Hi Stuart, On Thu, 31 Oct 2019 at 09:29, Stuart Yoder <b08...@gmail.com> wrote: > > On Tue, Oct 29, 2019 at 8:49 PM Simon Glass <s...@chromium.org> wrote: > > > > Hi Stuart, > > > > On Mon, 28 Oct 2019 at 17:27, Stuart Yoder <b08...@gmail.com> wrote: > > > > > > I saw Simon's write-up here: https://lwn.net/Articles/571031/, which > > > references TPM > > > and trusted boot support using the TPM. > > > > > > I've started looking at the TPM support code in u-boot, and am trying > > > to understand > > > it. Before getting too far I wanted to check if there were any > > > pointers anyone might > > > have around any documentation or material that provides more detail on > > > what the > > > u-boot TPM support does and does not do. I didn't see any .txt files in > > > u-boot. > > > > > > The supports seems oriented around using commands and scripts to > > > measure images. One > > > specific thing I'm interested is how the u-boot script itself that takes > > > the TPM > > > measurements is protected against tampering. > > > > Actually verified boot does not use the TPM at all. > > > > What do you want the TPM to do? If you want measured boot then you > > would need to call measure / extend before/after loading each stage. > > Yes, interested in the TPM for measured boot. Right, understand that you > need to do the measurements and extend for each loaded image. > > But, it's critical that you trust the code doing the measurements. If I > understand it's the u-boot commands implemented in ./cmd/tpm-v2.c > that you could use to script the measuring/extending. How do you > ensure that the script doing the measurements isn't tampered with > by an attacker?
Anything loaded must be measured. So if you are using a U-Boot script this needs to be checked. Or you could write a command that does what you want that is part of U-Boot itself. Regards, Simon