table of contents
AMTU(8) | Linux System Administration | AMTU(8) |
NAME¶
amtu - Abstract Machine Test Utility (AMTU)
SYNOPSIS¶
amtu [-dmsinph]
DESCRIPTION¶
Abstract Machine Test Utility (AMTU) is an administrative utility that checks whether the underlying protection mechanisms of the hardware are being enforced. These checks are a requirement of the Controlled Access Protection Profile (CAPP) FPT_AMT.1 (see http://www.radium.ncsc.mil/tpep/library/protection_profiles/CAPP-1.d.pdf).
AMTU executes the following tests:
- * Memory
- Randomly writes to areas of memory, then reads the memory back to ensure the values written remain unchanged.
- * Memory Separation
- Ensures that user space programs cannot read and write to areas of memory utilized by items such as Video RAM and kernel code.
- * I/O Controller - Network
- Verifies random data transmitted is also the data received for each configured network device. Checks only Ethernet and token ring devices that are configured and up. Does not check async devices.
- * I/O Controller - Disk
- Verifies random data written to disks remains unchanged. Only IDE and SCI controllers that are associated with mounted file systems are checked. Disk controllers with read-only mounted file systems are not checked.
- * Supervisor Mode Instructions
- Ensures that the enforcement of the property that privileged instructions should only be in supervisor mode is still in effect. The set of privileged instructions tested to confirm this is architecture dependent.
OPTIONS¶
Options available for the amtu command are the following:
RETURN CODES¶
The amtu command issues the following return codes when executed:
- -1
- Failure
- 0
- Success.
REPORTING BUGS¶
Report bugs to amtueal-devel@lists.sourceforge.net .
AUTHOR¶
Emily Ratliff, Joy Latten, and Kimberly Simon.
2003-08-25 | Linux 2.4 |