Could dom0 root be setup like a template? (AEM)
32 views
Skip to first unread message
Chris Laprise
Jul 20, 2018, 5:27:43 AM7/20/18
to qubes...@googlegroups.com
If dom0 /home were moved to a separate volume (or maybe not?) and the
root fs were only writable in a temporary fashion during normal
operation -- similar to template based guest VMs -- then would this not
allow an anti-evil-maid boot sequence to reliably measure the dom0
operating system?
Just a thought that seems within the realm of possibility with the right
high-level code.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
root fs were only writable in a temporary fashion during normal
operation -- similar to template based guest VMs -- then would this not
allow an anti-evil-maid boot sequence to reliably measure the dom0
operating system?
Just a thought that seems within the realm of possibility with the right
high-level code.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
Marek Marczykowski-Górecki
Jul 20, 2018, 8:20:23 AM7/20/18
to Chris Laprise, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Fri, Jul 20, 2018 at 05:27:37AM -0400, Chris Laprise wrote:
> If dom0 /home were moved to a separate volume (or maybe not?) and the root
> fs were only writable in a temporary fashion during normal operation --
> similar to template based guest VMs -- then would this not allow an
> anti-evil-maid boot sequence to reliably measure the dom0 operating system?
>
> Just a thought that seems within the realm of possibility with the right
> high-level code.
You may want to look at Heads[1], part of the setup is doing something
very similar[2].
[1] http://osresearch.net/Installing-Heads
[2] https://groups.google.com/forum/?fromgroups#!topic/qubes-devel/hG93VcwWtRY
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAltR04EACgkQ24/THMrX
1yzpgAf9EKMwNYLNVYy3cJ7RQ7hhBrmCwfpbnZ6OJ29LAqpOc1FkW7X8zvjKG82B
1+i1t320zg5fmS3IjAe/t2ZM+1MHpLcGHfKH3TQ379OkcvOdiqJ9B0v6c5cGKD+7
PBGYLuNaaAAmP87i2LXUtyAepEEk+l0FjuEeaaKlfhdHcBrWBj6CEDnH1aooBLFn
wHNv142FNJVB7naRowA+mx3XEiFwaLEW4dZyFBRuzSK9vwblWWloceLKPVjzoM0h
kmOwM+meFvrq3QWWkvCH4qV0fd3+Hthq7RDSZ5ajEaxGSOd6oFu+1dmI43xPIpfk
VDy6doDpdYKSpKxfJfotmYCuK6z56Q==
=GPPe
-----END PGP SIGNATURE-----
Hash: SHA256
On Fri, Jul 20, 2018 at 05:27:37AM -0400, Chris Laprise wrote:
> If dom0 /home were moved to a separate volume (or maybe not?) and the root
> fs were only writable in a temporary fashion during normal operation --
> similar to template based guest VMs -- then would this not allow an
> anti-evil-maid boot sequence to reliably measure the dom0 operating system?
>
> Just a thought that seems within the realm of possibility with the right
> high-level code.
very similar[2].
[1] http://osresearch.net/Installing-Heads
[2] https://groups.google.com/forum/?fromgroups#!topic/qubes-devel/hG93VcwWtRY
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAltR04EACgkQ24/THMrX
1yzpgAf9EKMwNYLNVYy3cJ7RQ7hhBrmCwfpbnZ6OJ29LAqpOc1FkW7X8zvjKG82B
1+i1t320zg5fmS3IjAe/t2ZM+1MHpLcGHfKH3TQ379OkcvOdiqJ9B0v6c5cGKD+7
PBGYLuNaaAAmP87i2LXUtyAepEEk+l0FjuEeaaKlfhdHcBrWBj6CEDnH1aooBLFn
wHNv142FNJVB7naRowA+mx3XEiFwaLEW4dZyFBRuzSK9vwblWWloceLKPVjzoM0h
kmOwM+meFvrq3QWWkvCH4qV0fd3+Hthq7RDSZ5ajEaxGSOd6oFu+1dmI43xPIpfk
VDy6doDpdYKSpKxfJfotmYCuK6z56Q==
=GPPe
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages