CPU provides protected partitions
for hardened access to memory.
The platform controller hub (PCH)
enforces memory protection policy
and provides protected data transfer
to graphics hardware and input/output
devices. The PCH also interfaces to
the trusted platform module (TPM), a
hardware device that generates and
stores cryptographic keys, stores the
platform state during the secure boot
process, and supports reporting or
attestation of the secure state of the
system. Figure 5 shows the steps for
a secure Intel TXT boot process.
Measure and Extend:
1. After system reset, the BIOS
boot block acts as the core root of
trust for measurement (CRTM), and
measures the system BIOS, the
first initially untrusted component.
The measurement is a hash value
of BIOS code, and is stored in one
of the TPM’s platform configuration
registers (PCRs). The storage
operation is actually a concatenation
of the existing PCR contents with the
new measurement information, which
means the stored value reflects any
changes made to the system since
the last boot. This process is called
extension.
2. The BIOS measures the hardware
and the master boot record, and
extends the PCR.
3. The master boot record measures
a pre-loader for Intel TXT, Loader 1,
and extends the PCR. The pre-loader
prepares memory for instructions
that initiate trusted execution.
Verify:
4. Loader 1 verifies the authenticated
code module (ACM). The digitally
signed by Intel that verifies a list of
applications that can be run next.
5. The ACM verifies Loader 2, which
verifies platform
configuration registers, system
management mode code, and the
operating system loader.
Execute:
6. Operating system loader prepares
for and then launches the operating
system.
TPM operation:
7. The secure operating system can
Figure 5 Intel TXT
44 l New-Tech Magazine Europe