From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: Jorge Fernandez Monteagudo <jorgefm@cirsa.com>,
"Zhang, Chao B" <chao.b.zhang@intel.com>,
"edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Subject: Re: Tianocore and TPM2 pcr values
Date: Wed, 26 Sep 2018 08:56:05 +0000 [thread overview]
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503AD9C8D3@shsmsx102.ccr.corp.intel.com> (raw)
In-Reply-To: <AM4PR07MB31217DBC907DE10250AAAFF7A1150@AM4PR07MB3121.eurprd07.prod.outlook.com>
OK. That means the PCR is extended successfully.
You still cannot get the right PCR hardware value?
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
> Jorge Fernandez Monteagudo
> Sent: Wednesday, September 26, 2018 4:54 PM
> To: Yao, Jiewen <jiewen.yao@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>; edk2-devel@lists.01.org
> Subject: Re: [edk2] Tianocore and TPM2 pcr values
>
> I've added the Tcg2GetEventLog at the end of OnReadyToBoot from
> Tcg2Dxe.c and I can see:
>
>
> TPM2 Tcg2Dxe Measure Data when ReadyToBoot
> Tcg2GetEventLog ... (0x2)
> Tcg2GetEventLog (EventLogLocation - 8F3D2000)
> Tcg2GetEventLog (EventLogLastEntry - 8F3D27AE)
> Tcg2GetEventLog (EventLogTruncated - 0)
> Tcg2GetEventLog - Success
> EventLogFormat: (0x2)
> Event:
> PCRIndex - 0
> EventType - 0x00000003
> Digest - 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00
> EventSize - 0x00000025
> 0000:
> 53706563204944204576656E74303300000000000002000202000000040014
> 00
> 0020: 0B00200000
> TCG_EfiSpecIDEventStruct:
> signature - 'Spec ID Event03 '
> platformClass - 0x00000000
> specVersion - 2.00
> uintnSize - 0x02
> NumberOfAlgorithms - 0x00000002
> digest(0)
> algorithmId - 0x0004
> digestSize - 0x0014
> digest(1)
> algorithmId - 0x000B
> digestSize - 0x0020
> VendorInfoSize - 0x00
> VendorInfo -
> Event:
> PCRIndex - 7
> EventType - 0x80000001
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 2F 20 11 2A 3F 55 39 8B 20 8E 0C 42 68 13 89 B4 CB 5B 18
> 23
> HashAlgo : 0x000B
> Digest(1): CE 9C E3 86 B5 2E 09 9F 30 19 E5 12 A0 D6 06 2D 6B 56 0E
> FE 4F F3 E5 66 1C 75 25 E2 F9 C2 63 DF
>
> EventSize - 0x00000034
> 0000:
> 61DFE48BCA93D211AA0D00E098032B8C0A00000000000000000000000000
> 0000
> 0020: 53006500630075007200650042006F006F007400
> Event:
> PCRIndex - 7
> EventType - 0x80000001
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 9B 13 87 30 6E BB 7F F8 E7 95 E7 BE 77 56 36 66 BB F4 51
> 6E
> HashAlgo : 0x000B
> Digest(1): DE A7 B8 0A B5 3A 3D AA A2 4D 5C C4 6C 64 E1 FA 9F FD 03
> 73 9F 90 AA DB D8 C0 86 7C 4A 5B 48 90
>
> EventSize - 0x00000024
> 0000:
> 61DFE48BCA93D211AA0D00E098032B8C02000000000000000000000000000
> 000
> 0020: 50004B00
> Event:
> PCRIndex - 7
> EventType - 0x80000001
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 9A FA 86 C5 07 41 9B 85 70 C6 21 67 CB 94 86 D9 FC 80 97
> 58
> HashAlgo : 0x000B
> Digest(1): E6 70 E1 21 FC EB D4 73 B8 BC 41 BB 80 13 01 FC 1D 9A FA
> 33 90 4F 06 F7 14 9B 74 F1 2C 47 A6 8F
>
> EventSize - 0x00000026
> 0000:
> 61DFE48BCA93D211AA0D00E098032B8C03000000000000000000000000000
> 000
> 0020: 4B0045004B00
> Event:
> PCRIndex - 7
> EventType - 0x80000001
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 5B F8 FA A0 78 D4 0F FB D0 33 17 C9 33 98 B0 12 29 A0 E1
> E0
> HashAlgo : 0x000B
> Digest(1): BA F8 9A 3C CA CE 52 75 0C 5F 01 28 35 1E 04 22 A4 15 97
> A1 AD FD 50 82 2A A3 63 B9 D1 24 EA 7C
>
> EventSize - 0x00000024
> 0000:
> CBB219D73A3D9645A3BCDAD00E67656F0200000000000000000000000000
> 0000
> 0020: 64006200
> Event:
> PCRIndex - 7
> EventType - 0x80000001
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 73 44 24 C9 FE 8F C7 17 16 C4 20 96 F4 B7 4C 88 73 3B 17
> 5E
> HashAlgo : 0x000B
> Digest(1): 9F 75 B6 82 3B FF 6A F1 02 4A 4E 20 36 71 9C DD 54 8D 3C
> BC 2B F1 DE 8E 7E F4 D0 ED 01 F9 4B F9
>
> EventSize - 0x00000026
> 0000:
> CBB219D73A3D9645A3BCDAD00E67656F0300000000000000000000000000
> 0000
> 0020: 640062007800
> Event:
> PCRIndex - 7
> EventType - 0x00000004
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 90 69 CA 78 E7 45 0A 28 51 73 43 1B 3E 52 C5 C2 52 99 E4
> 73
> HashAlgo : 0x000B
> Digest(1): DF 3F 61 98 04 A9 2F DB 40 57 19 2D C4 3D D7 48 EA 77 8A
> DC 52 BC 49 8C E8 05 24 C0 14 B8 11 19
>
> EventSize - 0x00000004
> 0000: 00000000
> Event:
> PCRIndex - 1
> EventType - 0x80000002
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 1B 24 F7 F4 BB 84 00 03 02 20 9D 12 98 D6 2F 57 79 A9 4F
> 45
> HashAlgo : 0x000B
> Digest(1): 90 C2 69 89 21 CA 9F D0 29 50 BE 35 3F 72 18 88 76 0E 33
> AB 50 95 A2 1E 50 F1 E4 36 0B 6D E1 A0
>
> EventSize - 0x00000038
> 0000:
> 61DFE48BCA93D211AA0D00E098032B8C09000000000000000600000000000
> 000
> 0020: 42006F006F0074004F007200640065007200000001000200
> Event:
> PCRIndex - 1
> EventType - 0x80000002
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): E9 44 11 C7 28 F4 14 4F 9F 49 9D DE 4A BB F8 F0 48 3A BB
> 66
> HashAlgo : 0x000B
> Digest(1): 1F 7F 14 CE 8C 8E 85 5B 56 A0 FF 0D 87 FB 6E E6 78 98 37
> 76 FA BE 83 C4 9F E5 1F 07 36 D3 0E 9C
>
> EventSize - 0x00000070
> 0000:
> 61DFE48BCA93D211AA0D00E098032B8C08000000000000004000000000000
> 000
> 0020:
> 42006F006F0074003000300030003000010000001C00450046004900200055
> 00
> 0040:
> 530042002000440065007600690063006500000002010C00D041030A00000
> 000
> 0060: 0101060000100305060001007FFF0400
> Event:
> PCRIndex - 1
> EventType - 0x80000002
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 2D 60 53 82 1E 28 AC 45 A6 64 84 57 06 57 48 7A C3 8B 9E
> 3A
> HashAlgo : 0x000B
> Digest(1): A0 39 4A 61 B8 1E 84 4E 1C 13 6C 74 EC 15 56 0A CF 5C 69
> 0F 22 3E C3 22 1F F5 1E 18 3C 72 AF DA
>
> EventSize - 0x00000074
> 0000:
> 61DFE48BCA93D211AA0D00E098032B8C08000000000000004400000000000
> 000
> 0020:
> 42006F006F0074003000300030003100010000002000450046004900200048
> 00
> 0040:
> 610072006400200044007200690076006500000002010C00D041030A00000
> 000
> 0060: 01010600001103120A000100FFFF00007FFF0400
> Event:
> PCRIndex - 1
> EventType - 0x80000002
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): CF A3 CA 37 28 69 A8 3E 5A 0A 29 2D 94 D9 03 32 3D F7 1E
> 86
> HashAlgo : 0x000B
> Digest(1): C1 B5 4E 82 C6 8B 86 A7 ED 70 DF E9 CB AC A8 1E 99 C0 8A
> 42 13 DD FD 13 7A 54 12 45 C8 33 13 22
>
> EventSize - 0x00000079
> 0000:
> 61DFE48BCA93D211AA0D00E098032B8C08000000000000004900000000000
> 000
> 0020:
> 42006F006F007400300030003000320001000000230045004600490020004D
> 00
> 0040:
> 6900730063002000440065007600690063006500000002010C00D041030A0
> 000
> 0060: 0000010106000714031D05000001050800000000007FFF0400
> Event:
> PCRIndex - 4
> EventType - 0x80000007
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): CD 0F DB 45 31 A6 EC 41 BE 27 53 BA 04 26 37 D6 E5 F7 F2
> 56
> HashAlgo : 0x000B
> Digest(1): 3D 67 72 B4 F8 4E D4 75 95 D7 2A 2C 4C 5F FD 15 F5 BB 72
> C7 50 7F E2 6F 2A AE E2 C6 9D 56 33 BA
>
> EventSize - 0x00000028
> 0000:
> 43616C6C696E6720454649204170706C69636174696F6E2066726F6D20426F
> 6F
> 0020: 74204F7074696F6E
> Event:
> PCRIndex - 0
> EventType - 0x00000004
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 90 69 CA 78 E7 45 0A 28 51 73 43 1B 3E 52 C5 C2 52 99 E4
> 73
> HashAlgo : 0x000B
> Digest(1): DF 3F 61 98 04 A9 2F DB 40 57 19 2D C4 3D D7 48 EA 77 8A
> DC 52 BC 49 8C E8 05 24 C0 14 B8 11 19
>
> EventSize - 0x00000004
> 0000: 00000000
> Event:
> PCRIndex - 1
> EventType - 0x00000004
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 90 69 CA 78 E7 45 0A 28 51 73 43 1B 3E 52 C5 C2 52 99 E4
> 73
> HashAlgo : 0x000B
> Digest(1): DF 3F 61 98 04 A9 2F DB 40 57 19 2D C4 3D D7 48 EA 77 8A
> DC 52 BC 49 8C E8 05 24 C0 14 B8 11 19
>
> EventSize - 0x00000004
> 0000: 00000000
> Event:
> PCRIndex - 2
> EventType - 0x00000004
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 90 69 CA 78 E7 45 0A 28 51 73 43 1B 3E 52 C5 C2 52 99 E4
> 73
> HashAlgo : 0x000B
> Digest(1): DF 3F 61 98 04 A9 2F DB 40 57 19 2D C4 3D D7 48 EA 77 8A
> DC 52 BC 49 8C E8 05 24 C0 14 B8 11 19
>
> EventSize - 0x00000004
> 0000: 00000000
> Event:
> PCRIndex - 3
> EventType - 0x00000004
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 90 69 CA 78 E7 45 0A 28 51 73 43 1B 3E 52 C5 C2 52 99 E4
> 73
> HashAlgo : 0x000B
> Digest(1): DF 3F 61 98 04 A9 2F DB 40 57 19 2D C4 3D D7 48 EA 77 8A
> DC 52 BC 49 8C E8 05 24 C0 14 B8 11 19
>
> EventSize - 0x00000004
> 0000: 00000000
> Event:
> PCRIndex - 4
> EventType - 0x00000004
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 90 69 CA 78 E7 45 0A 28 51 73 43 1B 3E 52 C5 C2 52 99 E4
> 73
> HashAlgo : 0x000B
> Digest(1): DF 3F 61 98 04 A9 2F DB 40 57 19 2D C4 3D D7 48 EA 77 8A
> DC 52 BC 49 8C E8 05 24 C0 14 B8 11 19
>
> EventSize - 0x00000004
> 0000: 00000000
> Event:
> PCRIndex - 5
