Unexpected boot events - no path vector info

[jocado]

Hi,

I have an issue which seems similar to #4

I have a boot event which seem to have hardly any required info:

PCR 4 -- Event 80000003 <TpmEventType.EFI_BOOT_SERVICES_APPLICATION>
Path vector:
warning: couldn't map EfiBootServicesApplication event to a Linux path
--> after this event, PCR 4 contains value 2d1b659268c1f0dcfbba92cc0226a0c5f4098efb22db942628bf9ca40b860f74
--> after reboot, PCR 4 will contain value 2d1b659268c1f0dcfbba92cc0226a0c5f4098efb22db942628bf9ca40b860f74

If I add a quick debug to print the event data [ event_data = parse_efi_bsa_event(event["event_data"]) ], I get this:

DEBUG: {'image_location': 252217216, 'image_length': 10171040, 'image_lt_address': 0, 'device_path_len': 0, 'device_path': b'', 'device_path_vec': []}

I'm not certain this is something that can be fixed, but want to raise it in case this specific case was interesting or was something that could be ignored [ unlikely, but I'm not an expert in this so I have no idea ].

Cheers,
Just

[grawity]

They could be ignored – the reason for hiding that under the command line option is that I'm not sure if there's a good way to distinguish "always present" weird events from "one-off" weird events...

The goal here was to fail loudly if the system is booted in a non-normal way, e.g. from the setup screen which causes additional events to be logged, which would cause unsealing to fail on the next "normal" boot.

I guess it might be possible to list specific event hashes as "okay to quietly accept"? (I don't know if it's something to carry in the script, or to make configurable locally.) Or maybe a completely different approach would be better.