CPU-BASED MEASURED BOOT

摘要

A measured boot process for an electronic device includes taking a measurement of the early system start up instructions of the electronic device upon a reboot or start-up of the device. A representation of the measurement is stored in a trusted platform module of the electronic device prior to initialization of the trusted platform module. Access is granted to the representation of the measurement stored in the trusted platform module prior to initialization of the trusted platform module thereby enabling the representation of the measurement to serve as the core root of trust for measurement.

主权项

1. An electronic device, comprising:
a central processing unit, non-volatile memory accessible by the central processing unit, and early system start-up computer readable instructions stored in the non-volatile memory; and a trusted platform module having a control register, firmware, and a command buffer, communicatively coupled to the central processing unit, the trusted platform module further includes logic that grants the central processing unit access to the control register and command buffer before the trusted platform module is fully initialized.