Is your feature request related to a problem? Please describe.
Currently, Qubes OS AEM does not support TPM 2.0 in Xen, preventing the measurement of the Dom0 kernel and initial ram disk before they are executed.
Is your feature request related to a new idea or technology that
would benefit the project? Please describe.
This task is required to extend Qubes OS AEM to support TPM 2.0 on Intel hardware.
Describe the solution you'd like
Implement support for the TPM 2.0 module in Xen to enable the measurement of the Dom0 kernel and initial ram disk hashes.
Describe alternatives you've considered
N/A
Additional context
This feature request is part of Phase 2 in TrenchBoot as Anti Evil Maid project, as
outlined in the documentation: https://docs.dasharo.com/projects/trenchboot-aem-v2/.
Relevant documentation you've consulted
N/A
Is your feature request related to a problem? Please describe.
Currently, Qubes OS AEM does not support TPM 2.0 in Xen, preventing the measurement of the Dom0 kernel and initial ram disk before they are executed.
Is your feature request related to a new idea or technology that
would benefit the project? Please describe.
This task is required to extend Qubes OS AEM to support TPM 2.0 on Intel hardware.
Describe the solution you'd like
Implement support for the TPM 2.0 module in Xen to enable the measurement of the Dom0 kernel and initial ram disk hashes.
Describe alternatives you've considered
N/A
Additional context
This feature request is part of Phase 2 in TrenchBoot as Anti Evil Maid project, as
outlined in the documentation: https://docs.dasharo.com/projects/trenchboot-aem-v2/.
Relevant documentation you've consulted
N/A