powerpoint presentation · vsc. shielding data file ‘root’ password timezone ip address ssh...
TRANSCRIPT
Guarded Hyper-V hosts
Host Guardian Service
Provisioning
Process
Boot Linux inshielded mode
Additional Scenarios
Shielded
virtual
machines
Users who request to
start specific shielded
VMs on the host
VM03
VM02
VM01
Host Guardian
Service (HGS)
running on a cluster
Attestation Service: contains information about the expected configuration of guarded hosts. Authorizes only legitimate guarded hosts to run the shielded VMs.
Key Protection Service: contains keys needed for starting shielded VMs. Ensures that a given key is released only if the host is authorized and is in a Guarded Fabric specified by the VM owner.
Host Guardian Service components:
Guarded host
Key requests and
responses
Attestation requests
and responses
init program
Boot scripts
grub.cfg
Linux kernel
Initial ramdisk
SHIM
grub
Root partition(encrypted)
Boot partition(encrypted)
EFI System partition(unencrypted)
lsvmload Rest of Linux
Encrypted with well-known
passphrase
init program
Boot scripts
grub.cfg
Linux kernel
Initial ramdisk
SHIM
grub
Root partition(encrypted)
Boot partition(encrypted)
EFI System partition(unencrypted)
lsvmload
PA*
*Active boot loader
Rest of Linux
VSC
Shielding
Data File
‘root’ password
timezone
IP address
ssh private key
Other per-VM files
Guarded
Fabric #1
Guarded
Fabric #2
Guarded
Fabric #N
. . .
Cert used to
sign VSC
OwnerKey
Encrypted
init program
Boot scripts
grub.cfg
Linux kernel
Initial ramdisk
SHIM
grub
Root partition(encrypted)
Boot partition(encrypted)
EFI System partition(unencrypted)
lsvmload*
*Active boot loader
sealedkeys
specialization.aes
Rest of Linux
Encrypted with
key sealed
in the vTPM
Encrypted with
LUKS/dm-crypt
masterkey for
boot partition
Each encrypted
with a passphrase
in ‘sealedkeys’
• initramfs updated to get dm-crypt
passphrase from a file
• lsmvload used as a precursor to the
normal Linux boot shim
• lsmvload inject disk passphrases as a
file into virtualized copy of initramfs
• Linux shim
• grub
• Linux kernel
• I/O to encrypted boot partition is mediated by custom UEFI file I/O protocols
• initramfs gets dm-crypt passphrases from injected file*First boot only
init program
Boot scripts
grub.cfg
Linux kernel
Initial ramdisk
SHIM
grub
Root partition(encrypted)
Boot partition(encrypted)
EFI System partition(unencrypted)
lsvmload*
*Active boot loader
sealedkeys Rest of Linux
Encrypted with
key sealed
in the vTPM
Each encrypted
with a passphrase
in ‘sealedkeys’
Wrap-Up