From 9aa8ef4e2b86aabcc846eaf62d34a77b1763c337 Mon Sep 17 00:00:00 2001
From: mayafleischer <mfleischer@google.com>
Date: Wed, 25 Feb 2026 14:41:21 -0800
Subject: [PATCH] Add an option to skip ACPI table check in CCEL replay and
 update tests accordingly

---
 ccel/replay.go      | 14 ++++++++------
 ccel/replay_test.go | 11 ++++++++++-
 extract/extract.go  |  2 ++
 3 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/ccel/replay.go b/ccel/replay.go
index f6c3a0d..f28c3b2 100644
--- a/ccel/replay.go
+++ b/ccel/replay.go
@@ -38,12 +38,14 @@ import (
 // trusted. Users can establish trust in RTMR values by either calling
 // client.ReadRTMRs() themselves or by verifying the values via a RTMR quote.
 func ReplayAndExtract(acpiTableFile []byte, rawEventLog []byte, rtmrBank register.RTMRBank, opts extract.Opts) (*pb.FirmwareLogState, error) {
-	table, err := parseCCELACPITable(acpiTableFile)
-	if err != nil {
-		return nil, fmt.Errorf("failed to parse CCEL ACPI Table file: %v", err)
-	}
-	if table.CCType != TDX {
-		return nil, fmt.Errorf("only TDX Confidential Computing event logs are supported: received %v", table.CCType)
+	if !opts.SkipACPITableCheck {
+		table, err := parseCCELACPITable(acpiTableFile)
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse CCEL ACPI Table file: %v", err)
+		}
+		if table.CCType != TDX {
+			return nil, fmt.Errorf("only TDX Confidential Computing event logs are supported: received %v", table.CCType)
+		}
 	}
 
 	cryptoHash, err := rtmrBank.CryptoHash()
diff --git a/ccel/replay_test.go b/ccel/replay_test.go
index 251dc22..8d37556 100644
--- a/ccel/replay_test.go
+++ b/ccel/replay_test.go
@@ -47,6 +47,10 @@ func TestReplayAndExtract(t *testing.T) {
 			opts:    extract.Opts{Loader: extract.GRUB},
 			wantErr: true,
 		},
+		{
+			el:   COS113TDX,
+			opts: extract.Opts{Loader: extract.GRUB, SkipACPITableCheck: true},
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.el.fname+strconv.FormatBool(tt.wantErr), func(t *testing.T) {
@@ -55,7 +59,12 @@ func TestReplayAndExtract(t *testing.T) {
 				t.Fatal(err)
 			}
 
-			_, err = ReplayAndExtract(tableBytes, elBytes, register.RTMRBank{RTMRs: tt.el.rtmrs}, tt.opts)
+			tb := tableBytes
+			if tt.opts.SkipACPITableCheck {
+				tb = []byte("invalid table")
+			}
+
+			_, err = ReplayAndExtract(tb, elBytes, register.RTMRBank{RTMRs: tt.el.rtmrs}, tt.opts)
 			if (err != nil) != tt.wantErr {
 				t.Errorf("ReplayAndExtract: got %v, wantErr %v", err, tt.wantErr)
 			}
diff --git a/extract/extract.go b/extract/extract.go
index 4cebba4..45c6aef 100644
--- a/extract/extract.go
+++ b/extract/extract.go
@@ -65,6 +65,8 @@ type Opts struct {
 	// "Calling EFI Application from Boot Option". This option is useful when
 	// the host platform loads EFI Applications unrelated to OS boot.
 	AllowEFIAppBeforeCallingEvent bool
+	// SkipACPITableCheck drops the check of the ACPI table.
+	SkipACPITableCheck bool
 }
 
 // FirmwareLogState extracts event info from a verified TCG PC Client event