From: Lennart Poettering Date: Mon, 21 Aug 2023 16:38:18 +0000 (+0200) Subject: efi: add comment clarifying we should not use EV_IPL anymore X-Git-Tag: v255-rc1~678 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b022ea047673d758d13b227305cc5972501a9b17;p=thirdparty%2Fsystemd.git efi: add comment clarifying we should not use EV_IPL anymore --- diff --git a/src/boot/efi/measure.c b/src/boot/efi/measure.c index c2552268d5e..359d277e2f2 100644 --- a/src/boot/efi/measure.c +++ b/src/boot/efi/measure.c @@ -55,6 +55,12 @@ static EFI_STATUS tpm2_measure_to_pcr_and_event_log( assert(tcg); assert(description); + /* NB: We currently record everything as EV_IPL. Which sucks, because it makes it hard to + * recognize from the event log which of the events are ours. Measurement logs are kinda API hence + * this is hard to change for existing, established events. But for future additions, let's use + * EV_EVENT_TAG instead, with a tag of our choosing that makes clear what precisely we are measuring + * here. */ + desc_len = strsize16(description); tcg_event = xmalloc(offsetof(EFI_TCG2_EVENT, Event) + desc_len); memset(tcg_event, 0, offsetof(EFI_TCG2_EVENT, Event) + desc_len);