BitLocker: BootMgr kernel check before handoff?

[Guest]

When using TPM, is there an integrity check performed on the kernel itself
before that final handoff from the BootMgr to the Vista kernel?

I know this may not be what BitLocker was designed for, but this seems like
a way to thwart kernel rootkits.

Pre-boot integrity is performed by TPM via BitLocker, and after boot by the
kernel. Its the handoff from BitLocker to the kernel that seems like a gap...

Thanks!

 

[David J. Craig]

Maybe with the new virtualization features of the CPUs, it might be a good
idea for ntdetect to be a hypervisor. This would prevent a hypervisor virus
from running all the operating systems under it so no possible antivirus
program could detect them.

 

[Jamie Hunter [MS]]

To Tavis:
BIOS performs integrity checks on itself (CRTM) and on "Initial Program
Load" (to load MBR)
This chain follows through to BOOTMGR
BOOTMGR (common to multiple OSes) then uses a table to validate other boot
components (e.g. winload.exe). I will get a paper out on this before RTM,
but essentially there is a table of valid boot components and settings that
is MAC'd.
WINLOAD.EXE (specific to the booting OS) then uses code-integrity to
validate OS components, the remainder of the trust chain utilizes
code-integrity.
Using a TPM chain of trust past BOOTMGR becomes very fragile due to code
load/execution branches, however the integrity chain is maintained through
other mechanisms that are more applicable to the load/execution branches.

To David:
I will only note that there is a good reason why BitLocker came from the
group previously known as NGSCB (it's now called System Integrity). This was
an early design goal, but the virtualization and firmware interaction poses
some issues. Another version...
(BTW, ntldr/ntdetect has been replaced by the BOOTMGR/WINLOAD.EXE
architecture).