Re: TPM/EFI issue [Was: Linux 6.12]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 28. 11. 24, 17:13, James Bottomley wrote:
On Thu, 2024-11-28 at 08:20 +0100, Jiri Slaby wrote:
On 27. 11. 24, 17:24, James Bottomley wrote:
[...]
Well, it looks like you eliminated the TPM changes:

https://bugzilla.suse.com/show_bug.cgi?id=1233752#c6

So it must be something in the logging or event recording code.
The first thing to check is can you run a replay of the log to get
the end PCR values?  The binary for that is

tsseventextend -sim -v -if
/sys/kernel/security/tpm0/binary_bios_measurements

I put this into bbm (attached).

You'll have to check the values it gives against the values in

/sys/class/tpm/tpm0/tpm-sha256

I have only /sys/class/tpm/tpm0/pcr-sha256/.
    grep -H '.*' /sys/class/tpm/tpm0/pcr-sha256/*
attached

Yes, sorry, typo as you figured out.


With that:
  > $ for aa in /sys/class/tpm/tpm0/pcr-sha256/*; do sha=`cat $aa`;
echo
=== $sha; if [[ ! $sha =~ [F0]{64} ]]; then sha=$(echo $sha | sed
's@..@
&@g'); grep -i "$sha" bbm; fi; done
===
6C26A8BB35548545A189FFFC421134BE14D94B5E16DB91BA9628CBF67C69DDDA
  PCR 00: 6c 26 a8 bb 35 54 85 45 a1 89 ff fc 42 11 34 be 14 d9 4b
5e 16 db 91 ba 96 28 cb f6 7c 69 dd da
===
9967D57B20DE03689395042372515F2B91A6ADAC4042B5E0139B44A21FB36F7D
  PCR 01: 99 67 d5 7b 20 de 03 68 93 95 04 23 72 51 5f 2b 91 a6 ad
ac 40 42 b5 e0 13 9b 44 a2 1f b3 6f 7d
===
002651E9DD78325EFFBC4AE276401522575216280406A0DDA2D41AE8CA2EE3DC
===
0000000000000000000000000000000000000000000000000000000000000000
===
76E6D50D860B4CBAF4552CBFD4A83309F6DD855040657531DA796A386318CEAA
===
0000000000000000000000000000000000000000000000000000000000000000
===
30EFACACDAC53DEA877ED268648596776B212A4FF556D9B7FF934BEC5702EDD8
  PCR 14: 30 ef ac ac da c5 3d ea 87 7e d2 68 64 85 96 77 6b 21 2a
4f f5 56 d9 b7 ff 93 4b ec 57 02 ed d8
===
0000000000000000000000000000000000000000000000000000000000000000
===
0000000000000000000000000000000000000000000000000000000000000000
===
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
===
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
===
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
===
C83EA442D306E65267328CC6DA4B539A8F7216C329E90E0AAE5527026E50637D
  PCR 02: c8 3e a4 42 d3 06 e6 52 67 32 8c c6 da 4b 53 9a 8f 72 16
c3 29 e9 0e 0a ae 55 27 02 6e 50 63 7d
===
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
===
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
===
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
===
0000000000000000000000000000000000000000000000000000000000000000
===
3D458CFE55CC03EA1F443F1562BEEC8DF51C75E14A9FCF9A7234A13F198E7969
  PCR 03: 3d 45 8c fe 55 cc 03 ea 1f 44 3f 15 62 be ec 8d f5 1c 75
e1 4a 9f cf 9a 72 34 a1 3f 19 8e 79 69
  PCR 06: 3d 45 8c fe 55 cc 03 ea 1f 44 3f 15 62 be ec 8d f5 1c 75
e1 4a 9f cf 9a 72 34 a1 3f 19 8e 79 69
===
8C5ED4D1866768D7CDEC958584CA4FD9FA94D419EAE0BDEBB4284CF33A82CD9F
  PCR 04: 8c 5e d4 d1 86 67 68 d7 cd ec 95 85 84 ca 4f d9 fa 94 d4
19 ea e0 bd eb b4 28 4c f3 3a 82 cd 9f
===
0AC36B8B8CBD577A01949D77146BAB421E7111A8530DECCB4AC6A4899BD22740
  PCR 05: 0a c3 6b 8b 8c bd 57 7a 01 94 9d 77 14 6b ab 42 1e 71 11
a8 53 0d ec cb 4a c6 a4 89 9b d2 27 40
===
3D458CFE55CC03EA1F443F1562BEEC8DF51C75E14A9FCF9A7234A13F198E7969
  PCR 03: 3d 45 8c fe 55 cc 03 ea 1f 44 3f 15 62 be ec 8d f5 1c 75
e1 4a 9f cf 9a 72 34 a1 3f 19 8e 79 69
  PCR 06: 3d 45 8c fe 55 cc 03 ea 1f 44 3f 15 62 be ec 8d f5 1c 75
e1 4a 9f cf 9a 72 34 a1 3f 19 8e 79 69
===
6508BC9385D1E735BAC5C87D870962270D5134F4F49ECFFF01ECDC5B4EAD9A56
  PCR 07: 65 08 bc 93 85 d1 e7 35 ba c5 c8 7d 87 09 62 27 0d 51 34
f4 f4 9e cf ff 01 ec dc 5b 4e ad 9a 56
===
0000000000000000000000000000000000000000000000000000000000000000
===
F5A2E8762B524BE1CCAFE763672BC31627C326A1470A9DC351566F2413FDEFC2


