Attention is currently required from: Michał Żygowski, Maciej Pijanowski, Krystian Hebel, Sergii Dmytruk.
4 comments:
Patchset:
A few minor comments.
File Documentation/security/vboot/measured_boot.md:
Patch Set #2, Line 51: ### TCPA eventlog
TCPA is an older term and tends to be considered as referring to the older log format for TPM1.2 days before TPM2 and UEFI TPM log format was standardized. I would recommend renaming section to "TPM Eventlog"
Patch Set #2, Line 181: ## Platform Configuration Register
In my comments in the other changeset, I mentioned PCRs 17-22 are DRTM PCRs, but in this section it might be useful to take a moment to communicate that PCRs 0-15 are SRTM PCRs, PCR 16 is debug PCR, PCRs 17-22 are DRTM PCRs, and PCR 23 is the application/user PCR. And also mention that PCRs 16, and 23 are resetable from locality 0 and PCR 22 is resetable from locality 1.
Do you really mean that "3 or 4" PCR banks are used? Typically a PCR bank is a TPM2 term to refer to a set of 23 PCRs for a specific hash algo. Do you mean "coreboot uses first three to four PCRs with the remainder, PCRs 4 - 7, left empty."
It might also be useful to explain what the measurement and PCR bank usage strategy is, eg. 1) does the firmware directly do the hash or is it left to the TPM and 2) which PCR banks are used and when are they used. Point 2 comes from trying to discern the reasoning behind the measurement structure below, specifically why is only the SHA1 of Google vboot GBB flags is ever measured in either scheme?
To view, visit change 68752. To unsubscribe, or for help writing mail filters, visit settings.