1*a773e935SEddie James.. SPDX-License-Identifier: GPL-2.0+ 2*a773e935SEddie James 3*a773e935SEddie JamesMeasured Boot 4*a773e935SEddie James===================== 5*a773e935SEddie James 6*a773e935SEddie JamesU-Boot can perform a measured boot, the process of hashing various components 7*a773e935SEddie Jamesof the boot process, extending the results in the TPM and logging the 8*a773e935SEddie Jamescomponent's measurement in memory for the operating system to consume. 9*a773e935SEddie James 10*a773e935SEddie JamesRequirements 11*a773e935SEddie James--------------------- 12*a773e935SEddie James 13*a773e935SEddie James* A hardware TPM 2.0 supported by the U-Boot drivers 14*a773e935SEddie James* CONFIG_TPM=y 15*a773e935SEddie James* CONFIG_MEASURED_BOOT=y 16*a773e935SEddie James* Device-tree configuration of the TPM device to specify the memory area 17*a773e935SEddie James for event logging. The TPM device node must either contain a phandle to 18*a773e935SEddie James a reserved memory region or "linux,sml-base" and "linux,sml-size" 19*a773e935SEddie James indicating the address and size of the memory region. An example can be 20*a773e935SEddie James found in arch/sandbox/dts/test.dts 21*a773e935SEddie James* The operating system must also be configured to use the memory regions 22*a773e935SEddie James specified in the U-Boot device-tree in order to make use of the event 23*a773e935SEddie James log. 24