On 01:41 Wed 20 Aug , Wei, Gang wrote: > OnĀ Aug 15, 2014 00:43, Benjamin Block wrote: > > Hej, > > > > just a short question because I'm a little confused about this: which > > lcptools are you supposed to use? In docs/ the policy-readme for > > modern systems is policy_v2.txt and then, in this file, lcptools and > > not > > lcptools_v2 is referenced. I also don't find any other statement in > > the docs about what the difference is between the two (I'd rather not > > read the whole source to find out ;)). > > lcptools_v2 is for LCP policy v3 to support tpm2.0. >
Ah, ok. Then that explains why that wouldn't work. Had figured it out
in the meantime with some trial-and-error. Would maybe be good to add
a note about this in the readme of the tools-directory, just in case.
>
> > Also, how can you get the sbios-hashes that are mentioned in the docs
> > for both lcptool-version? Isn't the bios supposed to be hashed into
> > PCR 0 anyway?
>
> You can get sbios-hashes from platform vendors. Yes, it will be hashed
> into PCR0. It is a little bit overlap with PCONF element, but with SBIOS
> element you can just apply policy on sbios.
>
Alright, so I guess this is more for suppliers/OEMS with closer
relations to the bios-vendors and not any user.
Thx for the info.
--
The church saves sinners, but science seeks to stop their manufacture.
-- Elbert Hubbard
--
best regards,
- Benjamin Block
signature.asc
Description: Digital signature
------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/
_______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
