Secure Boot, TPM and Anti-Cheat Engines
Anti-cheat engines are now requiring users to have Secure Boot and a fTPM enabled in order to play online multiplayer games. Will this decrease the amount of cheating, or is it a futile attempt at curbing an ever-growing problem?
With cheating becoming more and more prevalent in online multiplayer games, some anti-cheat vendors have decided to start leveraging hardware and firmware security features. Electronic Arts recently announced that their newest title, Battlefield 6, would require players to have both Secure Boot and their firmware TPM (supporting the TPM 2.0 spec) enabled in order to be able to play the game. Riot’s Vanguard [has similar requirements for players on Windows 11], and it is suspected that with the upcoming end of Windows 10’s support, Riot will extend that requirement to all players. Secure Boot and TPM 2.0 have been soft requirements to install Windows 11 for some time, so with Windows 10’s end-of-life, it seems like a good time for anti-cheat vendors to require those security features.
This sudden change, however, has caused a little uproar in some gaming communities, with some vocal dissenters trying to frame this as nothing more than a ruse to force players on a specific operating system, to prevent them from playing on older hardware, or as a massive overreach that has the sole goal of pilfering players’ data in order to sell it.
In order to understand why anti-cheat vendors are now relying on those security features, we must first understand how they work (in this specific context), what are the privacy implications, and why they could be effective at significantly reducing one specific kind of cheating.
It is important to note that the primary goal of anti-cheat engines is not to prevent cheating before it happens. The goal of anti-cheat engines is to put technological barriers in place to make it harder for cheat developers; to make detection of cheating packages easier; and to ensure that, when detected, banned cheaters are not able to evade their ban.
There will always be cheating in any type of game, computerised or not, online or not. However, with proper measures, anti-cheat providers can ensure that the incentive to cheat is greatly reduced. This naturally leads to a decrease in the number of cheaters, and a better experience for regular players.
Secure Boot
Secure Boot is simply a mechanism for your motherboard’s firmware to verify that the UEFI image it is executing during the boot sequence (which could be an OS bootloader, an option ROM, or any other EFI application) hasn’t been modified by a malicious actor.
To do so, Secure Boot relies on a hierarchy of keys to establish who is authorised to update the database of authorised signatures, which are used to ultimately validate the boot image.
At the top of the hierarchy lies the Platform Key (PK). On the x86-64 platform, this is normally the public key of your motherboard vendor by default. For example, if you have a GIGABYTE motherboard, you may find that your motherboard shipped with this PK configured by default.
Version: 3 (0x02)
Serial number: 252254444493706055650493858147631885892 (0xbdc67056de877e8247ac699c054fee44)
Algorithm ID: SHA256withRSA
Validity
Not Before: 05/09/2023 06:37:57 (dd-mm-yyyy hh:mm:ss) (230905063757Z)
Not After: 05/09/2053 06:37:56 (dd-mm-yyyy hh:mm:ss) (20530905063756Z)
Issuer
CN = GIGABYTE
Subject
CN = GIGABYTE
Fingerprints
MD5: 8b42dd84de1b6d5598f8324227db7d7c
SHA1: fcfc537049ff5260ef60b640c18d994236d60280
SHA256: f260331de605555f2f075028e1adbfffb52cac3a12c5f65f67ab044997f6afc8While your motherboard’s manufacturer will ship with their PK by default, note that you can usually replace it with your own public key if you want. This requires you to put Secure Boot in Setup Mode, and the procedure to do so will change depending on your motherboard1. The PK exists to establish a trust relationship between the firmware, and the platform owner. That’s normally you for your own computer.
The Platform Key (PK) indicates who is authorised to make changes to the next type of key in the key hierarchy: Key Echange Keys (KEK).
Key Exchange Keys (KEK) determine who is authorised to make changes to the various signature databases. They exist to establish a trust relationship between the operating system, and the firmware. By default, your motherboard should ship with Microsoft’s KEKs, and in some cases a motherboard manufacturer KEK. Any update to the KEKs must be signed by the private key (PKpriv) that corresponds to the Platform Key (PK). This prevents unauthorised users or software from modifying the KEK variable.
This, however, means that any change to the KEKs must be done in coordination with the hardware manufacturers. Microsoft is in the process of introducing a new KEK due to the upcoming expiry of their old one, and they therefore have to coordinate with the various vendors in order to get their update signed. Fortunately, KEKs are rarely updated.
Finally, we have the authorised signatures database (DB) and the forbidden signatures database (DBX). In the case of Microsoft Windows, the databases are signed directly by Microsoft’s KEK, and distributed via Windows Update.
To recap the key hierarchy, from the top level to the bottom level:
| Name | varname | Description |
|---|---|---|
| Platform Key | PK | Establishes a trust relationship between the platform owner and the platform firmware. Used to enroll a Key Exchange Key. |
| Key Exchange Key | KEK | Establishes a trust relationship between the operating system and the platform firmware. |
| Authorised signatures database | DB | Database of public certificates and signatures that are used to authenticate UEFI images that will be booted. |
| Forbidden signatures database | DBX | Database of public certificates and signatures that are used to authenticate UEFI images that will be booted. If an image validates against a forbidden signature, it is prevented from booting. |
Before your UEFI firmware executes an UEFI image (which could be an OS bootloader, an option ROM, or any other EFI application), it validates it against the signatures in the database (DB). If the image isn’t signed, the signature matches against an entry in the forbidden signatures database (DBX), or the signature can’t be validated against the authorised signatures database (DB), then the boot process is aborted.
Windows’ bootloader also uses the database to validate the signature of any kernel-level drivers it loads. However, it will only consider signatures that were signed by Microsoft’s keys2. If the kernel-level driver isn’t signed by Microsoft, or its signature is found in the forbidden signatures database (DBX), it will not load that driver.
Microsoft adds signatures into the forbidden signatures database (DBX) when it detects a driver with a vulnerability that allows malicious actors to execute unsigned code within kernel space. This effectively prevents vulnerable versions of those drivers from loading.
Since cheat authors will not be able to get their drivers signed by Microsoft, forcing players to have Secure Boot on is an effective way of preventing cheats from being able to install themselves into kernel space without having to resort to some unknown or unpatched exploit.
That said, anti-cheat engines cannot trust that Secure Boot is indeed on even if the OS reports that it is. A cheater or malicious actor could, with it off, load a kernel-level driver that would make the OS believe that it is on. This is where the TPM comes in.
Trusted Platform Module
In the context of anti-cheat, the Trusted Platform Module (TPM) serves two main purposes:
- Provide a unique identifier tied to the hardware that cannot be spoofed or modified by a malicious user or a cheater.
- Get verifiable proof of the state of the boot environment to ensure that Secure Boot and the rest of the boot process wasn’t tampered with.
Banning the cheater’s hardware
Having a unique identifier for hardware allows anti-cheat providers to effectively ban a cheater once caught. This is particularly important, as cheaters, if caught and only account banned, could easily purchase or acquire another copy of the game on a different account (or simply create a new account in the case of a free-to-play game) and resume cheating. IP bans are not effective, as no ISPs grant, by default, a static IP address to their customers, and due to the exhaustion of the IPv4 address space, a lot of ISPs are now deploying CGNAT, which means that multiple subscribers are sharing the same IP.
Banning the cheater’s hardware is the only effective way to prevent the cheater from simply creating a new account. They would have to acquire new hardware in order to play the game they’ve been banned from again, and that gets expensive fast. The use of a TPM enables anti-cheat providers to uniquely identify the cheater’s hardware in a verifiable way.
For the purpose of hardware identification, it is important to note that there are multiple kinds of TPMs. Discrete TPMs (dTPM) are small TPM modules that you can purchase and install that are separate from your CPU and motherboard. These do not provide the same guarantees in terms of identifying the hardware, and I fully suspect that some anti-cheat providers will simply prevent access to the game if you use one of those.
AMD and Intel have, since about 2017, provided a firmware TPM (fTPM) as part of their CPU package on most of their processors. Since 2021, all their desktop and mobile offerings include a fTPM.
Each TPM is manufactured with a unique Endorsement Key (EK) that cannot be changed. The private portion of that key (EKpriv) cannot be
extracted from the TPM, while the public portion (EKpub) can be read by software. fTPMs specifically also have a EKcert. The EKcert is
a certificate that provides a guarantee that the EKpub does indeed come from a genuine fTPM manufactured by them. A malicious user, or
cheater, would not be able to generate a fake EKpub, as it wouldn’t be validated by a EKcert from AMD or Intel.
By leveraging the EKpub, and validating it against the EKcert, anti-cheat providers are able to have a guarantee that the EKpub is
indeed tied to genuine hardware. Since fTPMs are part of the CPU package, banning that particular EKpub would mean that the cheater would
effectively have to purchase another CPU in order to keep cheating.
On Windows, you can retrieve your EKpub and EKcert in PowerShell by executing the following cmdlet:
Get-TpmEndorsementKeyInfo -HashAlgorithm SHA256On Linux, given you have tpm2-tools3 installed, you can retrieve your EKpub and EKcert by executing the following commands:
# See TCG TPM v2.0 Provisioning Guidance for reserved handles.
# EK is at 0x81010001
# EKcert can be at 0x01C00002 or online depending on the vendor
sudo tpm2_readpublic -c 0x81010001 -o EKpub_TPM2B_PUBLIC.bin
# To have the public key in PEM format
sudo tpm2_readpublic -c 0x81010001 --format=pem -o EKpub_pem.pub
# Fetching the EKcert
sudo tpm2_getekcertificate -u EKpub_TPM2B_PUBLIC.bin -o EKcert_DER.cerMeasured Boot
Another important security component of the Trusted Platform Module that is leveraged by anti-cheat engines are the Platform Configuration Registers (PCR). Each of the 24 PCR contains SHA1 or SHA256 cryptographic hash based measurements of events. These events can occur during boot, or during runtime. For the purpose of anti-cheat validation, we are mostly interested in boot time events.
When an event is recorded via the command TPM2_PCR_Extend, the event’s data4 is concatenated with the previous hash registered in that
PCR, and then hashed. This ensures that each PCR value can be used as cryptographic evidence of the integrity of all events extended to that
PCR. If the log is replayed and the calculated PCR value doesn’t match the recorded PCR value, you know the log has been tampered with.
Each PCR bank is reserved for a specific purpose. For example, PCR 7 contains information about the SecureBoot state:
# Partial Windows Measured Boot log (PCR7 only + PCR value)
# Converted from binary format using
# tpm2-tools' tpm2_eventlog
---
version: 2
events:
- EventNum: 3
PCRIndex: 7
EventType: EV_EFI_VARIABLE_DRIVER_CONFIG
DigestCount: 1
Digests:
- AlgorithmId: sha256
Digest: 'ccfc4bb32888a345bc8aeadaba552b627d99348c767681ab3141f5b01e40a40e'
EventSize: 53
Event:
VariableName: 8be4df61-93ca-11d2-aa0d-00e098032b8c
UnicodeNameLength: 10
VariableDataLength: 1
UnicodeName: SecureBoot
VariableData:
Enabled: 'Yes'
- EventNum: 4
PCRIndex: 7
EventType: EV_EFI_VARIABLE_DRIVER_CONFIG
DigestCount: 1
Digests:
- AlgorithmId: sha256
Digest: 'f7605d30894abc33e05fe3b787c340a701bd25b3171337378c554f2b0d456745'
EventSize: 846
Event:
VariableName: 8be4df61-93ca-11d2-aa0d-00e098032b8c
UnicodeNameLength: 2
VariableDataLength: 810
UnicodeName: PK
VariableData:
- SignatureType: a5c059a1-94e4-4aa7-87b5-ab155c2bf072
SignatureListSize: 810
SignatureHeaderSize: 0
SignatureSize: 782
Keys:
- SignatureOwner: e58e05e2-5c43-4ef7-880b-3f06734eb36f
SignatureData: 308202fa308201e2a0030201020210bdc67056de877e8247ac699c054fee44300d06092a864886f70d01010b050030133111300f0603550403130847494741425954453020170d3233303930353036333735375a180f32303533303930353036333735365a30133111300f06035504031308474947414259544530820122300d06092a864886f70d01010105000382010f003082010a0282010100dad146d6482ec8091efee1905cd63d7e4faa74cf1275182a856be0f8e0d8b1da09d51528c739670c7f72ae8c695eb66b1a5e277a9cb493a2477a52ffdc99a0b308bdbc67d92d810e648407ddca88234f3ca786e6b1edc9cc59e93c9d2329a6691abecde7a1caaa888d4008b689768f8ece8672eee88e183224e6ece53f2276cc8058f0a411b724477bafdd9f5e9c50423eb300a6b0ab561b2c38be91251bf606097eaa87cf510b51fd20168216918b70e57cf20762393ee661b98473975833b7f0d57c374d53af9bda2d4e0e826e943c4d5eac3a2dff6cb3886b16a707b1973a3c427eb06080e540d066d58dc8e59f1a465e2f9d594bdef4b14632295281d8d90203010001a348304630440603551d01043d303b801005571702e0b0afd9138699933731f709a11530133111300f0603550403130847494741425954458210bdc67056de877e8247ac699c054fee44300d06092a864886f70d01010b050003820101008d2a3087c57ce79365909630d5a9b2290056587d541e8673d578d4f5fe4af1f659ab1cdcc158c92e503670f26095045d77495b17e73645dd80b632a25b1155143c627db23bab4b286fb8e869fe979101ea61a1f85d697fac18a08d5fa5c655244e971227f8d1b6e60e44f86ffdffb233f8cc57c83901b58f1d10a17c65181fb090c4ab500f59b07618a044a8f6b8a12cf3650f3b1afa23394e5655605bcd7557f89019defa161ca0c7fe59c8dce00770d86a293228db12ca7cc3cc40d68a79f05fb525d1dc60d94582a2b4e316eefe8118e8499096a5078a0b21fefdaed589d04c5fe8e5ede763f6946e6943fd42af52a5c56a37cf9f52db49dd786cc3631378
- EventNum: 5
PCRIndex: 7
EventType: EV_EFI_VARIABLE_DRIVER_CONFIG
DigestCount: 1
Digests:
- AlgorithmId: sha256
Digest: '4ff9961291a19b5d29cfad68f0b0e66790c25f3f6af2fd3bdd5b5901227b0d91'
EventSize: 3922
Event:
VariableName: 8be4df61-93ca-11d2-aa0d-00e098032b8c
UnicodeNameLength: 3
VariableDataLength: 3884
UnicodeName: KEK
VariableData:
- SignatureType: a5c059a1-94e4-4aa7-87b5-ab155c2bf072
SignatureListSize: 1506
SignatureHeaderSize: 0
SignatureSize: 1478
Keys:
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 308205b23082039aa003020102021333000000131416b8616d82824b000000000013300d06092a864886f70d01010b0500305a310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e312b3029060355040313224d6963726f736f667420525341204465766963657320526f6f742043412032303231301e170d3233303330323230323133355a170d3338303330323230333133355a305c310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e312d302b060355040313244d6963726f736f667420436f72706f726174696f6e204b454b20324b204341203230323330820122300d06092a864886f70d01010105000382010f003082010a0282010100e35e888b732cc30ac4e9f5ce812df10ff1263537d1495371b15b9352afe115dfde8b39bdaf4c657553e5da0a32982f3326b62bbe94999fecdac28e053492130f63bf74a272a8297e9f3221290859c477c42a924c87b60337eb9ae2c3c9b44821c36194ea1751b1e714e224632ed5f2c6a5f2a25e1f69c6510da729fb520a9be388e868ffbbfa9269afc416ff5de55fe0dfec66550b61c2ac3b206edfb40deb2bc8d0c2344e829639eef13185043defd676fbc3cac1d58c2f0b10289b489ab01014a4d994e5685bcd6ee77aecbca049b8a953d84d2fb27bc8dabcb2e7fcab701077954549fdadd23f17cb669af27d36dd0a2ce2c087212d93db0896d2e85c54e10203010001a382016d30820169300e0603551d0f0101ff040403020186301006092b06010401823715010403020100301d0603551d0e04160414e0ab72bc963effb8669b7d105a433e5c4254875f301906092b0601040182371402040c1e0a00530075006200430041300f0603551d130101ff040530030101ff301f0603551d230418301680148444860600983f2caab3c589f3ac2ec9e69d090330650603551d1f045e305c305aa058a0568654687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b696f70732f63726c2f4d6963726f736f667425323052534125323044657669636573253230526f6f742532304341253230323032312e63726c307206082b0601050507010104663064306206082b060105050730028656687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b696f70732f63657274732f4d6963726f736f667425323052534125323044657669636573253230526f6f742532304341253230323032312e637274300d06092a864886f70d01010b0500038202010085020612fa67ae4f39a9b834dc5d2a78197b38ee9c828f1be23c3d320a5ebf5806e76ff88d18a81b84f59bcaad8b08440e268d2cd85f6e232507fa5b4c262e7631432e6ee8c831c14ad2f202b7a6f175e496ed06e2ca957844a83376d42b4dd7bcdc873bab4d29ad9689b7d5c28fab46c35db3fdeda59ef576b72b85ff98a19f6b1c9b3ef7ee0e17a3fd362fe1cd28981c409926ca038da635ead20aa78b16ae2101001e270fb70eb24231562ee6f88eea0c34f04edf70306904d1cfd39c64466fcc21cdcbef0532bb08a6d89f45385d4ed29c9289e973e47a08351e4fa6c2ba6b3eb71f543449fab47acbdaa01f59812b2af68826b0fa6cf2ebc1d8ae41e16ffcbf13e86e14e7e7c7038b40991038066d70bd01c8de8d561d380f4f23a82540debb282d43afa4bc2083b506f905219f3bb9790d706b53c075c21b1013b3e46f09a8cfd1b70e715cb7c98fe51cf01355d993b9ae5d3fca0bb0596a454ac3e1e327780d1681fc582db141ba180dcff0efab081e4ff8fcc6fd4bdd1def30255039a3dffe3fb9faeb9697d0cdf90426fb0d481908d8e193c150c76e6dd8d06b8e95726450c9ed55896ec14ba206d432b5a96d65017af152571805305cb8286611b77af0714e8661607a6d56c75b093ea2efd40e9e92d31f99f69db11d78786bffe82a04af78673ef02a0ba7e05d01e98799353090edd7456b9ccce6a2e4e617a7dd
