readme.tgrub

一个可以引导多个操作系统的启动程序

== Content ==

1 TrustedGRUB Quick Installation Guide
1.1 Download from Sourceforge

2 Trusted GRUB
2.1 Introduction
2.2 Authors
2.3 Features
2.4 Measurements (in short)
2.5 Requirements
2.6 Known Bugs
2.7 Installation of TrustedGRUB, general steps
2.8 Additional Compile Options
2.9 Installation of TrustedGRUB, installing the bootloader

3 New TrustedGRUB Commands
3.1 Password check
3.2 Checkfile
3.3 sha1

4 New TrustedGRUB Utilities
4.1 util/create_sha1
4.2 util/verify_pcr

5 General Information
5.1 General view on how TrustedGRUB works
5.2 Additional memory in use
5.3 Modifications in stage1.S
5.4 Modifications in start.S
5.5 Modifications in start_eltorito.S
5.6 Other modifications
5.7 File list

== 1. TrustedGRUB Quick Installation Guide ==
=== 1.1 Download from Sourceforge ===
[:http://sourceforge.net/projects/trustedgrub]

 # tar -xzf TrustedGRUB-<ver>.tgz
 # cd TrustedGRUB-<ver>
 # ./build_tgrub.sh

Follow the installation instructions printed by the script.

== 2. Trusted GRUB ==

=== 2.1 Introduction ===

This file describes the extensions necessary to transform a standard GRUB into
a version that offers TCG support for granting the integrity of the boot
process.
This is done by measuring all critical components during the boot process,
i.e., stage2 of GRUB, the OS kernel or OS modules, together with their
parameters. Please note that stage1 has not to be checked here (it wouldn't
even be possible), because it has already been measured by the TCG extension
itself.
Since the TCG extensions are passive, it has no direct ability to check if
the bootloader (and the OS kernel/modules) actually is correct, this can only
be done indirectly by using the seal/unseal functions of the TCG chip (for
details on this topic, you should have a look at the TCG specifications or
on other documents describing TCG abilities).

=== 2.2 Authors ===

The Trusted GRUB extensions have been performed by

Marcel Selhorst  <m.selhorst@sirrix.com>, Applied Data Security Group, Bochum
Oliver Altmeyer  <oaltmeyer@aol.com>,  Saarland University, Saarbr點ken
Christian St黚le <stueble@acm.org>,    Applied Data Security Group, Bochum

The Microkernel patch is from
Adam Lackorzynski <adam@os.inf.tu-dresden.de>

=== 2.3 Features ===

* Updated to latest GRUB Release 0.9.7
* Including password dialog support
* Including patches for running L4 microkernels (e.g., fiasco)
* New Software-SHA1-implementation
* Improved checkfile option with software measurements
* TPM Support with TPM detection
* TPM hashing improvements
* New "sha1"-commandline utility
* New "verify_pcr" utility to verify the correctness of GRUB
* New "create_sha1" utility
* NTFS-read support

=== 2.4 Measurements (in short) ===

* PCR 4 contains MBR information and stage1
* PCR 8 contains bootloader information stage2 part1
* PCR 9 contains bootloader information stage2 part2
* PCR 12 contains all commandline arguments from menu.lst and those entered in the shell
* PCR 13 contains all files checked via the checkfile-routine
* PCR 14 contains all files which are actually loaded (e.g., Linux kernel, initrd, modules...)

NOTE: In case you booted via a CD-image, PCR-8 will be empty and PCR-9 will contain
      the whole measurement of the stage2_eltorito-boot-image.

=== 2.5 Requirements ===

In order to install the TCG-enhanced TrustedGRUB, you need
* GRUB version 0.97 (included in this package).
  Attention: Other versions will NOT work with these extensions!
* Some Linux tools (patch, aclocal, automake, make, gcc 3.x or gcc 4.x)
* A computer which has TCG enhancements according to TCG specs. v1.1b / v1.2, since SHA1-calculations are extended into PC-Registers of the TPM.

'''Note:''' You can use Trusted GRUB without a TPM chip, since the SHA1-calculation is done
in software now, you can use all the functions provided by Trusted GRUB (e.g., checkfile...),
but you will have no storage for these values and therefore afterwards no possibility to
verify the integrity.

=== 2.6 Known Bugs ===

* On some TPM-Bios implementations, Trusted GRUB does not run if the TPM is disabled in the BIOS. This has occured only on IBM Thinkpad T41p, yet.
* On some HP notebook machines, Trusted GRUB is not able to extend the PCRs of the TPM due to a missing feature "TCG_PASS_THROUGH_TO_TPM" inside the 
BIOS.
* SATA and Floppy support is currently not included due to the limitation of stage1.

If you find any bugs, please contact
the author Marcel Selhorst <m.selhorst@sirrix.com>

=== 2.7 Installation of TrustedGRUB, general steps ===

To compile and install TrustedGRUB, please run

 #   ./build_tgrub.sh

Additional parameters for the build_tgrub-script can be listed with

 #   ./build_tgrub.sh --help

and as root:

 #   make install

Furthermore, please make sure, to copy the file "default", which comes with this package, into
the directory, where your "menu.lst" is.
NOTE: Please make sure, that no *1_5-files are in your /boot/grub-directory. The only valid
files in there are stage1, stage2, default, menu.lst / grub.conf.


=== 2.8 Additional Compile Options ===

Trusted GRUB has three modes of operations (selectable only before compilation!)

1) Normal mode:
    simply compile and TrustedGRUB runs silently

2) Debug mode:
    compiles additional debug information into Trusted GRUB.

3) SHA1 mode:
    compiles addition runtime SHA1-information into Trusted GRUB.
    During the boot process, Trusted GRUB will show the measured SHA1-result
    for every measured file loaded

To select mode 2 or mode 3, edit the file stage2/Makefile.am and look for the
line

    # tGRUB: add -DDEBUG or -DSHOW_SHA1
    STAGE2_CFLAGS = $(INCLUDES)

For mode 2) replace the line with

    STAGE2_CFLAGS = $(INCLUDES) -DDEBUG

For mode 3) replace the line with

    STAGE2_CFLAGS = $(INCLUDES) -DSHOW_SHA1

'''Note:''' Please do not compile -DDEBUG and -DSHOW_SHA1 together, since the
resulting output displayed will interfere. You can also use the build-script to
specify these parameters.

=== 2.9 Installation of TrustedGRUB, installing the bootloader ===

 # rm /boot/grub/stage*
 # rm /boot/grub/*1_5
 # cp stage1/stage1 /boot/grub
 # cp stage2/stage2 /boot/grub
 # ./grub/grub
 #       root (hdX,Y) // Your boot partition
 #       setup (hdX)  // Your harddisc where to install Trusted GRUB
 #       quit

If that fails (on some HP notebooks), just use the grub-install-utility under util

 # cd util
 # chmod a+x grub-install
 # grub-install /dev/hdX

== 3. New TrustedGRUB Commands ==

=== 3.1 Password check ===

GRUB has been extended to ask the user for a password by appending the parameter
"--with-password-dialog" to a module. GRUB will then prompt for a password
and will replace the original parameter with "password=<yourpassword>".
This is needful for some microkernel based projects in order to do pre-boot
authentication.

=== 3.2 Checkfile ===

The syntax of checkfile is as follows:

   checkfile (hd?,?)/somewhere/check.file

Pay attention that the drive parameter (hd?,?) and the path are correct, if
they are not, TrustedGRUB is not able to boot!
The check file itself contains a list of tuples of arbitrary length (but the
check file MUST NOT be larger than 8096 Bytes) with a well-defined syntax, as
follows: