From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mo4-p00-ob.smtp.rzone.de (mo4-p00-ob.smtp.rzone.de [85.215.255.23])
 by mx.groups.io with SMTP id smtpd.web11.12711.1619467022457934104
 for <devel@edk2.groups.io>;
 Mon, 26 Apr 2021 12:57:03 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@thson.de header.s=strato-dkim-0002 header.b=n68lUrbx;
 spf=none, err=permanent DNS error (domain: thson.de, ip: 85.215.255.23, mailfrom: public@thson.de)
ARC-Seal: i=1; a=rsa-sha256; t=1619467017; cv=none;
    d=strato.com; s=strato-dkim-0002;
    b=DzoIibQF7HnXHhwDV2f1sREA/OPrfFgMFGRplWSrY7fGp6cmMsuVZ8DlicVNTfy+ZQ
    jte4Hx8tPQMVp72TcAE8/fZSIk89O3RwuYlxhyjEV4kCLVO/sdas2CN8NLiOC0DDy7zi
    f0YzR9h3PhLfDIqO1IYQ/z/a9izyJY0OYuQnVxF+XvP/LKzpLzcwHbKGKT7wfhEpJvkt
    nQwpMwqlmr6O6+jNw9pfuA4MoKcRSwIRbfRw1vM8qvD/9YDnZ8y/RAeKlDSiXujg4q/N
    ONmlT1k0N6+725qoTxN9TFYJ5xEtkX0/IPlhOgerfYX4dfnSq4aSGF8FL8p5dMkoFyhx
    H5fg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; t=1619467017;
    s=strato-dkim-0002; d=strato.com;
    h=Date:Message-ID:Subject:To:From:Cc:Cc:Date:From:Subject:Sender;
    bh=Wm/zuMr/faDaaCvWqtHJb4dFN2q9FJRPTiWlX4Fjic4=;
    b=FNP7gRp/LWI5bEoZFPtCAC0FunLpxuuVZaqEqAmGcJnzsi5xvSIkLdf06qbnnBWuJQ
    hDoSiieWewpOS8U35ZQgxuZa6i1B0dVtO0fXeBYwYacJHKKF9fufPj9NHtdJdk6LcgOU
    snIcTVSuc9D/FtrFWfxNPUy0RgwyK/XnRgQcGCuP5y6JRqEHeCoMPC4z7SukXfsj07pw
    0VqQenz/6ApeRzlJV4rlTlzJaTB8kSn01VoKNq3CBUdNXsxIoPKO7/Kq1my7Qdy2U31w
    jdYCvBHFNocQUloCb8F4LgsOnebF+XSk8gGuNI64BkXpb66yejkU+rRv1+BaLX5JAQKh
    /kvA==
ARC-Authentication-Results: i=1; strato.com;
    dkim=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1619467017;
    s=strato-dkim-0002; d=thson.de;
    h=Date:Message-ID:Subject:To:From:Cc:Cc:Date:From:Subject:Sender;
    bh=Wm/zuMr/faDaaCvWqtHJb4dFN2q9FJRPTiWlX4Fjic4=;
    b=n68lUrbx80FDQ3WI1GJu7QxIkKPzdAfOcRmHfOY6STRdX+F99mJvGAc6EYUG477oLQ
    NaHQx1ncvd8/BYVZJic2hOuY8om83iZvc/kD2Rq/wHYvqsZHRKB824fnqwENI2l9w2HL
    p8BVix35ko1e8eoqodW8LJF3Re0yK4wi+bo/XqPpSZ4F5aMue2B/IfNuPN4J3h90FshT
    fMPb5CzbtKqrm0WrWywV1ZnhgN2+TY6jGJW/CZN6WewAHesFQLLP0wF0gLENN2EEqkf5
    7EtDmdjnDuQvAPahxhSeSZPTbx2qfJTdyTLJtwvERqzg/hmdq1dYx5cjVPcOUkrd7/nl
    pmSA==
Authentication-Results: strato.com;
    dkim=none
X-RZG-AUTH: ":PHkGeUmrW+uCZmxs998QJRUX30nOwJd7j/79t2yVxcUdnYNcUb5wZPHWwAJ3XYfSj54="
X-RZG-CLASS-ID: mo00
Received: from [192.168.178.22]
    by smtp.strato.de (RZmta 47.24.4 DYNA|AUTH)
    with ESMTPSA id z0bd2cx3QJuv94V
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256 bits))
	(Client did not present a certificate);
    Mon, 26 Apr 2021 21:56:57 +0200 (CEST)
Cc: lersek@redhat.com, ardb+tianocore@kernel.org
From: Thore Sommer <public@thson.de>
To: devel@edk2.groups.io
Subject: Problem: TPM 2.0 event log by OVMF is shown empty in Linux kernel versions after 5.8
Message-ID: <ef28092c-88a3-0726-b5d7-7b154fd344c1@thson.de>
Date: Mon, 26 Apr 2021 21:56:37 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Thunderbird/78.10.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit

