On Wed, Mar 30, 2022 at 09:12:19AM +0200, Ard Biesheuvel wrote: > On Wed, 30 Mar 2022 at 09:11, Matthew Garrett <mjg59@xxxxxxxxxxxxx> wrote: > > The EFI stub carries out a bunch of actions that have meaningful > > security impact, and that's material that should be measured. Having the > > secure launch kernel execute the stub without awareness of what it does > > means it would need to measure the code without measuring the state, > > while the goal of DRTM solutions is to measure state rather than the > > code. > > But how is that any different from the early kernel code?
