diff --git ./src/northbridge/intel/sandybridge/romstage.c ./src/northbridge/intel/sandybridge/romstage.c
index 0426b83..d348b9e 100644
--- ./src/northbridge/intel/sandybridge/romstage.c
+++ ./src/northbridge/intel/sandybridge/romstage.c
@@ -29,6 +29,8 @@
 #include <device/device.h>
 #include <halt.h>
 #include <security/tpm/tis.h>
+#include <security/tpm/tss.h>
+#include <program_loading.h>
 #include <northbridge/intel/sandybridge/chip.h>
 #include "southbridge/intel/bd82x6x/pch.h"
 #include <southbridge/intel/common/gpio.h>
@@ -72,6 +74,19 @@ void mainboard_romstage_entry(unsigned long bist)
 	/* Initialize superio */
 	mainboard_config_superio();
 
+	if (IS_ENABLED(CONFIG_MEASURED_BOOT) && IS_ENABLED(CONFIG_LPC_TPM)) {
+		// we don't know if we are coming out of a resume
+		// at this point, but want to setup the tpm ASAP
+		init_tpm(0);
+		tlcl_lib_init();
+		const void * const bootblock = (const void*) 0xFFFFF800;
+		const unsigned bootblock_size = 0x800;
+		tlcl_measure(0, bootblock, bootblock_size);
+
+		extern char _romstage, _eromstage;
+		tlcl_measure(1, &_romstage, &_eromstage - &_romstage);
+	}
+
 	/* USB is initialized in MRC if MRC is used.  */
 	if (CONFIG_USE_NATIVE_RAMINIT) {
 		early_usb_init(mainboard_usb_ports);
@@ -117,9 +132,23 @@ void mainboard_romstage_entry(unsigned long bist)
 
 	northbridge_romstage_finalize(s3resume);
 
-	if (IS_ENABLED(CONFIG_LPC_TPM)) {
+	// the normal TPM init happens here, if we haven't already
+	// set it up as part of the measured boot.
+	if (!IS_ENABLED(CONFIG_MEASURED_BOOT) && IS_ENABLED(CONFIG_LPC_TPM)) {
 		init_tpm(s3resume);
 	}
 
+	printk(BIOS_DEBUG, "%s: romstage complete\n", __FILE__);
+
 	post_code(0x3f);
 }
+
+
+void platform_segment_loaded(uintptr_t start, size_t size, int flags)
+{
+	if (IS_ENABLED(CONFIG_MEASURED_BOOT) && !(flags & SEG_NO_MEASURE))
+	{
+		tlcl_measure(2, (const void*) start, size);
+	}
+}
+