Discussion:
[TrouSerS-users] A Question Regarding Firmware Composite Hash Values in TPM
David Li
2015-01-29 19:50:25 UTC
Permalink
Hi,

Don't know if this is right forum to ask this specific question. Does
anyone have experience with this?

If two motherboard
have the exact same firmware versions and configurations ( i.e. they are
identical) and their composite firmware PCR values are calculated on bootup
time, then will these PCR values supposed to be the same or not between the
two boards? Is this vendor-specific?

Thanks.
Ken Goldman
2015-02-02 14:11:17 UTC
Permalink
My understanding is that the first few PCR values will be identical. At
least on Linux, upper PCRs start measuring OS executables, and the order
might change based on external events like network and perhaps disk access.

This assumes, in your question, that "identical configuration" includes
option ROMs, other peripherals, etc. and configuration of the BBRAM.
Post by David Li
Hi,
Don't know if this is right forum to ask this specific question. Does
anyone have experience with this?
If two motherboard
have the exact same firmware versions and configurations ( i.e. they are
identical) and their composite firmware PCR values are calculated on
bootup time, then will these PCR values supposed to be the same or not
between the two boards? Is this vendor-specific?
Loading...