Probably also check sha1 to see if it matches.

for aa in /sys/class/tpm/tpm0/pcr-sha1/*; do sha=`cat $aa`; echo
=== $sha; if [[ ! $sha =~ [F0]{32} ]]; then sha=$(echo $sha | sed
's@..@ &@g'); grep -i "$sha" bbm; fi; done
=== A4399CFC6A5FD20EC6697913936CBEE35B8353C4
  PCR 00: a4 39 9c fc 6a 5f d2 0e c6 69 79 13 93 6c be e3 5b 83 53
c4
=== 24F81DFF31EE374162E759B0395247ADC7A6FFB8
  PCR 01: 24 f8 1d ff 31 ee 37 41 62 e7 59 b0 39 52 47 ad c7 a6 ff
b8
=== 466B2B859CA97E60AEAADFD279A689E534D0CE7B
=== 0000000000000000000000000000000000000000
=== 485E52A350F34D1EF4263C1E2C99D22A771C4C01
=== 0000000000000000000000000000000000000000
=== 87F3655072D45EA768F02ADB16EF946D42620224
  PCR 14: 87 f3 65 50 72 d4 5e a7 68 f0 2a db 16 ef 94 6d 42 62 02
24
=== 0000000000000000000000000000000000000000
=== 0000000000000000000000000000000000000000
=== FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
=== FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
=== FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
=== DCFFB00B36562803DDE211D6E07C2D7F123279E3
  PCR 02: dc ff b0 0b 36 56 28 03 dd e2 11 d6 e0 7c 2d 7f 12 32 79
e3
=== FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
=== FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
=== FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
=== 0000000000000000000000000000000000000000
=== B2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
  PCR 03: b2 a8 3b 0e bf 2f 83 74 29 9a 5b 2b df c3 1e a9 55 ad 72
36
  PCR 06: b2 a8 3b 0e bf 2f 83 74 29 9a 5b 2b df c3 1e a9 55 ad 72
36
=== DCD4E77C33E164FCC8F3D566AE83840F8265E47D
  PCR 04: dc d4 e7 7c 33 e1 64 fc c8 f3 d5 66 ae 83 84 0f 82 65 e4
7d
=== 35871F5AFB0129A9535C35B6BF82A3DF075E124B
  PCR 05: 35 87 1f 5a fb 01 29 a9 53 5c 35 b6 bf 82 a3 df 07 5e 12
4b
=== B2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
  PCR 03: b2 a8 3b 0e bf 2f 83 74 29 9a 5b 2b df c3 1e a9 55 ad 72
36
  PCR 06: b2 a8 3b 0e bf 2f 83 74 29 9a 5b 2b df c3 1e a9 55 ad 72
36
=== 16F5D0A8B980EC71DAFAD1E515554482747A4FCE
  PCR 07: 16 f5 d0 a8 b9 80 ec 71 da fa d1 e5 15 55 44 82 74 7a 4f
ce
=== 0000000000000000000000000000000000000000
=== 8482CFF5AE0D9217ABB8BB82EAC487136DAFFC96

I have no idea if this tells you anything :).

Yes, it tells me the entries in the log for PCR0-7,14 match the log
entries (for both sha1 and sha256).  However there are entries for
PCR9,12 which don't match.  The log shows shim starting at entry 32,
grub starting at entry 37 and the kernel loading at entry 39  the
kernel command line logged at 40 to PCR 12, which is mismatching.

The next two entries (41,42) are for the mismatching PCR9 and are of
the initrd and the options and come from the libstub code in the kernel
early boot (efi-stub-helper.c).

Note that ovmf logged:
Called TcgDxeHashLogExtendEvent 0 58683000 1B1E78C 5FE63C00 5E3492AA
Data 28 B5 2F FD ... E1 29 FE 0

But initrd on disk is 1B1E78B long, not 1B1E78C. So the excessive 0 at the end above brews the mismatch. See:
  https://bugzilla.suse.com/show_bug.cgi?id=1233752#c14
"By adding the 0 byte I can replicate the measured digest."

So there is something aligning the initrd. kernel's libstub just uses and passes load_file2's size down to TcgDxeHashLogExtendEvent, AIUI. So it'd be sdb, ovmf or something. BTW how are sizes stored in/fetched from vfat? But well, fs/fat/ received no significant changes either.

This code was last updated in 6.9, so
it seems unlikely to have suddenly caused a problem.  Event 43,44 are
exit boot services (logged to PCR 5 which matches).

line 40 is anomalous: grub is supposed to measure the options to the
string PCR which should be 8 not 12 ... did you patch grub to change
this?

All this is with sdb, not grub, actually.

The log can't be corrupt because PCR8 is zero, so nothing got
logged to it.

And do you have the same thing for a working system?

Let me try.

thanks,
--
js
suse labs




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux