From: Matthew Garrett <mjg59@srcf.ucam.org>
To: Laszlo Ersek <lersek@redhat.com>
Cc: edk2-devel@lists.01.org, "Jiewen Yao" <jiewen.yao@intel.com>,
"Marc-André Lureau" <marcandre.lureau@redhat.com>,
"Stefan Berger" <stefanb@linux.vnet.ibm.com>
Subject: Re: Obtaining TCG final events on systems without TCG2 log support
Date: Thu, 13 Dec 2018 18:55:02 +0000 [thread overview]
Message-ID: <20181213185502.lytmgkpl5u3flyyp@srcf.ucam.org> (raw)
In-Reply-To: <abc33bd2-c603-ed8d-ea4d-75c81138272f@redhat.com>
On Thu, Dec 13, 2018 at 01:36:09PM +0100, Laszlo Ersek wrote:
> (2) EFI_TCG2_FINAL_EVENTS_TABLE is defined with TCG_PCR_EVENT2 entries
> *only*. TCG_PCR_EVENT is not accommodated.
>
>
> That's the contradiction. If a platform is unable to produce
> TCG_PCR_EVENT2 entries in GetEventLog(), it is fairly certainly also
> unable to produce them in the final events table.
If a platform is unable to produce them in the final events table then
it's violating the spec. If the platform only offers the 1.2 log format
then it seems reasonable to expect that the events in the final events
table would only contain a SHA1, but a TCG_PCR_EVENT2 structure that
only contains SHA1s isn't significantly more complicated than an old
style event.
--
Matthew Garrett | mjg59@srcf.ucam.org
next prev parent reply other threads:[~2018-12-13 18:55 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-13 1:17 Obtaining TCG final events on systems without TCG2 log support Matthew Garrett
2018-12-13 12:36 ` Laszlo Ersek
2018-12-13 13:23 ` Yao, Jiewen
2018-12-13 18:51 ` Matthew Garrett
2018-12-13 18:55 ` Matthew Garrett [this message]
2018-12-14 9:32 ` Laszlo Ersek
2018-12-14 10:09 ` Yao, Jiewen
2018-12-14 10:22 ` Matthew Garrett
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181213185502.lytmgkpl5u3flyyp@srcf.ucam.org \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox