
The TPM is then free to unseal, which means decrypt an arbitrary blob of data passed to it. If all the hashes were correct, then the final hash will match what the TPM expects. The bootloader sends a hash of the kernel and boot parameters to the TPM. The BIOS sends the hash of the option ROMs, MBR, and bootloader to the TPM. The CRTM, which is read-only, sends the hash of the BIOS itself to the TPM.


This is typically how it goes for a traditional x86 system with a TPM. That final hash will only match if all hashes sent to it prior were correct. The TPM only unseals if the final hash matches what it expects. Subsequent hashes cause a register to "update" its hash. The first thing sent is the hash of the BIOS. That "something" is the SHA-1 hash of the component being measured. I understand that during boot, each boot stage passes "something" to TPM I believe there is a flaw in my logic or I failed to grasp some crucial detail, because AFAIK BIOS (first stage in aforementioned chain) can be overwritten with a new image, which means that an attacker with physical access to the machine could circumvent any security measures taken by the machine owner.Īlso this question seems to corroborate my way of thinking This means that later stages can be changed (logic, data, anything) without TPM noticing them. This is not the case if the first stage (uBoot in my case) can be easily replaced and changed in such a way that what is passed to TPM is not what is executed later. But for it to work as expected, at least the first stage must be engraved in stone (or at least unchangeable by third party). I understand that during boot, each boot stage passes "something" to TPM, TPM hashes it with the previous value and stores the result in the proper register. But if I understand everything correctly, this can't be implemented correctly, that is, in a really secure manner.

U BOOT FOR BEAGLEBONE BLACK SOFTWARE
I need to prevent any changes to the software running on it.