> EventType - 0x00000004
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 90 69 CA 78 E7 45 0A 28 51 73 43 1B 3E 52 C5 C2 52 99 E4
> 73
> HashAlgo : 0x000B
> Digest(1): DF 3F 61 98 04 A9 2F DB 40 57 19 2D C4 3D D7 48 EA 77 8A
> DC 52 BC 49 8C E8 05 24 C0 14 B8 11 19
>
> EventSize - 0x00000004
> 0000: 00000000
> Event:
> PCRIndex - 6
> EventType - 0x00000004
> DigestCount: 0x00000002
> HashAlgo : 0x0004
> Digest(0): 90 69 CA 78 E7 45 0A 28 51 73 43 1B 3E 52 C5 C2 52 99 E4
> 73
> HashAlgo : 0x000B
> Digest(1): DF 3F 61 98 04 A9 2F DB 40 57 19 2D C4 3D D7 48 EA 77 8A
> DC 52 BC 49 8C E8 05 24 C0 14 B8 11 19
>
> EventSize - 0x00000004
> 0000: 00000000
> FinalEventsTable: (0x8F408000)
> Version: (0x1)
> NumberOfEvents: (0x0)
> PROGRESS CODE: V03051001 I0
>
>
>
>
> ________________________________
> De: Yao, Jiewen <jiewen.yao@intel.com>
> Enviado: miércoles, 26 de septiembre de 2018 8:58:26
> Para: Jorge Fernandez Monteagudo; Zhang, Chao B; edk2-devel@lists.01.org
> Asunto: RE: Tianocore and TPM2 pcr values
>
>
> That means the TPM2 device works well.
>
>
>
> We have code to dump the final event log at Tcg2GetEventLog().
>
> // Dump Event Log for debug purpose
>
> if ((EventLogLocation != NULL) && (EventLogLastEntry != NULL)) {
>
> DumpEventLog (EventLogFormat, *EventLogLocation,
> *EventLogLastEntry, mTcgDxeData.FinalEventsTable[Index]);
>
> }
>
>
>
> If your OS need consume the event log, I expect OS loader calls
> Tcg2GetEventLog().
>
>
>
> If you don't have such OS, then you can add Tcg2GetEventLog() call in the
> end of OnReadyToBoot() - just for debug purpose to dump the event log.
>
>
>
> As such we can know how many events are extended.
>
>
>
> Thank you
>
> Yao Jiewen
>
>
>
>
>
> From: Jorge Fernandez Monteagudo [mailto:jorgefm@cirsa.com]
> Sent: Wednesday, September 26, 2018 2:48 PM
> To: Yao, Jiewen <jiewen.yao@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>; edk2-devel@lists.01.org
> Subject: Re: Tianocore and TPM2 pcr values
>
>
>
> Yes, from log I see:
>
>
>
> Loading driver at 0x0008F3F2000 EntryPoint=0x0008F3F2240 Tcg2Dxe.efi
> InstallProtocolInterface: BC62157E-3E33-4FEC-9920-2D3B36D750DF
> 8F410C18
> ProtectUefiImageCommon - 0x8F4107C0
> - 0x000000008F3F2000 - 0x000000000000D800
> PROGRESS CODE: V03040002 I0
> InterfaceId - 0xFFFFFFFF
> InterfaceType - 0x0F
> InterfaceCapability - 0x300000FF
> InterfaceVersion - 0x3
> StatusEx - 0xFF
> TpmFamily - 0x3
> PtpInterface - 0
> VID - 0x15D1
> DID - 0x001A
> RID - 0x10
> Tcg2.ProtocolVersion - 01.01
> Tcg2.StructureVersion - 01.01
> Tpm2GetCapabilityManufactureID - 00584649
> Tpm2GetCapabilityFirmwareVersion - 00050000 00044102
> Tpm2GetCapabilityMaxCommandResponseSize - 00000500, 00000500
> GetSupportedAndActivePcrs - Count = 00000002
> Tcg2.SupportedEventLogs - 0x00000003
> Tcg2.HashAlgorithmBitmap - 0x00000003
> Tcg2.NumberOfPCRBanks - 0x00000002
> Tcg2.ActivePcrBanks - 0x00000003
> ...
