docs: document the "verity" NvPCR measurements

author Lennart Poettering <lennart@amutable.com>

Mon, 2 Mar 2026 21:57:56 +0000 (22:57 +0100)

committer Luca Boccassi <luca.boccassi@gmail.com>

Mon, 2 Mar 2026 23:26:21 +0000 (23:26 +0000)
author Lennart Poettering <lennart@amutable.com>
Mon, 2 Mar 2026 21:57:56 +0000 (22:57 +0100)
committer Luca Boccassi <luca.boccassi@gmail.com>
Mon, 2 Mar 2026 23:26:21 +0000 (23:26 +0000)
diff --git a/docs/TPM2_PCR_MEASUREMENTS.md b/docs/TPM2_PCR_MEASUREMENTS.md

index 53317b732748e30c4a132e582893c3ed2d4ae061..571a4c1077201d5e65ad0175e15e3c1e60ab3a84 100644 (file)
--- a/docs/TPM2_PCR_MEASUREMENTS.md
+++ b/docs/TPM2_PCR_MEASUREMENTS.md
@@ -293,3 +293,18 @@ volume name, a ":" separator, the UUID of the LUKS superblock, a ":" separator,
  a brief string identifying the unlock mechanism, a ":" separator, and finally
  the LUKS slot number used. Example string:
  `cryptsetup-keyslot:root:1e023a55-60f9-4b6b-9b80-67438dc5f065:tpm2:1`
+
+## PCR/NvPCR Measurements Made by `systemd-veritysetup` + image dissection logic (Userspace)
+
+### NvPCR `verity` (base+2), Verity root hash + signature info of activated Verity images
+
+The `systemd-veritysetup@.service` service as well as any component using the
+image dissection logic (i.e. `RootImage=` in unit files, or `systemd-nspawn
+--image=`, `systemd-tmpfiles --image=` and similar) will measure information
+about activated Verity images before they are activated.
+
+→ **Measured hash** covers the string `verity:`, followed by the Verity device
+name, followed by `:`, followed by a hexadecimal formatted string indicating
+the root hash of the Verity image, followed by `:`, followed by a comma
+separatec list of PKCS#7 signature key's serial (formatted in hexadecimal), `/`, and
+key issuer (formatted in Base64).
author	Lennart Poettering <lennart@amutable.com>
	Mon, 2 Mar 2026 21:57:56 +0000 (22:57 +0100)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Mon, 2 Mar 2026 23:26:21 +0000 (23:26 +0000)