Open Source Summit + AI_dev Japan 2024

Recent security updates to Linux, such as the new Systemd Unified Kernel Image[1] rely on the discrete or firmware integrated TPM (Trusted Platform Module) to verify boot and release secrets securely. However, there are many known attacks against the TPM chip itself. We will discuss the newly upstreamed Linux Kernel TPM security patches[2], which not only provide a basis for securely communicating with the TPM but also provide a novel defences against a wide variety of TPM based attacks by using a unique (to Linux) null key scheme. This talk will cover what TPM based attacks are (including interposer attacks), how the Trusted Computing Group expects you to tell you're talking to a real TPM and how you can communicate with it securely and use its policy statements to govern key use and release. We will then move on to how the new Linux Kernel patches extend this and can be leveraged to validate the TPM on every boot and continually monitoring it for any TPM interposer substitutions in real time. [1] https://github.com/uapi-group/specifications/blob/main/specs/unified_kernel_image.md [2] https://lore.kernel.org/all/20240429202811.13643-1-James.Bottomley@HansenPartnership.com/