List overview
Download

Trusted-computing October 2011

trusted-computing@lists.fedorahosted.org

1 participants
1 discussions

Start a nNew thread

TPM measurement during a PXEboot
by Li, David 13 Oct '11

13 Oct '11

I know the spec (TCG EFI Platform Spec v1.2) doesn't explicitly mention what to do in a PXEBoot regarding kernel image TPM measurement. Sounds like this should fall into the general category of kernel measurement into PCR4 and 5. Now in my case, this is a gray area in reality. Typically PXEboot is handed by the PXE ROM in a NIC card and not by the motherboard BIOS. What if the main BIOS does its job but has to stop at the PXE ROM while the PXE ROM doesn't measure the loader and kernel image at all? In other words, if my chain of trust stops (or breaks) at the PXE ROM, is there any other way to solve this problem? Thanks. --- David Li Cloudshield Technologies SAIC

3 9