- SignatureType: a5c059a1-94e4-4aa7-87b5-ab155c2bf072
SignatureListSize: 1560
SignatureHeaderSize: 0
SignatureSize: 1532
Keys:
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 308205e8308203d0a003020102020a610ad188000000000003300d06092a864886f70d01010b0500308191310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e313b3039060355040313324d6963726f736f667420436f72706f726174696f6e205468697264205061727479204d61726b6574706c61636520526f6f74301e170d3131303632343230343132395a170d3236303632343230353132395a308180310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e312a3028060355040313214d6963726f736f667420436f72706f726174696f6e204b454b204341203230313130820122300d06092a864886f70d01010105000382010f003082010a0282010100c4e8b58abfad5726b026c3eae7fb577a44025d070dda4ae5742ae6b00fec6debec7fb9e35a63327c11174f0ee30ba73815938ec6f5e084b19a9b2ce7f5b791d609e1e2c004a8ac301cdf48f306509a64a7517fc8854f8f2086cefe2fe19fff82c0ede9cdcef4536a623a0b43b9e225fdfe05f9d4c414ab11e223898d70b7a41d4decaee59cfa16c2d7c1cbd4e8c42fe599ee248b03ec8df28beac34afb4311120b7eb547926cdce60489ebf53304eb10012a71e5f983133cff25092f687646ffba4fbedcad712a58aafb0ed2793de49b653bcc292a9ffc7259a2ebae92eff6351380c602ece45fcc9d76cdef6392c1af79408479877fe352a8e89d7b07698f150203010001a382014f3082014b301006092b06010401823715010403020100301d0603551d0e0416041462fc43cda03ea4cb6712d25bd955ac7bccb68a5f301906092b0601040182371402040c1e0a00530075006200430041300b0603551d0f040403020186300f0603551d130101ff040530030101ff301f0603551d2304183016801445665243e17e5811bfd64e9e2355083b3a226aa8305c0603551d1f045530533051a04fa04d864b687474703a2f2f63726c2e6d6963726f736f66742e636f6d2f706b692f63726c2f70726f64756374732f4d6963436f725468695061724d6172526f6f5f323031302d31302d30352e63726c306006082b0601050507010104543052305006082b060105050730028644687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b692f63657274732f4d6963436f725468695061724d6172526f6f5f323031302d31302d30352e637274300d06092a864886f70d01010b05000382020100d48488f514941802ca2a3cfb2a921c0cd7a0d1f1e85266a8eea2b5757a9000aa2da4765aea79b7b9376a517b1064f6e164f20267bef7a81b78bdbace8858640cd657c819a35f05d6dbc6d069ce484b32b7eb5dd230f5c0f5b8ba7807a32bfe9bdb345684ec82caae4125709c6be9fe900fd7961fe5e7941fb22a0c8d4bff2829107bf7d77ca5d176b905c879ed0f90929cc2fedf6f7e6c0f7bd4c145dd345196390fe55e56d8180596f407a642b3a077fd0819f27156cc9f8623a487cba6fd587ed4696715917e81f27f13e50d8b8a3c8784ebe3cebd43e5ad2d84938e6a2b5a7c44fa52aa81c82d1cbbe052df0011f89a3dc160b0e133b5a388d165190a1ae7ac7ca4c182874e38b12f0dc514876ffd8d2ebc39b6e7e6c3e0e4cd2784ef9442ef298b9046413b811b67d8f9435965cb0dbcfd00924ff4753ba7a924fc50414079e02d4f0a6a27766e52ed96697baf0ff78705d045c2ad5314811ffb3004aa373661da4a691b34d868edd602cf6c940cd3cf6c2279adb1f0bc03a24660a9c407c22182f1fdf2e8793260bfd8aca522144bcac1d84beb7d3f5735b2e64f75b4b060032253ae91791dd69b411f15865470b2de0d350f7cb03472ba97603bf079eba2b21c5da216b887c5e91bf6b597256f389fe391fa8a7998c3690eb7a31c200597f8ca14ae00d7c4f3c01410756b34a01bb59960f35cb0c5574e36d23284bf9e
- SignatureType: a5c059a1-94e4-4aa7-87b5-ab155c2bf072
SignatureListSize: 818
SignatureHeaderSize: 0
SignatureSize: 790
Keys:
- SignatureOwner: e58e05e2-5c43-4ef7-880b-3f06734eb36f
SignatureData: 30820302308201eaa003020102021077097d5f2805a3844b6fcabb2308fd69300d06092a864886f70d01010b05003016311430120603550403130b47494741425954452043413020170d3233303930353036333935355a180f32303533303930353036333935345a30133111300f06035504031308474947414259544530820122300d06092a864886f70d01010105000382010f003082010a0282010100ab20e6f5702618414a13887cd8b6631278966d8cf23b5f6b253088416f214a7c99e29d0191f7bcbac92f0f11379bde8f54de3fc4a7d0404634f7dfdd6af3f33325d48dd335a05fe744be7a1ce60374c1340e4e36255aa8e9f7e379518adea52e4c3410b9b58db0d336f9510a051b7e0e7cb04e5984f93eb691df4cf665809998fb9ac4f874426c2fe590733dc8d4da8814e872bfd2b58f145c0757f24cdbaa57da1d1fd7a109f7158255c23d3093b69976877c2a6dc58430660e87dac93acf20988f52975b8910dd5f512d3c53d863555365a58635471eadf91c090185a9f517372e3c419386570091b78e5b585f12aa55ab5ab061ff5ac9ced3ebf783a3ad610203010001a34d304b30490603551d0104423040801045b1d1cf0c71c6848b1f3a965ec8b233a11a3018311630140603550403130d474947414259544520526f6f748210c3882ad639836c9647bb157972b8db11300d06092a864886f70d01010b0500038201010016ab8c5a2a1dfe132b50a1d243fc5597ee76a52ea2ca61a21af20f92083b60bdbcc13383dd3574dbb47256514b92ded7b43f5b810451caada39b1cd21ffde2814d2dc10bd7c6c1f03dd325eb839241bb1009498f42f5c3255497c385e0f701c8d03928b337f4921c44175658795756d0bea9b1186e8bb813befb1c59247b0d7907f954f49cce2cf908fd4bfd9656110c8c5a74d35324c84ab8628654fc75b334eb269dccd375909959637cf99694cab29a8a5dda540219730fffc3c5ca5096f161b5d97b6b5c06672d0ca89f92d6ae54c6a8e2b0717f7f47f65078c6ac8705e0d23e63c7eada342d92ed4c74c674c4770568b61b0df290d00b8d8d12aa84a9d1
- EventNum: 6
PCRIndex: 7
EventType: EV_EFI_VARIABLE_DRIVER_CONFIG
DigestCount: 1
Digests:
- AlgorithmId: sha256
Digest: '02adb325bebf3d5891b691d461fd8d369b11a85a88db3d779cc0757dfcdb5640'
EventSize: 6824
Event:
VariableName: d719b2cb-3d3a-4596-a3bc-dad00e67656f
UnicodeNameLength: 2
VariableDataLength: 6788
UnicodeName: db
VariableData:
- SignatureType: a5c059a1-94e4-4aa7-87b5-ab155c2bf072
SignatureListSize: 1600
SignatureHeaderSize: 0
SignatureSize: 1572
Keys:
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 30820610308203f8a003020102020a6108d3c4000000000004300d06092a864886f70d01010b0500308191310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e313b3039060355040313324d6963726f736f667420436f72706f726174696f6e205468697264205061727479204d61726b6574706c61636520526f6f74301e170d3131303632373231323234355a170d3236303632373231333234355a308181310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e312b3029060355040313224d6963726f736f667420436f72706f726174696f6e2055454649204341203230313130820122300d06092a864886f70d01010105000382010f003082010a0282010100a5086c4cc745096a4b0ca4c0877f06750c43015464e0167f07ed927d0bb273bf0c0ac64a4561a0c5162d96d3f52ba0fb4d499b4180903cb954fde6bcd19dc4a4188a7f418a5c59836832bb8c47c9ee71bc214f9a8a7cff443f8d8f32b22648ae75b5eec94c1e4a197ee4829a1d78774d0cb0bdf60fd316d3bcfa2ba551385df5fbbadb7802dbffec0a1b96d583b81913e9b6c07b407be11f2827c9faef565e1ce67e947ec0f044b27939e5dab2628b4dbf3870e2682414c933a40837d558695ed37cedc1045308e74eb02a876308616f631559eab22b79d70c61678a5bfd5ead877fba86674f71581222042222ce8bef547100ce503558769508ee6ab1a201d50203010001a382017630820172301206092b060104018237150104050203010001302306092b060104018237150204160414f8c16bb77f77534af325371d4ea1267b0f207080301d0603551d0e0416041413adbf4309bd82709c8cd54f316ed522988a1bd4301906092b0601040182371402040c1e0a00530075006200430041300b0603551d0f040403020186300f0603551d130101ff040530030101ff301f0603551d2304183016801445665243e17e5811bfd64e9e2355083b3a226aa8305c0603551d1f045530533