From a86e0a599bae8c5b1a0f3690cb40e83561095287 Mon Sep 17 00:00:00 2001
From: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Date: Wed, 18 Dec 2024 17:26:17 +0100
Subject: [PATCH] tools/tdx-measure: address upstream RTMR calculation changes

This commit [^1] changed the way RTMR 0 and RTMR 1 are calculated when booting a TD in OVMF. The separator got moved from RTMR 0 to RTMR 1, which means we just have to do the same in our precalculation tool.

[^1]: https://github.com/tianocore/edk2/commit/efaf8931bbfa33a81b8792fbf9e2ccc239d53204#diff-d7a1c39ce3475b95ef5d09de899d1114395bab0ce6280ee455680c8792e1867aR2171
---
 tools/tdx-measure/rtmr/rtmr.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/tools/tdx-measure/rtmr/rtmr.go b/tools/tdx-measure/rtmr/rtmr.go
index a6a3fb71a..eab9ca13d 100644
--- a/tools/tdx-measure/rtmr/rtmr.go
+++ b/tools/tdx-measure/rtmr/rtmr.go
@@ -237,8 +237,6 @@ func CalcRtmr0(firmware []byte) ([48]byte, error) {
 	}
 	rtmr.extendVariableValue(boot0000)
 
-	rtmr.extendSeparator()
-
 	return rtmr.Get(), nil
 }
 
@@ -254,6 +252,10 @@ func CalcRtmr1(kernelFile, initrdFile []byte) ([48]byte, error) {
 
 	// https://github.com/tianocore/edk2/blob/0f3867fa6ef0553e26c42f7d71ff6bdb98429742/OvmfPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c#L2155
 	rtmr.hashAndExtend([]byte("Calling EFI Application from Boot Option"))
+
+	// https://github.com/tianocore/edk2/blob/efaf8931bbfa33a81b8792fbf9e2ccc239d53204/OvmfPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c#L2171
+	rtmr.extendSeparator()
+
 	// https://github.com/tianocore/edk2/blob/0f3867fa6ef0553e26c42f7d71ff6bdb98429742/OvmfPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c#L2243
 	rtmr.hashAndExtend([]byte("Exit Boot Services Invocation"))
 	// https://github.com/tianocore/edk2/blob/0f3867fa6ef0553e26c42f7d71ff6bdb98429742/OvmfPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c#L2254