Re: [PATCH V3 3/3] verifiers: Add TPM documentation
On Thu, Nov 29, 2018 at 11:28:10AM -0800, Matthew Garrett wrote: > Describe the behaviour of grub when the TPM module is in use. > > Signed-off-by: Matthew Garrett Reviewed-by: Daniel Kiper If there are no objections I will apply the patch series in a week or so. Thank you for doing the work. Daniel ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
Re: [PATCH V3 2/3] verifiers: Core TPM support
On Thu, Nov 29, 2018 at 11:28:09AM -0800, Matthew Garrett wrote: > From: Matthew Garrett > > Add support for performing basic TPM measurements. Right now this only > supports extending PCRs statically and only on UEFI. In future we might > want to have some sort of mechanism for choosing which events get logged > to which PCRs, but this seems like a good default policy and we can wait > to see whether anyone has a use case before adding more complexity. > > Signed-off-by: Matthew Garrett Reviewed-by: Daniel Kiper Daniel ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
Re: [PATCH V3 1/3] verifiers: Verify commands executed by grub
On Thu, Nov 29, 2018 at 11:28:08AM -0800, Matthew Garrett wrote: > From: Matthew Garrett > > Pass all commands executed by grub to the verifiers layer. Most > verifiers will ignore this, but some (such as the TPM verifier) want to > be able to measure and log each command executed in order to ensure that > the boot state is as expected. > > Signed-off-by: Matthew Garrett Reviewed-by: Daniel Kiper Daniel ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
