CPU provides protected partitions

for hardened access to memory.

The platform controller hub (PCH)

enforces memory protection policy

and provides protected data transfer

to graphics hardware and input/output

devices. The PCH also interfaces to

the trusted platform module (TPM), a

hardware device that generates and

stores cryptographic keys, stores the

platform state during the secure boot

process, and supports reporting or

attestation of the secure state of the

system. Figure 5 shows the steps for

a secure Intel TXT boot process.

Measure and Extend:

1. After system reset, the BIOS

boot block acts as the core root of

trust for measurement (CRTM), and

measures the system BIOS, the

first initially untrusted component.

The measurement is a hash value

of BIOS code, and is stored in one

of the TPM’s platform configuration

registers (PCRs). The storage

operation is actually a concatenation

of the existing PCR contents with the

new measurement information, which

means the stored value reflects any

changes made to the system since

the last boot. This process is called

extension.

2. The BIOS measures the hardware

and the master boot record, and

extends the PCR.

3. The master boot record measures

a pre-loader for Intel TXT, Loader 1,

and extends the PCR. The pre-loader

prepares memory for instructions

that initiate trusted execution.

Verify:

4. Loader 1 verifies the authenticated

code module (ACM). The digitally

signed by Intel that verifies a list of

applications that can be run next.

5. The ACM verifies Loader 2, which

verifies platform

configuration registers, system

management mode code, and the

operating system loader.

Execute:

6. Operating system loader prepares

for and then launches the operating

system.

TPM operation:

7. The secure operating system can

Figure 5 Intel TXT

44 l New-Tech Magazine Europe