Virtual TPM in a Virtual Machine
advertisement
SOFTWARE TPM
IN A
VIRTUAL MACHINE
Jordan Jump
Go to next slide to begin the presentation …
Cpre681 - Semester Project - Jordan Jump
Original Proposal
• Demonstrate a software-only TPM within a
virtual machine
– Generally equivalent to real TPM, except doesn’t
contain correct certificate to link to CA.
– Guest OS within VM doesn’t know not HW
(excepting the certificate)
Cpre681 - Semester Project - Jordan Jump
Physical PC
Diagram
• TPM typically located
on Low Pin Count
(LPC) bus
• Shares bus with other
low rate peripherals
Cpre681 - Semester Project - Jordan Jump
Accessing a Physical TPM v1.1
• x86 has two address spaces
– Typical memory addressing
– I/O addressing
• I/O addresses accessed via OUT and IN
instructions
– Used to access LPC bus
– Commonly used addresses, but NOT standardized
(the set 0x4E, 0x4F, 0x400, 0x401 is common)
Cpre681 - Semester Project - Jordan Jump
Accessing a Physical TPM v1.2
• TCG PC Client Specific TPM Interface
Specification (TIS)
– Defines and mandates a Memory Mapped
(MMIO) interface
– Physical addresses 0xFED40000 – 0xFED44FFF
– One device driver to rule them all
– The reason why …
Cpre681 - Semester Project - Jordan Jump
Windows TPM Architecture
• Windows TPM
architecture only
supports 1.2
TPMs
• Windows Vista
and Windows 7
device drivers
builtin
• Sure would be
nice to use that…
Cpre681 - Semester Project - Jordan Jump
Software TPM
• TPM Emulator by Mario Strasser
– Open source
– De facto standard for projects using SW TPMs
– Implements 100% TPM commands
– Accessible via TDDL
– Runs as daemon (no device driver necessary)
Cpre681 - Semester Project - Jordan Jump
The Goal
• Figure out how to link the TPM Emulator with
unmodified Windows 7 running in a VM
Cpre681 - Semester Project - Jordan Jump
Virtual Machine Survey
Xen
KVM
QEMU
VMWare
VirtualBox
MS Virtual PC
… and many more
What sets them apart??
Cpre681 - Semester Project - Jordan Jump
Virtual Machine Survey
• … Not much
– VMWare and VirtualPC not Open Source, so not viable
option
– Xen, KVM, QEMU, VirtualBox all support Windows
(some require VT-x)
– In fact, all borrow from QEMU’s device emulation.
– QEMU itself is slow because it doesn’t paravirtualize
• side project to accelerate QEMU abandoned because
VirtualBox does it better.
– Chose VirtualBox
• Rather arbitrary choice; Xen might have been OK
• Xen and KVM were first and foremost for paravirtualization
Cpre681 - Semester Project - Jordan Jump
VirtualBox
• Developed by Innotek, purchased by Sun,
purchased by Oracle
• Provides Open Source Edition (OSE)
– No USB support
– No builtin remote desktop server
– … otherwise the same
Cpre681 - Semester Project - Jordan Jump
VirtualBox
• Complicated
• Virtualizes using dynamic recompiler (from
QEMU).
• Also disassembles and patches guest code so
it doesn’t have to redo recompilation
• Why do I care?
Cpre681 - Semester Project - Jordan Jump
TPM to VM Interface
• Dynamic recompiler enables the green box
– Guest VM writes or reads to TPM memory
mapped address
– Recompiler replaces write/read with hook to my
code
– My code processes the write/read and, if a read,
provides a value back
– Missing piece was to emulate the TPM MMIO
interface to act as gatekeeper between Windows
VM and Software TPM
Cpre681 - Semester Project - Jordan Jump
TPM MMIO Interface
• TIS provides implementation details
– Localities allow multiple accessors
• Only 1 can access at a time
• Locality 4 highest priority; cannot be accessed
by software
• Locality 0/Legacy for SRTM
• Windows (BitLocker) only uses Locality 0
– Inputs/Outputs read 1 byte at a time
Cpre681 - Semester Project - Jordan Jump
Implementing in VirtualBox
• Struggled a lot!
• Few code comments
• Almost no documentation (some short, highlevel docs that aren’t useful)
• Learned by reverse-engineering other drivers
and ‘search in files’
• (seems simple now)
Cpre681 - Semester Project - Jordan Jump
Implementing in VirtualBox
• On startup, register memory address range with
VirtualBox and provide callbacks
• Memory Write/Read by VM triggers write/read
callback
– My code handles TIS protocol items such as locking,
signaling, buffering, etc.
• Once a full command has been received, my code
calls SW TPM via host TDDL and retrieves result
– My code handles TIS protocol to send back response
Cpre681 - Semester Project - Jordan Jump
Other implementation details
• Windows won’t read at memory address
unless registered in ACPI
– Entered ACPI source language (ASL) listed in TCG
PC Client Specific Implementation Specification
For Conventional BIOS
Device (TPM) {
Name (_HID, EISAID(“PNP0C31”))
Name (_CRS, ResourceTemplate() {
Memory32Fixed (ReadWrite, 0xFED40000, 0x5000,)
})
}
Cpre681 - Semester Project - Jordan Jump
Implementation
Screenshots
Cpre681 - Semester Project - Jordan Jump
Cpre681 - Semester Project - Jordan Jump
Opening tpm panel in Windows 7
Cpre681 - Semester Project - Jordan Jump
Cpre681 - Semester Project - Jordan Jump
No SRTM
Cpre681 - Semester Project - Jordan Jump
Future Work
• Modify VirtualBox BIOS to support SRT
– Support hashing function for locality 4
• Multiple SW TPM instances for multiple VMs
• Start/Stop SW TPM instance when
starting/stopping VM
• More robust misbehavior checking
• Modify SW TPM to allow locality to be
specified via TDDL
Cpre681 - Semester Project - Jordan Jump
Thanks!
jmjumps@iastate.edu
“I like prerecorded presentations because I can delete out most of my ‘uhs’ and ‘uhms’”
“I dislike them because I can’t gauge or engage the class”
Cpre681 - Semester Project - Jordan Jump
