On Thu, Aug 11, 2016 at 05:00:00PM +0200, Zaolin wrote:
The whole TPM stack needs to be reworked until it can used for a measured boot.
Is it necessary to import the entire complexity of TSS for the measured boot task of hashing the various components? Once the Linux payload starts up it can implement the more complex parts, as long as the bootblock (with appropriate WP# and BP bits set on the ROM) can setup the root of trust and the romstage/ramstage/payload loading process can maintain the chain.