Some quick and dirty thoughts inline... > 1. Using tboot or a TPM (on the motherboard), is it possible to have a dual > boot system where both OSes boot in trusted mode? If so, how is that > configured?
Almost certainly, though it depends on your definition of "trusted mode". If you just want "authenticated boot" where the OS that boots gets measured, then yes. If you want to try to "enforce" that any OS that boots must be one of these 2 OSes, the set of assumptions on which those properties depend grows considerably. Sorry I don't have time to get into more detail presently. > 2. Can tboot or a TPM (on the motherboard) enable trusted boot of a USB > device? If so, how is that configured? I suspect so. This would have more to do with the configuration of the bootloader (e.g., grub) than with tboot. > 3. If I were able to set up a USB device (with a controlled bootable image) > for trusted boot... if the primary hard disk OS was not to boot in trusted > mode how would these be configured? Again, this sounds like a BIOS (boot device priority) / bootloader configuration. tboot should be able to work under these conditions, though I haven't tried it. > 4. Is it possible to buy TPM chips? If so, through whom? Through whom might > I get one for eval/prototype purposes? It is. The easiest way is to buy a PC / laptop that already includes one, but individual chips are available on daughter cards with an LPC bus interface. DigiKey is one such company that sells them: http://search.digikey.com/scripts/DkSearch/dksus.dll?Cat=2556771&k=tpm Note that most PCs don't include the relevant connector but I believe adapter cards are available. > Athough tboot is very useful, my questions relate to a potential project > that requires use of a TPM chip. Folks on this list have been kind with respect to discussion of a related project of mine, so hopefully they'll put up with this one too. :) Regards, -Jon ------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
