Measured Launch, SRTM and DRTM
Introduction
The measured launch implementation requires an x86 device with a Trusted Platform Module (TPM), Intel CPU and firmware that supports Intel Trusted Execution Technology (TXT).
The following items are measured:
- Device firmware
- BIOS configuration
- grub2 bootloader and boot config file
- CPU microcode loaded at runtime
- TXT Authenticated Code Modules
- tboot, trusted boot measurement and launch pre-VMM software module
- Xen hypervisor and the Xen boot command line
- XSM/flask policy
- Linux kernel and the kernel boot command line
- Linux initial ramdisk, initrd
- dom0 filesystem (read-only)
- network driver VM filesystem (read-only)
Capabilities
Version 6.x (2016)
- TPM 1.2
Version 7.x (2017)
- TPM 2.0
- Forward Seal Test Procedures (pre-compute PCRs for unattended upgrade)
- Improved key management (2015 design discussion)
Version 8.x (2018)
Future Work
Virtual TPMs
Attestation
UEFI multi-boot modules
Key recovery
Related Documentation
Measured Launch Source Code
OpenXT
https://github.com/OpenXT/xenclient-oe/tree/master/recipes-openxt/openxt
https://github.com/OpenXT/xenclient-oe/tree/master/recipes-openxt/tboot
https://github.com/OpenXT/xenclient-oe/tree/master/recipes-openxt/tss
https://github.com/OpenXT/xenclient-oe/tree/master/recipes-openxt/tpm-tools
https://github.com/OpenXT/xenclient-oe/tree/master/recipes-openxt/xenclient/xenclient-tpm-scripts
https://github.com/OpenXT/xenclient-oe/tree/master/recipes-openxt/xenclient/xenclient-tpm-setup
https://github.com/OpenXT/xenclient-oe/tree/master/recipes-openxt/xenclient/xenclient-root-ro
OpenEmbedded
Intel
- http://hg.code.sf.net/p/tboot/code
- https://github.com/01org/tpm2.0-tss.git
- https://github.com/01org/tpm2.0-tools.git
TPM Emulation
Related Work
Secure Boot
- https://git.yoctoproject.org/cgit/cgit.cgi/meta-security
- https://github.com/WindRiver-OpenSourceLabs/meta-secure-env
- https://github.com/jiazhang0/meta-secure-core
Ecosystem
- Qubes: Anti Evil Maid (2011)
- OpenXT: In Device We Trust: Measure Twice, Compute Once with Xen, Linux, TPM 2.0 and TXT (2017)
- Open Source Foundries: Secure OTA Collaboration (2017)
- Google: Replace UEFI with Linux (2017) • Video
- HP SureStart BIOS protection: Coprocessor detection of attacks against SMM (2017)
- Microsoft: Hardening with Hardware (2018) • Video
Xen
OpenXT ML JIRA Issues