Question regarding the state of TPM support

help-grub

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Question regarding the state of TPM support

From:	Jendrik Weise
Subject:	Question regarding the state of TPM support
Date:	Sat, 20 Feb 2021 12:21:26 +0100

Hello,
I would like to know what the current state of GRUB's TPM measurement
capabilities is compared to say TrustedGRUB. I would prefer not to use that
as its latest release is four years old by this point, and GRUB has since
added a section to the documentation concerned with the TPM. In particular
I am wondering what thr "Files" section mentioned in the docs includes,
does it include both modules and say initrd images and kernels read by
GRUB? The docs also mentioned core.img must be by measured by firmware. Is
this normally configured already? Finally, the major difference that I did
notice is that GRUB does not seem to have proper support for reading from
the TPM to acquire the needed key, only for writing its measurements. How
hard would it be to add *rudimentary *such support myself, perhaps based on
the TrustedGRUB implementation?
Rgds
Jendrik

[Prev in Thread]

Current Thread

[Next in Thread]

Question regarding the state of TPM support, Jendrik Weise <=
- Re: Question regarding the state of TPM support, Hanson Char, 2021/02/20

Prev by Date: Re: BIOS/GPT with bios_gub raw partition: core image is too big
Next by Date: Grub-pxe "ls" list no devices - searching for pxelinux localboot 1 equivalent
Previous by thread: BIOS/GPT with bios_gub raw partition: core image is too big
Next by thread: Re: Question regarding the state of TPM support
Index(es):
- Date
- Thread