Thinkpad T60p + Ubuntu 10.04 LTS + OpenPTS setup memo
- Environment
PC: IBM Thinkpad T60p
OS: Ubuntu 10.04 LTS (Lucid)
Transitive Trust path: BIOS (SRTM) only
- Build and Install OpenPTS
Install required packages to build OpenPTS.
sudo apt-get install automake autoconf libtool cvs fakeroot debhelper gettext trousers libtspi-dev tpm-tools libxml2 libxml2-dev libuuid1 uuid-dev
Get the latest source code from Git repo.
then build and install.
$ git clone git://git.sourceforge.jp/gitroot/openpts/openpts.git $ cd openpts $ sh ./bootstrap.sh $ make dpkg-buildpackage $ sudo dpkg -i ../openpts_0.2.6_i386.deb
note) fix the debian/control
--- a/dist/debian/control +++ b/dist/debian/control @@ -13,5 +13,4 @@ Architecture: any # Canonical repo # Self build Depends: ${shlibs:Depends}, ${misc:Depends}, trousers, tpm-tools, libxml2, uuid -Description: An open source TCG Platform Trust Services. -The package include openpts collector and verifier +Description: An open source TCG Platform Trust Services. The package include openpts collector and verifier.
- Modify conf of TSS(TrouSerS)
Modify /etc/tcsd.conf to access the eventlog.
firmware_log_file = /sys/kernel/security/tpm0/binary_bios_measurements firmware_pcrs = 0,1,2,3,4,5,6,7,8
restart the tcsd (TSS daemon)
sudo /etc/init.d/trousers restart
Let's try to access your eventlog.
$ iml2test Idx PCR Type Digest EventData ----------------------------------------------------------------------- 0 0 0x00000008 1dfce7dde0cf13cfff102b1eb01875f752d5090c [BIOS:EV_S_CRTM_VERSION] 1 0 0x00000001 1c41801dd329198e50a3d98040230095693e49b3 [BIOS:EV_POST_CODE(EV_CODE_NOCERT)] 2 0 0x00000001 16fb111792cb98a3de12f3abd0406fc04c7e5fca [BIOS:EV_POST_CODE(EV_CODE_NOCERT)] <snip>
You have to see the eventlog like this.
- Initialize OpenPTS Collector
Please create "ptsc" group.
You must be a member of "ptsc".
groupadd -r ptsc usermod -a -G ptsc yourname
Edit /etc/ptsc.conf.
"tpm.quote.type" must be "quote" since Ubuntu still uses OpenSSL v0.9.8.
Keep other properties if you just want to validate the BIOS only.
<snip> tpm.quote.type=quote <snip>
Ok, let's initialise the collector.
$ ptsc -i Sign key location: SYSTEM Generate uuid: abedb6fc-7703-11e1-9167-0015582d7724 Generate UUID (for RM): ac0f5618-7703-11e1-9167-0015582d7724 level 0 Reference Manifest : /var/lib/openpts//ac0f5618-7703-11e1-9167-0015582d7724/rm0.xml ptsc has successfully initialized!
Do selftest.
$ ptsc -t selftest - OK
Dump the current configulation.
$ ptsc -D openpts version 0.2.6 config file: /etc/ptsc.conf UUID: abedb6fc-7703-11e1-9167-0015582d7724 (/var/lib/openpts/uuid) IML access mode : TSS Runtime IML type: unknown type 0x0 RM UUID (current): ac0f5618-7703-11e1-9167-0015582d7724 RM UUID (for next boot): (null) List of RM set: 1 RM set in config dir ID UUID date(UTC) status ----------------------------------------------------------------------------------------- 0 ac0f5618-7703-11e1-9167-0015582d7724 2012-03-26-05:22:25 NOW ----------------------------------------------------------------------------------------- Integrity Report dir: /tmp/.ptsc Model dir: /usr/share/openpts/models Behavior Models PCR lv FSM files ----------------------------------------------------- 0 0 /usr/share/openpts/models/bios_pcr0.uml 1 0 /usr/share/openpts/models/bios_pcr1.uml 2 0 /usr/share/openpts/models/bios_pcr2.uml 3 0 /usr/share/openpts/models/bios_pcr3.uml 4 0 /usr/share/openpts/models/bios_pcr4.uml 5 0 /usr/share/openpts/models/bios_pcr5.uml 6 0 /usr/share/openpts/models/bios_pcr6.uml 7 0 /usr/share/openpts/models/bios_pcr7.uml -----------------------------------------------------
- Enrolment by OpenPTS Verifier (on same host)
It uses SSH tunnel between the collector and verifier.
You must setup SSH publickey authentication before the enrolment.
$ ssh-keygen -t rsa $ ssh-copy-id yourname@localhost
Enrol with the collector on localhost.
