Nicolas Williams wrote:
> On Mon, Jun 16, 2008 at 02:13:37PM +0200, Joep Vesseur wrote:
>
>> Restarting the kernel as proposed by this case will either run unverified
>> code
>> (at the vary least, not every step of the boot-process is checked
>> sequentially
>> anymore) or the registers used to record the validation will no longer unlock
>> the registers containing the sensitive data needed to continue the boot
>> process.
>>
>
> Well, the TPM need not know (because its driver might not actually fully
> reset it on quiesce?) that a new kernel is replacing the old one. The
> old kernel was trusted and it can do signature verification of the new
> kernel. And the old kernel could pass to the new kernel any data the
> new kernel will need to access the TPM.
>
Yes, this passing of state seems the right approach here. I'd like to
see a response from the project team as to how this can be achieved --
at present there is no state sharing.
(One possible implementation, which may or may not work for TPM, is to
scribble whatever state needs to be shared into a device scratch
register somewhere. Of course if TPM has no such scratch registers, or
if they aren't wide enough, then some other approach will be required.)
-- Garrett
> Nico
>
