public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: Jorge Fernandez Monteagudo <jorgefm@cirsa.com>,
	"Zhang, Chao B" <chao.b.zhang@intel.com>,
	"edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Subject: Re: Tianocore and TPM2 pcr values
Date: Wed, 26 Sep 2018 06:11:58 +0000	[thread overview]
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503AD9AC26@shsmsx102.ccr.corp.intel.com> (raw)
In-Reply-To: <AM4PR07MB31219723689710C3DE740ED8A1150@AM4PR07MB3121.eurprd07.prod.outlook.com>

Hi Jorge
Yes, it is always good to enable serial port debug. There are lots of debug message in Tcg2Dxe driver. We can know what is wrong.

In pure UEFI BIOS, the PEI driver extends to PCR0, and DXE image measurement lib extend to PCR2, PCR4, PCR5. The DXE driver extends variable to PCR1/7, and exposes the TCG2 protocol to let OS use it.

In your patch, since we are using UEFI as payload, and there is no PEI, I am not clear which driver you expect will extend something to PCR0. Do you think coreboot is CRTM? Or the UEFI payload is the CRTM? Who should be responsible to extend coreboot image from flash, and who should extend UEFI payload?

Also, only *3rd part* image will change PCR2 and PCR4. Do you have such case in your platform?

Anyway, there should still be something measured - boot variable (PCR1), secure boot variable (PCR7), GPT (5), action (4,5), separator (1~7), if you include Tcg2Dxe driver.

I am not clear if coreboot already extends something to separator according to TCG PFP spec. If that is the case, we probably need a special handing in DXE driver.


I look forward to your serial debug message and design discussion.

Thank you
Yao Jiewen


> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
> Jorge Fernandez Monteagudo
> Sent: Wednesday, September 26, 2018 1:46 PM
> To: Zhang, Chao B <chao.b.zhang@intel.com>; edk2-devel@lists.01.org
> Subject: Re: [edk2] Tianocore and TPM2 pcr values
> 
> Hi Chao!
> 
> 
> Maybe the traces I get from the debug build and
> 
> 
>   gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x7
>   gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x800A044F
>   gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2F
> 
> can help.
> 
> 
> ________________________________
> De: edk2-devel <edk2-devel-bounces@lists.01.org> en nombre de Jorge
> Fernandez Monteagudo <jorgefm@cirsa.com>
> Enviado: martes, 25 de septiembre de 2018 16:09:31
> Para: Zhang, Chao B; edk2-devel@lists.01.org
> Asunto: Re: [edk2] Tianocore and TPM2 pcr values
> 
> Hi Chao!
> 
> 
> PCR0 has not changed in any of the test I've done! What info do you need?
> 
> 
> I'm using:
> 
> coreboot: ae05d095b36ac835a6b1a221e6858065e5486888, master branch
> 
> tianocore: 07ecd98ac18d6792181856faca7d4bed1b587261, coreboot
> branch
> 
> Attached are the changes I've done to tianocore to get TPM2 support and no
> console.
> PCR0 is always
> 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969
> 
> Thanks!
> ________________________________
> De: Zhang, Chao B <chao.b.zhang@intel.com>
> Enviado: martes, 25 de septiembre de 2018 15:41:45
> Para: Jorge Fernandez Monteagudo; edk2-devel@lists.01.org
> Cc: You, Benjamin
> Asunto: RE: Tianocore and TPM2 pcr values
> 
> Hi Jorge:
>     PCR 0 should change if you  use different core boot payload + UEFI. So
> your case seems to be an issue. Can you provide more detailed info?
> 
> 
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
> Jorge Fernandez Monteagudo
> Sent: Monday, September 24, 2018 5:57 PM
> To: edk2-devel@lists.01.org
> Subject: [edk2] Tianocore and TPM2 pcr values
> 
> Hi all,
> 
> 
> This is my first message in this list. I'm using tianocore as a payload for a
> Coreboot in order to
> 
> boot a custom board I'm working on it. Finally I've been able to enable the
> TPM2 support in
> 
> coreboot and in tianocore but I have some questions regarding the values
> I'm seeing in the PCRs.
> 
> 
> I'm using Tianocore master branch as is selected by coreboot menuconfig
> and x64 architecture.
> 
> Once the system is running I can read the PCRs and, if I'm not wrong, PCRs 0
> to 7 are handled
> 
> by the Tianocore/Coreboot. I've flashed a coreboot+tianocore in release
> mode and a coreboot+
> 
> tianocore in debug mode and the PCRs are the same. Is it ok? I thought that
> any change in the
> 
> coreboot.rom will made the PCR values to change...
> 
> 
> pcr0:
> 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969
> pcr1:
> a3a3552caa68c6d9db64bf1ed4dca08080f99b59f1b26debc9abefa59ee8ca28
> pcr2:
> 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969
> pcr3:
> 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969
> pcr4:
> 74a35102770e65ab94b35135a4bf54c411134ae8059e03df41060a33f573871
> f
> pcr5:
> dfa65561584cb8604b1675c869f3341d0c99c642ce9d91353380361126235ad
> 8
> pcr6:
> 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969
> pcr7:
> b5710bf57d25623e4019027da116821fa99f5c81e9e38b87671cc574f9281439
> 
> Another test I've done is using the Tianocore stable branch as selected by
> coreboot
> (STABLE_COMMIT_ID=315d9d08fd77db1024ccc5307823da8aaed85e2f) and
> I get the same values from release and build coreboot.roms except that
> PCR1 has the same value as PCR0, 2, 3 and 6, it seems it's not used in this
> version.
> 
> Is this the expected behavior?
> 
> Thanks!
> Jorge
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel


  reply	other threads:[~2018-09-26  6:17 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-09-24  9:57 Tianocore and TPM2 pcr values Jorge Fernandez Monteagudo
2018-09-25 13:41 ` Zhang, Chao B
2018-09-25 14:09   ` Jorge Fernandez Monteagudo
2018-09-26  5:46     ` Jorge Fernandez Monteagudo
2018-09-26  6:11       ` Yao, Jiewen [this message]
2018-09-26  6:39         ` Jorge Fernandez Monteagudo
2018-09-26  6:44           ` Yao, Jiewen
2018-09-26  6:48             ` Jorge Fernandez Monteagudo
2018-09-26  6:58               ` Yao, Jiewen
2018-09-26  8:53                 ` Jorge Fernandez Monteagudo
2018-09-26  8:56                   ` Yao, Jiewen
2018-09-26  9:06                     ` Jorge Fernandez Monteagudo
2018-09-26 12:17                       ` Yao, Jiewen
2018-09-27  6:11                         ` Jorge Fernandez Monteagudo
2018-09-27  6:22                           ` Yao, Jiewen
2018-09-27  6:36                             ` Jorge Fernandez Monteagudo
2018-09-27  6:52                               ` Jorge Fernandez Monteagudo
2018-09-27  6:56                                 ` Yao, Jiewen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=74D8A39837DF1E4DA445A8C0B3885C503AD9AC26@shsmsx102.ccr.corp.intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox