diff options
Diffstat (limited to 'README')
| -rw-r--r-- | README | 11 |
1 files changed, 9 insertions, 2 deletions
@@ -9,8 +9,15 @@ will relocate and execute the binary. shim will also install a protocol which permits the second-stage bootloader to perform similar binary validation. This protocol has a GUID as described in the shim.h header file and provides a single entry point. On 64-bit systems -this entry point expects to be called with SysV ABI rather than MSABI, and -so calls to it should not be wrapped. +this entry point expects to be called with SysV ABI rather than MSABI, so calls +to it should not be wrapped. + +On systems with a TPM chip enabled and supported by the system firmware, +shim will extend various PCRs with the digests of the targets it is +loading. A full list is in the file README.tpm . To use shim, simply place a DER-encoded public certificate in a file such as pub.cer and build with "make VENDOR_CERT_FILE=pub.cer". + +There are a couple of build options, and a couple of ways to customize the +build, described in BUILDING. |