On 12/3/24 3:45 AM, Gary Lin wrote:
PCR mismatching is one common cause of TPM key unsealing fail. Since the
system may be compromised, it is not safe to boot into OS to get the PCR
values and TPM eventlog for the further investigation.
To provide some hints, GRUB now dumps PCRs on policy fail
On Tue, Dec 10, 2024 at 12:22:07PM -0500, Stefan Berger wrote:
>
>
> On 12/3/24 3:45 AM, Gary Lin wrote:
> > PCR mismatching is one common cause of TPM key unsealing fail. Since the
> > system may be compromised, it is not safe to boot into OS to get the PCR
> > values and TPM eventlog for the fu
