AMTU(8) Linux System Administration AMTU(8)NAME
amtu - Abstract Machine Test Utility (AMTU)
SYNOPSIS
amtu [-dmsinph]
DESCRIPTION
Abstract Machine Test Utility (AMTU) is an administrative utility that
checks whether the underlying protection mechanisms of the hardware are
being enforced. These checks are a requirement of the Controlled
Access Protection Profile (CAPP) FPT_AMT.1 (see
http://www.radium.ncsc.mil/tpep/library/protection_pro‐
files/CAPP-1.d.pdf).
AMTU executes the following tests:
* Memory
Randomly writes to areas of memory, then reads the memory back
to ensure the values written remain unchanged.
* Memory Separation
Ensures that user space programs cannot read and write to areas
of memory utilized by items such as Video RAM and kernel code.
* I/O Controller - Network
Verifies random data transmitted is also the data received for
each configured network device. Checks only Ethernet and token
ring devices that are configured and up. Does not check async
devices.
* I/O Controller - Disk
Verifies random data written to disks remains unchanged. Only
IDE and SCI controllers that are associated with mounted file
systems are checked. Disk controllers with read-only mounted
file systems are not checked.
* Supervisor Mode Instructions
Ensures that the enforcement of the property that privileged
instructions should only be in supervisor mode is still in
effect. The set of privileged instructions tested to confirm
this is architecture dependent.
OPTIONS
Options available for the amtu command are the following:
-d Print debug messages.
-m Execute Memory Test.
-s Execute Memory Separation Test.
-i Execute I/O Controller - Disk Test.
-n Execute I/O Controller - Network Test
-p Execute Supervisor Mode Instructions Test.
-h Print help message.
RETURN CODES
The amtu command issues the following return codes when executed:
-1 Failure
0 Success.
REPORTING BUGS
Report bugs to amtueal-devel@lists.sourceforge.net .
AUTHOR
Emily Ratliff, Joy Latten, and Kimberly Simon.
Linux 2.4 2003-08-25 AMTU(8)