051a04fa04d864b687474703a2f2f63726c2e6d6963726f736f66742e636f6d2f706b692f63726c2f70726f64756374732f4d6963436f725468695061724d6172526f6f5f323031302d31302d30352e63726c306006082b0601050507010104543052305006082b060105050730028644687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b692f63657274732f4d6963436f725468695061724d6172526f6f5f323031302d31302d30352e637274300d06092a864886f70d01010b05000382020100350842ff30cccef7760cad1068583529463276277cef124127421b4aaa6d813848591355f3e95834a6160b82aa5dad82da808341068fb41df203b9f31a5d1bf15090f9b3558442281c20bdb2ae5114c5c0ac9795211c90db0ffc779e95739188cabdbd52b905500ddf579ea061ed0de56d25d9400f1740c8cea34ac24daf9a121d08548fbdc7bcb92b3d492b1f32fc6a21694f9bc87e4234fc3606178b8f2040c0b39a257527cdc903a3f65dd1e736547ab950b5d312d107bfbb74dfdc1e8f80d5ed18f42f14166b2fde668cb023e5c784d8edeac13382ad564b182df1689507cdcff072f0aebbdd8685982c214c332bf00f4af06887b592553275a16a826a3ca32511a4edadd704aecbd84059a084d1954c6291221a741d8c3d470e44a6e4b09b3435b1fab653a82c81eca40571c89db8bae81b4466e447540e8e567fb39f1698b286d0683e9023b52f5e8f50858dc68d825f41a1f42e0de099d26c75e4b669b52186fa07d1f6e24dd1daad2c77531e253237c76c52729586b0f135616a19f5b23b815056a6322dfea289f94286271855a182ca5a9bf830985414a64796252fc826e441941a5c023fe596e3855b3c3e3fbb47167255e22522b1d97be703062aa3f71e9046c3000dd61989e30e352762037115a6efd027a0a0593760f83894b8e07870f8ba4c868794f6e0ae0245ee65c2b6a37e69167507929bf5a6bc598358
- SignatureType: a5c059a1-94e4-4aa7-87b5-ab155c2bf072
SignatureListSize: 1498
SignatureHeaderSize: 0
SignatureSize: 1470
Keys:
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 308205aa30820392a0030201020213330000001a888b9800562284c100000000001a300d06092a864886f70d01010b0500308188310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e31323030060355040313294d6963726f736f667420526f6f7420436572746966696361746520417574686f726974792032303130301e170d3233303631333138353832395a170d3335303631333139303832395a304c310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e311d301b0603550403131457696e646f77732055454649204341203230323330820122300d06092a864886f70d01010105000382010f003082010a0282010100bcb235d15479b48fcc812a6eb312d69397307c385cbf7992190a0f2d0afebfe0a8d8323fd2ab6f6f81c14d176945cf858027a37cb331cca5a74df943d05a2fd7181bd258960539a395b7bcdd79c1a0cf8fe2531e2b2662a81cae361e4fa1dfb913ba0c25bb24656701aa1d4110b736c16b2eb56c10d34e96d09f2aa1f1eda1150b8295c5ff638a13b592341e315e6111ae5dccf110e64c79c972b2348a82562dab0f7cc04f938e59754186ac091009f2516550b5f521b326398daac491b3dcac642306cd355f0d42499c4f0dce80838259fedf4b44e140c83d63b6cfb4420d395cd242100c08c274eb1cdc6ebc0aac98bbccfa1e3ca78316c5db02dad996df6b0203010001a382014630820142300e0603551d0f0101ff040403020186301006092b06010401823715010403020100301d0603551d0e04160414aefc5fbbbe055d8f8daa585473499417ab5a5272301906092b0601040182371402040c1e0a00530075006200430041300f0603551d130101ff040530030101ff301f0603551d23041830168014d5f656cb8fe8a25c6268d13d94905bd7ce9a18c430560603551d1f044f304d304ba049a0478645687474703a2f2f63726c2e6d6963726f736f66742e636f6d2f706b692f63726c2f70726f64756374732f4d6963526f6f4365724175745f323031302d30362d32332e63726c305a06082b06010505070101044e304c304a06082b06010505073002863e687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b692f63657274732f4d6963526f6f4365724175745f323031302d30362d32332e637274300d06092a864886f70d01010b050003820201009fc9b6ff6ee19c3b55f6fe8b39dd61046fd0ad63cd17764aa843898df8c6f28c5e90e1e468a515ecb8d3600c40571ffb5e357261de97316c79a0f516ae4b1ced010ceff7570f42301869f8a1a32e9792b8be1bfe2b865e4242118f8e704d90a7fd0163f264bf9be27b0881cf49f23717dff1f972d3c31dc390454de68006bdfde56a69ceb37e4e315b8473a8e8723f2735c97c20ce009b4fe04cb43669cbf734111174127aa88c2e816ca650ad19faa846456fb16773c36be340e82a698f2410e1296e8d1688ee8e7f6693026f5b9e048ccc811cad9754f1182e7e5290bc51de2a0eae66eabc646ea09164e42f12a8bce76bbac71b9b791a6466f143b4d1c346213881794cfaf0310dd379ff7a12a51dd9ddaca20f7182f793ff5ca161ae65f21481ed795a9a87ea607bcbb34f7534cabaa1efa2f6a28045a18b2781cdd577383eca4edd28ea58bac5a029de868c88fc952751ddabd3d05b0d77c76c8f55d7d4a20e5be4344614161de31cd66d99ad4cec71732fabceb2b429de553053393a328bf0ea9c88123b056819bfcf875210fbd61360f34164f4085781cb9d11a58ef4e527f5a33aece43d4ab7cef9880d9fbdca6dd24abc58768e3204946eddf4cf6d476dc2d76adc8771eaa4bfef67979cb8c780362a2a59c9c00ca744a073b58ccf385aaef8bb8695f044ad667a33ed71e4458783e5a7cea240d072d24800faf91a
- SignatureType: a5c059a1-94e4-4aa7-87b5-ab155c2bf072
SignatureListSize: 1543
SignatureHeaderSize: 0
SignatureSize: 1515
Keys:
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 308205d7308203bfa003020102020a61077656000000000008300d06092a864886f70d01010b0500308188310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e31323030060355040313294d6963726f736f667420526f6f7420436572746966696361746520417574686f726974792032303130301e170d3131313031393138343134325a170d3236313031393138353134325a308184310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e312e302c060355040313254d6963726f736f66742057696e646f77732050726f64756374696f6e20504341203230313130820122300d06092a864886f70d01010105000382010f003082010a0282010100dd0cbba2e42e09e3e7c5f79669bc0021bd693333efad04cb5480ee0683bbc52084d9f7d28bf338b0aba4ad2d7c627905ffe34a3f04352070e3c4e76be09cc03675e98a31dd8d70e5dc37b5744696285b8760232cbfdc47a567f751279e72eb07a6c9b91e3b53357ce5d3ec27b9871cfeb9c923096fa84691c16e963c41d3cba33f5d026a4dec691f25285c36fffd43150a94e019b4cfdfc212e2c25b27ee2778308b5b2a096b22895360162cc0681d53baec49f39d618c85680973445d7da2542bdd79f715cf355d6c1c2b5ccebc9c238b6f6eb526d93613c34fd627aeb9323b41922ce1c7cd77e8aa544ef75c0b048765b44318a8b2e06d1977ec5a24fa48030203010001a38201433082013f301006092b06010401823715010403020100301d0603551d0e04160414a92902398e16c49778cd90f99e4f9ae17c55af53301906092b0601040182371402040c1e0a00530075006200430041300b0603551d0f040403020186300f0603551d130101ff040530030101ff301f0603551d23041830168014d5f656cb8fe8a25c6268d13d94905bd7ce9a18c430560603551d1f044f304d304ba049a0478645687474703a2f2f63726c2e6d6963726f736f66742e636f6d2f706b692f63726c2f70726f64756374732f4d6963526f6f4365724175745f323031302d30362d32332e63726c305a06082b06010505070101044e304c304a06082b06010505073002863e687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b692f63657274732f4d6963526f6f4365724175745f323031302d30362d32332e637274300d06092a864886f70d01010b0500038202010014fc7c7151a579c26eb2ef393ebc3c520f6e2b3f101373fea868d048a6344d8a960526ee3146906179d6ff382e456bf4c0e528b8da1d8f8adb09d71ac74c0a36666a8cec1bd70490a81817a49bb9e240323676c4c15ac6bfe404c0ea16d3acc368ef62acdd546c503058a6eb7cfe94a74e8ef4ec7c867357c2522173345af3a38a56c804da0709edf88be3cef47e8eaef0f60b8a08fb3fc91d727f53b8ebbe63e0e33d3165b081e5f2accd16a49f3da8b19bc242d090845f541dff89eaba1d47906fb0734e419f409f5fe5a12ab21191738a2128f0cede73395f3eab5c60ecdf0310a8d309e9f4f69685b67f51886647198da2b0123d812a680577bb914c627bb6c107c7ba7a8734030e4b627a99e9cafcce4a37c92da4577c1cfe3ddcb80f5afad6c4b30285023aeab3d96ee4692137de81d1f675190567d393575e291b39c8ee2de1cde445735bd0d2ce7aab1619824658d05e9d81b367af6c35f2bce53f24e235a20a7506f6185699d4782cd1051bebd088019daa10f105dfba7e2c63b7069b2321c4f9786ce2581706362b911203cca4d9f22dbaf9949d40ed1845f1ce8a5c6b3eab03d370182a0a6ae05f47d1d5630a32f2afd7361f2a705ae5425908714b57ba7e8381f0213cf41cc1c5b990930e88459386e9b12099be98cbc595a45d62d6a0630820bd7510777d3df345b99f979fcb57806f33a904cf77a4621c597e
