Re: A _good_ and valid use for TPM

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A _good_ and valid use for TPM

From:	Vesa Jääskeläinen
Subject:	Re: A _good_ and valid use for TPM
Date:	Fri, 20 Feb 2009 20:35:39 +0200
User-agent:	Thunderbird 2.0.0.19 (Windows/20081209)

Jan Alsenz wrote:
> I agree too!
> 
> Multiple methods are interesting and everything that can be, should be placed 
> in
>  modules.
> But some parts of a trusted boot chain need to be in the MBR, etc. which is
> mainline code (regardless of how how you build it).
> 
> The way I have implemented my version of the MBR right now is with compile 
> flags:
> If you don't want/need TPM code it won't be on your system! If you compile it
> with TPM support, it won't boot if there is no TPM (I don't like silent 
> failures).

In case it will get some day in. I would propose that you make own MBR
code like that gets compiled to own img file like tpmboot.img (512
bytes). Then you can just provide img file for tool chain. You are
probably throwing code away anyway from normal mbr boot code.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: A _good_ and valid use for TPM, (continued)

Prev by Date: Re: A _good_ and valid use for TPM
Next by Date: Writing to superblock?
Previous by thread: Re: A _good_ and valid use for TPM
Next by thread: Re: A _good_ and valid use for TPM
Index(es):
- Date
- Thread