2020-02-24 21:33:45 |
VINAY RAJESH |
description |
Currently TCG log is not exposed when secure boot is disabled. Because of this attestation service doesn't know if TCG log was missing or secureboot was disabled. Ask here is to expose TCG log even if secure boot is disabled. As part of this we also discussed GRUB changes to ensure it uses UEFI boot path even when secure boot is disabled. |
Currently TCG log is not exposed when secure boot is disabled. In order to attest to a system state, we need tcg logs to be present even when secure boot is turned off. In the absence of tcg logs, we are unable to determine if the tcg logs are missing or secure boot is turned off. |
|