Hi all, This may already be a known issue, but maybe not ... The code that measures EV_SEPARATOR into PCR[7] seems inconsistent with the spec below. The spec mentions that EV_SEPARATOR is measured into PCR[0] through PCR[7] at the same time. However, EDK2 code (MeasureSecureBootPolicy in TrEEDxe.c) measures the separator event in PCR[7] much earlier than other PCRs. Shouldn't the code measure this event in PCR[7] at the same point it measures this event in the other PCRs, to be consistent with the spec?
http://www.trustedcomputinggroup.org/files/static_page_files/D4268663-1A4B-B294-D05DE87EE90558B6/TCG_EFI_Platform_1_22_Final_-v15.pdf See section 6.4 "Measure Data into PCR[7]" under "Entities that MUST be measured if the TPM is activated" The system SHALL measure the EV_SEPARATOR event in PCR[7]. (This occurs at the same time the separator is measured to PCR[0] through PCR[7].) Thanks, Bill
------------------------------------------------------------------------------
_______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
