From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <prvs=0885d74de0=mjg59@cavan.codon.org.uk>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=2a00:1098:0:80:1000:c:0:1; helo=cavan.codon.org.uk;
 envelope-from=prvs=0885d74de0=mjg59@cavan.codon.org.uk;
 receiver=edk2-devel@lists.01.org 
Received: from cavan.codon.org.uk (cavan.codon.org.uk
 [IPv6:2a00:1098:0:80:1000:c:0:1])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 39FFE21199552
 for <edk2-devel@lists.01.org>; Thu, 13 Dec 2018 10:55:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=codon.org.uk; s=63138784; h=In-Reply-To:Content-Type:MIME-Version:
 References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To:
 Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
 Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:
 List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=8hE4i9ttUknW9J1eeQWTfizFnWvydRQUWcoMRHkY8zU=; b=gWVbXrQN04mrU/n81bnCoRx2s
 l/rL4wNHmBqVc5NfQtyL7l0Qn45iWCgsGkuywewAJ0qMO5pfiLFtizvgHN1eVFWKl3KV/HNPKQAu3
 AGvYIJ9HYAJh0J+az1w0m+3xbvu83+jORFx/qf13wE2jNvQT/sIlHEJ+rK1cIX3ghCb28=;
Received: from mjg59 by cavan.codon.org.uk with local (Exim 4.89)
 (envelope-from <mjg59@cavan.codon.org.uk>)
 id 1gXW8U-0004j7-Tp; Thu, 13 Dec 2018 18:55:02 +0000
Date: Thu, 13 Dec 2018 18:55:02 +0000
From: Matthew Garrett <mjg59@srcf.ucam.org>
To: Laszlo Ersek <lersek@redhat.com>
Cc: edk2-devel@lists.01.org, Jiewen Yao <jiewen.yao@intel.com>,
 =?iso-8859-1?Q?Marc-Andr=E9?= Lureau <marcandre.lureau@redhat.com>,
 Stefan Berger <stefanb@linux.vnet.ibm.com>
Message-ID: <20181213185502.lytmgkpl5u3flyyp@srcf.ucam.org>
References: <20181213011750.bfzfyhrr4ufsiu6j@srcf.ucam.org>
 <abc33bd2-c603-ed8d-ea4d-75c81138272f@redhat.com>
MIME-Version: 1.0
In-Reply-To: <abc33bd2-c603-ed8d-ea4d-75c81138272f@redhat.com>
User-Agent: NeoMutt/20170113 (1.7.2)
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: mjg59@cavan.codon.org.uk
X-SA-Exim-Scanned: No (on cavan.codon.org.uk); SAEximRunCond expanded to false
Subject: Re: Obtaining TCG final events on systems without TCG2 log support
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Dec 2018 18:55:04 -0000
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Thu, Dec 13, 2018 at 01:36:09PM +0100, Laszlo Ersek wrote:

> (2) EFI_TCG2_FINAL_EVENTS_TABLE is defined with TCG_PCR_EVENT2 entries
> *only*. TCG_PCR_EVENT is not accommodated.
> 
> 
> That's the contradiction. If a platform is unable to produce
> TCG_PCR_EVENT2 entries in GetEventLog(), it is fairly certainly also
> unable to produce them in the final events table.

If a platform is unable to produce them in the final events table then 
it's violating the spec. If the platform only offers the 1.2 log format 
then it seems reasonable to expect that the events in the final events 
table would only contain a SHA1, but a TCG_PCR_EVENT2 structure that 
only contains SHA1s isn't significantly more complicated than an old 
style event.

-- 
Matthew Garrett | mjg59@srcf.ucam.org