[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] measuring guest boot process

On 11 March 2014 11:08, Ian Campbell <Ian.Campbell@xxxxxxxxxx> wrote:
> On Fri, 2014-03-07 at 13:26 +0100, Aastha Mehta wrote:
>> I have a basic question regarding how to measure the guest boot
>> process. Is pv-grub an equivalent of trusted grub for guest domains?
>> Or is it possible to use trusted grub for the guest domains? If not,
>> what is the way to measure the guest boot process?
>
> TBH I'm not sure, and it probably depends what you mean by "trusted"
> here.
>
> I suppose it might involve a vTPM?
>
> Ian.
>

Just as there is a process to establish the chain of trust on a
physical machine, I would like to extend the chain of trust from the
hypervisor (which is already measured on the physical TPM) to the
guest domain and the vTPM used by the guest domain.

On the physical machine, the hardware TPM first measures the BIOS
before launching. The BIOS then measures and executes the MBR,  which
in turn repeats the same steps for the grub and so on. There is a
trusted GRUB project, which extends the standard grub for performing
this chain of trust extension
(http://projects.sirrix.com/trac/trustedgrub/wiki/Documentation).

I understand that the paravirtualized guests in Xen do not have a BIOS
and bootloader, so there is nothing to measure there. But what I would
like to do is the following -

When I create a vtpm domain and a guest domain to use that vtpm, I
would measure the kernel and the initrd image used for the guest and
extend the measurement into the PCR of the vTPM. This will have to be
done in the dom0, which is creating the vtpm and the guest. Once this
is done, the guest can continue booting.

I actually came across a paper that explains the design of vTPM and in
this case the authors implemented it in Xen
(https://www.usenix.org/legacy/event/sec06/tech/full_papers/berger/berger.pdf).
In section 4.4, they have mentioned a "SetupInstance" management
command that seems to be for the same purpose that I mentioned.
"The SetupInstance command prepares a vTPM instance for immediate
usage by the corresponding virtual machine and extends PCRs with
measurements of the operating system kernel image and other ïles
involved in the boot process. This command is used for virtual
machines that boot without the support of a TPM-enabled BIOS and boot
loader, which would otherwise initialize the TPM and extend the TPM
PCRs with appropriate measurements."

I am not sure if the vTPM design in Xen follows from this paper and if
there is an implementation of such a command available.

Apologies if I am vague, I am still trying to understand these things.

Thanks and regards,
Aastha.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.