As I understand from his letters and from a quick look at tgrub all he
needs is to ensure the chain of verification. It seems that tgrub never
reads tpm key. Even if we one finds tpm acceptable way to check OS
integrity I don't see why we would rely on it if more universal approach
is possible
I outlined how it can be checked that if core.img is untampered then OS
isn't tampered with. I also think I might have a way to extend this
chain back to mbr by using following ideas:
1) padding in sha1 isn't necessarry in this case since we always load
fixed amount of sectors.
2) BPB blocks can be reclaimed. If grub boot is in partition then mbr
may haven't checked it
3) only one read is necessary in first sector. All real reading function
can be moved to loaded sector. So only sha1 implementation is really
needed to be done in mbr.
4) I find it very important that the verification can be overriden by
manually giving password. This probably won't be possible so I propose
to make 2 mbrs: one with all features current mbr has (the default one)
and another basic one (e.g. no chs) but with sha1 in it. Default to use
is the first one but a user may explicitely override it
1. The disk must be encrypted.
2. The system must be able to boot without human interaction. That is,
a user cannot be prompted for a passphrase or key.
The both goals together are theoretically unachievable technics like
replacing ram (or gpu memory) with non-volatile storage is always
available or the method of additional energy. All tpm does is to store
it in obfuscated way and providing access to it in clear way if some
conditions are met.
Ideally this condition is B="my system is untampered"
BIOS has the duty to verify the condition A="mbr is untampered"
So actually what he needs is that grub ensures (A=>B)
Intermediary condition is "core.img" is untampered. I already outlined
how to ensure C=>B without any sacrifices. Ensuring A=>C may require
some sacrifices that's why I propose to have two versions of mbr sector.
I find that the feature A=>B / C=>B is useful also in many ways not
limited to tpm scenarios. Look at the following case:
One has installed grub locally on small disk or in flash memory (e.g.
coreboot) in otherwise lightweight terminal. Now he wants to boot the OS
from remote server over unsecure network.
In the same time he can always choose to boot unsigned OS by providing
his password
Regards
Vladimir 'phcoder' Serbinenko
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
http://lists.gnu.org/mailman/listinfo/grub-devel