
eliminate the CHS support.:-(
This work was done for grub legacy.
I'm trying to learn the Grub 2.
I think Grub 2 will be able to support
TCG in a similar way.
I will propose the TCG patch for grub
2 later.