BEGIN:VCALENDAR VERSION:2.0 PRODID:-//pretalx//cfp.all-systems-go.io//HGMV9U BEGIN:VTIMEZONE TZID:CET BEGIN:STANDARD DTSTART:20001029T040000 RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10 TZNAME:CET TZOFFSETFROM:+0200 TZOFFSETTO:+0100 END:STANDARD BEGIN:DAYLIGHT DTSTART:20000326T030000 RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3 TZNAME:CEST TZOFFSETFROM:+0100 TZOFFSETTO:+0200 END:DAYLIGHT END:VTIMEZONE BEGIN:VEVENT UID:pretalx-all-systems-go-2023-HGMV9U@cfp.all-systems-go.io DTSTART;TZID=CET:20230913T151500 DTEND;TZID=CET:20230913T154000 DESCRIPTION:The TPM event log contains a history of all measurements made w ith the TPM.\nComplete with some context information for each measurement it is intended to\nhelp with recreating the current PCR contents. What was meant as a debugging\ntool turns out to be of vital importance when tryin g to remotely attest real\nlife systems. This is mostly because of the ove ruse of certain PCR and the\ngeneral mess that is x86\nfirmware. \n\nSadly \, there are many event logs. UEFI keeps one for its measurements and thos e\ndone by EFI applications like GRUB and shim. If a system is booted in a n MLE\nusing tboot the ACM firmware code also maintains an event log that can be\naccessed via a pointer in an ACPI table. Now\, systemd also has an event log\nthat is mixed into the general journal log. Finally Linux IMA maintains it's\nown event log -- an append-only\, in-kernel data structure .\n\nOn top of that every bootloader or userspace application that wants t o measure\nsomething into the TPM will also need to maintain an event log. \n\nHow about we fix that? The talk will sketch out a solution that maint ains a\nunified\, global event log of the whole system on disk and exposes an interface for\nother applications that wish to measure things into the TPM. We'll also fix a\nrace conditions in IMA as well as correctly handle S3 resume w.r.t measured boot\nwhile we're at it. DTSTAMP:20260315T015756Z LOCATION:Main Hall SUMMARY:An Unified TPM Event Log for Linux - Kai Michaelis URL:https://cfp.all-systems-go.io/all-systems-go-2023/talk/HGMV9U/ END:VEVENT END:VCALENDAR