>
>
>
> ________________________________
>
> De: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> Enviado: miércoles, 26 de septiembre de 2018 8:44:54
> Para: Jorge Fernandez Monteagudo; Zhang, Chao B;
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Asunto: RE: Tianocore and TPM2 pcr values
>
>
>
> ProtectUefiImageCommon is not related.
>
>
>
> Below code is the Tcg2Dxe entrypoint, I expect you can see some message
> there:
>
>
>
> ====================================
>
> DriverEntry()
>
> if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid),
> &gEfiTpmDeviceInstanceNoneGuid) ||
>
> CompareGuid (PcdGetPtr(PcdTpmInstanceGuid),
> &gEfiTpmDeviceInstanceTpm12Guid)){
>
> DEBUG ((DEBUG_INFO, "No TPM2 instance required!\n"));
>
> return EFI_UNSUPPORTED;
>
> }
>
>
>
> if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) {
>
> DEBUG ((EFI_D_ERROR, "TPM2 error!\n"));
>
> return EFI_DEVICE_ERROR;
>
> }
>
>
>
> Status = Tpm2RequestUseTpm ();
>
> if (EFI_ERROR (Status)) {
>
> DEBUG ((EFI_D_ERROR, "TPM2 not detected!\n"));
>
> return Status;
>
> }
>
>
>
> //
>
> // Fill information
>
> //
>
> ASSERT (TCG_EVENT_LOG_AREA_COUNT_MAX ==
> sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]));
>
>
>
> mTcgDxeData.BsCap.Size =
> sizeof(EFI_TCG2_BOOT_SERVICE_CAPABILITY);
>
> mTcgDxeData.BsCap.ProtocolVersion.Major = 1;
>
> mTcgDxeData.BsCap.ProtocolVersion.Minor = 1;
>
> mTcgDxeData.BsCap.StructureVersion.Major = 1;
>
> mTcgDxeData.BsCap.StructureVersion.Minor = 1;
>
>
>
> DEBUG ((EFI_D_INFO, "Tcg2.ProtocolVersion - %02x.%02x\n",
> mTcgDxeData.BsCap.ProtocolVersion.Major,
> mTcgDxeData.BsCap.ProtocolVersion.Minor));
>
> DEBUG ((EFI_D_INFO, "Tcg2.StructureVersion - %02x.%02x\n",
> mTcgDxeData.BsCap.StructureVersion.Major,
> mTcgDxeData.BsCap.StructureVersion.Minor));
>
>
>
> Status = Tpm2GetCapabilityManufactureID
> (&mTcgDxeData.BsCap.ManufacturerID);
>
> if (EFI_ERROR (Status)) {
>
> DEBUG ((EFI_D_ERROR, "Tpm2GetCapabilityManufactureID fail!\n"));
>
> } else {
>
> DEBUG ((EFI_D_INFO, "Tpm2GetCapabilityManufactureID - %08x\n",
> mTcgDxeData.BsCap.ManufacturerID));
>
> }
>
>
>
>
>
>
>
>
>
>
>
> From: Jorge Fernandez Monteagudo [mailto:jorgefm@cirsa.com]
> Sent: Wednesday, September 26, 2018 2:40 PM
> To: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>;
> Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>;
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Subject: Re: Tianocore and TPM2 pcr values
>
>
>
> Hi Yao
>
>
>
> > Yes, it is always good to enable serial port debug. There are lots of debug
> message in Tcg2Dxe driver. We can know what is wrong.
>
>
>
> From the log I've been able to see that "measure" messages start once
> Tcg2Dxe.efi. From the beggining I can only see "ProtectUefiImageCommon"
>
> messages but I don't know if they are related.
