-
**Dasharo version**
v1.0.19 - shipped with the device
**Dasharo variant**
protectli VP4650
**Affected component(s) or functionality**
TPM2 event log (exposed in Linux at `/sys/kernel/se…
-
Zfs has many advantages over lvm and it would be extremely helpful to have measured efi boot for linux on encrypted ZFS root.
Is that hard to implement based on the current state of emb?
-
This is more of question/discussion than an issue - feel free to close it if there is a better forum for discussions.
When utilizing the build.sh script to compile OVMF, the "OvmfPk/OvmfPkgX64.dsc"…
-
First of all, I would like to extend my gratitude to @nisargjhaveri for creating this project.
I tried this on my Pi Zero W and Pi Zero 2W (Car: Honda City 2022, Phone: Galaxy S22 Ultra). However, …
-
Hi
We written the hash value in pcr index by using the PCR extend command. when power on reset the default value is updated automatically.
We are planning to check the measured boot concept using T…
-
# Motivation
The motivation of writing this article is inspired by [this discussion](https://github.com/confidential-containers/image-rs/issues/2#issuecomment-988339595). This discussion inspired m…
-
According the secure boot specification, users can enroll their own keys for secure boot.
If the QOS bootloader were signed, users could manually enroll the signing key within the UEFI. That would be…
-
Edit: best unbiased, user written doc at https://tech.michaelaltfield.net/2023/02/16/evil-maid-heads-pureboot/
---
The following should go into a wiki page.
Actual Heads security mechanisms a…
-
Hi guys, I've just installed efi-measured-boot on a proxmox vm with tpm2 enabled. Everything works fine, however, after installtion I noticed, that I made a mistake in /etc/efi-measured-boot/config fi…
-
In fast-reboot path STB not measuring BOOTKERNEL partition as trusted boot checks for `boot_services_exited` which is set to True during first full IPL. So only verification is happening at the moment…