|
|
|
|
|
|
by jakogut
523 days ago
|
|
|
Your edit is correct. The kernel and initramfs are exploited unmodified to boot a tampered root filesystem, which allows userspace tools to extract data from the TPM, as the PCRs used to protect data like the LUKS passphrase have not changed. |
|
|