On Wed, Aug 12, 2015 at 11:54 AM, Sun, Ning <ning....@intel.com> wrote:
> If we include image name in cmdline measurement, when tboot user measuring > the cmdline, they should know that grub2 cmdline does not pass boot image > name to tboot, but other boot loaders do so > That will confuse and add extra effort to end user, and it looks like not > a very good design for user experience. > So to tboot in general, the requirement for this is that no boot image > name is required in cmdline measurement and no vulnerability there. > There should be various ways to implement it, we just figure out a better > way... > Trying to guess which arguments are important to measure, based on how some boot loaders work *today* and how they identify themselves *today*, is asking for trouble tomorrow. Users who care enough about security to use TXT will appreciate tboot doing something extremely simple to understand (like measuring all arguments always), and providing the information needed to confirm that understanding (like printing everything that it measures, as Ross suggests). Those who believe their boot loader passes too much information to tboot for measurement can choose to modify their boot loader or switch to a different one. --Ed
------------------------------------------------------------------------------
_______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel