主权项 |
1. A computer system, comprising:
a processor; and a Basic Input/Output System (BIOS) module coupled to the processor, wherein the BIOS module stores a Core Root of Trust for Measurement (CRTM) that selectively unlocks itself, wherein the CRTM comprises a boot block and a signature domain having a predetermined signature, wherein, during each boot process of the computer system, a CRTM lock function is executed before the boot block transfers control to an operating system of the computer system, wherein the CRTM lock function compares the predetermined signature in the signature domain of the CRTM with a signature in a predetermined location of the BIOS and unlocks the CRTM if the predetermined signature in the signature domain and the signature in the predetermined location match, wherein, after the boot process is completed and control is transferred to an operating system of the computer system, and if the CRTM is unlocked, the CRTM is updated. |