- SignatureType: a5c059a1-94e4-4aa7-87b5-ab155c2bf072
SignatureListSize: 1081
SignatureHeaderSize: 0
SignatureSize: 1053
Keys:
- SignatureOwner: e58e05e2-5c43-4ef7-880b-3f06734eb36f
SignatureData: 30820409308201f1a003020102021034cc1b4ef33dfd9648bb8ca68e671d78300d06092a864886f70d01010b050030133111300f060355040313084749474142595445301e170d3232303933303031353531365a170d3237303933303031353531355a30133111300f06035504031308474947414259544530820122300d06092a864886f70d01010105000382010f003082010a0282010100c121245c03a680db08fb352a47d7f79a7bc86ddd61e3c9e529dc03b35e1fb6c51c93c8d28cdbc59cb090009c7331b78ca8626e7648d4324d02b3b70435e2f8d5264a137d6c7179a1009b16cd330e373ae26b695c882a20aa1036d2e0e5571567bf9a32884ddb9f6b5b57f320c9930d5420388ff6234aaf071f4bed7c6fdcd4017e39e57a74f4533d3db8c57a5b91e76523cd77fd1c329353ca6c2f1e475cc142875829ae77d2955efd879fbe9aacfcb5dce3d86f39f0b54c5bcd946e11618677968ad6f7ca08180b144d4c6de3686ac4d4489a106dc89ba68059fcc8616fd418252b8c94e2f99839cc67ba9ea184453b7662de68221733aff9d4fb449e1b9f6d0203010001a3593057300f0603551d130101ff040530030101ff30440603551d01043d303b80106b4a8aec403b7d31852242cbbf70ba0ea11530133111300f060355040313084749474142595445821062841e2126e1f8bb4c4b3fc9f2a50261300d06092a864886f70d01010b050003820201000f28db0bbd7d1f8795671db3101f9301ccd2a50e0366321e3b1ad45fbec53316d1cb681eb4df35a504535a3f793bb54d88c460575ea6c1884176c82069229dc70973e2bf436e04f73a2efe78667f5b3099c1fc15eececb7c4994b89c54cb1751e4924c566b6cfc1621870a4b7c3bddf6d90337ff12e3f58f3602c5e1fb425662363bfffeecc809790a4cb7492c405cdb1acc65816b4ae7d96fc5c51f6ef2db1ea1f916133733f058118a40cb8843f7fdfe7a7440fb07b3217009170b9935182d074188f1eca149b78278b652e18d29e57fc6a9277fb4f2bfbcff1a0ce4721558e97a9b494abbf0a89d69d15f2a4524d2c890bac970cb92879653eb196760f9b70ad345a5595f5f8eecac374ed95efa4b0c381d8958d6a8d5042185a9be9273b9c8ad4d6da6de627bf0c8e974d234ab5ae01688c56f207efa62d559e105aa913f1589dc8287744811bcb8b3685deca3dbeb60f6da646bfa991c59378b5149ea0746d50ac5c675e36da27e9e1295e0238f035f21a23d79ec1598c0bab08a368def48ebe9cae8510d99d0b3b5b1d224474022f9d6cffd19ae2de5c307deb32831b0a497232c95b4c11b0a6cd6b1bf63f7b437b5191dd363d4af54e73f207cad00be41c0bd66e9dee479c2b7f06c33f9de296a8cf70371a962cd208b3bb5427341ba059fc4164b53ce00c4a0552047f280c3a84200b922d1788272901c8e536230f8
- SignatureType: a5c059a1-94e4-4aa7-87b5-ab155c2bf072
SignatureListSize: 1066
SignatureHeaderSize: 0
SignatureSize: 1038
Keys:
- SignatureOwner: e58e05e2-5c43-4ef7-880b-3f06734eb36f
SignatureData: 308203fa308202e2a0030201020210888a6407a51b3a9849d28e290c2db25c300d06092a864886f70d01010b050030133111300f0603550403130847494741425954453020170d3233303930353036343232335a180f32303533303930353036343232325a30133111300f06035504031308474947414259544530820222300d06092a864886f70d01010105000382020f003082020a0282020100d38569b188ba8921f99b0582aeb4ff48f528a75549184aee63e643e8698d6e5e1a7fdfcc7b1b5467f22c3def10548b927aeddfe47e666e67886694306e607561528658e96efeb337f9eff5eb3cc605a1dc60bc0550e586ca56be66b783bbe50f4cc4575c9c7807007949ac6e566edf9cd08a0ee2232fb8db0e77cb73508f98bd2d2c7dea7e9b7d71ec03908397d1919791995b315d83868743571c21a62c1f822782abcd255ab315f3c0f9cd78645c247120bb1d4802223543913824d6115c921e7617ca078c2e50db6ae0b44ceeed56761047a4e28c0fddf87211bff521c00e28eeb9d3883220ccffdf41ddf4b5046ea5e6c20242399c27feb7f78ca8ed3ba33db325e38f6801a180efaf5a5dca7f8bc85582e9fafa03959b2cf2c19911659920986add5370c2a6f682e5ec5934a4c21dd9a531e53d13099f7b2128e2c675bd71efdc78193c00822d0447c57dbd7fbb1db5f26b1914dec3e207c8fb4b8f1586cd37bd6a0b03e49d375e8cc13041ea37a857ce5e4b0145039db0219fe85fbea41bdf0e6e64e689cfaf421cde0ada0aa484447e47c38671a55033795753585162663b985a7250455b8afcdc99f882a0fd9da93ebdb399363c2aa9c2f9949d6c1169d2ae5bf360bf1c07d76c2260a04d23eaaca64dfd106cfd0ddbb520e5f7102c5c31d22403e60df493caccf9991f85e341c25044aa80512fa63634c04ce05b810203010001a348304630440603551d01043d303b8010654b668a864d76e829294fff86019e46a11530133111300f06035504031308474947414259544582107fd057df69b6c68a4e1e27562dcceb6c300d06092a864886f70d01010b05000382010100d3fc01262603dda450c803b06f26a20fd80df144fb60c8f6608171687f6c61ce5c6af3cbe73086072eda1d4db836870f08985c0b0d67cd9e62262335517832d81aa75e2411c0cf0330af54c24d27ae55c3daccb44f2199b58e28c87d3a5d31b22ac36347468827d16f6bf218b9c9b5d27296f55cdfd51b01d6710500bbab59acb1b413d2292df9dd20dcff4f91572926c956d7a050223ecb5934c891a3ba8185a500c761bf4538b11c8324af9ce7259db3895baba5168f2696fd10f7a62da0915d408b011d5445052ae602afd2a6624da434e5fca853fa4cb8808563b4f2272e2ecb60debf94d1f6b2611877baad5a895ef176eacd49d501c26c65c1d4b651bd
- EventNum: 7
PCRIndex: 7
EventType: EV_EFI_VARIABLE_DRIVER_CONFIG
DigestCount: 1
Digests:
- AlgorithmId: sha256
Digest: 'a044b4ce4a4dca9af312c897dc56ee1727c385eb88f7cfb9092b8265029d5b1e'
EventSize: 3762
Event:
VariableName: d719b2cb-3d3a-4596-a3bc-dad00e67656f
UnicodeNameLength: 3
VariableDataLength: 3724
UnicodeName: dbx
VariableData:
- SignatureType: c1c41626-504c-4092-aca9-41f936934328
SignatureListSize: 3724
SignatureHeaderSize: 0
SignatureSize: 48
Keys:
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 80b4d96931bf0d02fd91a61e19d14f1da452e66db2408ca8604d411f92659f0a
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: f52f83a3fa9cfbd6920f722824dbe4034534d25b8507246b3b957dac6e1bce7a
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: c5d9d8a186e2c82d09afaa2a6f7f2e73870d3e64f72c4e08ef67796a840f0fbd
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 363384d14d1f2e0b7815626484c459ad57a318ef4396266048d058c5a19bbf76
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 1aec84b84b6c65a51220a9be7181965230210d62d6d33c48999c6b295a2b0a06
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: e6ca68e94146629af03f69c2f86e6bef62f930b37c6fbcc878b78df98c0334e5
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: c3a99a460da464a057c3586d83cef5f4ae08b7103979ed8932742df0ed530c66
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 58fb941aef95a25943b3fb5f2510a0df3fe44c58c95e0ab80487297568ab9771
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 5391c3a2fb112102a6aa1edc25ae77e19f5d6f09cd09eeb2509922bfcd5992ea
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: d626157e1d6a718bc124ab8da27cbb65072ca03a7b6b257dbdcbbd60f65ef3d1
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: d063ec28f67eba53f1642dbf7dff33c6a32add869f6013fe162e2c32f1cbe56d
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 29c6eb52b43c3aa18b2cd8ed6ea8607cef3cfae1bafe1165755cf2e614844a44
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 90fbe70e69d633408d3e170c6832dbb2d209e0272527dfb63d49d29572a6f44c
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 075eea060589548ba060b2feed10da3c20c7fe9b17cd026b94e8a683b8115238
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 07e6c6a858646fb1efc67903fe28b116011f2367fe92e6be2b36999eff39d09e
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 09df5f4e511208ec78b96d12d08125fdb603868de39f6f72927852599b659c26
