What does CRTM refer to?
The Definition of CRTM in TCG specification says:
Typically, the RTM is the CPU controlled by the Core Root of Trust for Measurement (CRTM). The CRTM is the first set of instructions executed when a new chain of trust is established. When a system is reset, the CPU begins executing the CRTM. The CRTM then sends values that indicate its identity to the RTS.
I'm
g, which part of the machine is the CRTM? Is it a part of BIOS? If so, CRTM is written by the BIOS vendors. And it makes BIOS measure the bootloader, but BIOS could not determine the user's bootloader and seems unable to perform the measurement work.
CRTM is saved in the Platform Configuration Registers (PCR), register 0 to be more precise (PCR-0). CRTM is (physically) embedded into chip silicon and provided by the BIOS, but is a logical part of the TBB (Trusted Building Block). The measurement itself is stored in PCR0. In order to fully understand how CRTM works, you should study the chain of trust in more detail.
The (static) chain of trust starts at powers on (or reboot), which resets all PCRs to their default value. The first measurement is made by hardware (the processor) to measure a digitally signed module (called ACM - Auth'ed Code Module) which is provided directly by the chipset manufacturer. The processor validates the signature and integrity of the signed module and if it is valid it starts executing it. The ACM then measures the first BIOS code module, which can make various additional measurements. The measurements of the ACM and BIOS code modules are extended to PCR0, which holds the (CRTM), as well as the measurement of the BIOS TCB (Trusted Comp. Base). Then the BIOS measures additional components into PCRs, from PCR-0 to PCR-7. Physically, the PCR is stored in the TPM (Trusted Platform Module) is a microcontroller security chip that resides on the motherboard of most enterprise level computers that are shipping today.