From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=40.107.7.94; helo=eur04-he1-obe.outbound.protection.outlook.com; envelope-from=jorgefm@cirsa.com; receiver=edk2-devel@lists.01.org Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70094.outbound.protection.outlook.com [40.107.7.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 96DE421A09130 for ; Mon, 24 Sep 2018 02:57:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cirsa.onmicrosoft.com; s=selector1-cirsa-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=A4s7rxGfa9M+vntS0ub7L8bxf1c//C03qwJjDWnxGvI=; b=GKVVqMPN9rEaXy8WzlBJaP37CPvpLZtikKLLopQoTpTD21sSsiNPjibH3p13PVLntkOIlHlLUVgEne97Gv+b3U9IkPT+Xe6EyQu3YVuZUzshyac0wzQRpeM2vEESB+0ZjywgSn3bGkXV1PhedOn8ZrffBU/T7PWuOhgQQhCOKMo= Received: from AM4PR07MB3121.eurprd07.prod.outlook.com (10.171.188.30) by AM4PR07MB1362.eurprd07.prod.outlook.com (10.164.82.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1185.14; Mon, 24 Sep 2018 09:57:06 +0000 Received: from AM4PR07MB3121.eurprd07.prod.outlook.com ([fe80::84b3:fec7:9c3f:af4a]) by AM4PR07MB3121.eurprd07.prod.outlook.com ([fe80::84b3:fec7:9c3f:af4a%4]) with mapi id 15.20.1185.014; Mon, 24 Sep 2018 09:57:06 +0000 From: Jorge Fernandez Monteagudo To: "edk2-devel@lists.01.org" Thread-Topic: Tianocore and TPM2 pcr values Thread-Index: AQHUU+rT8A2Fo9tZ6UKOSIY+RzW2ug== Date: Mon, 24 Sep 2018 09:57:05 +0000 Message-ID: Accept-Language: es-ES, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [195.76.51.172] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; AM4PR07MB1362; 6:XbhD1LzmPK2jku3c17O6Lo17PtZKY4537qR6NkJ1zK25Px2pTRlO+Xy6wg1mx7selZhHm7YfjLU3qbgUVQPUrZpItqMiPrP1J+i7ipaYhmCI4trH7Vw9fg2AQ3MqkOV77wnpQNFLknT0XjmQusckn4ymDJljWhTxAdPjFlyjx24jNPhmIG2qWuE3Hg71mzogmsjsEi4LlMf0uXxAiq+82JTeVOT3L5DFn9CkTg5GQ9Pj95u3R1af2kNON8HanfomArNLOIp0F3TMuLTSHALZrcTFwwQyEXmf3oe+Imc4kq4pFDO87ul5dbH6B1gEe52e6ZZPUU5IVApvhZ7rlB/0OPS7VTthND/+xoWeylynyI3/FBPRYvXqn9yZk6JAbBIqIUl04J3F3lJ2qgwfgzmoU8Zm3QB/Z1SW/mwxg/XHA2hKcPk0tpT3lNQU9GJlCzIbJmYot1QIGfG50XKsascPfA==; 5:fDwtiM4oyFcd6Mv9NJiUJjVU3ijFK9464PShtgeejClOJu9h8Hv+Jdwlr+q3KhBsUHYwYOeTTUmurlY7YsPEPkT96Mty3IyXvqJDSLLd7x4LFkwHkq16APRTK/rck/ynvQDKLg8R/vUeb39m+I7K2osakHm1k3D1c5xHeuWQ/2s=; 7:fo/iPQ7tcNVN4OgaUU9ki8SCvEPLwwKClEqu5KiE43lRtajH5hk0JW+Zrl2LH6ecuzEfhSoAQtZvFYDvglCqFMVaf9qIRkJ9PuCgRsBDjHZu1/K1Qsu/TZIuZU1Crkvy9D2X1oYA4YmGbSs4sW97rOBgWz/xfTHEieJk7CVU+pF5As/OzyFLYjajO9wSXj3zOFaZI5ixs92Y9mdej0SZMkiBKZLslSfsmsLDj17oOBL2xdYxaWnqJ9MKcF17+Htp x-ms-exchange-antispam-srfa-diagnostics: SOS; x-ms-office365-filtering-correlation-id: c174acc9-24a6-4402-f86a-08d6220415d6 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534165)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:AM4PR07MB1362; x-ms-traffictypediagnostic: AM4PR07MB1362: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:; x-ms-exchange-senderadcheck: 1 x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(5005006)(8121501046)(3231355)(944501410)(52105095)(3002001)(93006095)(93001095)(10201501046)(149066)(150027)(6041310)(20161123564045)(20161123558120)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(201708071742011)(7699051)(76991041); SRVR:AM4PR07MB1362; BCL:0; PCL:0; RULEID:; SRVR:AM4PR07MB1362; x-forefront-prvs: 0805EC9467 