Le mar. 12 mai 2020 à 08:45, Ard Biesheuvel <ardb@xxxxxxxxxx> a écrit : > So what functionality do we lose here? Can we still make meaningful > use of the event log without the final log? I thought one was > incomplete without the other? The char driver (drivers/char/tpm/eventlog/efi.c), already ignores efi.tpm_final_log if the event log version isn't EFI_TCG2_EVENT_LOG_FORMAT_TCG_2. So there currently no code making use of the final log contents on those machines, besides the two cases I patched which only try to determine its size. I don't know if the table contains bad data, or just doesn't follow the specification and uses the older SHA-1 log format. If this is the case, perhaps we could try to support it, and modify the code to allow returning the additional events it might contain to the userspace.
