[coreboot] Measuring the bootblock and adding a verstage
Zaolin
zaolin at das-labor.org
Thu Aug 11 17:00:00 CEST 2016
Hey Trammell,
No not really. Take a look at following patches:
https://review.coreboot.org/#/c/10542/
https://review.coreboot.org/#/c/14038/
https://review.coreboot.org/#/c/14009/
https://review.coreboot.org/#/c/14134/
https://review.coreboot.org/#/c/14137/
https://review.coreboot.org/#/c/14135/
The whole TPM stack needs to be reworked until it can used for a
measured boot.
Best Regards
Philipp
On 08/11/2016 04:49 PM, Trammell Hudson wrote:
> I'd like to add a tlcl_measure() function to hash a region of code
> and extend a PCR with the result. I see that the Chromebook systems use
> a verstage that links in src/lib/tlcl.c and there are sha1 functions in
> 3rdparty/chromeec/common/sha1.c, but neither of these are available from
> the romstage on other boards.
>
> For testing I've modified my romstage to include lib/tlcl.c and copied
> sha1.c into lib. This allows me to measure the bootblock and the romstage
> from the romstage as soon as pch_enable_lpc() has been called, but it's
> not clear to me how to enable verstage on other mainboards (like the
> sandybridge in my x230). Is there a guide or more documentation somewhere?
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20160811/845ab50b/attachment.asc>
More information about the coreboot
mailing list