In reply to @roosemberth:orbstheorem.ch
Anywho, I would like to understand exactly what measurements go into what TPM registry and where it's implemented (firmware, lanzaboote-stub, kernel or anything really).

18:32 ▬▬▶ jakogut (~oftc-webi@172-223-248-144.res.spectrum.com) a rejoint #edk2
18:36 <jakogut> Hello, I'm working on a Linux-based OS integrating secure boot and disk encryption using the TPM to encrypt the LUKS passphrase. It's working with a NUC, but with QEMU and OVMF, the digest of PCR7 isn't matching what I expect. Strangely, it seems the TPM event log isn't created in securityfs in QEMU. Even stranger, booting an Arch ISO with the exact same QEMU config creates it just fine.
18:39 <jakogut> Reviewing the kernel logs, it seems the only difference is the line starting with "efi:" on the system with the working event log shows the address of TPMEventLog in addition to TPMFinalLog, whereas the non-working system shows only "TPMFinalLog".
18:40 <jakogut> Any ideas on what may be going wrong here? If I can get the TPM event log working on this QEMU system, it'll get me a lot closer to debugging the unexpected PCR hash.