Amend that, locality 4 is also used by tboot, after SENTER has run.
J
On 30 July 2014 11:29, Justin King-Lacroix <justin.king-lacr...@cs.ox.ac.uk>
wrote:
> Hi Srujan,
>
> I'll start by saying that I don't know the exact answer to your question
> regarding TPM localities and how they're used. However, there are a couple
> of other things worth mentioning that you might find useful.
>
> First off, I'll point you to tboot's README.gz, which details the two
> built-in PCR extension policies used by tboot. I'll summarise the default
> ("legacy") policy here:
> PCR 17: SINIT (by hardware), tboot policy (by tboot)
> PCR 18: tboot MLE (by SINIT), rest of tboot (by tboot MLE), xen (by tboot)
> PCR 19: linux (by tboot), linux command line (by tboot), linux initrd (by
> tboot)
>
> You can, of course, specify your own policy.
>
> Second, "ring -1" is a misnomer; the term was invented by Joanna Rutkowska
> (a *very* skilled platform hacker) to describe a particular class of attack
> against PC platforms. It's useful in that context, but has no technical
> meaning. I believe it actually refers to System Management Mode, a CPU mode
> which is accessible to BIOS writers, and which effectively runs with ring 0
> privileges. It might also refer to embedded management controllers, such as
> DRAC/IPMI or Intel AMT, which are separate pieces of hardware, and thus
> don't affect the CPU's execution state.
>
> Third, and finally, the TCG PC Client TPM Interface Specification
> specifies the following uses for TPM localities:
> Locality 4: Trusted Hardware. This is the Dynamic RTM.
> Locality 3: Auxiliary components. Use of this is optional and, if used, it
> is implementation dependent.
> Locality 2: This is the “runtime” environment for the Trusted Operating
> System.
> Locality 1: An environment for use by the Trusted Operating System (T/OS).
> Locality 0: The legacy environment for the Static RTM and its chain of
> trust.
> While that isn't particularly clear (and may not reflect what real systems
> code actually does), to my ears it suggests: 0 is used by BIOS, 1 by tboot,
> 2 by Xen, and 3+ by Linux-Dom0. Again, though, that's a *guess*, and should
> be fact-checked by reading the code.
>
> Hope that helps!
>
> Justin
>
>
>
>
>
>
> On 28 July 2014 19:46, Srujan Kotikela <ksrujan...@gmail.com> wrote:
>
>> Hi,
>>
>> I'm trying to understand how tboot based measured launch system fits into
>> TPM localities. So far I understand that SINIT is extended to PCR 17 by the
>> hardware, TBOOT is extended to PCR 18 (by SINIT), and the kernel
>> (Linux/xen) is extended to 19 (by TBOOT). Correct me if I am wrong and what
>> localities are these extensions performed from?
>>
>> Now, from ring 3 only PCR 23 is allowed (I'm running xen and Linux on top
>> of it). Are the remaining PCRs extendable from the ring 0 or ring -1? If
>> so, how're their localities distributed?
>>
>>
>> ------------------------------------------------------------------------------
>> Infragistics Professional
>> Build stunning WinForms apps today!
>> Reboot your WinForms applications with our WinForms controls.
>> Build a bridge from your legacy apps to the future.
>>
>> http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
>> _______________________________________________
>> tboot-devel mailing list
>> tboot-devel@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>
>>
>
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