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(346002)(376002)(39860400002)(366004)(396003)(53754006)(199004)(189003)(8936002)(575784001)(86362001)(74316002)(102836004)(105586002)(106356001)(6606003)(256004)(26005)(6436002)(25786009)(14444005)(7736002)(2900100001)(476003)(81156014)(55016002)(6346003)(71200400001)(6506007)(99286004)(71190400001)(7696005)(8676002)(186003)(5640700003)(5660300001)(81166006)(486006)(6116002)(3846002)(53936002)(9686003)(54896002)(14454004)(19627405001)(53336002)(2351001)(2501003)(68736007)(97736004)(2906002)(478600001)(6916009)(316002)(33656002)(66066001)(5250100002); DIR:OUT; SFP:1102; SCL:1; SRVR:AM4PR07MB1362; H:AM4PR07MB3121.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: cirsa.com does not designate permitted sender hosts) authentication-results: spf=none (sender IP is ) smtp.mailfrom=jorgefm@cirsa.com; x-microsoft-antispam-message-info: 5TCf6ppfn8uIxBLaYAZRKP/0Z6894Spu3mmxfjVMNMgF8TGWTFEtR21WcXVxvNaE391nwisJpLANRuh6dNp2eRxy30EmpEGnYiQvN46U6JqogZZ/eQwZ2/lTo/NmHJzgO+M9eox2nH3UxKZ44BITjZoHw94+9wBT1CPkylYK7YDPHgLjPEedKywYcZM5u8UG9n0e3Rk2KyQCz1MMqJ6diZQXfiwOd8Ffr4F8fJgUmvEivYCnoM9BRYXXnANQiYE8o8rMjPip8tMrlR8v9wAZcU2cioy6rBfn4oexe4CDWCchWBmAg9iGu9H51t+hOZ3jzZzgGnkpuEyGZ21naZA4Omk8wdSyQq7OEA0CCkdmvTU= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: cirsa.com X-MS-Exchange-CrossTenant-Network-Message-Id: c174acc9-24a6-4402-f86a-08d6220415d6 X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Sep 2018 09:57:06.0086 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: e6d255d9-7bfe-42f2-a01e-09634cc3a03b X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR07MB1362 X-Content-Filtered-By: Mailman/MimeDel 2.1.29 Subject: Tianocore and TPM2 pcr values X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Sep 2018 09:57:10 -0000 Content-Language: es-ES Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi all, This is my first message in this list. I'm using tianocore as a payload for= a Coreboot in order to boot a custom board I'm working on it. Finally I've been able to enable the= TPM2 support in coreboot and in tianocore but I have some questions regarding the values I'= m seeing in the PCRs. I'm using Tianocore master branch as is selected by coreboot menuconfig and= x64 architecture. Once the system is running I can read the PCRs and, if I'm not wrong, PCRs = 0 to 7 are handled by the Tianocore/Coreboot. I've flashed a coreboot+tianocore in release mod= e and a coreboot+ tianocore in debug mode and the PCRs are the same. Is it ok? I thought that= any change in the coreboot.rom will made the PCR values to change... pcr0: 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969 pcr1: a3a3552caa68c6d9db64bf1ed4dca08080f99b59f1b26debc9abefa59ee8ca28 pcr2: 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969 pcr3: 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969 pcr4: 74a35102770e65ab94b35135a4bf54c411134ae8059e03df41060a33f573871f pcr5: dfa65561584cb8604b1675c869f3341d0c99c642ce9d91353380361126235ad8 pcr6: 3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969 pcr7: b5710bf57d25623e4019027da116821fa99f5c81e9e38b87671cc574f9281439 Another test I've done is using the Tianocore stable branch as selected by = coreboot (STABLE_COMMIT_ID=3D315d9d08fd77db1024ccc5307823da8aaed85e2f) and I get the same values from release and build coreboot.roms except that PCR1 has the s= ame value as PCR0, 2, 3 and 6, it seems it's not used in this version. Is this the expected behavior? Thanks! Jorge