[systemd-devel] Is tpm2-measure-pcr really an additional security?

Hello, I'm in the process of using SecureBoot, TPM2.0 and LUKS2 to protect an industrial embedded computer. I have a chain of trust in the UEFI (own secure boot keys/certificates), signed grub2, all files used by grub2 signed including kernel and initramfs,  and successfully automatically un

Re: [systemd-devel] Is tpm2-measure-pcr really an additional security?

08.03.2025 22:40, Andrei Borzenkov wrote: 08.03.2025 21:52, Diorcet Yann wrote: Hello, I'm in the process of using SecureBoot, TPM2.0 and LUKS2 to protect an industrial embedded computer. I have a chain of trust in the UEFI (own secure boot keys/certificates), signed grub2, all files used by g

Re: [systemd-devel] Is tpm2-measure-pcr really an additional security?

08.03.2025 21:52, Diorcet Yann wrote: Hello, I'm in the process of using SecureBoot, TPM2.0 and LUKS2 to protect an industrial embedded computer. I have a chain of trust in the UEFI (own secure boot keys/certificates), signed grub2, all files used by grub2 signed including kernel and initramfs,