-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathREADME
69 lines (54 loc) · 2.44 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
┏━┓┏┓ ╻ ╻┏┳┓┏━╸
┣━┫┣┻┓┗┳┛┃┃┃┣╸
╹ ╹┗━┛ ╹ ╹ ╹┗━╸
┏━┓┏━╸┏━╸╻ ╻┏━┓┏━┓╻╻ ╻┏━╸
┣┳┛┣╸ ┃ ┃ ┃┣┳┛┗━┓┃┃┏┛┣╸
╹┗╸┗━╸┗━╸┗━┛╹┗╸┗━┛╹┗┛ ┗━╸
╻ ╻╻ ╻┏━┓┏━╸┏━┓╻ ╻╻┏━┓┏━┓┏━┓
┣━┫┗┳┛┣━┛┣╸ ┣┳┛┃┏┛┃┗━┓┃ ┃┣┳┛
╹ ╹ ╹ ╹ ┗━╸╹┗╸┗┛ ╹┗━┛┗━┛╹┗╸ 7_O_/
╻ ╻┏┓ ┏━┓┏━┓┏━┓╻ ╻ (/
┃ ┃┣┻┓┣┳┛┣━┫┣┳┛┗┳┛ /\/'
┗━╸╹┗━┛╹┗╸╹ ╹╹┗╸ ╹ 7
sources/
Recursive hypervisor library code.
sources/drivers/vmm_rec/
Static recursive hypervisor library.
sources/drivers/vmm_rec_env/
Implementation of a remote attestation prover using Abyme library.
sources/drivers/82579LM/
Bare metal UEFI Intel e1000e network controller driver.
sources/drivers/eric/
ERIC PCIe peripheral UEFI driver.
ERIC can be used as : a DMA attack platform as well as a remote attestation
verifier.
Submodules
abyme-challenge/
There is the implementation of challenges sent from ERIC prover to Abyme
verifier in a remote attestation scheme.
edk2/
Submodule for QEMU/OVMF firmware needed if using QEMU
dependencies : acpica; nasm
$ git submodule update --init
$ make -C BaseTools
$ . ./edksetup.sh BaseTools
$ cat Conf/target.txt
$ OvmfPkg/build.sh \
-a IA32 -a X64 \
-D SECURE_BOOT_ENABLE \
-D TPM2_ENABLE -D TPM2_CONFIG_ENABLE \
-D FD_SIZE_2MB -D EXCLUDE_SHELL_FROM_FD
For SMM debugging go and see :
https://casualhacking.io/blog/2019/12/3/using-optionrom-to-overwrite-smmsmi-handlers-in-qemu
gnu-efi/
Submodule for GNU efi toolchain to build efi applications
$ make
uefi-gdb/
Submodule for efi applications and drivers debugging with gdb
Working directories to create if needed (rules associated in make targets)
img-arch/
Archlinux cdrom and distro disk to be used with QEMU target
$ wget https://<archrepo>/archlinux-yyyy.mm.dd-x86_64.iso -O arch.iso
$ qemu-img create -f qcow2 vdisk.qcow2 10G
And install eventually archlinux on vdisk.qcow2
Note that you can work using the live disk only