B***@Dell.com
2015-08-05 20:21:46 UTC
Hi all,
This may already be a known issue, but maybe not ...
The code that measures EV_SEPARATOR into PCR[7] seems inconsistent with the spec below. The spec mentions that EV_SEPARATOR is measured into PCR[0] through PCR[7] at the same time. However, EDK2 code (MeasureSecureBootPolicy in TrEEDxe.c) measures the separator event in PCR[7] much earlier than other PCRs. Shouldn't the code measure this event in PCR[7] at the same point it measures this event in the other PCRs, to be consistent with the spec?
http://www.trustedcomputinggroup.org/files/static_page_files/D4268663-1A4B-B294-D05DE87EE90558B6/TCG_EFI_Platform_1_22_Final_-v15.pdf
See section 6.4 "Measure Data into PCR[7]" under "Entities that MUST be measured if the TPM is activated"
The system SHALL measure the EV_SEPARATOR event in PCR[7]. (This occurs at the same time the separator is measured to PCR[0] through PCR[7].)
Thanks,
Bill
This may already be a known issue, but maybe not ...
The code that measures EV_SEPARATOR into PCR[7] seems inconsistent with the spec below. The spec mentions that EV_SEPARATOR is measured into PCR[0] through PCR[7] at the same time. However, EDK2 code (MeasureSecureBootPolicy in TrEEDxe.c) measures the separator event in PCR[7] much earlier than other PCRs. Shouldn't the code measure this event in PCR[7] at the same point it measures this event in the other PCRs, to be consistent with the spec?
http://www.trustedcomputinggroup.org/files/static_page_files/D4268663-1A4B-B294-D05DE87EE90558B6/TCG_EFI_Platform_1_22_Final_-v15.pdf
See section 6.4 "Measure Data into PCR[7]" under "Entities that MUST be measured if the TPM is activated"
The system SHALL measure the EV_SEPARATOR event in PCR[7]. (This occurs at the same time the separator is measured to PCR[0] through PCR[7].)
Thanks,
Bill