From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail03.groups.io (mail03.groups.io [45.79.227.220]) by spool.mail.gandi.net (Postfix) with ESMTPS id 54709780091 for ; Thu, 11 Apr 2024 09:56:56 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=GS5aPs3N2N+N54+VYz0RBgAnwttA5D6DzCsCnxWLiG0=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1712829414; v=1; b=r1tdKc9McDW3PBbbRx6xsObBim0T6L2Lr2iD9NN/LPOdYNxBoK000PGi+Ecqf/zGj3EYhnvd ECrKY9pl90JDJ9YUCrm/fiRb8D9vzG5NWjONYbVMihjWrUbgYd+0GnA3a1lgdd5j0Z+XioatIDW X59CYvloRbr4a+kX6oQ1yd2Ha8OUz9uHCdHVXljbrw7cI4QSdLq0y5165RV/hIvX3mYTM6pBjO2 5gFCIn03E6WUc6j+vZzEyFYy+92pgX0MhWiAWdCuBCavLr04sAcgi0TEswODarTAQtaVymaVSsR GFa2ss/hFGokPC7UAmGgtAXwvRYonmWp2S8SUbiGOY56w== X-Received: by 127.0.0.2 with SMTP id hMUdYY7687511xiyyin2yNU9; Thu, 11 Apr 2024 02:56:54 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.15]) by mx.groups.io with SMTP id smtpd.web11.13768.1712829414098194931 for ; Thu, 11 Apr 2024 02:56:54 -0700 X-CSE-ConnectionGUID: gG4uUqb2QjKjOXQUFPrWfA== X-CSE-MsgGUID: 3kMhnoBbQSm6wZMZyDtNPg== X-IronPort-AV: E=McAfee;i="6600,9927,11039"; a="12020382" X-IronPort-AV: E=Sophos;i="6.07,193,1708416000"; d="scan'208";a="12020382" X-Received: from fmviesa007.fm.intel.com ([10.60.135.147]) by orvoesa107.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Apr 2024 02:56:54 -0700 X-CSE-ConnectionGUID: 2g+ccAe4S5q1GgT/JjEy0Q== X-CSE-MsgGUID: id3Oi1bEQEm+x7yqU8f4OA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,193,1708416000"; d="scan'208";a="20903576" X-Received: from orsmsx603.amr.corp.intel.com ([10.22.229.16]) by fmviesa007.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 11 Apr 2024 02:56:53 -0700 X-Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Thu, 11 Apr 2024 02:56:51 -0700 X-Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Thu, 11 Apr 2024 02:56:51 -0700 X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.100) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Thu, 11 Apr 2024 02:56:51 -0700 X-Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by DS0PR11MB8069.namprd11.prod.outlook.com (2603:10b6:8:12c::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7430.46; Thu, 11 Apr 2024 09:56:48 +0000 X-Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::be3f:5a4f:5180:2ba9]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::be3f:5a4f:5180:2ba9%4]) with mapi id 15.20.7472.025; Thu, 11 Apr 2024 09:56:48 +0000 From: "Yao, Jiewen" To: "devel@edk2.groups.io" , "kraxel@redhat.com" , Ard Biesheuvel CC: Dionna Amalie Glaze , Mikko Ylinen , James Bottomley , "Tom Lendacky" , Michael Roth , qinkun Bao , "linux-coco@lists.linux.dev" , "Aktas, Erdem" , "Peter Gonda" , "Johnson, Simon P" , "Xiang, Qinglan" Subject: Re: [edk2-devel] [RFC PATCH] OvmfPkg/SecurityPkg: Add build option for coexistance of vTPM and RTMR. Thread-Topic: [edk2-devel] [RFC PATCH] OvmfPkg/SecurityPkg: Add build option for coexistance of vTPM and RTMR. Thread-Index: AQHae7ExDojlpEcMQUidaqlRqr5fRLFCeBiAgAB/ymCAAH0nAIAAZe6AgASYWgCAACeXAIAZxSBQgABiLACAABUEgIAAHiHQ Date: Thu, 11 Apr 2024 09:56:48 +0000 Message-ID: References: <94521f20aa2872c1b8f018b7db31eca4a2b8222d.1711039409.git.qinkun@google.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MW4PR11MB5872:EE_|DS0PR11MB8069:EE_ x-ms-office365-filtering-correlation-id: 7be01d74-3355-4537-0c00-08dc5a0db427 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: LrYHzhspOeQCXqLY3ePb/vqc3pCO9uo+LGdi6+/ar+qLHd/940Pi65O7NLgE/xASnnvd5IzWUGefFhoS98YFHpy+0gg+IxfEEpe3GDFBRAUFPDEeypvn3291aamjKhUlQNVl60q5BDXnzdjlMe0pnwnK6+67f7D/Szb8ukJM/0mSMhY5y94Etq9rQNuHKSmlvthA2mJeLy3fXkdbAZSOjqLU+ZgAmC/JtyqsuYSCqddv+Sx8FgU08mV9G7uQD4b4BKTMal3UwcFAnZOTtaeb1y5HIISCoe/Mil2cEuQZSCFXb8O1W+TQ5ZMNVimUcwGVOJI9GP6qCUCscESNOyML27jNIT7B4KoHYrsvcFGzWrMyNliEmmptdq0k++o7YC4LybgiRLiQTWUvZYHp0BXCBizZwzPbP9TtA4TNFsjeLpeOZA+431DqEI80d2n3SYbRCZ0JUcdq5Ac5fVjMTxEbo6lriG8pYJjrErj1KbrlvDxbc7KT6eqgyW/7J3I8r1vln9bvZpY6ols6zuy4whKJh42ms/Q8OHINUHudnIL2sVKkE/aw0EmWosOZoRVqH5wmhk5VTla4MiFhkKaAmOhgcyL58RnkR+rIwLNaPze4aVAHTxf/tVSkoPcXtM+BYx74ef7/HTgNsjOdTo6uEBjlco2HvY8zsVYHZPgqexhUuAaFC2nC2DnVG3MLognMejX2Z5mU7QuljGehAEERbhWAlBPCZcSRmvg5PNfbXNhDh0o= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?wxm0fRJzM0NuL2Ovbj6qQGhtH2RVB0IBApOC2uWagw5ojYRBY0NmrYZ5p5Kq?= =?us-ascii?Q?8n2i6IAjavpNJ+7M71DCTd/Zp3ddrR9VgcXYz/cbI9ZtVWsfGr2HLLbeXrE5?= =?us-ascii?Q?hZCZdBFZW0rqKFvJze1FYoPCZx0sbb+DM45SG8OnAgnVb6QBJROjPy9aZERV?= =?us-ascii?Q?+7+hS9cCG/HMeRGCyD65mUSLlBvFZHSV0bDfc9KGshtepohq+7l2X05somq9?= =?us-ascii?Q?2TKv3/Hfy8EdKurKva6H5tePl8SQmrjO6UjSOp9JZsAqydnqoqy6o+khNMHp?= =?us-ascii?Q?xQqDnskH9yOWnMVZDhWJTv+qozEQPALPAmNX8Oj/PQdqIZK2tWksuEBhoBWU?= =?us-ascii?Q?I9jdxdmuixl5shYCqKCVmqY7NmBFuWI8X8XQ23DMrkhAZdzQu+mOsA/THpvX?= =?us-ascii?Q?EyovfZehiyB7YkJTSV1TksQTG8ntde8f94E1++96+u9dLkhGhl/uxXzW9OSV?= =?us-ascii?Q?QOzkxWadC21wLWyb5JwEtLxdCTajIDg4ZSBO6Tlvhx9McEjnHKoTJJxbOSFA?= =?us-ascii?Q?Q3AjapOWJROIMSrZK7k3PZ9VbTtnBsCr0BNDvYp9AsZM3satQS3MdvhKWd45?= =?us-ascii?Q?8VpfrVL7umFYvubndsGxTzz+ZCbQL4bHgdtUpdmvk1Byc+O6vW6dJgSJ10YE?= =?us-ascii?Q?dMkUfiu+cROlm1FgM5wfwsyTYziKS4Qr8scob8jrcd/qZW6LLmOAalREEPOz?= =?us-ascii?Q?qglQHHn1XOrKL2hGjc1KUx+XusY1KJDwzx8RM37PiIwKxVkIfI7M0A7Z6Mkl?= =?us-ascii?Q?fKcrL3GwRFyFKRROCeqak2kJ0l2MkQQkZoiPungWMcB7JSj2zOlvUnwET8Mq?= =?us-ascii?Q?JcwK0RcrugZMR9QEEz657LdKFpK2ahxgJI7houhpK87zOeN26XkrI94WKis2?= =?us-ascii?Q?tdESO2W45cbCRZ/6IdTW9ESFYooEbBnHI/kEvOtwlvUKalB42zDszUlZMGR3?= =?us-ascii?Q?bDltT/C7kTlidnUu/bYLEFkkMjL+424H2B27HP0ISBDA8NW97nYP5tH0rFWD?= =?us-ascii?Q?GKxqjbKjKHPgxpe1B2zmsSlCuXG/ndDhohXxcvyhZ9tu+oeYD6VfeU0tMaWF?= =?us-ascii?Q?bF/2U9/abBlGriIDi4EAleRcrYKyxOOkCndpneypCD74prJHUTMvDmpgvP7x?