UNSECURE TO SECURE TRANSITION OF MUTABLE CORE ROOT OF TRUST

摘要

Embodiments provide a mutable CRTM schema for ensuring the integrity of a client workload on a single system as updates are made to the firmware used to initialize and run that system by booting a computing system in a secure mode; when successfully validating a boot image for the computing system via a secure verification code that is blocked from write access when the system is booted in a unsecure mode, allowing write access to the secure verification code; and continuing to boot the computing system in the secure mode according to the boot image. When booting the system and unseccessfully validating the boot image at the third time, the system boot is failed.