>
>
>
> >In your patch, since we are using UEFI as payload, and there is no PEI, I am
> not clear which driver you expect will extend something to PCR0. Do you
> think coreboot is CRTM? Or the UEFI payload is the CRTM? Who should
> be >responsible to extend coreboot image from flash, and who should
> extend UEFI payload?
>
>
>
> I think nothing is implemented in coreboot because when TPM2 was not
> activated in edk2 PCR0-10 were all 0. It's only checking what device
>
> is available and sending the tpm2_startup command. I'll try to investigate the
> coreboot project to see if the tianocore payload could be extended
>
> before loading because coreboot should be the CRTM.
>
>
>
> > Also, only *3rd part* image will change PCR2 and PCR4. Do you have such
> case in your platform?
>
>
>
> First notice. No I don't have such case in my platform.
>
>
>
> Thanks!
>
> Jorge
>
> ________________________________
>
> De: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> Enviado: miércoles, 26 de septiembre de 2018 8:11:58
> Para: Jorge Fernandez Monteagudo; Zhang, Chao B;
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Asunto: RE: Tianocore and TPM2 pcr values
>
>
>
> Hi Jorge
> Yes, it is always good to enable serial port debug. There are lots of debug
> message in Tcg2Dxe driver. We can know what is wrong.
>
> In pure UEFI BIOS, the PEI driver extends to PCR0, and DXE image
> measurement lib extend to PCR2, PCR4, PCR5. The DXE driver extends
> variable to PCR1/7, and exposes the TCG2 protocol to let OS use it.
>
> In your patch, since we are using UEFI as payload, and there is no PEI, I am
> not clear which driver you expect will extend something to PCR0. Do you
> think coreboot is CRTM? Or the UEFI payload is the CRTM? Who should be
> responsible to extend coreboot image from flash, and who should extend
> UEFI payload?
>
> Also, only *3rd part* image will change PCR2 and PCR4. Do you have such
> case in your platform?
>
> Anyway, there should still be something measured - boot variable (PCR1),
> secure boot variable (PCR7), GPT (5), action (4,5), separator (1~7), if you
> include Tcg2Dxe driver.
>
> I am not clear if coreboot already extends something to separator according
> to TCG PFP spec. If that is the case, we probably need a special handing in
> DXE driver.
>
>
> I look forward to your serial debug message and design discussion.
>
> Thank you
> Yao Jiewen
>
>
> > -----Original Message-----
> > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
> > Jorge Fernandez Monteagudo
> > Sent: Wednesday, September 26, 2018 1:46 PM
> > To: Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>;
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> > Subject: Re: [edk2] Tianocore and TPM2 pcr values
> >
> > Hi Chao!
> >
> >
> > Maybe the traces I get from the debug build and
> >
> >
> > gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x7
> > gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x800A044F
> > gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2F
> >
> > can help.
> >
> >
> > ________________________________
> > De: edk2-devel
> <edk2-devel-bounces@lists.01.org<mailto:edk2-devel-bounces@lists.01.org
> >> en nombre de Jorge
> > Fernandez Monteagudo
> <jorgefm@cirsa.com<mailto:jorgefm@cirsa.com>>
> > Enviado: martes, 25 de septiembre de 2018 16:09:31
> > Para: Zhang, Chao B;
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> > Asunto: Re: [edk2] Tianocore and TPM2 pcr values
> >
> > Hi Chao!
> >
> >
> > PCR0 has not changed in any of the test I've done! What info do you need?
> >
> >
> > I'm using:
> >
> > coreboot: ae05d095b36ac835a6b1a221e6858065e5486888, master
> branch
> >
> > tianocore: 07ecd98ac18d6792181856faca7d4bed1b587261, coreboot
> > branch
> >
> > Attached are the changes I've done to tianocore to get TPM2 support and
> no
> > console.
> > PCR0 is always
> >
> 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969
> >
> > Thanks!
> > ________________________________
> > De: Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> > Enviado: martes, 25 de septiembre de 2018 15:41:45
> > Para: Jorge Fernandez Monteagudo;
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> > Cc: You, Benjamin
> > Asunto: RE: Tianocore and TPM2 pcr values
> >
> > Hi Jorge:
> > PCR 0 should change if you use different core boot payload + UEFI.
