blog: measure boot

add measured boot article + fixes

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

Author: apalos

EFI TCG2 protocol in U-Boot and QEMU.html

@@ -22,7 +22,7 @@
   <link rel="stylesheet" type="text/css" href="https://apalos.github.io/theme/font-awesome/css/solid.css">
 
 
-    <link href="https://apalos.github.io/feeds/all.atom.xml" type="application/atom+xml" rel="alternate" title="Volatile rumblings of a spotted mind Atom">
+    <link href="https://apalos.github.io/feeds/all.atom.xml" type="application/atom+xml" rel="alternate" title="Volatile rumblings Atom">
 
 
 
@@ -34,7 +34,7 @@
 <meta name="keywords" content="Bootloaders, Security, U-Boot, UEFI, TPM">
 
 
-<meta property="og:site_name" content="Volatile rumblings of a spotted mind"/>
+<meta property="og:site_name" content="Volatile rumblings"/>
 <meta property="og:title" content="EFI TCG2 protocol in U-Boot and QEMU"/>
 <meta property="og:description" content="TPMs are starting to play an important role in system security and integrity. So let&#39;s take a look on the latest U-Boot additions enabling TPMs when booting with UEFI"/>
 <meta property="og:locale" content="en_US"/>
@@ -51,7 +51,7 @@
 <meta property="article:tag" content="TPM"/>
 <meta property="og:image" content="site_images/profile.png">
 
-  <title>Volatile rumblings of a spotted mind &ndash; EFI TCG2 protocol in U-Boot and QEMU</title>
+  <title>Volatile rumblings &ndash; EFI TCG2 protocol in U-Boot and QEMU</title>
 
 </head>
 <body class="light-theme">
@@ -65,7 +65,7 @@ <h1>
         <a href="https://apalos.github.io"></a>
       </h1>
 
-<p>Volatile rumblings of a spotted mind</p>
+<p>Volatile rumblings</p>
 
       <nav>
         <ul class="list">
@@ -152,14 +152,15 @@ <h2><strong>Using SWTPM</strong></h2>
 TPM emulator that works under QEMU.  It provides a memory mapped device which
 adheres to the <a href="https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClientTPMInterfaceSpecification_TIS__1-3_27_03212013.pdf" target="_blank">TCG TPM Interface Specification</a>.
 The problem is that U-Boot had no support for memory mapped TPMs,  which is
-exactly what <a href="https://lore.kernel.org/u-boot/20210707162604.84196-1-ilias.apalodimas@linaro.org/" target="_blank">this</a> patchset does.</p>
+exactly what <a href="https://lore.kernel.org/u-boot/20211109070223.76456-1-ilias.apalodimas@linaro.org/" target="_blank">this</a> patchset does.</p>
 <h3><strong>Building U-Boot</strong></h3>
-<p>At the time of this article the U-Boot patches are under review, so we need to
+<p><s>At the time of this article the U-Boot patches are under review, so we need to
 apply them manually.</p>
-<p>So download the patches prepare your U-Boot binary.</p>
+<p>So download the patches prepare your U-Boot binary.</s>
+Patches are now in U-Boot mainline and the arm64 defconfig has the
+required config options enabled.</p>
 <div class="highlight"><pre><span></span><code>git clone https://github.com/u-boot/u-boot.git
 <span class="nb">pushd</span> u-boot
-git am &lt;patches <span class="k">for</span> mmio tpm support&gt;
 make qemu_arm64_defconfig
 make menuconfig
 </code></pre></div>
@@ -538,7 +539,7 @@ <h3><strong>Reading the EventLog</strong></h3>
 {
   "@context" : "http://schema.org",
   "@type" : "Blog",
-  "name": " Volatile rumblings of a spotted mind ",
+  "name": " Volatile rumblings ",
   "url" : "https://apalos.github.io",
   "image": "site_images/profile.png",
   "description": ""

Measured boot on DeveloperBox.html

@@ -22,7 +22,7 @@
   <link rel="stylesheet" type="text/css" href="https://apalos.github.io/theme/font-awesome/css/solid.css">
 
 
-    <link href="https://apalos.github.io/feeds/all.atom.xml" type="application/atom+xml" rel="alternate" title="Volatile rumblings of a spotted mind Atom">
+    <link href="https://apalos.github.io/feeds/all.atom.xml" type="application/atom+xml" rel="alternate" title="Volatile rumblings Atom">
 
 
 
@@ -34,7 +34,7 @@
 <meta name="keywords" content="Bootloaders, Security, U-Boot, UEFI, Arm">
 
 
-<meta property="og:site_name" content="Volatile rumblings of a spotted mind"/>
+<meta property="og:site_name" content="Volatile rumblings"/>
 <meta property="og:title" content="Protected UEFI variables with U-Boot"/>
 <meta property="og:description" content="Critical system variables, like the UEFI ones, must be protected against a variety of attacks. On Arm servers and desktops, which typically run EDK2, dedicated flashes are used. Those would normally be accessible from the secure world only, since they are storing critical variables for our systems integrity and security. But what&#39;s the status of devices running on U-Boot?"/>
 <meta property="og:locale" content="en_US"/>
@@ -51,7 +51,7 @@
 <meta property="article:tag" content="Arm"/>
 <meta property="og:image" content="site_images/profile.png">
 
-  <title>Volatile rumblings of a spotted mind &ndash; Protected UEFI variables with U-Boot</title>
+  <title>Volatile rumblings &ndash; Protected UEFI variables with U-Boot</title>
 
 </head>
 <body class="light-theme">
@@ -65,7 +65,7 @@ <h1>
         <a href="https://apalos.github.io"></a>
       </h1>
 
-<p>Volatile rumblings of a spotted mind</p>
+<p>Volatile rumblings</p>
 
       <nav>
         <ul class="list">
@@ -363,7 +363,7 @@ <h2><strong>Next Steps</strong></h2>
 {
   "@context" : "http://schema.org",
   "@type" : "Blog",
-  "name": " Volatile rumblings of a spotted mind ",
+  "name": " Volatile rumblings ",
   "url" : "https://apalos.github.io",
   "image": "site_images/profile.png",
   "description": ""