Hi Srujan,
I'll start by saying that I don't know the exact answer to your question
regarding TPM localities and how they're used. However, there are a couple
of other things worth mentioning that you might find useful.
First off, I'll point you to tboot's README.gz, which details the two
built-in PCR extension policies used by tboot. I'll summarise the default
("legacy") policy here:
PCR 17: SINIT (by hardware), tboot policy (by tboot)
PCR 18: tboot MLE (by SINIT), rest of tboot (by tboot MLE), xen (by tboot)
PCR 19: linux (by tboot), linux command line (by tboot), linux initrd (by
tboot)
You can, of course, specify your own policy.
Second, "ring -1" is a misnomer; the term was invented by Joanna Rutkowska
(a *very* skilled platform hacker) to describe a particular class of attack
against PC platforms. It's useful in that context, but has no technical
meaning. I believe it actually refers to System Management Mode, a CPU mode
which is accessible to BIOS writers, and which effectively runs with ring 0
privileges. It might also refer to embedded management controllers, such as
DRAC/IPMI or Intel AMT, which are separate pieces of hardware, and thus
don't affect the CPU's execution state.
Third, and finally, the TCG PC Client TPM Interface Specification specifies
the following uses for TPM localities:
Locality 4: Trusted Hardware. This is the Dynamic RTM.
Locality 3: Auxiliary components. Use of this is optional and, if used, it
is implementation dependent.
Locality 2: This is the “runtime” environment for the Trusted Operating
System.
Locality 1: An environment for use by the Trusted Operating System (T/OS).
Locality 0: The legacy environment for the Static RTM and its chain of
trust.
While that isn't particularly clear (and may not reflect what real systems
code actually does), to my ears it suggests: 0 is used by BIOS, 1 by tboot,
2 by Xen, and 3+ by Linux-Dom0. Again, though, that's a *guess*, and should
be fact-checked by reading the code.
Hope that helps!
Justin
On 28 July 2014 19:46, Srujan Kotikela <ksrujan...@gmail.com> wrote:
> Hi,
>
> I'm trying to understand how tboot based measured launch system fits into
> TPM localities. So far I understand that SINIT is extended to PCR 17 by the
> hardware, TBOOT is extended to PCR 18 (by SINIT), and the kernel
> (Linux/xen) is extended to 19 (by TBOOT). Correct me if I am wrong and what
> localities are these extensions performed from?
>
> Now, from ring 3 only PCR 23 is allowed (I'm running xen and Linux on top
> of it). Are the remaining PCRs extendable from the ring 0 or ring -1? If
> so, how're their localities distributed?
>
>
> ------------------------------------------------------------------------------
> Infragistics Professional
> Build stunning WinForms apps today!
> Reboot your WinForms applications with our WinForms controls.
> Build a bridge from your legacy apps to the future.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
> _______________________________________________
> tboot-devel mailing list
> tboot-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>
>
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
