As I pointed before @TommyTran732 and to anyone thinking compromising measured boot is trivial, I layed down the tooling for anyone wanting to further protection / prove measured boot not enough to understand and break it once and for all under WiP: introspection - replicate TPM PCRs measurements directly from measured content (TCPA/TPM Event log) by tlaurion · Pull Request #1568 · linuxboot/heads · GitHub
Just use it for the bad to faster the development of something good/better.
Until then, it was proven non trivial. You refusing to read it, test it, prove you understand how a TPM extend/seal/unseal/quote ops work, extract/replay/tamper bootblock anchored measured boot is yet to be proven flawed beyond just theoretical attack by anyone/to everyone. Please just do it and like I said: you’ll get the world’s attention. Until then, you are in denial. And this echo chamber is not the place (not my place) to discuss this further.
EDIT: added repro notes directly at WiP: introspection - replicate TPM PCRs measurements directly from measured content (TCPA/TPM Event log) by tlaurion · Pull Request #1568 · linuxboot/heads · GitHub to entice Evil-Made PoC by anyone willing to take that challenge to move theoretical vuln into a practical, reproducible PoC. Up for the challenge with more than words but code? PLEASE DO IT.