From Fedora Project Wiki
(moved to FeatureAcceptedF16 - feature was approved at 2011-07-18 meeting.)
 
(11 intermediate revisions by 2 users not shown)
Line 1: Line 1:
= Install-time Configuration of Trusted Boot =
= Trusted Boot =


== Summary ==
== Summary ==
Add installer support for Trusted Boot (tboot).
Add install-time configuration of Trusted Boot(tboot).


== Owner ==
== Owner ==
Line 10: Line 10:
== Current status ==
== Current status ==
* Targeted release: [[Releases/16 | Fedora 16 ]]  
* Targeted release: [[Releases/16 | Fedora 16 ]]  
* Last updated: 2011-06-15
* Last updated: 2011-07-14
* Percentage of completion: 0%
* Percentage of completion: 5%
 
Discussed with grubby owner. I may need to provide a patch to handle kernel upgrade for tboot+xen+kernel case.
 
In progress of discussion with anaconda community to figure out what/how to do for installation support.


== Detailed Description ==
== Detailed Description ==
This would include two things to be done at install time:
This would include two things to be done at install time:
# UI to choose TXT/tboot support
* UI to choose TXT/tboot support
# The underlying support to install the package and modify the bootloader cfg.
Below is a mock up screen shot for this
 
[[File:tboot2.jpg|600px]]
 
* The underlying support to install the package and modify the bootloader cfg.
Below is a sample grub.conf file showing the change.
Below is a sample grub.conf file showing the change.


Line 34: Line 42:
         module /boot/vmlinuz-2.6.38-0.rc5.git1.1.fc15.x86_64 ro root=UUID=2c16235d-452c-4109-b93c-7b6e93795682 rd_NO_LUKS rd_NO_LVM rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYTABLE=us rhgb quiet
         module /boot/vmlinuz-2.6.38-0.rc5.git1.1.fc15.x86_64 ro root=UUID=2c16235d-452c-4109-b93c-7b6e93795682 rd_NO_LUKS rd_NO_LVM rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYTABLE=us rhgb quiet
         module /boot/initramfs-2.6.38-0.rc5.git1.1.fc15.x86_64.img
         module /boot/initramfs-2.6.38-0.rc5.git1.1.fc15.x86_64.img
        module /boot/sinit.bin


== Benefit to Fedora ==
== Benefit to Fedora ==
Line 45: Line 52:


== How To Test ==
== How To Test ==
<!-- This does not need to be a full-fledged document.  Describe the dimensions of tests that this feature is expected to pass when it is done.  If it needs to be tested with different hardware or software configurations, indicate them.  The more specific you can be, the better the community testing can be.
Remember that you are writing this how to for interested testers to use to check out your feature - documenting what you do for testing is OK, but it's much better to document what *I* can do to test your feature.
A good "how to test" should answer these four questions:
0. What special hardware / data / etc. is needed (if any)?
1. How do I prepare my system to test this feature? What packages
need to be installed, config files edited, etc.?
2. What specific actions do I perform to check that the feature is
working like it's supposed to?
3. What are the expected results of those actions?
-->
* It requires platforms supporting Intel TXT.
* It requires platforms supporting Intel TXT.
* If selected during system installation UI, make sure the tboot package is installed and the bootloader config is changed to boot tboot as kernel and linux as module.
* If selected during system installation UI, make sure the tboot package is installed and the bootloader config is changed to boot tboot as kernel and linux as module.
Line 66: Line 59:


== Dependencies ==
== Dependencies ==
none on other packages.
None on other packages.


The tboot package is only for x86, but tboot will detect whether the systems supports TXT and will perform a normal boot if it does not (and hence can be installed on x86 systems that do not support TXT).
The tboot package is only for x86, but tboot will detect whether the systems supports TXT and will perform a normal boot if it does not (and hence can be installed on x86 systems that do not support TXT).


Users need to download sinit binary from sourceforge.net tboot project corresponding to the hardward platform used and copy it as /boot/sinit.bin before the trusted boot could really work.
Intel requires all server OEMs to carry the SINIT ACM for future platforms in their flash. Current availabe models include:
* Dell PowerEdge R810/R910 with E7 processors
* HP ProLiant DL580 G7 with E7 processors & TPM option kit


== Contingency Plan ==
== Contingency Plan ==
Line 76: Line 71:


== Documentation ==
== Documentation ==
tboot project web page
* http://sourceforge.net/projects/tboot
* http://sourceforge.net/projects/tboot
Documentation about tboot functionality
* http://www.bughost.org/repos.hg/tboot.hg/file/d36fb3e85062/README
The Intel® TXT Software Development Guide should be able to show you details about what tboot does.
* http://download.intel.com/technology/security/downloads/315168.pdf
More documentation about TXT
* http://www.intel.com/technology/malwarereduction/index.htm
Documentation about Intel® SMX instructions is included in Intel® 64 and IA-32 Architectures Software Developer's Manual, Volumes 2, chapter 6, Safer Mode Extensions Reference
* http://www.intel.com/Assets/PDF/manual/325383.pdf


== Release Notes ==
== Release Notes ==
<!-- The Fedora Release Notes inform end-users about what is new in the release.  Examples of past release notes are here: http://docs.fedoraproject.org/release-notes/ -->
<!-- The release notes also help users know how to deal with platform changes such as ABIs/APIs, configuration or data file formats, or upgrade concerns.  If there are any such changes involved in this feature, indicate them here.  You can also link to upstream documentation if it satisfies this need.  This information forms the basis of the release notes edited by the documentation team and shipped with the release. -->
* Trusted Boot (tboot) is an open source, pre- kernel/VMM module that uses Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM.
* Trusted Boot (tboot) is an open source, pre- kernel/VMM module that uses Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM.


Line 86: Line 92:
* See [[Talk:Features/Trusted Boot]]
* See [[Talk:Features/Trusted Boot]]


[[Category:FeaturePageIncomplete]]
[[Category:FeatureAcceptedF16]]

Latest revision as of 15:05, 19 July 2011

Trusted Boot

Summary

Add install-time configuration of Trusted Boot(tboot).

Owner

Current status

  • Targeted release: Fedora 16
  • Last updated: 2011-07-14
  • Percentage of completion: 5%

Discussed with grubby owner. I may need to provide a patch to handle kernel upgrade for tboot+xen+kernel case.

In progress of discussion with anaconda community to figure out what/how to do for installation support.

Detailed Description

This would include two things to be done at install time:

  • UI to choose TXT/tboot support

Below is a mock up screen shot for this

Tboot2.jpg

  • The underlying support to install the package and modify the bootloader cfg.

Below is a sample grub.conf file showing the change. 

default=0
timeout=5
splashimage=(hd0,2)/boot/grub/splash.xpm.gz
hiddenmenu

title Fedora (2.6.38-0.rc5.git1.1.fc15.x86_64)
       root (hd0,0)
       kernel /boot/vmlinuz-2.6.38-0.rc5.git1.1.fc15.x86_64 ro root=UUID=2c16235d-452c-4109-b93c-7b6e93795682 rd_NO_LUKS rd_NO_LVM rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYTABLE=us rhgb quiet
       initrd /boot/initramfs-2.6.38-0.rc5.git1.1.fc15.x86_64.img

title Fedora w/ tboot (2.6.38-0.rc5.git1.1.fc15.x86_64)
       root (hd0,0)
       kernel /boot/tboot.gz logging=vga,serial,memory
       module /boot/vmlinuz-2.6.38-0.rc5.git1.1.fc15.x86_64 ro root=UUID=2c16235d-452c-4109-b93c-7b6e93795682 rd_NO_LUKS rd_NO_LVM rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYTABLE=us rhgb quiet
       module /boot/initramfs-2.6.38-0.rc5.git1.1.fc15.x86_64.img

Benefit to Fedora

Fedora will be capable to do trusted launch with tboot support. It will meet the increase needs for platform security.

Scope

Required steps are:

  1. UI to choose TXT/tboot support during installation.
  2. Scripts to install the tboot package and modify the bootloader cfg.

How To Test

  • It requires platforms supporting Intel TXT.
  • If selected during system installation UI, make sure the tboot package is installed and the bootloader config is changed to boot tboot as kernel and linux as module.

User Experience

User will find the tboot packge easier to install and use.

Dependencies

None on other packages.

The tboot package is only for x86, but tboot will detect whether the systems supports TXT and will perform a normal boot if it does not (and hence can be installed on x86 systems that do not support TXT).

Intel requires all server OEMs to carry the SINIT ACM for future platforms in their flash. Current availabe models include:

  • Dell PowerEdge R810/R910 with E7 processors
  • HP ProLiant DL580 G7 with E7 processors & TPM option kit

Contingency Plan

None necessary, revert to previous release behaviour.

Documentation

tboot project web page

Documentation about tboot functionality

The Intel® TXT Software Development Guide should be able to show you details about what tboot does.

More documentation about TXT

Documentation about Intel® SMX instructions is included in Intel® 64 and IA-32 Architectures Software Developer's Manual, Volumes 2, chapter 6, Safer Mode Extensions Reference

Release Notes

  • Trusted Boot (tboot) is an open source, pre- kernel/VMM module that uses Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM.

Comments and Discussion

Retrieved from "https://fedoraproject.org/w/index.php?title=Features/Trusted_Boot&oldid=246374"