Please allow me to clarify what you are proposing: Do you mean in vTPM case, we extend both, but we only need TCG event log, NOT CC event log?
> -----Original Message----- > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd > Hoffmann > Sent: Thursday, April 11, 2024 4:08 PM > To: Ard Biesheuvel <a...@kernel.org> > Cc: devel@edk2.groups.io; Yao, Jiewen <jiewen....@intel.com>; Dionna Amalie > Glaze <dionnagl...@google.com>; Mikko Ylinen <mikko.yli...@linux.intel.com>; > James Bottomley <j...@linux.ibm.com>; Tom Lendacky > <thomas.lenda...@amd.com>; Michael Roth <michael.r...@amd.com>; qinkun > Bao <qin...@google.com>; linux-c...@lists.linux.dev; Aktas, Erdem > <erdemak...@google.com>; Peter Gonda <pgo...@google.com>; Johnson, > Simon P <simon.p.john...@intel.com>; Xiang, Qinglan > <qinglan.xi...@intel.com> > Subject: Re: [edk2-devel] [RFC PATCH] OvmfPkg/SecurityPkg: Add build option > for > coexistance of vTPM and RTMR. > > Hi, > > > Given that RTMR is a proper subset of vTPM (modulo the PCR/RTMR index > > conversion), I feel that it should be the CoCo firmware's > > responsibility to either: > > - expose RTMR and not vTPM > > - expose vTPM, and duplicate each measurement into RTMR as they are taken > > That approach looks good to me. It will make sure vTPM and RTMR > measurements are consistent and it also solves the event log issue > (we don't need separate vTPM and RTMR entries then). > > take care, > Gerd > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117628): https://edk2.groups.io/g/devel/message/117628 Mute This Topic: https://groups.io/mt/105070442/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
