Is it possible to query the address from fw_cfg? Thanks, Andrew Fish > On Sep 16, 2022, at 12:45 PM, Jason Andryuk wrote: > > Hi, > > I've noticed an issue with the TPM2 EventLog. OVMF exposes the TPM > Event Log via EFI and ACPI, but they have different addresses. The > EFI one retrievable by GetEventLog() is populated. The ACPI is empty. > Oh, there are actually two EFI Event Logs for the two formats: > EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 > EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 > > The debug log from the Fedora 36 OVMF shows: > Tcg2GetEventLog (EventLogLocation - 7EEB2000) > which matches the address retrieved with GetEventLog(). > And hexdump-ing the TPM2 ACPI table shows 0x7fbe6000. > > On a different build, I added output for both EFI logs, and the addresses are: > 0x7ec3d000 - EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 > 0x7ec1b000 - EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 > 0x7fbe6000 - ACPI > > The ACPI one is a little more user friendly as its address is > available through the table during runtime. The EFI addresses can > only be grabbed before exiting boot services. > > I think the issue is that the ACPI tables are created from Qemu fw_cfg > data, which allocates memory for the log and places the address in > ACPI tables. Meanwhile, > SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c:SetupEventLog() allocates its own > event log memory. SetupEventLog() saves the size and address in > PcdTpm2AcpiTableLaml & PcdTpm2AcpiTableLasa, but nothing puts those > values in the actual ACPI tables. > > It seems like SetupEventLog would be better structured to check > existing ACPI tables and look for a log in a TPM2 section. If found, > use that, otherwise create a new log area. > > The other wrinkle is that the Tcg2 code is keeping two event logs in > the two formats. It seems to me that for TPM2, it would be easier to > just keep only the newer EFI_TCG2_EVENT_LOG_FORMAT_TCG_2. If support > for both is needed, then the EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 one > should share the same region as the ACPI table. > > Regards, > Jason > > >