No, this isn't possible. Or rather, it's not feasible with currently-existing software. The *only* way to have any kind of remote assurance of specific software running is through remote attestation, meaning that you have trusted hardware (e.g. a TPM) that can sign a statement that the machine m is running a certain trusted BIOS/EFI/whatever, that signs a statement that the computer is running a certain trusted bootloader, and so on, creating a chain of trusted signatures all the way through the OS and hypervisor certifying that a specific VM is running and can't be interfered with. As far as I know that full software stack doesn't exist at this point, and it arguably shouldn't exist/be used in most cases (see Google results for «remote attestation»). Short of that, there's no way to guarantee that certain code is running unmodified. As soon as the user/owner/hacker/rogue datacenter employee is able to modify anything below the VM in the stack without being detected, they can falsify whatever they want (for example, the hypervisor could be programmed such that certain instructions are stored correctly in memory correctly, but when executing the code it's silently swapped out). It may be possible to make this hard, and even hard enough to be considered acceptable for Atlas (though said protection may not even be considered necessary -- what's our threat model here?), but it can't be made impossible for a determined-enough attacker.
On Tuesday, January 12, 2016, Tanner Ryan <[email protected]> wrote: > I think that is completely possible. > > The only issue is that it will take up far more resources validating the > integrity of the code (which could be used for measurements). > > On Tuesday, 12 January 2016, Wilfried Woeber <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>> wrote: > >> >> While thinking about options or mechanisms to make virtual probes >> "tamper-proof" >> I had this question coming up: >> >> Is the probe software capable to "verify" (check-sum or digital sig) the >> bootstrap >> kit and then, during run-time, verify that the code in memory is still >> genuine? >> >> Thanks, >> Wilfried >> >> >>
