cmatsuoka
commented
8 years ago Uuhm, ok, this seems to be an instance of the same problem related in issue #39 where the kernel extends PCR 10 value after booting. I'm not sure why the value changes in every boot, but this is not a problem with TrustedGRUB2 so I'm closing this issue.
I'm working on an Advantech board with Infineon TPM and AMI BIOS where the PCR 10 measurement value is different after each boot, with the same bootloader, kernel and initramfs (no changes made at all between reboots). PCRs 0-9 and 11 remain intact. This is causing all sorts of problems with OS level measurements based on PCR 10. Is there a known or typical cause for this behavior, or a recommended workaround?
Additional information: enabling
TGRUB_DEBUGshows that the kernel SHA1 is correct, but no debug message is printed for the initrd. The last message printed is "Loading initial ramdisk ...". Debug messages placed insidegrub_cmd_initrd()are not displayed, so I can't confirm if the initrd is being correctly hashed.