TPM PCR usage on TXT
From Open Source VMM wiki
Contents[hide] |
[edit] High Level Description
- PCR 17: Used by SENTER on measuring SINIT. By SINIT on measuring BIOS ACM, STM, LCP Policy. By tboot on measuring Tboot Policy.
- PCR 18: Used by SINIT on measuring tboot. By tboot on measuring Xen or Linux kernel (first module in grub.conf).
- PCR 19: By default used by tboot on measuring all modules(other than the first module) such as Xen's dom0 kernel, initrd.
[edit] MLE DG Description
PCR 17 : switch(SinitMleData.Version) case 6: Extend(SHA-1(SinitMleData.SinitHash|SinitMleData.EdxSenterFlags)) Extend(SHA-1(SinitMleData.BiosAcm.ID|SinitMleData.MsegValid|SinitMleData.StmHash| SinitMleData.PolicyControl|SinitMleData.LcpPoilcyHash| (OsSinitData.Capabilities,0))) case 7: SHA-1(SinitMleData.SinitHash| SHA-1(SinitMleData.BiosAcm.ID|SinitMleData.MsegValid|SinitMleData.StmHash| SinitMleData.PolicyControl|SinitMleData.LcpPoilcyHash| (OsSinitData.Capabilities,0))) case 8: SHA-1(SinitMleData.SinitHash| SHA-1(SinitMleData.BiosAcm.ID|SinitMleData.MsegValid|SinitMleData.StmHash| SinitMleData.PolicyControl|SinitMleData.LcpPoilcyHash| (OsSinitData.Capabilities,0) | SinitMleData.ProcessorSCRTMStatus)) PCR 18 : Extend(SinitMleData.MleHash) (= SHA-1(20byte-0s | SinitMleData.MleHash))
Notes:
(OsSinitData.Capabilities,0) means:
- if SinitMleData.PolicyControl.bit2 is 1, use value of OsSinitData.Capabilities
- if SinitMleData.PolicyControl.bit2 is 0, use a 4-byte 0s.
[edit] Tboot README Description
PCR 17 : It will be extended with the following values (in this order): - The values as documented in the MLE Developers Manual - SHA-1 hash of: tboot policy control value (4 bytes) | SHA-1 hash of tboot policy (20 bytes) : where the hash of the tboot policy will be 0s if TB_POLCTL_EXTEND_PCR17 is clear PCR 18 : It will be extended with the following values (in this order): - SHA-1 hash of tboot (as calculated by lcp_mlehash) - SHA-1 hash of first module in grub.conf (e.g. Xen or Linux kernel) PCR * : tboot policy may specify modules' measurements to be extended into PCRs specified in the policy The default tboot policy will extend, in order, the SHA-1 hashes of all modules (other than 0) into PCR 19.