TPM PCR usage on TXT
来源:互联网 发布:手机淘宝首页红包 编辑:程序博客网 时间:2024/04/24 12:32
TPM PCR usage on TXT
From Open Source VMM wiki
Contents
[hide]- 1High Level Description
- 2MLE DG Description
- 3Tboot README Description
- 4Guidance for recalculate pcr values based on tboot log
[edit]High Level Description
- PCR 17: Used by SENTER on measuring SINIT. By SINIT on measuring BIOS ACM, STM, LCP Policy. By tboot on measuring Tboot Policy.
- PCR 18: Used by SINIT on measuring tboot. By tboot on measuring Xen or Linux kernel (first module in grub.conf).
- PCR 19: By default used by tboot on measuring all modules(other than the first module) such as Xen's dom0 kernel, initrd.
[edit]MLE DG Description
PCR 17 : switch(SinitMleData.Version) case 6: Extend(SHA-1(SinitMleData.SinitHash|SinitMleData.EdxSenterFlags)) Extend(SHA-1(SinitMleData.BiosAcm.ID|SinitMleData.MsegValid|SinitMleData.StmHash| SinitMleData.PolicyControl|SinitMleData.LcpPoilcyHash| (OsSinitData.Capabilities,0))) case 7: SHA-1(SinitMleData.SinitHash| SHA-1(SinitMleData.BiosAcm.ID|SinitMleData.MsegValid|SinitMleData.StmHash| SinitMleData.PolicyControl|SinitMleData.LcpPoilcyHash| (OsSinitData.Capabilities,0))) case 8: SHA-1(SinitMleData.SinitHash| SHA-1(SinitMleData.BiosAcm.ID|SinitMleData.MsegValid|SinitMleData.StmHash| SinitMleData.PolicyControl|SinitMleData.LcpPoilcyHash| (OsSinitData.Capabilities,0) | SinitMleData.ProcessorSCRTMStatus))PCR 18 : Extend(SinitMleData.MleHash) (= SHA-1(20byte-0s | SinitMleData.MleHash))
Notes:
(OsSinitData.Capabilities,0) means:
- if SinitMleData.PolicyControl.bit2 is 1, use value of OsSinitData.Capabilities
- if SinitMleData.PolicyControl.bit2 is 0, use a 4-byte 0s.
[edit]Tboot README Description
PCR 17 : It will be extended with the following values (in this order): - The values as documented in the MLE Developers Manual - SHA-1 hash of: tboot policy control value (4 bytes) | SHA-1 hash of tboot policy (20 bytes) : where the hash of the tboot policy will be 0s if TB_POLCTL_EXTEND_PCR17 is clearPCR 18 : It will be extended with the following values (in this order): - SHA-1 hash of tboot (as calculated by lcp_mlehash) - SHA-1 hash of first module in grub.conf (e.g. Xen or Linux kernel)PCR * : tboot policy may specify modules' measurements to be extended into PCRs specified in the policy The default tboot policy will extend, in order, the SHA-1 hashes of all modules (other than 0) into PCR 19.
[edit]Guidance for recalculate pcr values based on tboot log
- TPM PCR usage on TXT
- tpm usage
- TPM
- A TPM error (6) occurred attempting to read a pcr value
- PCR
- PCR
- More on Memory Usage
- tftp on busybox usage
- Understanding memory usage on Linux
- Understanding memory usage on Linux
- Google gflags usage on windows
- Deep discussion on the usage of MACRO
- Linux Log files and usage on Ubuntu
- How to visualize disk usage on Linux
- the usage of vi on mac
- Install R on Linux Ubuntu & Simple Usage
- Determining Oracle memory usage on AIX
- usage
- sqlserver清空缓存
- 移动,电信,中行软开,微软,百度等企业工作纯技术性分析
- Google比Facebook更需要Instagram?
- 面试题2
- C++复制构造函数
- TPM PCR usage on TXT
- Outlook 创建邮件模板 (zz)
- 使用dynatrace+showslow进行前端性能测试
- error C2061: syntax error : identifier 'SHFILEINFOW' // 无法解析的外部符号 wWinMain,该符号在函数 WinMainCRTStartup
- 为什么要学日语?
- org.springframework.web.struts.DelegatingRequestProcessor
- Android Timer机制
- asp.net用于弹出警告消息。。
- Android开发学习:ImageView的scaletype属性