Chained loading with static and dynamic root of trust measurements

Chained loading with static and dynamic root of trust measurements

Establishing a diagnostic OS for an information handling system platform performing a UEFI BIOS boot to place the platform in a pre-OS state. Upon detecting a particular POST error and/or a platform configuration policy, an embedded OS kernel may be launched into a DRTM-authenticated measured launch...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Grobelny, Nicholas D, Martinez, Ricardo L, Kan, Lip Vui, Vidyadhara, Sumanth
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Establishing a diagnostic OS for an information handling system platform performing a UEFI BIOS boot to place the platform in a pre-OS state. Upon detecting a particular POST error and/or a platform configuration policy, an embedded OS kernel may be launched into a DRTM-authenticated measured launch environment (MLE). Additional objects for the diagnostic OS may be downloaded. The additional objects may include an initial ramdisk (initrd) module and one or more applications specific to the particular diagnostic OS. The diagnostic OS may be launched as follows: for each diagnostic OS application, launching the application and extending a measurement of the application into a DRTM PCR. Launching the diagnostic OS may include launching an initrd module and extending a measurement of the initrd module into the DRTM PCR. A measurement of embedded OS kernel may be extended into the TPM and the embedded OS kernel may validate the UEFI BIOS sequence.