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 0bbb4392daac7ab89b30a4ac657531b97bfaab04f90b0dafe5f9b6eb90a06374
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 0c189339762df336ab3dd006a463df715a39cfb0f492465c600e6c6bd7bd898c
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 0d0dbeca6f29eca06f331a7d72e4884b12097fb348983a2a14a0d73f4f10140f
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 0dc9f3fb99962148c3ca833632758d3ed4fc8d0b0007b95b31e6528f2acd5bfc
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 106faceacfecfd4e303b74f480a08098e2d0802b936f8ec774ce21f31686689c
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 174e3a0b5b43c6a607bbd3404f05341e3dcf396267ce94f8b50e2e23a9da920c
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 18333429ff0562ed9f97033e1148dceee52dbe2e496d5410b5cfd6c864d2d10f
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 2b99cf26422e92fe365fbf4bc30d27086c9ee14b7a6fff44fb2f6b9001699939
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 2bbf2ca7b8f1d91f27ee52b6fb2a5dd049b85a2b9b529c5d6662068104b055f8
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 2c73d93325ba6dcbe589d4a4c63c5b935559ef92fbf050ed50c4e2085206f17d
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 2e70916786a6f773511fa7181fab0f1d70b557c6322ea923b2a8d3b92b51af7d
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 306628fa5477305728ba4a467de7d0387a54f569d3769fce5e75ec89d28d1593
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 3608edbaf5ad0f41a414a1777abf2faf5e670334675ec3995e6935829e0caad2
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 3841d221368d1583d75c0a02e62160394d6c4e0a6760b6f607b90362bc855b02
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 3fce9b9fdf3ef09d5452b0f95ee481c2b7f06d743a737971558e70136ace3e73
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 4397daca839e7f63077cb50c92df43bc2d2fb2a8f59f26fc7a0e4bd4d9751692
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 47cc086127e2069a86e03a6bef2cd410f8c55a6d6bdb362168c31b2ce32a5adf
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 518831fe7382b514d03e15c621228b8ab65479bd0cbfa3c5c1d0f48d9c306135
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 5ae949ea8855eb93e439dbc65bda2e42852c2fdf6789fa146736e3c3410f2b5c
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 6b1d138078e4418aa68deb7bb35e066092cf479eeb8ce4cd12e7d072ccb42f66
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 6c8854478dd559e29351b826c06cb8bfef2b94ad3538358772d193f82ed1ca11
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 6f1428ff71c9db0ed5af1f2e7bbfcbab647cc265ddf5b293cdb626f50a3a785e
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 71f2906fd222497e54a34662ab2497fcc81020770ff51368e9e3d9bfcbfd6375
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 726b3eb654046a30f3f83d9b96ce03f670e9a806d1708a0371e62dc49d2c23c1
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 72e0bd1867cf5d9d56ab158adf3bddbc82bf32a8d8aa1d8c5e2f6df29428d6d8
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 7827af99362cfaf0717dade4b1bfe0438ad171c15addc248b75bf8caa44bb2c5
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 81a8b965bb84d3876b9429a95481cc955318cfaa1412d808c8a33bfd33fff0e4
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 82db3bceb4f60843ce9d97c3d187cd9b5941cd3de8100e586f2bda5637575f67
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 895a9785f617ca1d7ed44fc1a1470b71f3f1223862d9ff9dcc3ae2df92163daf
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 8ad64859f195b5f58dafaa940b6a6167acd67a886e8f469364177221c55945b9
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 8bf434b49e00ccf71502a2cd900865cb01ec3b3da03c35be505fdf7bd563f521
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 8d8ea289cfe70a1c07ab7365cb28ee51edd33cf2506de888fbadd60ebf80481c
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 9998d363c491be16bd74ba10b94d9291001611736fdca643a36664bc0f315a42
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 9e4a69173161682e55fde8fef560eb88ec1ffedcaf04001f66c0caf707b2b734
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: a6b5151f3655d3a2af0d472759796be4a4200e5495a7d869754c4848857408a7
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: a7f32f508d4eb0fead9a087ef94ed1ba0aec5de6f7ef6ff0a62b93bedf5d458d
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: ad6826e1946d26d3eaf3685c88d97d85de3b4dcb3d0ee2ae81c70560d13c5720
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: aeebae3151271273ed95aa2e671139ed31a98567303a332298f83709a9d55aa1
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: afe2030afb7d2cda13f9fa333a02e34f6751afec11b010dbcd441fdf4c4002b3
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: b54f1ee636631fad68058d3b0937031ac1b90ccb17062a391cca68afdbe40d55
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: b8f078d983a24ac433216393883514cd932c33af18e7dd70884c8235f4275736
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: b97a0889059c035ff1d54b6db53b11b9766668d9f955247c028b2837d7a04cd9
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: bc87a668e81966489cb508ee805183c19e6acd24cf17799ca062d2e384da0ea7
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: c409bdac4775add8db92aa22b5b718fb8c94a1462c1fe9a416b95d8a3388c2fc
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: c617c1a8b1ee2a811c28b5a81b4c83d7c98b5b0c27281d610207ebe692c2967f
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: c90f336617b8e7f983975413c997f10b73eb267fd8a10cb9e3bdbfc667abdb8b
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: cb6b858b40d3a098765815b592c1514a49604fafd60819da88d7a76e9778fef7
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: ce3bfabe59d67ce8ac8dfd4a16f7c43ef9c224513fbc655957d735fa29f540ce
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: d8cbeb9735f5672b367e4f96cdc74969615d17074ae96c724d42ce0216f8f3fa
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: e92c22eb3b5642d65c1ec2caf247d2594738eebb7fb3841a44956f59e2b0d1fa
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: fddd6e3d29ea84c7743dad4a1bdbc700b5fec1b391f932409086acc71dd6dbd8
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: fe63a84f782cc9d3fcf2ccf9fc11fbd03760878758d26285ed12669bdc6e6d01
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: fecfb232d12e994b6d485d2c7167728aa5525984ad5ca61e7516221f079a1436
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: ca171d614a8d7e121c93948cd0fe55d39981f9d11aa96e03450a415227c2c65b
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 55b99b0de53dbcfe485aa9c737cf3fb616ef3d91fab599aa7cab19eda763b5ba
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 77dd190fa30d88ff5e3b011a0ae61e6209780c130b535ecb87e6f0888a0b6b2f
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: c83cb13922ad99f560744675dd37cc94dcad5a1fcba6472fee341171d939e884
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 3b0287533e0cc3d0ec1aa823cbf0a941aad8721579d1c499802dd1c3a636b8a9
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 939aeef4f5fa51e23340c3f2e49048ce8872526afdf752c3a7f3a3f2bc9f6049
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 64575bd912789a2e14ad56f6341f52af6bf80cf94400785975e9f04e2d64d745