= =?us-ascii?Q?EBJ/jj3jMCTzDSNMxK/rvD6pGUjtJdEaTdNHlV2xsWWD2LVHMFfBMZWE7Aoo?= =?us-ascii?Q?gdQIin0+XkrzjtZ0a7rrdqZ0NupDdn9ICaGOduF02Wr2q5fap2Og/3inGV03?= =?us-ascii?Q?q3iZOfw48VrpjCxz/yXRuEHeUt6d2Gf4SRS7a1Leaea5a9TLa36LCCr2XTwg?= =?us-ascii?Q?UhtdDbwnVY4ANvkY7sGXVA2R+TuTXGXzxCcarpWYiHb/Vq7M3p85uo0ayNcX?= =?us-ascii?Q?vBz2ObktthWLFqdcW6Ysb2ehL8tQ6nRf43v0oiHufUSEvMNgrP/as+mtJ6UY?= =?us-ascii?Q?jCNmdz6z/a+mABWgXslt4jQ1RjpAo4sd4neVN/MI2iIchXqIzlESdxHDPyO1?= =?us-ascii?Q?H3o1x33aT2qxflBlfsfmCZH09Iw7t7ujue/wEHydeUaGy7KXgMJ166cLYYif?= =?us-ascii?Q?1OnfIuduO2HDUi3b6DiHD7x++UhpDQ/SjoDCp1tR?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7be01d74-3355-4537-0c00-08dc5a0db427 X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Apr 2024 09:56:48.3269 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: pVuldoiqL1GTDGG0Zny3GVpGkoQeMqchCsIWT/+THNP8L82yqhEZ05JJzrGmRnSrn8RfsO4pe5BWa5EefW5pcg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR11MB8069 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Thu, 11 Apr 2024 02:56:54 -0700 Resent-From: jiewen.yao@intel.com Reply-To: devel@edk2.groups.io,jiewen.yao@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: UDaq1zJOhYf5c0FckszlnMuax7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=r1tdKc9M; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.227.220 as permitted sender) smtp.mailfrom=bounce@groups.io Please allow me to clarify what you are proposing: Do you mean in vTPM case, we extend both, but we only need TCG event log, N= OT CC event log? > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Gerd > Hoffmann > Sent: Thursday, April 11, 2024 4:08 PM > To: Ard Biesheuvel > Cc: devel@edk2.groups.io; Yao, Jiewen ; Dionna Amal= ie > Glaze ; Mikko Ylinen ; > James Bottomley ; Tom Lendacky > ; Michael Roth ; qinkun > Bao ; linux-coco@lists.linux.dev; Aktas, Erdem > ; Peter Gonda ; Johnson, > Simon P ; Xiang, Qinglan > > Subject: Re: [edk2-devel] [RFC PATCH] OvmfPkg/SecurityPkg: Add build opti= on for > coexistance of vTPM and RTMR. >=20 > Hi, >=20 > > Given that RTMR is a proper subset of vTPM (modulo the PCR/RTMR index > > conversion), I feel that it should be the CoCo firmware's > > responsibility to either: > > - expose RTMR and not vTPM > > - expose vTPM, and duplicate each measurement into RTMR as they are tak= en >=20 > That approach looks good to me. It will make sure vTPM and RTMR > measurements are consistent and it also solves the event log issue > (we don't need separate vTPM and RTMR entries then). >=20 > take care, > Gerd >=20 >=20 >=20 >=20 >=20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117628): https://edk2.groups.io/g/devel/message/117628 Mute This Topic: https://groups.io/mt/105070442/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-