Which PCR can be extended by our own code?

2019-05-29 14:52发布

问题:

As there are 24 PCR's in TPM 1.2 specification. Some of these PCRs are reserved and cannot be extended by user's code. Below are the PCR Index their PCR Usage

  1. CRTM, BIOS and Platform Extensions
  2. Platform Conguration
  3. Option ROM Code
  4. Option ROM Conguration and Data
  5. IPL7Code (MBR Information and Bootloader Stage 1)
  6. IPL Code and Conguration Data (for use by IPL Code)
  7. State Transition and Wake Events
  8. Reserved for future usage. Do not use.
  9. Bootloader Stage 2 Part 1
  10. Bootloader Stage 2 Part 2
  11. Not in Use.
  12. Not in Use.
  13. Bootloader Commandline Arguments
  14. Files checked via checkle routine
  15. Files which are actually loaded (e.g. Linux kernel, initrd, modules..)
  16. Not in Use.
  17. Not in Use.
  18. DRTM8

18-23. Not in Use.

what I understood that a user can extend all the PCR's which are not in use? Is this correct? I asked this question Because I have written my own code to extend PCR's (by following trousers coding guidelines) and it turns out that i can extend all the PCR's except from PCR 17 to PCR 22. And my understanding was that I can only extend few and especially cannot play with the lower ones from PCR 0 to PCR 7.

回答1:

Depends on the locality, I was in locality 0.