Menu
▾
▴
Re: [tboot-devel] Creating a TXT/tboot policy suitable for a modern system with TXT+TPM2
|
From: <Tra...@de...> - 2019-11-06 01:29:33
|
> -----Original Message----- > From: Paul Moore (pmoore2) via tboot-devel <tboot- > de...@li...> > Sent: Tuesday, November 5, 2019 16:50 > To: luk...@li...; tbo...@li... > Subject: [tboot-devel] Creating a TXT/tboot policy suitable for a modern > system with TXT+TPM2 > > > > Hi Lukasz, others, > > I'm in the process of working on the TXT/sig extensions to the LCP but I'm > running into problems using the tboot tools to create a working LCP as a > baseline. Simply put, the instructions I've been able to find either in the > sources, the mailing list archives, or through Google searches do not produce > a working LCP on my test system. The tools/arguments are either wrong, or > the resulting LCP is bogus. I had to patch lcptools-v2 because I found the same problem. Nothing would produce a good LCP. > Before I start hacking away at the tools to get them to create a functional LCP > that tboot understands, does anyone have a working how-to for creating a > LCP using the current sources? When I patched lcptools-v2, I added a simple how-to for an MLE LCP, it's in the mailing list archives at the link below. If you need more, I have a few other examples. https://sourceforge.net/p/tboot/mailman/message/35976955/ |
