GNU bug report logs - #63637
[PATCH] gnu: tpm2-tools: New variable

Previous Next

Package: guix-patches;

Reported by: Felix Lechner <felix.lechner <at> lease-up.com>

Date: Mon, 22 May 2023 06:28:02 UTC

Severity: normal

Tags: patch

Done: Nicolas Goaziou <mail <at> nicolasgoaziou.fr>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 63637 <at> debbugs.gnu.org (full text, mbox):

From: Felix Lechner <felix.lechner <at> lease-up.com>
To: 63637 <at> debbugs.gnu.org
Subject: For boot-time signature checks (aka "secure boot")
Date: Mon, 22 May 2023 07:46:20 -0700

Hi,

I should have mentioned that the programs can help analyze the TPM 2.0
event log that shows the hashes of so-called Option ROMs. After the
Microblows keys are removed, such embedded firmwares (including,
possibly, on video cards) will only run after their hashes were
enrolled. Not doing so can soft-brick a device.

Kind regards
Felix

This bug report was last modified 1 year and 327 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #63637 [PATCH] gnu: tpm2-tools: New variable

GNU bug report logs - #63637
[PATCH] gnu: tpm2-tools: New variable