Hi!
I want to perform integrity checking on my OS files before my computer boots up.
For this, i want to know how i can get my own prog to load into memory so that it can check the compressed kernel image "vmlinuz"...
pls help.
For the checking, i plan to use a dbm database that stores the SHA1 hashes for all the files i want to authenticate....so i need to load that database into RAM also...

Nikhil.

Mate, you're about to write your own OS :}

Think about it: you'll need to implement low level I/O
to get partition info, implement the Linux file-systems
you want to check, ...


Cheers,
Tink

You could build your own bootable CD distribution, customized startup script could do the necessary hash comparisons etc.

But to be honest if your that paranoid about changes being made to files why don't you have your system files boot from CD and have your user files stored on the HD.

If you onyl want to check files that are contained in the filesystem you could boot using an initrd which would do all that before mounting the root partition.
However, you state that you want to verify the kernel image. In order to do that you'd need to write a program in assembler which could be run by the boot-loader before loading the kernel. But I don't see the point in trying to verify the kernel itself -if you have compiled it yourself then you should know if it is alright and it can't really be corrupted once compiled.

I wouldn't go for writing a separate application. Instead, I'd add the code to the bootloader, just before it gets the kernel image (then you have all the low level stuff you need).

Thank you all!
The thing is this integrity checking is to make a prototype for a company, for whom i'm assigned a project as a Computer Engineering student.
I fancy the bootloader idea, i guess that wil be a little less messy....
But, suppose i make the changes for GRUB, they won't work for LILO i suppose; or for that matter any other boot-loader....
That i think is inevitable....

Can you recommend any books/online tutorials that can provide a way to modify the bootloader, so that i can boot my program?

If any of you'll have worked on similar source code (assembly, i suppose), you could mail it to me at nikhil.pirate@gmail.com

Thanks again.
Nikhil.

You'll need to study the code for some bootloaders and incorporate your code there. I'd suggest studying grub(0.97) or Smart Boot Manager (tiny one with some unique features).
Are you sure that they want the kernel checked before loading?

There are a variety of web sites (Google for "mbr") providing detailed analysis of how the Windows boot code works. With this--plus the source code for GRUB--you should be able to see what is going on.

I have the impression that the combination of you + your management are about to go on a side road---ie a closer examination of the end objective might reveal a better approach.

I agree with pixellany -that's why I asked if you are sure that they really want to do some verification of the kernel itself. I suspect that they are really want to verify files which are located on the root file system before mounting it -which can be done with an initrd which contains your program and any libs it needs.

Hello!
WEll, when we (me + 2 frnds) spoke to the company person, he said he'd want a software that checked the entire system for integrity. He specified the kernel, and the "critical OS files".
I've yet to find out what these "critical OS files" are, but i'll find out sooner or later...

The general idea is this:
If you have a computer system, what's the guarantee that someone (a hacker/cracker) hasn't modified the system to say install a trojan? The possibility is a little less with the vmlinuz file i think, but its still possible....That is why, the goal is to verify most of the OS files, and the Application packages.

What I've done so far is code a C file that takes a filename as an argument. It checks this file for integrity using a dbm databse and SHA1 hash keys.

Somehow, i want this code (or similar code) to run at boot-up and check atleast some of the OS files, including the vmlinuz file.

Will check the links you have given.

Thanks again
Nikhil.

I suppose that you could check the kernel against an md5 or checksum, but as stated, you'd have to write machine/assembler code that runs before the kernel boots. That means code that could be run by the bootloader. Maybe you should look at the code for memdisk, which is part of syslinux.
I still suspect that the person you talked doesn't really know what a kernel is or how it fits into things. At any rate, you can boot with a kernel which is not even on the same machine. If he's worried about the integrity of the kernel he can have it on a floppy, CD, or USB device completely separate from the machine. Or he could use a pxe/netboot ROM to load the kernel over a network.

Wait. Just boot some live cd like okmyx said, mount the partition and check the files without doing any asm stuff. What's wrong with that?

To be sure that your kernel is not tempered put it in read-only partition, or keep it in write protected flash, or ... etc. There are better ways to archive your goal then writing bootloader extensions.

Make sure that the person making the requirements really understands what they are, and explain available alternatives.

I'd would booted kernel and initrd from read-only partition, and run script verifying your file system. Idea is about the same as booting from live CD. The bottom line try to avoid any fancy stuff.

There is naked lady or smth similar called linux distro which is the most minimal one. You can try this.

Hi!
From what you've all replied, i get one thing:
Making a bootloader extension is perhaps not the best way to go about this problem.
However, I'd like to raise an issue:

Suppose you already have this Linux OS installed on a NON-read-only partition, with some application packages installed. You are the system admin. You don't like booting from any place other than your HDD, (e.g. everytime booting from a CD is not exactly convenient).

The idea as given to me was to check the integrity of the kernel and the critical OS files EVERYTIME the system boots up. And if this happens automatically (without inserting a CD), then its preferable. Won't booting with a CD be a hassle to manage security?

Given this, I know that building a bootloader extension might be too difficult especially for us. Neither of us is that experienced to write any bootloader code yet.
If its really not worth the trouble, maybe its better to have a CD to do the checking, instead of having an inbuilt system. But do you think this will be a viable/realistic solution?

One more point: what exactly is initrd?

Thanks again.
Nikhil.