题
I have installed tboot using this command apt-get install tboot on ubuntu . Actually I am having one doubt regarding tboot and trusted Grub. trusted grub does STRM(static root of trust for Measurement ) and it changes values in PCR 12 -PCR14. tboot does DRTM(Dynamic root of trust for Measurement ) using Trusted Execution Technology ( Intel 's TXT) technology . It will changes values in PCR17 to PCR22 .I want to know that if tboot supports SRTM then it should also change values in PCR 12 to PCR14 for different linux kernel version .But tboot is changing only For PCR17 to PCR22 for different linux kernel version . tboot can provide SRTM and DRTM both at a time??
解决方案
No.
The SRTM is always your firmware. And tboot itself is not your DRTM either. The DRTM is the SINIT module. Tboot is responsible for preparing the late launch and after returning from the SINIT code functions as your MLE, thus extending your dynamic chain of trust.
https://stackoverflow.com/questions/23513034
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian