Does GRUB2 support TPM with UEFI? We currently have UEFI booting up GRUB which boots up Linux. We need to implement secureboot. We're using a TPM to store our keys. Does GRUB2 support TPM - I read the only version of ...--prophetes.ai

Does GRUB2 support TPM with UEFI? We currently have UEFI booting up GRUB which boots up Linux. We need to implement secureboot. We're using a TPM to store our keys. Does GRUB2 support TPM - I read the only version of GRUB that supports TPM, i.e. TrustedGRUB does not support UEFI. Is there a GRUB version that supports TPM? Or, is the only alternative to replace GRUb with LinuxBoot, i.e. UEFI ->(Secureboot) LinuxBoot -> (secureboot) Linux Kernel instead of UEFI -> (Secureboot) GRUB -> (secureboot) Linux Kernel Are there any significant advantages in using LinuxBoot over GRUB?

grub2 supports TPM in the sense that it updates the PCR to include grub entries and it supports secure boot. Subsequent bootloader pieces (including clevis) can use the PCR to verify the grub binary, kernel and initrd binaries, and kernel command line have not been tampered with.