David,
If you are not enforcing any security and you just want to know if any of boot
parameters has changed then reading PCR registers should be enough.
However, if you want to utilize trusted computing to fuller extent then you
need more then this. You will need to start from obtaining a trusted boot
loader that will boot your operating system in a specific way. I'm not aware of
any UEFI bootloaders that are TPM aware but there are few option for old
fashion BIOS/MBR boot (Trusted GRUB for example). Note, that you don't not need
trousers stack for this either.
Essentially, Trousers provides a library that implements several APIs specified
by TCG as well as provides some tools for basic TPM operations (separate
project called tpm-tools which depends on Trousers). You may need Trousers for
the sake of those tools for taking ownership of the TPM and other basic
operations and in that case you will need to install trousers and run tcsd
daemon. Otherwise, unless you developing/using secure applications that in some
way rely on TPM you don't need to worry yourself with it.
Hope this helps.
----- Original Message -----
> From: "David Li" <[email protected]>
> To: [email protected]
> Sent: Thursday, September 18, 2014 1:00:51 PM
> Subject: [TrouSerS-users] Do I need Trousers stack?
> Hi,
> I am totally new here. I have a x86_64 server from a vendor. It has
> an onboard TPM 1.2 chip. The server is running a small Tinycore
> Linux. My goal is to use TPM to ensure the server's firmware not
> tampered or changed on each reboot.
> I enabled TPM support in the kernel and now I can read PCR values
> under /sys/class/misc/tpm0/devices. These are populated by the
> vendor's uEFI firmware I think.
> The question is this: If I just want to read the PCR values and make
> sure they are not changed from last time. Do I still need Trousers
> Stack?
> Thanks.
> ------------------------------------------------------------------------------
> Slashdot TV. Video for Nerds. Stuff that Matters.
> http://pubads.g.doubleclick.net/gampad/clk?id=160591471&iu=/4140/ostg.clktrk
> _______________________________________________
> TrouSerS-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/trousers-users
------------------------------------------------------------------------------
Slashdot TV. Video for Nerds. Stuff that Matters.
http://pubads.g.doubleclick.net/gampad/clk?id=160591471&iu=/4140/ostg.clktrk
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
