On Di, 19.07.22 16:15, Gerd Hoffmann (kraxel(a)redhat.com) wrote:
> Moreover, this allows us to implemented TPM policies that bind
to
> signatures of PCR hashes, instead of the literal hash values. That
> makes the measurements a *million* times more useful, since we loose
> the brittleness on updates: if the expected PCR values can be
> pre-calculated by the vendor, and then be signed, then an update won't
> invalidate the policies anymore.
Another case which requires creating initrds at build time.
Yupp.
Zbigniew and I are working on making pre-built initrds for general
purpose distros a reality, i.e. finding a way between keeping things
reasonably modular but also pre-generated, immutable, pre-measurable,
and thus have a tight trust chain at boot. We'll do two talks about
that at Linux Plumbers Conference later this year.
Lennart
--
Lennart Poettering, Berlin