-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathTODO
38 lines (29 loc) · 1.58 KB
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
- Check whether the EFI BSA that got booted belong to the default boot entry
or whether they're from a different entry.
Warn if this is not the case.
(We should not override, because the sequence of TPM events may be totally
different for different boot entries).
- Ideas on centrally managed PCR authorization
In a managed environment, we can do without a local RSA key on disk
(for authorized policy signing), and use a central authority instead
that has a list of "blessed" versions of UEFI Boot Services that
can be used (ie shim loader, grub, ...).
Centrally managed pcr authorization should perform the following:
* client sends the PCR eventlog plus the version numbers for grub
and shim that are being used
* server computes the PCR values, and when it encounters an
authenticode hash for a binary, it recomputes it using its
"authoritative" copy from the vendor's RPM
Alternatively:
* client sends the Authenticode hashes for the binaries that it
finds on the local disk. server validates these against a
DB of "known good" values
In both cases, perform PCR prediction as usual, and send back the
signed policy.
The server can perform PCR Policy computation without a TPM:
* Create new digest using selected hash algo
* update: old digest (with should be 000....00 for us)
* update: command code TPM2_CC_PolicyPCR = 0x0000017f
* marshal TPML_PCR_SELECTION and update the hash with this data
* update: pcrDigest (ie the hashed values of the PCRs we want to cover)
* finalize the hash and retrieve digest