Menu
▾
▴
[Trustedgrub-users] Checkfile Integration Error -> PCR13 is not extended
|
From: Sansar C. <sun...@ya...> - 2011-03-07 16:40:56
|
Hello
When the Integrity measurement on Checkfile fails and if the Booting is still continued regardless of that (by pressing any other button than Esc when prompted) the PCR 13 is not extended and is filled with zeros.
I was expecting that the PCR 13 will be extended with the new SHA1 hash of the altered CheckFile on this event. So that the booting would not be disturbed and by looking at the PCR 13 value after the boot, I can discover if the CheckFile was altered. Which was not the case to my surprise.
Also, I was wondering whether there is a configuration or an option not to show the warning for the Integrity Measurement Error while booting, so that the booting goes on no matter of the Integrity Measurements.
I would very much appreciate if someone could give me insight on this.
CheersSunny
|
