Intel TXT と VMware vSphere - Trusted Computing Group

Intel TXTVMware vSphere 

 

 

Nov. 28, 2012 

© 2011 VMware Inc. All rights reserved

Agenda 

§ Intel TXT 

• RTM (Root of Trust for Measurement) 

§ VMware vSphere 

§ 

2

Trust 

§ Trust 

“An entity can be trusted if it always behaves in the expected manner for the 

intended purpose” by David Grawrock, Intel 

• Known state 

• Measurement 

• TPMPCR Extend 

• Chain of Trust 

• RTM (Root of Trust for Measurement) 

• Intel TXT 

§ Trust 

• VMMTCBRootkitVMM 

 

• BIOS Rootkit 

• Reset attacks () 

3

TPMPCR ExtendChain of Trust 

TPM 

PCR (Platform 

Configuration 

Registers) 

24, 20 

Attestation Keys 

  

 

 

PCR_Extend API 

 

NVRAM 

Endorsement Key 

2048RSA 

PCR(old) 

+ 

 

SHA-1 

Chain of Trust 

TPM 

PCR(New) 

RTM 

Module A 

Module B 

PCR-x 

PCR-y 

Boot sequence Chain of Trust 

OS/VMM known state 

4

Chain of Trust 

§ RTM (Root of Trust for Measurement) 

• RTMMeasurement 

§ SRTM (Static RTM) : TCGBIOS 

• RTMFirmware 

• (Intel TXT) 

• Chain 

• BIOS Boot SequenceOS/VMM Boot Loader 

§ DRTM (Dynamic RTM) : Intel TXT 

• RTMIntel TXTCPU(GETSEC[SENTER]) 

• GETSEC[SENTER]Chain 

• OSBoot LoaderMLEMLEMeasurement 

SINIT ACM(Authenticated Code Module) 

§ Intel TXTSRTMDRTM 

5

Intel TXTMeasured Boot 

System 

Power 

ON PCR0 PCR0 PCR0 

uCode 

Measures 

BIOS ACM 

BIOS ACM 

Measures 

BIOS Init 

Code 

BIOS Init 

Init TXT & 

Memory, 

Measure 

SMM etc. 

BIOS Init 

Lock TXT 

& Memory 

Config 

Non- 

Critical 

Code 

Option 

ROMs etc. 

Load 

bootloader 

Load tboot 

SRTM 

PCR17 PCR18 PCR19, 20 

tboot 

tboot 

uCode 

SINIT ACM 

MLE 

Load SINIT 

ACM & 

VMKernel, 

modules 

Execute 

GETSEC 

[SENTER] 

Measures 

SINIT ACM 

Measures 

MLE 

Measures 

VMKernel, 

modules 

DRTM 

6

VMware vSphere 

§ Intel TXT (LT-SX) 

• Xeon 5600 Series (Westmere) 

• Intel TXT2007vPro2(Weybridge) 

• OEMFirmware 

§ VMware 

• ESXi 4.1 U1 

• Intel TXT 

• Web 

(http://www.vmware.com/resources/compatibility/search.php?deviceCategory=server) 

§ Measured Boot ( ≠ Verified Boot) 

• PCR 20 Extension: VMKernel, 

7

Compatibility Guide 

8 

Feature

ESXi5.12041TXT48 (2.3%) 

9

vSphereIntel TXTEnable 

§ BIOSIntel TXT 

Enable 

• TPMActivation 

§ ESXi 5.x 

• Enable by Default 

• 

§ ESXi 4.x 

• Disable by Default 

• enableTboot option 

10

tboot (:Dell Power Edge R610) 

TBOOT: executing GETSEC[SENTER]... 

TBOOT: ***************TBOOT ******************* 

TBOOT: TPM is ready 

TBOOT: PCRs after extending: 

TBOOT: PCR 17: 49 6c 85 30 d2 b4 ba 6a 6f 39 01 45 5c 8c 24 0b bb 48 2d 85 

TBOOT: PCR 18: f6 fd 30 6d 2f a3 3e 21 c6 9c a5 98 33 0b 64 df 1e d0 d0 02 

TBOOT: PCR 19: 97 3d 1a 14 43 7d 69 94 f0 f2 de d9 c1 af 09 c7 e1 66 f7 b9 

TBOOT: PCR 20: 7f 82 4e a4 8e 5d 50 a4 b2 36 15 22 23 20 6b 00 62 0b c7 4b 

ESXi 

~ # bootOption -o 

Options : vmbTrustedBoot=true tboot=0x0x101a000 no-auto-partition \ 

bootUUID=743b963c66f8db873f0c346b224fef87 

11

Trusted Computing Pool 

VM 

VM 

VM 

VM 

VM 

VM 

ESXi 

ESXi 

ESXi 

HW/TXT 

HW/TXT 

HW 

Cloud 

Controller 

Remote 

Attestation 

Server 

• Trusted Server 

• PCRESXi 

12

Intel TXT と VMware vSphere - Trusted Computing Group

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?