> So
> > your case seems to be an issue. Can you provide more detailed info?
> >
> >
> > -----Original Message-----
> > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
> > Jorge Fernandez Monteagudo
> > Sent: Monday, September 24, 2018 5:57 PM
> > To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> > Subject: [edk2] Tianocore and TPM2 pcr values
> >
> > Hi all,
> >
> >
> > This is my first message in this list. I'm using tianocore as a payload for a
> > Coreboot in order to
> >
> > boot a custom board I'm working on it. Finally I've been able to enable the
> > TPM2 support in
> >
> > coreboot and in tianocore but I have some questions regarding the values
> > I'm seeing in the PCRs.
> >
> >
> > I'm using Tianocore master branch as is selected by coreboot menuconfig
> > and x64 architecture.
> >
> > Once the system is running I can read the PCRs and, if I'm not wrong, PCRs
> 0
> > to 7 are handled
> >
> > by the Tianocore/Coreboot. I've flashed a coreboot+tianocore in release
> > mode and a coreboot+
> >
> > tianocore in debug mode and the PCRs are the same. Is it ok? I thought
> that
> > any change in the
> >
> > coreboot.rom will made the PCR values to change...
> >
> >
> > pcr0:
> >
> 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969
> > pcr1:
> >
> a3a3552caa68c6d9db64bf1ed4dca08080f99b59f1b26debc9abefa59ee8ca28
> > pcr2:
> >
> 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969
> > pcr3:
> >
> 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969
> > pcr4:
> >
> 74a35102770e65ab94b35135a4bf54c411134ae8059e03df41060a33f573871
> > f
> > pcr5:
> >
> dfa65561584cb8604b1675c869f3341d0c99c642ce9d91353380361126235ad
> > 8
> > pcr6:
> >
> 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969
> > pcr7:
> >
> b5710bf57d25623e4019027da116821fa99f5c81e9e38b87671cc574f9281439
> >
> > Another test I've done is using the Tianocore stable branch as selected by
> > coreboot
> > (STABLE_COMMIT_ID=315d9d08fd77db1024ccc5307823da8aaed85e2f)
> and
> > I get the same values from release and build coreboot.roms except that
> > PCR1 has the same value as PCR0, 2, 3 and 6, it seems it's not used in this
> > version.
> >
> > Is this the expected behavior?
> >
> > Thanks!
> > Jorge
> > _______________________________________________
> > edk2-devel mailing list
> > edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> > https://lists.01.org/mailman/listinfo/edk2-devel
> > _______________________________________________
> > edk2-devel mailing list
> > edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> > https://lists.01.org/mailman/listinfo/edk2-devel
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
next prev parent reply other threads:[~2018-09-26 8:58 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-24 9:57 Tianocore and TPM2 pcr values Jorge Fernandez Monteagudo
2018-09-25 13:41 ` Zhang, Chao B
2018-09-25 14:09 ` Jorge Fernandez Monteagudo
2018-09-26 5:46 ` Jorge Fernandez Monteagudo
2018-09-26 6:11 ` Yao, Jiewen
2018-09-26 6:39 ` Jorge Fernandez Monteagudo
2018-09-26 6:44 ` Yao, Jiewen
2018-09-26 6:48 ` Jorge Fernandez Monteagudo
2018-09-26 6:58 ` Yao, Jiewen
2018-09-26 8:53 ` Jorge Fernandez Monteagudo
2018-09-26 8:56 ` Yao, Jiewen [this message]
2018-09-26 9:06 ` Jorge Fernandez Monteagudo
2018-09-26 12:17 ` Yao, Jiewen
2018-09-27 6:11 ` Jorge Fernandez Monteagudo
2018-09-27 6:22 ` Yao, Jiewen
2018-09-27 6:36 ` Jorge Fernandez Monteagudo
2018-09-27 6:52 ` Jorge Fernandez Monteagudo
2018-09-27 6:56 ` Yao, Jiewen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=74D8A39837DF1E4DA445A8C0B3885C503AD9C8D3@shsmsx102.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox