SlideShare a Scribd company logo

Case study on chrome os in detail.History, architecture,process

Download as PPTX, PDF
S
skb212733

Case study on chrome os in detail.History, architecture,process

Engineering
1 of 28
Case Study on Chrome OS Prepared by: Subramanya G Swaroop Kumar Under the guidance of Mr Vedamurthy H K
Chrome OS Kernel Map
Design of firmware Chrome OS consists of three major components: • The Chromium-based browser and the window manager • System-level software and user-land services: the kernel, drivers, connection manager, and so on • Firmware
Architecture
Firmware The firmware plays a key part to make booting the OS faster and more secure. To achieve this goal Chrome OS has removed unnecessary components and adding support for verifying each step in the boot process. Chrome OS also support for system recovery into the firmware itself. This can avoid the complexity that's in most PC firmware because They don't have to be backwards compatible with a large amount of legacy hardware. For example, we don't have to probe for floppy drives. Chrome OS firmware has implemented with the following functionality: • System recovery: The recovery firmware can re-install Chrome OS in the event that the system has become corrupt or compromised. • Verified boot: Each time the system boots, Chrome OS verifies that the firmware, kernel, and system image have not been tampered with or become corrupt. This process starts in the firmware. • Fast boot: They have improved boot performance by removing a lot of complexity that is normally found in PC firmware.
High level design of the firmware
Firmware Boot and Recovery • The layout and structure of firmware for Chrome OS is designed for security, recovery and development. • All firmware will contain a recovery code path, which will restore the machine to its original Chrome OS state. This recovery code path will be initiated either when any chain in the boot path is not verified or when a user manually triggers recovery mode, likely via an explicit recovery button on the device. • Chrome OS wants to support developers as well. Developers are provided with a means of running alternate software. In the alternate boot paths, the user is notified that they are not running a boot path provided as part of Chrome OS. • The boot and recovery procedures outlined will be implemented and required for all Chrome OS platforms regardless of architecture (ARM/Intel/etc...).
EEPROM map Boot stub: Must be at the top of EEPROM, since most processors jump to the top of memory (0xFFFFFFF0) after internal initialization. Contains the "root key" - the official public key used to verify the signature of the next stage of firmware. The private key is not contained on the device, and must be protected from all unauthorized access. To reduce exposure of the private root key, the private root key will be used to sign a second date-limited or numbered key stored in the rewritable firmware, which is then used to sign that firmware. Validation of the date or key number could be done via a TPM module. Pseudocode • Initialize processor and RAM (and implicitly, those parts of the north bridge necessary to initialize RAM), using conservative timings. • If user-forced recovery mode, skip to attempt loading recovery firmware. (The recovery button asserts an I/O line that can be measured by the firmware.) • Check the non-volatile register or memory region for a recovery mode cookie value. If this is set, some later stage of the boot process must have failed and requested recovery mode, so skip to attempt loading recovery firmware. • Attempt loading Firmware A. • Copy Firmware A to RAM. • Verify signature of Firmware A using public key stored in boot stub. • If signature is valid, jump to Firmware A Setup. • Firmware A is bad. Repeat for Firmware B. • Both A and B are bad. Attempt loading recovery firmware to RAM and verify signature. If valid, jump to recovery firmware. • All recovery options have been exhausted. Catch fire / emit POST code / etc.
Firmware (A/B) setup This firmware sets up a minimal set of hardware components so that the boot loader can load the kernel from the normal boot drive. For example, the SATA or eMMC controller. Pseudocode • Initialize chipset / file system sufficiently to jump to Boot Loader code. • Jump to Boot Loader code. • Firmware (A/B) boot loader • The boot loader is only designed to load Chromium OS. We can go directly from firmware bootstrap to the kernel in the disk. Pseudocode • Verify the partition table on the disk looks sane. • Load kernel A from the disk. • Verify signature of kernel. • If signature is invalid: • If this is kernel A, retry with kernel B. • Else this is kernel B. Both kernels are bad, so set the recovery-mode cookie non-volatile register and reboot into recovery firmware. • If kernel was signed with a public key not known to the boot loader, this is a developer kernel: • Initialize the display. • Display scary developer mode warning to user. For example: "Google Chrome OS is not installed. Press space bar to repair." • Wait for keypress or 30-second delay before continuing. • If key pressed was Space bar, Enter, or Esc, jump to Recovery Firmware. • If key pressed was Control+D, dismiss screen. • Ignore other key presses. • Continue booting the kernel.
Boot flowchart The three main downward flows in boot flowchart is: • Start of boot in read-only firmware • Normal continuation of boot, loading kernel from internal drive • Recovery mode
Boot flowchart
Extending verification from the kernel on upward • The Chrome OS team is implementing a verified boot solution that strives to ensure that users feel secure when logging into a Chromium OS device. Verified boot starts with a read-only portion of firmware, which only executes the next chunk of boot code after verification. • Verified boot strives to ensure that all executed code comes from the Chrome OS source tree, rather than from an attacker or corruption. • Verified boot is focused on stopping the opportunistic attacker. While verified boot is not expected to detect every attack, the goal is to be a significant deterrent which will be improved upon iteratively. • Verification during boot is performed on-the-fly to avoid delaying system start up. It uses stored cryptographic hashes and may be compatible with any trusted kernel.
Verified Boot Data Structures Basic Guidelines Structures are versioned Versioning allows readers to check for older/newer structures. This feature lets us add fields to the structures without necessarily breaking old readers and provides an upgrade path for newer readers to handle old structures. Versioning structures will resolve the issue where kernel and firmware must be updated in unison. Structures have a major and minor version number. • ReaderMajor != StructureMajor - fundamental change in struct; do not attempt to parse • ReaderMinor == StructureMinor - all is well • ReaderMinor < StructureMinor - reading a newer file; fields have been added to the struct, but the existing reader will be able to ignore them and still function • ReaderMinor > StructureMinor - reading an older file; reader won’t find the fields added since version StructureMinor, and should use default values for those fields
Key structures keep track of their own key version and algorithm While public keys generally have some internal structure, it’s not always apparent. We can use various sizes and algorithms for different keys , so they’ve defined a VbPublicKey structure that simply encapsulates the public key data along with its size and algorithm
VbSignature structures are very similar, but instead of the algorithm and version they only remember the length of data they signed. A signature data blob is usually a hash that has been encrypted with a private key. The corresponding public key must be used to extract the original hash. In some cases we may also use a VbSignature structure for a nonencrypted hash.
The public key and signature headers know how to find their data Given a pointer to the VbPublicKey or VbSignature header, you can find the corresponding data, which may not be immediately following the header itself. This lets us put the header structs as sub-structs in the major structures (preambles, etc.), followed by the data, without needing to pass in data pointers separately. Functions should take header pointers rather than raw data wherever possible. Common structures are reused Keys, signatures, and key blocks are used by firmware and kernel algorithms. Common code for generating and parsing is reused.
Major structure Key block At the beginning of a firmware or kernel image is a key block that contains the subkey used to sign the rest of the data in the image. The subkey itself is signed by some higher key, which is presumably more secure or robust. The key block itself is either signed (by Google) or simply checksummed (for self-signed developer images), so only one of the two VbSignatures is used to validate it. The reason we have two VbSignatures in the key block header is so that we can build one image that can be validated in either way, which makes testing and development much simpler. This key block structure is identical for firmware and kernel images, so the code to create and verify it can be shared.
Firmware image A firmware image consists of a key block, a firmware preamble, and the firmware body. The key block, preamble, and body do not directly point to each other, so they can be read into separate blocks of memory. The firmware preamble is signed by the key block, and contains the signature of the firmware body plus another subkey which will be used to validate the kernel image.
Kernel image A kernel image consists of a key block, a kernel preamble, and the kernel body. The key block, preamble, and body do not directly point to each other, so they can be read into separate blocks of memory.
Root of trust When the device is first powered on, it begins execution from a read-only section of flash memory. In addition to (hopefully) secure code, that read-only region contains the primary root keys needed to validate all the rest of the signed images. The structure that locates the root keys and various other read-only components is the GoogleBinaryBlockHeader, or ”GBB” There are two primary keys in the GBB. The root key is used in the normal boot sequence to sign the read/write firmware, which contains subkeys to sign the kernel, and so forth. In recovery mode, only the read-only firmware is executed (because the read/write firmware may have been erased), so the kernel image on the removable drive is signed by the recovery key There are a total of six separate keypairs involved in the complete boot process.
Normal boot • Read-only firmware looks in the GBB, finds the root key in read- only memory. • The root key validates the read/write firmware’s keyblock, which contains the firmware data key. • The firmware data key validates the firmware preamble (which contains the kernel subkey) and the read/write firmware body. • The read/write firmware begins execution. • The read/write firmware uses the kernel subkey to validate the kernel’s keyblock, which contains the kernel data key. • The kernel data key validates the kernel preamble and the kernel blob. • The kernel begins execution. • The kernel image contains the hash of hashes, which is used to validate the bundle of hashes used by the block-based rootfs validation scheme. • The filesystem driver uses the bundle of hashes to validate each block of the rootfs as is read off the disk.
Recovery boot • Read-only firmware looks in the GBB, finds the recovery key in read-only memory. • The recovery key validates the kernel’s keyblock, which contains the recovery kernel data key. Although it serves the same purpose as the kernel subkey in normal boot, it uses a larger key because the read/write firmware is not used as an intermediate step. • The recovery kernel data key validates the kernel preamble and the kernel blob. • The kernel begins execution. • The kernel image contains the hash of hashes, which is used to validate the bundle of hashes used by the block-based rootfs validation scheme. • The filesystem driver uses the bundle of hashes to validate each block of the rootfs as it is read from the removable media.
Chrome and the window manager
Some of the pics of the Chrome OS
Some of the pics of the Chrome OS
Some of the pics of the Chrome OS
Some of the pics of the Chrome OS
THANK YOU

Recommended

Chromium os architecture report
Chromium os architecture reportChromium os architecture report
Chromium os architecture reportAmr Abd El Latief
 
Android bootup process
Android bootup processAndroid bootup process
Android bootup processSanjay Kumar
 
File000124
File000124File000124
File000124Desmond Devendran
 
Secure boot general
Secure boot generalSecure boot general
Secure boot generalPrabhu Swamy
 
itisha.pptx
itisha.pptxitisha.pptx
itisha.pptxShubhamRai938546
 
Structure of an operating system.pptx
Structure of an operating system.pptxStructure of an operating system.pptx
Structure of an operating system.pptxMSivani
 
BIOS AND OS
BIOS AND OSBIOS AND OS
BIOS AND OSAlen Binu abraham
 
Boot prom basics
Boot prom basicsBoot prom basics
Boot prom basicsGanesh Kumar Veerla
 

Recommended

Chromium os architecture report
Chromium os architecture reportChromium os architecture report
Chromium os architecture reportAmr Abd El Latief
 
Android bootup process
Android bootup processAndroid bootup process
Android bootup processSanjay Kumar
 
File000124
File000124File000124
File000124Desmond Devendran
 
Secure boot general
Secure boot generalSecure boot general
Secure boot generalPrabhu Swamy
 
itisha.pptx
itisha.pptxitisha.pptx
itisha.pptxShubhamRai938546
 
Structure of an operating system.pptx
Structure of an operating system.pptxStructure of an operating system.pptx
Structure of an operating system.pptxMSivani
 
BIOS AND OS
BIOS AND OSBIOS AND OS
BIOS AND OSAlen Binu abraham
 
Boot prom basics
Boot prom basicsBoot prom basics
Boot prom basicsGanesh Kumar Veerla
 
Introduction to chrome os
Introduction to chrome osIntroduction to chrome os
Introduction to chrome osIndrajit Gohokar
 
TC and TPM.ppt
TC and TPM.pptTC and TPM.ppt
TC and TPM.pptyhaxpsos
 
Modern Personal ComputerBoot up ProcessThe boot up process i.docx
Modern Personal ComputerBoot up ProcessThe boot up process i.docxModern Personal ComputerBoot up ProcessThe boot up process i.docx
Modern Personal ComputerBoot up ProcessThe boot up process i.docxraju957290
 
Distro Recipes 2013: Secure Boot and Linux: several issues, one solution
Distro Recipes 2013: Secure Boot and Linux: several issues, one solutionDistro Recipes 2013: Secure Boot and Linux: several issues, one solution
Distro Recipes 2013: Secure Boot and Linux: several issues, one solutionAnne Nicolas
 
Boot loader
Boot loader Boot loader
Boot loader Aalay Kapadia
 
Configuring startup and troubleshooting startup issues
Configuring startup and troubleshooting startup issuesConfiguring startup and troubleshooting startup issues
Configuring startup and troubleshooting startup issueselboob2025
 
CSS-PPT-W1-D1.pdf
CSS-PPT-W1-D1.pdfCSS-PPT-W1-D1.pdf
CSS-PPT-W1-D1.pdfivy buncaras
 
BSP.pptx
BSP.pptxBSP.pptx
BSP.pptxtaruian
 
U Boot or Universal Bootloader
U Boot or Universal BootloaderU Boot or Universal Bootloader
U Boot or Universal BootloaderSatpal Parmar
 
COC. 1 COMPUTER SYSTEM SPECIFICATIONS-BIOS.pptx
COC. 1 COMPUTER SYSTEM SPECIFICATIONS-BIOS.pptxCOC. 1 COMPUTER SYSTEM SPECIFICATIONS-BIOS.pptx
COC. 1 COMPUTER SYSTEM SPECIFICATIONS-BIOS.pptxMaryGraceManaegHered
 
Understanding Flash Bootloader Software and Automotive ECU Reprogramming
Understanding Flash Bootloader Software and Automotive ECU ReprogrammingUnderstanding Flash Bootloader Software and Automotive ECU Reprogramming
Understanding Flash Bootloader Software and Automotive ECU ReprogrammingEmbitel Technologies (I) PVT LTD
 
HKG18-223 - Trusted FirmwareM: Trusted boot
HKG18-223 - Trusted FirmwareM: Trusted bootHKG18-223 - Trusted FirmwareM: Trusted boot
HKG18-223 - Trusted FirmwareM: Trusted bootLinaro
 
Booting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot imagesBooting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot imagesChris Simmonds
 
Operating system
Operating systemOperating system
Operating systemsweetysweety8
 
Compilers and interpreters
Compilers and interpretersCompilers and interpreters
Compilers and interpretersRAJU KATHI
 
Oracle database 12c client quick installation guide 2
Oracle database 12c client quick installation guide 2Oracle database 12c client quick installation guide 2
Oracle database 12c client quick installation guide 2bupbechanhgmail
 
Bootloaders (U-Boot)
Bootloaders (U-Boot) Bootloaders (U-Boot)
Bootloaders (U-Boot) Omkar Rane
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 
Ch04 system administration
Ch04 system administration Ch04 system administration
Ch04 system administration Raja Waseem Akhtar
 
Ch04
Ch04Ch04
Ch04Raja Waseem Akhtar
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).pptssuser5c9d4b1
 

More Related Content

Similar to Case study on chrome os in detail.History, architecture,process

TC and TPM.ppt
TC and TPM.pptTC and TPM.ppt
TC and TPM.pptyhaxpsos
 
Modern Personal ComputerBoot up ProcessThe boot up process i.docx
Modern Personal ComputerBoot up ProcessThe boot up process i.docxModern Personal ComputerBoot up ProcessThe boot up process i.docx
Modern Personal ComputerBoot up ProcessThe boot up process i.docxraju957290
 