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 45c7c8ae750acfbb48fc37527d6412dd644daed8913ccd8a24c94d856967df8e
- EventNum: 8
PCRIndex: 7
EventType: EV_SEPARATOR
DigestCount: 1
Digests:
- AlgorithmId: sha256
Digest: 'df3f619804a92fdb4057192dc43dd748ea778adc52bc498ce80524c014b81119'
EventSize: 4
Event: '00000000'
- EventNum: 9
PCRIndex: 7
EventType: EV_EFI_VARIABLE_AUTHORITY
DigestCount: 1
Digests:
- AlgorithmId: sha256
Digest: '4d4a8e2c74133bbdc01a16eaf2dbb5d575afeb36f5d8dfcf609ae043909e2ee9'
EventSize: 1608
Event:
VariableName: d719b2cb-3d3a-4596-a3bc-dad00e67656f
UnicodeNameLength: 2
VariableDataLength: 1572
UnicodeName: db
VariableData:
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 30820610308203f8a003020102020a6108d3c4000000000004300d06092a864886f70d01010b0500308191310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e313b3039060355040313324d6963726f736f667420436f72706f726174696f6e205468697264205061727479204d61726b6574706c61636520526f6f74301e170d3131303632373231323234355a170d3236303632373231333234355a308181310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e312b3029060355040313224d6963726f736f667420436f72706f726174696f6e2055454649204341203230313130820122300d06092a864886f70d01010105000382010f003082010a0282010100a5086c4cc745096a4b0ca4c0877f06750c43015464e0167f07ed927d0bb273bf0c0ac64a4561a0c5162d96d3f52ba0fb4d499b4180903cb954fde6bcd19dc4a4188a7f418a5c59836832bb8c47c9ee71bc214f9a8a7cff443f8d8f32b22648ae75b5eec94c1e4a197ee4829a1d78774d0cb0bdf60fd316d3bcfa2ba551385df5fbbadb7802dbffec0a1b96d583b81913e9b6c07b407be11f2827c9faef565e1ce67e947ec0f044b27939e5dab2628b4dbf3870e2682414c933a40837d558695ed37cedc1045308e74eb02a876308616f631559eab22b79d70c61678a5bfd5ead877fba86674f71581222042222ce8bef547100ce503558769508ee6ab1a201d50203010001a382017630820172301206092b060104018237150104050203010001302306092b060104018237150204160414f8c16bb77f77534af325371d4ea1267b0f207080301d0603551d0e0416041413adbf4309bd82709c8cd54f316ed522988a1bd4301906092b0601040182371402040c1e0a00530075006200430041300b0603551d0f040403020186300f0603551d130101ff040530030101ff301f0603551d2304183016801445665243e17e5811bfd64e9e2355083b3a226aa8305c0603551d1f045530533051a04fa04d864b687474703a2f2f63726c2e6d6963726f736f66742e636f6d2f706b692f63726c2f70726f64756374732f4d6963436f725468695061724d6172526f6f5f323031302d31302d30352e63726c306006082b0601050507010104543052305006082b060105050730028644687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b692f63657274732f4d6963436f725468695061724d6172526f6f5f323031302d31302d30352e637274300d06092a864886f70d01010b05000382020100350842ff30cccef7760cad1068583529463276277cef124127421b4aaa6d813848591355f3e95834a6160b82aa5dad82da808341068fb41df203b9f31a5d1bf15090f9b3558442281c20bdb2ae5114c5c0ac9795211c90db0ffc779e95739188cabdbd52b905500ddf579ea061ed0de56d25d9400f1740c8cea34ac24daf9a121d08548fbdc7bcb92b3d492b1f32fc6a21694f9bc87e4234fc3606178b8f2040c0b39a257527cdc903a3f65dd1e736547ab950b5d312d107bfbb74dfdc1e8f80d5ed18f42f14166b2fde668cb023e5c784d8edeac13382ad564b182df1689507cdcff072f0aebbdd8685982c214c332bf00f4af06887b592553275a16a826a3ca32511a4edadd704aecbd84059a084d1954c6291221a741d8c3d470e44a6e4b09b3435b1fab653a82c81eca40571c89db8bae81b4466e447540e8e567fb39f1698b286d0683e9023b52f5e8f50858dc68d825f41a1f42e0de099d26c75e4b669b52186fa07d1f6e24dd1daad2c77531e253237c76c52729586b0f135616a19f5b23b815056a6322dfea289f94286271855a182ca5a9bf830985414a64796252fc826e441941a5c023fe596e3855b3c3e3fbb47167255e22522b1d97be703062aa3f71e9046c3000dd61989e30e352762037115a6efd027a0a0593760f83894b8e07870f8ba4c868794f6e0ae0245ee65c2b6a37e69167507929bf5a6bc598358
- EventNum: 23
PCRIndex: 7
EventType: EV_EFI_VARIABLE_AUTHORITY
DigestCount: 1
Digests:
- AlgorithmId: sha256
Digest: '30bf464ee37f1bc0c7b1a5bf25eced275347c3ab1492d5623ae9f7663be07dd5'
EventSize: 1551
Event:
VariableName: d719b2cb-3d3a-4596-a3bc-dad00e67656f
UnicodeNameLength: 2
VariableDataLength: 1515
UnicodeName: db
VariableData:
- SignatureOwner: 77fa9abd-0359-4d32-bd60-28f4e78f784b
SignatureData: 308205d7308203bfa003020102020a61077656000000000008300d06092a864886f70d01010b0500308188310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e31323030060355040313294d6963726f736f667420526f6f7420436572746966696361746520417574686f726974792032303130301e170d3131313031393138343134325a170d3236313031393138353134325a308184310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e312e302c060355040313254d6963726f736f66742057696e646f77732050726f64756374696f6e20504341203230313130820122300d06092a864886f70d01010105000382010f003082010a0282010100dd0cbba2e42e09e3e7c5f79669bc0021bd693333efad04cb5480ee0683bbc52084d9f7d28bf338b0aba4ad2d7c627905ffe34a3f04352070e3c4e76be09cc03675e98a31dd8d70e5dc37b5744696285b8760232cbfdc47a567f751279e72eb07a6c9b91e3b53357ce5d3ec27b9871cfeb9c923096fa84691c16e963c41d3cba33f5d026a4dec691f25285c36fffd43150a94e019b4cfdfc212e2c25b27ee2778308b5b2a096b22895360162cc0681d53baec49f39d618c85680973445d7da2542bdd79f715cf355d6c1c2b5ccebc9c238b6f6eb526d93613c34fd627aeb9323b41922ce1c7cd77e8aa544ef75c0b048765b44318a8b2e06d1977ec5a24fa48030203010001a38201433082013f301006092b06010401823715010403020100301d0603551d0e04160414a92902398e16c49778cd90f99e4f9ae17c55af53301906092b0601040182371402040c1e0a00530075006200430041300b0603551d0f040403020186300f0603551d130101ff040530030101ff301f0603551d23041830168014d5f656cb8fe8a25c6268d13d94905bd7ce9a18c430560603551d1f044f304d304ba049a0478645687474703a2f2f63726c2e6d6963726f736f66742e636f6d2f706b692f63726c2f70726f64756374732f4d6963526f6f4365724175745f323031302d30362d32332e63726c305a06082b06010505070101044e304c304a06082b06010505073002863e687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b692f63657274732f4d6963526f6f4365724175745f323031302d30362d32332e637274300d06092a864886f70d01010b0500038202010014fc7c7151a579c26eb2ef393ebc3c520f6e2b3f101373fea868d048a6344d8a960526ee3146906179d6ff382e456bf4c0e528b8da1d8f8adb09d71ac74c0a36666a8cec1bd70490a81817a49bb9e240323676c4c15ac6bfe404c0ea16d3acc368ef62acdd546c503058a6eb7cfe94a74e8ef4ec7c867357c2522173345af3a38a56c804da0709edf88be3cef47e8eaef0f60b8a08fb3fc91d727f53b8ebbe63e0e33d3165b081e5f2accd16a49f3da8b19bc242d090845f541dff89eaba1d47906fb0734e419f409f5fe5a12ab21191738a2128f0cede73395f3eab5c60ecdf0310a8d309e9f4f69685b67f51886647198da2b0123d812a680577bb914c627bb6c107c7ba7a8734030e4b627a99e9cafcce4a37c92da4577c1cfe3ddcb80f5afad6c4b30285023aeab3d96ee4692137de81d1f675190567d393575e291b39c8ee2de1cde445735bd0d2ce7aab1619824658d05e9d81b367af6c35f2bce53f24e235a20a7506f6185699d4782cd1051bebd088019daa10f105dfba7e2c63b7069b2321c4f9786ce2581706362b911203cca4d9f22dbaf9949d40ed1845f1ce8a5c6b3eab03d370182a0a6ae05f47d1d5630a32f2afd7361f2a705ae5425908714b57ba7e8381f0213cf41cc1c5b990930e88459386e9b12099be98cbc595a45d62d6a0630820bd7510777d3df345b99f979fcb57806f33a904cf77a4621c597e
pcrs:
sha256:
7: 0x15391ffc742d79dff13c11f33b4f11d116d9ba40b7290747ab0fb0b2e9404c9eMultiple EV_EFI_VARIABLE_DRIVER_CONFIG events are written in order to record the current state of the Secure Boot configuration. The
Platform Key (PK), Key Exchange Keys (KEK), the Authorised Signature Database (DB) and the Forbidden Signature Database
(DBX) are all logged in order to allow remote attestation.
