Re: [PATCH 2 of 4] ima: related Makefile compile order change and Readme

From: Reiner Sailer (sailer@private)
Date: Wed May 25 2005 - 11:06:20 PDT


James Morris <jmorris@private> wrote on 05/23/2005 07:59:09 PM:

> On Mon, 23 May 2005, Reiner Sailer wrote:
> 
> > > It seems to me that the mechanism is sound... it does what the docs
> > > says. Another questions is "is it usefull"?
> > > 
> > >                         Pavel 
> > > 
> > 
> > We implemented some exemplary IMA-applications. If you like, visit our 

> > project page and check out the references:
> > 
http://www.research.ibm.com/secure_systems_department/projects/tcglinux/
> > There you also find a complete  measurement list and a response of a 
measured 
> > system replying to an authorized remote measurement-list-request.
> 
> How did you retrieve the TPM-aggregate?

We use the general TPM interface and a TPM library that IBM open-sourced 
in the
"early times of TPM". Today, the there is also the TrouSerS open-source 
(sorceforge)
stack that can be used to retrieve a quote. Other libraries are certainly
available as well. Any implementation offering TPM-Spec quote function can 
be used.

> I'm still not sure why exporting just the kernel measurement values via 
> proc is useful.

It is useful in practice because once the system is up and running, the
measurement list grows very slowly. Thus, retrieving the measurements 
separately from the signature did not result in sync problems 
(measurements
being added between retrieving the signature and retrieving the 
measurement
list). We did not have a single case where we run into the problem but one 
can
construct system loads that might trigger an async between the retrievals. 
In this 
case, one can adjust the measurement list (skip entries added after the 
TPM signature
was created) if you first retrieve the TPM signature and then the 
measurement list.
You'll discover the last signed measurement entries by recalculating the 
signed 
aggregate.

> Wouldn't you need to retrieve the measurement list atomically with the 
> TPM-aggregate?

You can do this atomically but then you need to implement the quote 
functionality
in the kernel when retrieving the list or you need to develop a quote* TPM 
command 
that includes the measurement list with the signature blob (non-TPM-spec 
conform). 
We chose to go with the original Quote (TPM signature) and keep the 
defined TPM 
interface, since we preferred keeping existing interfaces until we 
encounter problems.

> In which case, we'd need an interface which takes a nonce and returns 
the
> kernel measurement list and the TPM-aggregate together.

> Is the source of your example IMA attestation application available?

This application is not available at this time. However, its major 
building blocks
are almost all open-source (TSS stack, TPM kernel driver, IMA). The rest 
is mainly
communication infrastructure and building SHA1-databases to compare 
measurements 
against expected and known measurements.

> 
> - James
> -- 
> James Morris
> <jmorris@private>
> 
> 
> 

The point you are making is a good one. We implemented a trade-off and if 
users of
IMA suggest that the trade-off towards compatibility is leading to 
problems, it is 
worth to re-evaluate this trade-off and create an atomic function.

Thanks.
Reiner



This archive was generated by hypermail 2.1.3 : Wed May 25 2005 - 11:06:59 PDT