Distro Recipes 2013: Secure Boot and Linux: several issues, one solution
Distro Recipes 2013: Secure Boot and Linux: several issues, one solutionDistro Recipes 2013: Secure Boot and Linux: several issues, one solution
Distro Recipes 2013: Secure Boot and Linux: several issues, one solutionAnne Nicolas
 
Configuring startup and troubleshooting startup issues
Configuring startup and troubleshooting startup issuesConfiguring startup and troubleshooting startup issues
Configuring startup and troubleshooting startup issueselboob2025
 
BSP.pptx
BSP.pptxBSP.pptx
BSP.pptxtaruian
 
U Boot or Universal Bootloader
U Boot or Universal BootloaderU Boot or Universal Bootloader
U Boot or Universal BootloaderSatpal Parmar
 
COC. 1 COMPUTER SYSTEM SPECIFICATIONS-BIOS.pptx
COC. 1 COMPUTER SYSTEM SPECIFICATIONS-BIOS.pptxCOC. 1 COMPUTER SYSTEM SPECIFICATIONS-BIOS.pptx
COC. 1 COMPUTER SYSTEM SPECIFICATIONS-BIOS.pptxMaryGraceManaegHered
 
Understanding Flash Bootloader Software and Automotive ECU Reprogramming
Understanding Flash Bootloader Software and Automotive ECU ReprogrammingUnderstanding Flash Bootloader Software and Automotive ECU Reprogramming
Understanding Flash Bootloader Software and Automotive ECU ReprogrammingEmbitel Technologies (I) PVT LTD
 
HKG18-223 - Trusted FirmwareM: Trusted boot
HKG18-223 - Trusted FirmwareM: Trusted bootHKG18-223 - Trusted FirmwareM: Trusted boot
HKG18-223 - Trusted FirmwareM: Trusted bootLinaro
 
Booting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot imagesBooting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot imagesChris Simmonds
 
Compilers and interpreters
Compilers and interpretersCompilers and interpreters
Compilers and interpretersRAJU KATHI
 
Oracle database 12c client quick installation guide 2
Oracle database 12c client quick installation guide 2Oracle database 12c client quick installation guide 2
Oracle database 12c client quick installation guide 2bupbechanhgmail
 
Bootloaders (U-Boot)
Bootloaders (U-Boot) Bootloaders (U-Boot)
Bootloaders (U-Boot) Omkar Rane
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 

Similar to Case study on chrome os in detail.History, architecture,process (20)

Introduction to chrome os
Introduction to chrome osIntroduction to chrome os
Introduction to chrome os
 
TC and TPM.ppt
TC and TPM.pptTC and TPM.ppt
TC and TPM.ppt
 
Modern Personal ComputerBoot up ProcessThe boot up process i.docx
Modern Personal ComputerBoot up ProcessThe boot up process i.docxModern Personal ComputerBoot up ProcessThe boot up process i.docx
Modern Personal ComputerBoot up ProcessThe boot up process i.docx
 
Distro Recipes 2013: Secure Boot and Linux: several issues, one solution
Distro Recipes 2013: Secure Boot and Linux: several issues, one solutionDistro Recipes 2013: Secure Boot and Linux: several issues, one solution
Distro Recipes 2013: Secure Boot and Linux: several issues, one solution
 
Boot loader
Boot loader Boot loader
Boot loader
 
Configuring startup and troubleshooting startup issues
Configuring startup and troubleshooting startup issuesConfiguring startup and troubleshooting startup issues
Configuring startup and troubleshooting startup issues
 
CSS-PPT-W1-D1.pdf
CSS-PPT-W1-D1.pdfCSS-PPT-W1-D1.pdf
CSS-PPT-W1-D1.pdf
 
BSP.pptx
BSP.pptxBSP.pptx
BSP.pptx
 
U Boot or Universal Bootloader
U Boot or Universal BootloaderU Boot or Universal Bootloader
U Boot or Universal Bootloader
 
COC. 1 COMPUTER SYSTEM SPECIFICATIONS-BIOS.pptx
COC. 1 COMPUTER SYSTEM SPECIFICATIONS-BIOS.pptxCOC. 1 COMPUTER SYSTEM SPECIFICATIONS-BIOS.pptx
COC. 1 COMPUTER SYSTEM SPECIFICATIONS-BIOS.pptx
 
Understanding Flash Bootloader Software and Automotive ECU Reprogramming
Understanding Flash Bootloader Software and Automotive ECU ReprogrammingUnderstanding Flash Bootloader Software and Automotive ECU Reprogramming
Understanding Flash Bootloader Software and Automotive ECU Reprogramming
 
HKG18-223 - Trusted FirmwareM: Trusted boot
HKG18-223 - Trusted FirmwareM: Trusted bootHKG18-223 - Trusted FirmwareM: Trusted boot
HKG18-223 - Trusted FirmwareM: Trusted boot
 
Booting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot imagesBooting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot images
 
Operating system
Operating systemOperating system
Operating system
 
Compilers and interpreters
Compilers and interpretersCompilers and interpreters
Compilers and interpreters
 
Oracle database 12c client quick installation guide 2
Oracle database 12c client quick installation guide 2Oracle database 12c client quick installation guide 2
Oracle database 12c client quick installation guide 2
 
Bootloaders (U-Boot)
Bootloaders (U-Boot) Bootloaders (U-Boot)
Bootloaders (U-Boot)
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
 
Ch04 system administration
Ch04 system administration Ch04 system administration
Ch04 system administration
 
Ch04
Ch04Ch04
Ch04
 

Recently uploaded

Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).pptssuser5c9d4b1
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSCAESB
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAbhinavSharma374939
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...Call Girls in Nagpur High Profile
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...RajaP95
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 

Recently uploaded (20)

Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentation
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog Converter
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 

Case study on chrome os in detail.History, architecture,process

  • 1. Case Study on Chrome OS Prepared by: Subramanya G Swaroop Kumar Under the guidance of Mr Vedamurthy H K
  • 3. Design of firmware Chrome OS consists of three major components: • The Chromium-based browser and the window manager • System-level software and user-land services: the kernel, drivers, connection manager, and so on • Firmware
  • 5. Firmware The firmware plays a key part to make booting the OS faster and more secure. To achieve this goal Chrome OS has removed unnecessary components and adding support for verifying each step in the boot process. Chrome OS also support for system recovery into the firmware itself. This can avoid the complexity that's in most PC firmware because They don't have to be backwards compatible with a large amount of legacy hardware. For example, we don't have to probe for floppy drives. Chrome OS firmware has implemented with the following functionality: • System recovery: The recovery firmware can re-install Chrome OS in the event that the system has become corrupt or compromised. • Verified boot: Each time the system boots, Chrome OS verifies that the firmware, kernel, and system image have not been tampered with or become corrupt. This process starts in the firmware. • Fast boot: They have improved boot performance by removing a lot of complexity that is normally found in PC firmware.
  • 6. High level design of the firmware
  • 7. Firmware Boot and Recovery • The layout and structure of firmware for Chrome OS is designed for security, recovery and development. • All firmware will contain a recovery code path, which will restore the machine to its original Chrome OS state. This recovery code path will be initiated either when any chain in the boot path is not verified or when a user manually triggers recovery mode, likely via an explicit recovery button on the device. • Chrome OS wants to support developers as well. Developers are provided with a means of running alternate software. In the alternate boot paths, the user is notified that they are not running a boot path provided as part of Chrome OS. • The boot and recovery procedures outlined will be implemented and required for all Chrome OS platforms regardless of architecture (ARM/Intel/etc...).
  • 8. EEPROM map Boot stub: Must be at the top of EEPROM, since most processors jump to the top of memory (0xFFFFFFF0) after internal initialization. Contains the "root key" - the official public key used to verify the signature of the next stage of firmware. The private key is not contained on the device, and must be protected from all unauthorized access. To reduce exposure of the private root key, the private root key will be used to sign a second date-limited or numbered key stored in the rewritable firmware, which is then used to sign that firmware. Validation of the date or key number could be done via a TPM module. Pseudocode • Initialize processor and RAM (and implicitly, those parts of the north bridge necessary to initialize RAM), using conservative timings. • If user-forced recovery mode, skip to attempt loading recovery firmware. (The recovery button asserts an I/O line that can be measured by the firmware.) • Check the non-volatile register or memory region for a recovery mode cookie value. If this is set, some later stage of the boot process must have failed and requested recovery mode, so skip to attempt loading recovery firmware. • Attempt loading Firmware A. • Copy Firmware A to RAM. • Verify signature of Firmware A using public key stored in boot stub. • If signature is valid, jump to Firmware A Setup. • Firmware A is bad. Repeat for Firmware B. • Both A and B are bad. Attempt loading recovery firmware to RAM and verify signature. If valid, jump to recovery firmware. • All recovery options have been exhausted. Catch fire / emit POST code / etc.
  • 9. Firmware (A/B) setup This firmware sets up a minimal set of hardware components so that the boot loader can load the kernel from the normal boot drive. For example, the SATA or eMMC controller. Pseudocode • Initialize chipset / file system sufficiently to jump to Boot Loader code. • Jump to Boot Loader code. • Firmware (A/B) boot loader • The boot loader is only designed to load Chromium OS. We can go directly from firmware bootstrap to the kernel in the disk. Pseudocode • Verify the partition table on the disk looks sane. • Load kernel A from the disk. • Verify signature of kernel. • If signature is invalid: • If this is kernel A, retry with kernel B. • Else this is kernel B. Both kernels are bad, so set the recovery-mode cookie non-volatile register and reboot into recovery firmware. • If kernel was signed with a public key not known to the boot loader, this is a developer kernel: • Initialize the display. • Display scary developer mode warning to user. For example: "Google Chrome OS is not installed. Press space bar to repair." • Wait for keypress or 30-second delay before continuing. • If key pressed was Space bar, Enter, or Esc, jump to Recovery Firmware. • If key pressed was Control+D, dismiss screen. • Ignore other key presses. • Continue booting the kernel.
  • 10. Boot flowchart The three main downward flows in boot flowchart is: • Start of boot in read-only firmware • Normal continuation of boot, loading kernel from internal drive • Recovery mode
  • 12. Extending verification from the kernel on upward • The Chrome OS team is implementing a verified boot solution that strives to ensure that users feel secure when logging into a Chromium OS device. Verified boot starts with a read-only portion of firmware, which only executes the next chunk of boot code after verification. • Verified boot strives to ensure that all executed code comes from the Chrome OS source tree, rather than from an attacker or corruption. • Verified boot is focused on stopping the opportunistic attacker. While verified boot is not expected to detect every attack, the goal is to be a significant deterrent which will be improved upon iteratively. • Verification during boot is performed on-the-fly to avoid delaying system start up. It uses stored cryptographic hashes and may be compatible with any trusted kernel.
  • 13. Verified Boot Data Structures Basic Guidelines Structures are versioned Versioning allows readers to check for older/newer structures. This feature lets us add fields to the structures without necessarily breaking old readers and provides an upgrade path for newer readers to handle old structures. Versioning structures will resolve the issue where kernel and firmware must be updated in unison. Structures have a major and minor version number. • ReaderMajor != StructureMajor - fundamental change in struct; do not attempt to parse • ReaderMinor == StructureMinor - all is well • ReaderMinor < StructureMinor - reading a newer file; fields have been added to the struct, but the existing reader will be able to ignore them and still function • ReaderMinor > StructureMinor - reading an older file; reader won’t find the fields added since version StructureMinor, and should use default values for those fields
  • 14. Key structures keep track of their own key version and algorithm While public keys generally have some internal structure, it’s not always apparent. We can use various sizes and algorithms for different keys , so they’ve defined a VbPublicKey structure that simply encapsulates the public key data along with its size and algorithm
  • 15. VbSignature structures are very similar, but instead of the algorithm and version they only remember the length of data they signed. A signature data blob is usually a hash that has been encrypted with a private key. The corresponding public key must be used to extract the original hash. In some cases we may also use a VbSignature structure for a nonencrypted hash.
  • 16. The public key and signature headers know how to find their data Given a pointer to the VbPublicKey or VbSignature header, you can find the corresponding data, which may not be immediately following the header itself. This lets us put the header structs as sub-structs in the major structures (preambles, etc.), followed by the data, without needing to pass in data pointers separately. Functions should take header pointers rather than raw data wherever possible. Common structures are reused Keys, signatures, and key blocks are used by firmware and kernel algorithms. Common code for generating and parsing is reused.
  • 17. Major structure Key block At the beginning of a firmware or kernel image is a key block that contains the subkey used to sign the rest of the data in the image. The subkey itself is signed by some higher key, which is presumably more secure or robust. The key block itself is either signed (by Google) or simply checksummed (for self-signed developer images), so only one of the two VbSignatures is used to validate it. The reason we have two VbSignatures in the key block header is so that we can build one image that can be validated in either way, which makes testing and development much simpler. This key block structure is identical for firmware and kernel images, so the code to create and verify it can be shared.
  • 18. Firmware image A firmware image consists of a key block, a firmware preamble, and the firmware body. The key block, preamble, and body do not directly point to each other, so they can be read into separate blocks of memory. The firmware preamble is signed by the key block, and contains the signature of the firmware body plus another subkey which will be used to validate the kernel image.
  • 19. Kernel image A kernel image consists of a key block, a kernel preamble, and the kernel body. The key block, preamble, and body do not directly point to each other, so they can be read into separate blocks of memory.
  • 20. Root of trust When the device is first powered on, it begins execution from a read-only section of flash memory. In addition to (hopefully) secure code, that read-only region contains the primary root keys needed to validate all the rest of the signed images. The structure that locates the root keys and various other read-only components is the GoogleBinaryBlockHeader, or ”GBB” There are two primary keys in the GBB. The root key is used in the normal boot sequence to sign the read/write firmware, which contains subkeys to sign the kernel, and so forth. In recovery mode, only the read-only firmware is executed (because the read/write firmware may have been erased), so the kernel image on the removable drive is signed by the recovery key There are a total of six separate keypairs involved in the complete boot process.
  • 21. Normal boot • Read-only firmware looks in the GBB, finds the root key in read- only memory. • The root key validates the read/write firmware’s keyblock, which contains the firmware data key. • The firmware data key validates the firmware preamble (which contains the kernel subkey) and the read/write firmware body. • The read/write firmware begins execution. • The read/write firmware uses the kernel subkey to validate the kernel’s keyblock, which contains the kernel data key. • The kernel data key validates the kernel preamble and the kernel blob. • The kernel begins execution. • The kernel image contains the hash of hashes, which is used to validate the bundle of hashes used by the block-based rootfs validation scheme. • The filesystem driver uses the bundle of hashes to validate each block of the rootfs as is read off the disk.
  • 22. Recovery boot • Read-only firmware looks in the GBB, finds the recovery key in read-only memory. • The recovery key validates the kernel’s keyblock, which contains the recovery kernel data key. Although it serves the same purpose as the kernel subkey in normal boot, it uses a larger key because the read/write firmware is not used as an intermediate step. • The recovery kernel data key validates the kernel preamble and the kernel blob. • The kernel begins execution. • The kernel image contains the hash of hashes, which is used to validate the bundle of hashes used by the block-based rootfs validation scheme. • The filesystem driver uses the bundle of hashes to validate each block of the rootfs as it is read from the removable media.
  • 23. Chrome and the window manager
  • 24. Some of the pics of the Chrome OS
  • 25. Some of the pics of the Chrome OS
  • 26. Some of the pics of the Chrome OS
  • 27. Some of the pics of the Chrome OS