Dear Maintainers,

during my testing with OVMF and swtpm I found out that kernel versions 
newer than 5.8 don't show any information in 
"/sys/kernel/security/tpm0/binary_bios_measurements" if swtpm emulates a 
TPM 2.0 device.
The file is still created but is empty.
The expected result would be that 
"/sys/kernel/security/tpm0/binary_bios_measurements" contains the TPM 
event log. TPM 1.2 devices are not affected.

With the help of git bisect I found out that the breaking kernel commit 
is 85467f63a05c43364ba0b90d0c05bb89191543fa.
Reverting this on top the 5.12 release restores the expected functionality.

Thanks to apalos and leiflindholm on the #edk2 IRC channel for helping 
me with that.

I don't know if this is a bug in OVMF or in the Linux kernel, because on 
a real device with a TPM 2.0 the output was as expected.

Tested with edk2-ovmf 202102, swtpm 0.5.2 and qemu 5.2.0 on Ubuntu 20.04.

If further information is needed to resolve this problem, I'd be happy 
to provide them.

Best regards
Thore Sommer

efi and TPM dmesg output
...
[    0.000000] efi: EFI v2.70 by EDK II
[    0.000000] efi: SMBIOS=0x7e9d8000 TPMFinalLog=0x7ebf7000 
ACPI=0x7eb7e000 ACPI 2.0=0x7eb7e014 MEMATTR=0x7da77298 RNG=0x7e9c4a98 
TPMEventLog=0x7da6f018
[    0.000000] efi: seeding entropy pool
[    0.000000] random: fast init done
[    0.000000] SMBIOS 2.8 present.
...
[    0.017241] ACPI: Early table checksum verification disabled
[    0.017275] ACPI: RSDP 0x000000007EB7E014 000024 (v02 BOCHS )
[    0.017284] ACPI: XSDT 0x000000007EB7D0E8 000054 (v01 BOCHS  BXPCFACP 
00000001      01000013)
[    0.017295] ACPI: FACP 0x000000007EB79000 0000F4 (v03 BOCHS  BXPCFACP 
00000001 BXPC 00000001)
[    0.017308] ACPI: DSDT 0x000000007EB7A000 0021C8 (v01 BOCHS  BXPCDSDT 
00000001 BXPC 00000001)
[    0.017321] ACPI: FACS 0x000000007EBC5000 000040
[    0.017326] ACPI: APIC 0x000000007EB78000 000088 (v01 BOCHS  BXPCAPIC 
00000001 BXPC 00000001)
[    0.017333] ACPI: TPM2 0x000000007EB77000 00004C (v04 BOCHS  BXPCTPM2 
00000001 BXPC 00000001)
[    0.017338] ACPI: MCFG 0x000000007EB76000 00003C (v01 BOCHS  BXPCMCFG 
00000001 BXPC 00000001)
[    0.017343] ACPI: WAET 0x000000007EB75000 000028 (v01 BOCHS  BXPCWAET 
00000001 BXPC 00000001)
[    0.017347] ACPI: BGRT 0x000000007EB74000 000038 (v01 INTEL  EDK2 
00000002      01000013)
[    0.017351] ACPI: Reserving FACP table memory at [mem 
0x7eb79000-0x7eb790f3]
[    0.017354] ACPI: Reserving DSDT table memory at [mem 
0x7eb7a000-0x7eb7c1c7]
[    0.017355] ACPI: Reserving FACS table memory at [mem 
0x7ebc5000-0x7ebc503f]
[    0.017356] ACPI: Reserving APIC table memory at [mem 
0x7eb78000-0x7eb78087]
[    0.017358] ACPI: Reserving TPM2 table memory at [mem 
0x7eb77000-0x7eb7704b]
[    0.017359] ACPI: Reserving MCFG table memory at [mem 
0x7eb76000-0x7eb7603b]
[    0.017360] ACPI: Reserving WAET table memory at [mem 
0x7eb75000-0x7eb75027]
[    0.017361] ACPI: Reserving BGRT table memory at [mem 
0x7eb74000-0x7eb74037]
[    0.017390] ACPI: Local APIC address 0xfee00000