|
|
Subscribe / Log in / New account

System time

System time

Posted Jul 18, 2025 22:06 UTC (Fri) by aaribaud (subscriber, #87304)
In reply to: System time by mjg59
Parent article: Linux and Secure Boot certificate expiration

> The TPM has nothing whatsoever to do with firmware settings or whether they can be reset.

This rather depends on the context, notably whether and how the BIOS is TPM-protected.

to post comments

System time

Posted Jul 18, 2025 22:54 UTC (Fri) by mjg59 (subscriber, #23239) [Link] (1 responses)

No, it doesn't. There's no such thing as a TPM-protected BIOS and even if there were that would have nothing to do with the firmware variables which are inherently mutable.

System time

Posted Jul 19, 2025 4:48 UTC (Sat) by aaribaud (subscriber, #87304) [Link]

> No, it doesn't. There's no such thing as a TPM-protected BIOS and even if there were that would have nothing to do with the firmware variables which are inherently mutable.

There appears to be such thing as a TPM-protected BIOS: https://trustedcomputinggroup.org/american-megatrends-sup...

And if there is such a BIOS, then when the master password is set, many settings become immutable.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds