On 01/09/20 01:51, Yao, Jiewen wrote:
> Hi
> Comment for the warning:
>>> WARNING: TPM2 Event log has HashAlg unsupported by PCR bank (0xC)
>>> WARNING: TPM2 Event log has HashAlg unsupported by PCR bank (0xD)
>
> The reason is that: The DSC added all HASH algorithm to the TCG2 driver.
> (SHA1/SHA256/SHA384/SHA512/SM3).
> But the current TPM hardware device does not support SHA384 (0xC) and SHA512
> (0xD).
>
> SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
> <LibraryClasses>
>
> HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
> NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
> NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
> NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
> NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
> NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
> }
>
>
> It is warning because the Firmware Image *may* want to support another TPM2
> which has such capability.
> It just means the *current* TPM2 does not support this hash.
> The platform owner may decide to clean up the warning by remove the
> SHA384/SHA512 null lib instance
> support for current TPM2, or leave them as is for another TPM2.
Thank you for the explanation!
> BTW: Is there any document on how to enable TPM2 on QEMU ?
> I would like to have a try. :-)
Please ask Marc-André (already CC'd) about vTPM usage with QEMU;
unfortunately, I don't know.
Thanks!
Laszlo
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#53079): https://edk2.groups.io/g/devel/message/53079
Mute This Topic: https://groups.io/mt/69499023/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
