docs: document that in future we'll do EV_EVENT_TAG only, no EV_IPL

author Lennart Poettering <lennart@poettering.net>

Tue, 10 Oct 2023 13:51:38 +0000 (15:51 +0200)

committer Luca Boccassi <luca.boccassi@gmail.com>

Tue, 10 Oct 2023 22:31:33 +0000 (23:31 +0100)
author Lennart Poettering <lennart@poettering.net>
Tue, 10 Oct 2023 13:51:38 +0000 (15:51 +0200)
committer Luca Boccassi <luca.boccassi@gmail.com>
Tue, 10 Oct 2023 22:31:33 +0000 (23:31 +0100)
diff --git a/docs/TPM2_PCR_MEASUREMENTS.md b/docs/TPM2_PCR_MEASUREMENTS.md

index 7601c1553131e4cc3c47cc0271b910cb3ff2d158..462a86b36c0246272dfa3d4403fe51506a0fe283 100644 (file)
--- a/docs/TPM2_PCR_MEASUREMENTS.md
+++ b/docs/TPM2_PCR_MEASUREMENTS.md
@@ -29,6 +29,16 @@ Currently, four components will issue TPM2 PCR measurements:
  A userspace measurement event log in a format close to TCG CEL-JSON is
  maintained in `/run/log/systemd/tpm2-measure.log`.
  
+## Measurements Added in Future
+
+We expect that we'll add further PCR extensions in future (both in firmware and
+user mode), which also will be documented here. When executed from firmware
+mode future additions are expected to be recorded as `EV_EVENT_TAG`
+measurements in the event log, in order to make them robustly
+recognizable. Measurements currently recorded as `EV_IPL` will continue to be
+recorded as `EV_IPL`, for compatibility reasons. However, `EV_IPL` will not be
+used for new, additional measurements.
+
  ## PCR Measurements Made by `systemd-boot` (UEFI)
  
  ### PCS 5, `EV_EVENT_TAG`, "loader.conf"
author	Lennart Poettering <lennart@poettering.net>
	Tue, 10 Oct 2023 13:51:38 +0000 (15:51 +0200)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Tue, 10 Oct 2023 22:31:33 +0000 (23:31 +0100)