[PATCH v2 2/2] efi/tpcm: Add complete support of TPCM module

2025-06-27 Thread chench246
TPCM(Trusted Platform Control Module) is a Chinese standard and has similar function to tpm, but tpcm adds the function of active monitoring and control to the system. It can realize active startup measurement when the system starts,as well as dynamic measurement and monitoring when the program

[PATCH v2 1/2] efi/tpcm: Add UEFI interface for TPCM module

2025-06-27 Thread chench246
TPCM(Trusted Platform Control Module) is a Chinese standard, and the interface implementation complies with UEFI specification. If tpcm related protocol is not implemented in UEFI, then tpcm module directly returns NONE. Signed-off-by: hao chen --- grub-core/commands/efi/tpcm.c | 163 +++

[RFC PATCH v2 0/2] efi/tpcm: Add Trusted Platform Control

2025-06-27 Thread chench246
Hi, Khaalid This series adds basic support for the Trusted Platform Control Module (TPCM) to the EFI build of GRUB. TPCM is an open specification (GB/T 40650-2021) that extends TPM with active runtime measurement, enabling continuous attestation on devices that must comply with the "Level-3 Enhanc

Re: [PATCH v2 1/2] efi/tpcm: Add UEFI interface for TPCM module

2025-06-27 Thread Sudhakar Kuppusamy
> On 27 Jun 2025, at 1:12 PM, chench246 wrote: > > TPCM(Trusted Platform Control Module) is a Chinese standard, and > the interface implementation complies with UEFI specification. If > tpcm related protocol is not implemented in UEFI, then tpcm module > directly returns NONE. > > Signed-off-b

Re: [PATCH v2 2/2] efi/tpcm: Add complete support of TPCM module

2025-06-27 Thread Sudhakar Kuppusamy
> On 27 Jun 2025, at 1:12 PM, chench246 wrote: > > TPCM(Trusted Platform Control Module) is a Chinese standard and has similar > function > to tpm, but tpcm adds the function of active monitoring and control to the > system. > It can realize active startup measurement when the system starts,a

Re: [PATCH v3 12/25] appended signatures: parse X.509 certificates

2025-06-27 Thread Daniel Kiper
On Tue, Jun 10, 2025 at 09:20:46PM +0530, Sudhakar wrote: > From: Daniel Axtens > > This code allows us to parse: > > - X.509 certificates: at least enough to verify the signatures on the >PKCS#7 messages. We expect that the certificates embedded in grub will s/grub/GRUB/ The project name is

Re: [PATCH v3 11/25] appended signatures: parse PKCS#7 signedData

2025-06-27 Thread Daniel Kiper
On Tue, Jun 10, 2025 at 09:20:45PM +0530, Sudhakar wrote: > From: Daniel Axtens > > This code allows us to parse: > > - PKCS#7 signedData messages. Only a single signerInfo is supported, >which is all that the Linux sign-file utility supports creating >out-of-the-box. Only RSA, SHA-256 an