On Tue, Jan 08, 2019 at 05:48:42PM -0800, Matthew Garrett wrote: > There are several complexities associated with handling the crypto-agile > log format from TPM2 systems on UEFI platforms. The first is that each > log entry may be of variable length, necessitating parsing the log > in-kernel to determine its length. The second is that the log is kept in > boot services memory (which is reclaimed by the OS after > ExitBootServices() is called), but ExitBootServices() may introduce > additional log entries. These additional log entries are added to a > separate log which should then be merged into the initial log. > > This patchset makes the existing support for calculating TPM events more > general (in order to allow it to be used from the EFI boot stub), adds > support for copying up crypto agile logs from the boot environment to > the running kernel and adds support for merging the final events log > into the initial events log. With a brief look, looks really good. I'll probably don't have time to do a detailed review this week (still catching up after holidays). /Jarkko