$ openpts -i localhost
Validate the localhost
$ openpts -v localhost integrity: valid
$ openpts -VV -v localhost Config file : /home/yourname/.openpts/openpts.conf Verbosity : 2 Logging location : /home/yourname/.openpts/openpts.log Logging(debig) mode : 0x0 Target: localhost Collector UUID: abedb6fc-7703-11e1-9167-0015582d7724 (date: 2012-03-26-05:22:25) Manifest UUID: ac0f5618-7703-11e1-9167-0015582d7724 (date: 2012-03-26-05:22:25) username(ssh): default port(ssh): default policy file: /home/yourname/.openpts/abedb6fc-7703-11e1-9167-0015582d7724/policy.conf property file: /home/yourname/.openpts/abedb6fc-7703-11e1-9167-0015582d7724/vr.properties integrity: valid
It validate the integrity report (= eventlog + quote signature).
The validation policy may contains the following properties.
$ cat /home/yourname/.openpts/abedb6fc-7703-11e1-9167-0015582d7724/policy.conf # OpenPTS validation policy, name=value tpm.quote.pcr.0=x4YRMHittOq91wZvEjzC7vdj094= tpm.quote.pcr.1=qBhoUK6Pe/1vtuZPuRTEFnx0QUU= tpm.quote.pcr.2=jjm56ku2llmmQAhLUXGSdVXawRU= tpm.quote.pcr.3=9xnOIC252kbn+qnBqCvQwzi0M5k= tpm.quote.pcr.4=0+LidCJ9bwUDHcYn/ro/b6g8ztk= tpm.quote.pcr.5=OQSOTWzdMiDsSO0pmVT3xmAFi6w= tpm.quote.pcr.6=ry9nL0mCl05NEoDRPhuSIeGJ/vo= tpm.quote.pcr.7=9xnOIC252kbn+qnBqCvQwzi0M5k= tpm.quote.signature=valid bios.pcr.0.integrity=valid bios.pcr.2.action.0=Start Option ROM Scan bios.pcr.2.integrity=valid bios.pcr.3.integrity=valid bios.pcr.4.action.0=Calling INT 19h bios.pcr.4.action.1=Returned INT 19h bios.pcr.4.action.2=Booting BCV Device 80h bios.pcr.4.integrity=valid bios.pcr.5.integrity=valid bios.pcr.6.action.0=WAKE EVENT 0 bios.pcr.6.integrity=valid bios.pcr.7.integrity=valid tpm.quote.pcrs=valid # 22 reference props
Rebuild the GRUB Legacy with GRUB-IMA patch
$ sudo apt-get build-dep grub $ apt-get source grub $ pushd grub-0.97/debian/patches/ $ wget http://osdn.dl.sourceforge.jp/openpts/37646/grub-0.97-29ubuntu45-ima-1.1.0.0.patch $ popd $ echo "# This patch supports IMA" >> grub-0.97/debian/patches/00list $ echo "grub-0.97-29ubuntu45-ima-1.1.0.0.patch" >> grub-0.97/debian/patches/00list $ mv grub-0.97/debian/rules grub-0.97/debian/rules.orig $ sed -e 's/--disable-auto-linux-mem-opt/--disable-auto-linux-mem-opt --enable-ima/g' grub-0.97/debian/rules.orig > grub-0.97/debian/rules $ chmod +x grub-0.97/debian/rules
Update the changelog
$ pushd grub-0.97 $ debchange -i
like this
grub (0.97-29ubuntu60.10.04.2.ima) lucid; urgency=low * enable Trusted Boot -- foo <foo@localhost> Wed, 04 Apr 2012 17:37:27 +0900
Ok, let's build the package.
$ dpkg-buildpackage -rfakeroot -us -uc $ popd
Install the grub package.
$ sudo dpkg -i grub_0.97-29ubuntu60.10.04.2.ima_i386.deb $ grep TCG /usr/lib/grub/i386-pc/* Binary file /usr/lib/grub/i386-pc/stage1 matches Binary file /usr/lib/grub/i386-pc/stage2 matches Binary file /usr/lib/grub/i386-pc/stage2_eltorito matches
Install the grub into the hdd (MBR).
$ sudo grub-install /dev/sda $ grep TCG /boot/grub/* Binary file /boot/grub/stage1 matches Binary file /boot/grub/stage2 matches
Ok, Reboot the system.
note) if reboot was failed somehow, try the cold boot (power off/on).
Then, you will see the measurement of IPL and Kernel in the eventlog.
$ iml2text Idx PCR Type Digest EventData ----------------------------------------------------------------------- 0 0 0x00000008 1dfce7dde0cf13cfff102b1eb01875f752d5090c [BIOS:EV_S_CRTM_VERSION] 1 0 0x00000001 1c41801dd329198e50a3d98040230095693e49b3 [BIOS:EV_POST_CODE(EV_CODE_NOCERT)] 2 0 0x00000001 16fb111792cb98a3de12f3abd0406fc04c7e5fca [BIOS:EV_POST_CODE(EV_CODE_NOCERT)] 3 0 0x00000001 dd261ca7511a7daf9e16cb572318e8e5fbd22963 [BIOS:EV_POST_CODE(EV_CODE_NOCERT)] <snip> 75 4 0x00000005 c1e25c3f6b0dc78d57296aa2870ca6f782ccf80f [BIOS:EV_ACTION, Calling INT 19h] 76 4 0x00000005 38f30a0a967fcf2bfee1e3b2971de540115048c8 [BIOS:EV_ACTION, Returned INT 19h] 77 4 0x00000005 cfa550a3b0fa6f8be76b8cf2d68be28355e57e2f [BIOS:EV_ACTION, Booting BCV Device 80h] 78 4 0x0000000d f6121bf2405783ecf1d3f55069ec7e441e41814f [BIOS:EV_IPL] 79 4 0x0000000d b82f5fa84465edfc054591b059bb65ea54f67282 [GRUB:EV_IPL, Stage1(MBR)] 80 4 0x0000000d 0532b5f5026eebd2f895a638715e9a826cb2f582 [GRUB:EV_IPL, Stage1.5] 81 4 0x0000000d 5e2c3964b21587a8a63153f20102266d21399d4e [GRUB:EV_IPL, Stage1.5(filesystem)] 82 4 0x00000006 1e0d747ef539e49a21f1789d12e51254a54edfb8 [GRUB: measure MBR again] 83 4 0x00000004 8cdc27ec545eda33fbba1e8b8dae4da5c7206972 [GRUB:EV_SEPARATOR, Grub Event Separator] 84 5 0x00000004 d9be6524a5f5047db5866813acf3277892a7a30a [BIOS:EV_SEPARATOR, ffffffff] 85 5 0x0000000e 14bd957419a432ca8af4ff13454f9fd291f99cd8 [BIOS:EV_IPL_PARTITION_DATA] 86 5 0x00000004 8cdc27ec545eda33fbba1e8b8dae4da5c7206972 [GRUB:EV_SEPARATOR, Grub Event Separator] 87 5 0x0000000e 9052fb5133bba4a168c52ac9b57a7513ff1d5bbb [GRUB:grub.conf] 88 5 0x00001105 c8a879e81a96dafb7ab1178fcfe9415dc4199503 [GRUB:KERNEL_OPT /boot/vmlinuz-2.6.32-40-generic root=UUID=0217aa6d-4f1d-457d-bbc8-b03436cf4cf8 ro quiet splash crashkernel=384M-2G:64M,2G-:128M] 89 5 0x00000004 2431ed60130faeaf3a045f21963f71cacd46a029 [GRUB:EV_SEPARATOR, OS Event Separator] 90 6 0x00000005 017263855c5e8b20f2896a3135b8e4652ab1e708 [BIOS:EV_ACTION, WAKE EVENT 0] 91 6 0x00000004 d9be6524a5f5047db5866813acf3277892a7a30a [BIOS:EV_SEPARATOR, ffffffff] 92 7 0x00000004 d9be6524a5f5047db5866813acf3277892a7a30a [BIOS:EV_SEPARATOR, ffffffff] 93 8 0x00001205 fdaf029bb82181779feb3abc786a79d1bfc37a9d [GRUB:KERNEL /boot/vmlinuz-2.6.32-40-generic] 94 8 0x00001305 9e55814c35b6f86f7ccf606999fc0418fdb424fb [GRUB:INITRD /boot/initrd.img-2.6.32-40-generic] 95 8 0x00000004 2431ed60130faeaf3a045f21963f71cacd46a029 [GRUB:EV_SEPARATOR, OS Event Separator] 96 8 0x00001005 fac33a1fc0ad42c07d00322d64c23f67567f334a [GRUB:ACTION, Booting Big Linux Kenrel]
If you have configure the PTS collector before. the selftest must fail.
$ ptsc -t 0 [PCR01] Snapshot(FSM) is missing 1 [PCR01] Snapshot(FSM) is missing 2 [PCR01] Snapshot(FSM) is missing 3 [PCR01] Snapshot(FSM) is missing 4 [PCR01] Snapshot(FSM) is missing 5 [PCR01] Snapshot(FSM) is missing 6 [PCR01] Snapshot(FSM) is missing 7 [PCR01] Snapshot(FSM) is missing 8 [SELFTEST] The self test failed selftest - fail
Update the PTS Collector.
Edit /etc/ptsc.conf.
# rm.num=1 => 2 rm.num=2 # add a validation model for GRUB-IMA rm.model.1.pcr.4=grub_pcr4.uml rm.model.1.pcr.5=grub_pcr5.uml rm.model.1.pcr.8=grub_pcr8.uml
Update the manifest.
$ ptsc -u Generate UUID (for RM): 9e9d3404-7e39-11e1-8c88-0015582d7724 level 0 Reference Manifest: /var/lib/openpts//9e9d3404-7e39-11e1-8c88-0015582d7724/rm0.xml level 1 Reference Manifest: /var/lib/openpts//9e9d3404-7e39-11e1-8c88-0015582d7724/rm1.xml
Selftest again.
$ ptsc -t selftest - OK
Also update the verifier (enrolment again).
$ openpts -i -f localhost $ openpts localhost integrity: valid
- OS Update