Hi,
I want to build a trusted integrity measurement OS, so that a remote
party can check the system's integrity. But I don't have a hardware TPM,
so I run the TPM emulator (
http://tpm-emulator.berlios.de/)
and patched my Qemu and SeaBIOS with the TPM related Patches (provided by Mr. Stefan Berger) to test
the integrity measurement in virtual machine based Linux. To launch a
Linux through Qemu, at first I compiled Linux from the source with
Kernel-IMA functionality. Now I have the following files-
The compiled kernel-IMA image at /home/rrsuj/linux-2.6.32.59/arch/x86/boot/bzImage
And the new initrd at /boot/initrd.img-2.6.32.59
The patched bios.bin at /home/rrsuj/seabios-0.6.2/out/bios.bin
I
first check that the TPM emulator is running, so that Qemu and SeaBIOS
find a TPM (although virtual). Then I execute the following command -
#qemu-system-i386 -kernel /home/rrsuj/linux-2.6.32.59/arch/x86/boot/bzImage -initrd /boot/initrd.img-2.6.32.59 -bios /home/rrsuj/Downloads/seabios/seabios-0.6.2/out/bios.bin
It tries to boot Linux, but gives error-
"VFS: cannot open root device "<NULL>" or unknown-block (8,1)"
"Please append a correct "root=" boot option;"
So I did-
#qemu-system-i386 -kernel /home/rrsuj/Downloads/linux-2.6.32.59/arch/x86/boot/bzImage -initrd /boot/initrd.img-2.6.32.59 -append "root=/dev/sda1" -bios /home/rrsuj/Downloads/seabios/seabios-0.6.2/out/bios.bin
but the error changes slightly-
"VFS: cannot open root device "sda1" or unknown-block (0,0)"
"Please append a correct "root=" boot option;"
The output of "sudo fdisk -l" is-
Device Boot Start End Blocks Id System
/dev/sda1 * 1 2686 21569536 83 Linux
/dev/sda2 2686 2808 979969 5 Extended
/dev/sda5 2686 2808 979968 82 Linux swap / Solaris
So please tell me,
what should I do? I had a plan to install TrustedGrub inside the
virtual machine (the guest Linux), so that I can measure the total
system from SeaBIOS to TrustedGrub to Linux-IMA. But it is not booting
as I mentioned.
Thank you for your help.
Best regards