Finally, after an EV_SEPARATOR event, an EV_EFI_VARIABLE_AUTHORITY event is recorded every time an EFI Driver or EFI Boot Application is
validated, containing the signature of the image matched against (if applicable).
PCR 4 records an EV_EFI_BOOT_SERVICES_APPLICATION event for every EFI Boot Application that is executed.
# Partial Windows Measured Boot log (PCR4, single event only)
# Converted from binary format using
# tpm2-tools' tpm2_eventlog
---
version: 2
events:
- EventNum: 24
PCRIndex: 4
EventType: EV_EFI_BOOT_SERVICES_APPLICATION
DigestCount: 1
Digests:
- AlgorithmId: sha256
Digest: '2e80fa5623ea039ceb999558c98f82e261c03ab56cd5d40d276b2ec69e5fcb3b'
EventSize: 188
Event:
ImageLocationInMemory: 0x82580018
ImageLengthInMemory: 2830752
ImageLinkTimeAddress: 0x10000000
LengthOfDevicePath: 156
DevicePath: 'PciRoot(0x0)/Pci(0x1,0x2)/Pci(0x0,0x0)/NVMe(0x1,00-25-38-B9-31-A4-FE-FD)/HD(1,GPT,d022bdc9-8147-4835-812a-8f0fa6365b22,0x800,0x32000)/\EFI\Microsoft\Boot\bootmgfw.efi'This can also reveal if Windows was chain-loaded from a different bootloader, as there will be multiple EV_EFI_BOOT_SERVICES_APPLICATION
events.
Anti-cheat engines can also detect if Windows is being executed through a hypervisor with the help of the TPM. If the host’s TPM is passed
through to the guest, there will either be a second boot event in the TPM logs, or there will be one missing, and the
EV_EFI_BOOT_SERVICES_APPLICATION will point to a different EFI application that isn’t validated by Microsoft’s KEK (as revealed by the
EV_EFI_VARIABLE_AUTHORITY). If the TPM is virtualised (vTPM), the EKpub and EKcert validation will fail, as the EK won’t be signed
by AMD or Intel.
Finally, Windows also has some proprietary information stored in OS-specific PCR banks. Of particular interest is PCR14 which contains a
record of the public keys of boot authorities that Windows considered when validating kernel-level drivers. This allows anti-cheat providers
to ensure that there isn’t a CustomKernelSigners licensing policy deployed.
This is an overview of what information is logged in each PCR for Windows specifically. Note that PCR 0 to 7 is reserved for firmware, while PCR 8 to 15 may vary depending on the OS/Bootloader. PCR 16 is normally reserved for debugging, and PCR 23 is reserved for Application Support5.
| PCR | Description |
|---|---|
| PCR 0 | Core System Firmware executable code |
| PCR 1 | Core System Firmware data |
| PCR 2 | Extended or pluggable executable code |
| PCR 3 | Extended or pluggable firmware data |
| PCR 4 | Boot Manager |
| PCR 5 | GPT/Partition Table |
| PCR 6 | Resume from S4 and S5 Power State Events |
| PCR 7 | Secure Boot State |
| PCR 8 | Initialised to 0 with no Extends (reserved for future use) |
| PCR 9 | Initialised to 0 with no Extends (reserved for future use) |
| PCR 10 | Initialised to 0 with no Extends (reserved for future use) |
| PCR 11 | BitLocker access control |
| PCR 12 | Data events and highly volatile events |
| PCR 13 | Boot Module Details |
| PCR 14 | Boot Authorities |
In Windows, you can access the current and historical TPM event logs in binary form at the path %WINDIR%\Logs\MeasuredBoot\.
Under Linux, the PCR banks 8-15 may contain different information based on your bootloader. The Linux Userspace API Group publishes a
useful PCR Registry. You can access the current TPM event logs at the path /sys/kernel/security/tpm0/binary_bios_measurements.
Remote Attestation
The last piece of the puzzle required to properly audit the boot environment is to retrieve the PCR bank values in a way that we can attest
that they were not modified or altered by the user. This can be done via the TPM2_Quote TPM command with a given Attestation Key (AK).
Through a complicated dance of cryptographic operations (which are described in this draft guidance document from the TCG), the
anti-cheat provider can verify the veracity of the TPM event logs, as well as validate that your EKpub is indeed tied to the actual fTPM
that measured those events. If the anti-cheat provider, after verifying the TPM event logs, judges that your environment is in a valid state
to connect to a protected game server, they can grant you a one-time use token to connect (cryptographically tied to your EK).
The anti-cheat provider would normally validate that your DB and DBX are up to date, and that no additional boot authorities were configured or used during Windows boot up to validate self-signed kernel-level drivers.
If the attestation is properly implemented on the side of the anti-cheat provider, barring any massive yet-undiscovered vulnerability in AMD or Intel’s fTPMs, this would be near impossible to bypass for cheaters. While this will not stop cheating by itself (vulnerabilities in the operating system, game or the anti-cheat engine will continue to be exploited), it would, however, prevent any pre-boot exploits and be extremely effective at preventing ban evasion.
What does it mean for Linux users?
It doesn’t change anything when it comes to anti-cheat using kernel-level components that are exclusive to Windows. If an anti-cheat provider decides to not support Linux, there’s not much we can do. That was the case before, it’s still the case now.
The only real impact is that we may see anti-cheat providers prevent access to the game if you chain-load Windows from GRUB2, systemd-boot
or any other Linux bootloader. It would be an overreaction, as PCR14 would still allow them to ensure that only kernel-level drivers signed
by Microsoft have been loaded. While annoying, you could boot Windows directly from your UEFI and avoid the issue altogether.
This can be easily remedied if you are using systemd-boot by adding the reboot-for-bitlocker yes option in your loader.conf.
Unfortunately, GRUB2 doesn’t have any commands to set the BootNext UEFI variable, which would allow GRUB2 to simply reboot into Windows
instead of chain-loading.
You will, however, have to configure your Linux installation to support Secure Boot. While some distributions ship with shim, I personally
do not recommend it, as it adds another layer of keys to manage (Machine Owner Keys – MOK) and tends to be a hassle every single time your
system uses non-free kernel modules (cough cough Nvidia).
Personally, enrolling your own Platform Key (PK) using sbctl and signing your boot images with hooks has been way easier to
manage on the long run. You do a bit more work setting everything up, but then it is smooth sailing. No need to enroll a new MOK every time
you have a kernel update. Set and forget. The Arch Linux wiki has a section on how to configure sbctl. You’ll need to adapt it to the
specifics of your distribution if you are not using Arch.
We may see Linux anti-cheat engines in the future requiring TPM access to read the EKpub and EKcert. The good news is that this can be
done entirely in user space, as a regular user as long as your user is a member of the tss group.
Another important thing to note that is that updates to the authorised signatures database (DB) and the forbidden signatures database (DBX) from Microsoft are distributed by the Linux Foundation via the Linux Vendor Firmware Service.
Conclusion
Secure Boot and a proper implementation of TPM remote attestation will be very effective at decreasing the number of cheaters that are not using hardware-based cheats. It will also make it considerably harder and costlier to do ban evasion. TPM attestation can also be done purely in user space, and doesn’t negatively impact your privacy.
Fewer cheaters and better enforcement of the integrity of the online environment are ultimately a good thing for gamers. I know personally that I’ve completely abandoned most online multiplayer games due to the rampant cheating and toxicity in those communities. Hopefully, this will help reduce the prevalence of cheaters. Riot’s numbers certainly seem to indicate so (even if I have zero interest in playing their games).
Sadly, while I believe that the only true solution to cheating is server-side behavioural analysis, we don’t currently have the means to easily implement that without the compute costs being prohibitive for developers. It also currently isn’t accurate enough.
Fighting cheating in online gaming requires anti-cheat developers to use a series of measures that, together, reduce the possibilities for cheat developers. There will not be a single solution to the problem, but by implementing a defence in depth approach, they can greatly help reduce the impact of cheating on players.
Footnotes
-
Usually it involves clearing the secure boot keys, and disabling secure boot. See your motherboard’s manual for details. ↩︎
-
There is a licensing policy called
CustomKernelSignerswhich can be changed in order to allow custom keys, but this policy is only editable in a specific restricted SKU of Windows, and its use can be detected when inspecting the Measured Boot logs and the Platform Configuration Registers (PCR). ↩︎ -
Package name may vary depending on your distro.
tpm2-toolsis the package name on Arch Linux. ↩︎ -
The data that is used for hashing depends on the event type; the specifics are documented in various specification documents, notably the TCG PC Client Platform Firmware Profile Specification and TCG EFI Platform Specification. ↩︎
-
Refer to TCG PC Client Platform Firmware Profile Specification for more information. ↩︎