POWER9 Introduces Secure Boot to PowerVM

View Only

POWER9 Introduces Secure Boot to PowerVM

By Chris Engel posted Wed June 17, 2020 08:49 AM

Like

POWER systems are known to provide a highly secured server platform. POWER9 hardware and firmware are making substantial improvements to make it even more secure for Cloud deployment with key features for PowerVM servers. Implementation includes:

A Secure IPL Process or Secure Boot which only allows platform manufacturer signed Hostboot and POWER Hypervisor (PHYP) related firmware up through and including Partition Firmware (PFW) to run on the system.
A framework to support Remote Attestation of the system firmware stack through a hardware Trusted Platform Module (TPM).

Introduction
In this series of blogs, we will use the terms "Secure Boot" and "Trusted Boot", each with their own specific connotation.

Secure Boot seeks to protect system integrity by performing a hardware-protected verification of all firmware components via digital signatures. It further aims to draw a distinction between the host system trust domain and that of the Flexible Service Processor (FSP) trust domain by controlling service processor and service interface access to sensitive system memory regions.
Trusted Boot seeks to create cryptographically strong and well protected platform measurements that prove particular firmware components have executed on the system. Interested parties can subsequently assess the measurements via trusted protocols to make inferences about the system's state and use that information to make security decisions.

The term Secure Boot will be used to refer to the POWER9 HW security properties coupled with the FW Secure and Trusted Boot features which in themselves are anchored via the HW security properties.

POWER9 Secure Boot Overview
Secure Boot seeks to prevent unauthorized access to customer data either through unauthorized firmware running on a host processor or by access through security vulnerabilities in authorized service processor firmware or via hardware service interfaces through the FSP.

The above mechanisms do not provide protection against:

OS software based attacks to gain unauthorized access to customer data
Rogue system administrators
Hardware physical attacks (e.g., chip substitutions, bus traffic recording)

Secure Boot implements a processor based chain of trust based in the POWER9 processor hardware and enabled by the POWER9 firmware stack. Secure Boot provides for a trusted FW base to enhance confidentiality and integrity of customer data in a virtualized environment.

POWER9 Trusted Boot provides for measurements of system configuration and IPL path code which can be used later as proof to a third party via attestation of the system's initial IPL path configuration. In order to create a Core Root of Trust for these Measurements (CRTM), a Secure Boot flow is used which adds cryptographic checks to each phase of the IPL process until communications with the Trusted Platform Module (TPM) is established. This flow aims to assert the integrity of all firmware that is to be executed on the core processors, thereby preventing any unauthorized or maliciously modified firmware from running. A FW component verification failure will prevent the IPL from completing if the component is deemed critical for system functionality. If the component is not a core critical function, the failed image will not be executed, the IPL will be allowed to complete, and appropriate notifications will be presented.

Secure Boot in POWER9 systems establishes trust through the platform boot process. With secure boot, the system will IPL to a trusted and well defined state. Trusted here means that the code executed during IPL process has been originated from the platform manufacturer, signed by the platform manufacturer and has not been modified since.

Motivation
As mentioned above, the motivation for Secure Boot facilities is to prevent unauthorized access to customer data either through unauthorized firmware running on a host processor or by access through security vulnerabilities in authorized service processor firmware or via hardware service interfaces to the host processor complex.

Additionally, future POWER servers must comply with public sector standards that are mandating additional security features. Examples:

NIST BIOS Protection Guidelines for Servers SP 800-147B, Aug 2014
- HW Root of Trust is required to protect, verify integrity and authenticity, and update boot firmware.
Department of Defense Instruction 8500.01 March, 2014
- Servers must also support TPMs that are securely provisioned during MFG
Federal Risk and Authorization Management Program version 2.0
- Protection … contained in the hardware, software, or firmware components of the system.
NIST Draft Security Recommendations for Hypervisor Development SP 800-125A
- Security assurance in the hypervisor can be obtained by having a hypervisor platform infrastructure that supports boot integrity measurements and attestation process.
Common Criteria Operating System Protection Profile v4.1
- The OS shall verify the integrity of the bootchain up through the OS kernel

Contacting the PowerVM Team
Have questions for the PowerVM team or want to learn more? Follow our discussion group on LinkedIn IBM PowerVM or IBM Community Discussions

#PowerVM
#powervmblog
#powervmsecurity

0 comments

26 views

IBM Power

Connect, learn, share, and engage with IBM Power.

Power