[bug#63637] For boot-time signature checks (aka "secure boot")

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#63637] For boot-time signature checks (aka "secure boot")

From:	Felix Lechner
Subject:	[bug#63637] For boot-time signature checks (aka "secure boot")
Date:	Mon, 22 May 2023 07:46:20 -0700

Hi,

I should have mentioned that the programs can help analyze the TPM 2.0
event log that shows the hashes of so-called Option ROMs. After the
Microblows keys are removed, such embedded firmwares (including,
possibly, on video cards) will only run after their hashes were
enrolled. Not doing so can soft-brick a device.

Kind regards
Felix

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#63637] [PATCH] gnu: tpm2-tools: New variable, Felix Lechner, 2023/05/22
- [bug#63637] For boot-time signature checks (aka "secure boot"), Felix Lechner <=

Prev by Date: bug#63439: [PATCH] gnu: Add opensycl
Next by Date: [bug#63453] [PATCH] gnu: python-ipython-documentation: Remove patches.
Previous by thread: [bug#63637] [PATCH] gnu: tpm2-tools: New variable
Next by thread: [bug#63639] [PATCH] gnu: password-store: Fix program name in usage and tmpdir.
Index(es):
- Date
- Thread