Measured Launch, SRTM and DRTM

Introduction

The measured launch implementation requires an x86 device with a Trusted Platform Module (TPM), Intel CPU and firmware that supports Intel Trusted Execution Technology (TXT).

The following items are measured:

Device firmware
BIOS configuration
grub2 bootloader and boot config file
CPU microcode loaded at runtime
TXT Authenticated Code Modules
tboot, trusted boot measurement and launch pre-VMM software module
Xen hypervisor and the Xen boot command line
XSM/flask policy
Linux kernel and the kernel boot command line
Linux initial ramdisk, initrd
dom0 filesystem (read-only)
network driver VM filesystem (read-only)

Capabilities

Version 6.x (2016)

TPM 1.2

Version 7.x (2017)

TPM 2.0
Forward Seal Test Procedures (pre-compute PCRs for unattended upgrade)
Improved key management (2015 design discussion)

Version 8.x (2018)

UEFI/SecureBoot support: RFCv1 • RFCv2

Future Work

Virtual TPMs
Attestation
UEFI multi-boot modules
Key recovery

Measured Launch Source Code

OpenXT

OpenEmbedded

https://github.com/flihp/meta-measured

Intel

TPM Emulation

Related Work

Secure Boot

Ecosystem

Qubes: Anti Evil Maid (2011)
OpenXT: In Device We Trust: Measure Twice, Compute Once with Xen, Linux, TPM 2.0 and TXT (2017)
Open Source Foundries: Secure OTA Collaboration (2017)
Google: Replace UEFI with Linux (2017) • Video
HP SureStart BIOS protection: Coprocessor detection of attacks against SMM (2017)
Microsoft: Hardening with Hardware (2018) • Video

Xen

https://wiki.xenproject.org/wiki/Category:OpenEmbedded

OpenXT ML JIRA Issues

key	summary	type	created	priority	resolution

Loading...

Refresh

Copyright 2017 by BAE Systems, Inc. Created by Rich Persaud. This work is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/.

Development and Coding