Hi, I want to build a trusted integrity measurement OS, so that a remote party can check the system's integrity. But I don't have a hardware TPM, so I run the TPM emulator (http://tpm-emulator.berlios.de/) and patched my Qemu and SeaBIOS with the TPM related Patches (provided by Mr. Stefan Berger) to test the integrity measurement in virtual machine based Linux. To launch a Linux through Qemu, at first I compiled Linux from the source with Kernel-IMA functionality. Now I have the following files-
The compiled kernel-IMA image at /home/rrsuj/linux-2.6.32.59/arch/x86/boot/bzImage And the new initrd at /boot/initrd.img-2.6.32.59 The patched bios.bin at /home/rrsuj/seabios-0.6.2/out/bios.bin I first check that the TPM emulator is running, so that Qemu and SeaBIOS find a TPM (although virtual). Then I execute the following command - #qemu-system-i386 -kernel /home/rrsuj/linux-2.6.32.59/arch/x86/boot/bzImage -initrd /boot/initrd.img-2.6.32.59 -bios /home/rrsuj/Downloads/seabios/seabios-0.6.2/out/bios.bin It tries to boot Linux, but gives error- "VFS: cannot open root device "<NULL>" or unknown-block (8,1)" "Please append a correct "root=" boot option;" So I did- #qemu-system-i386 -kernel /home/rrsuj/Downloads/linux-2.6.32.59/arch/x86/boot/bzImage -initrd /boot/initrd.img-2.6.32.59 -append "root=/dev/sda1" -bios /home/rrsuj/Downloads/seabios/seabios-0.6.2/out/bios.bin but the error changes slightly- "VFS: cannot open root device "sda1" or unknown-block (0,0)" "Please append a correct "root=" boot option;" The output of "sudo fdisk -l" is- Device Boot Start End Blocks Id System /dev/sda1 * 1 2686 21569536 83 Linux /dev/sda2 2686 2808 979969 5 Extended /dev/sda5 2686 2808 979968 82 Linux swap / Solaris So please tell me, what should I do? I had a plan to install TrustedGrub inside the virtual machine (the guest Linux), so that I can measure the total system from SeaBIOS to TrustedGrub to Linux-IMA. But it is not booting as I mentioned. Thank you for your help. Best regards
