[Bug 1938678] Re: [intel] [tgl-h][iotg] [hwe-tpm] Ubuntu Core hangs during bootup on TGL-H

Tue, 19 Oct 2021 07:31:25 -0700 

From the TCG log supplied in comment #43:

$ ./tcglog-dump --alg sha256 --verbose --pcrs 7 
~/Downloads/binary_bios_measurements
 7 a62bd67b2cc295976651b354468c0047f8d1547d25056ded5952aaf5991762a3 
EV_EFI_ACTION [ UEFI Debug Mode ]
 7 ccfc4bb32888a345bc8aeadaba552b627d99348c767681ab3141f5b01e40a40e 
EV_EFI_VARIABLE_DRIVER_CONFIG [ UEFI_VARIABLE_DATA{ VariableName: 
8be4df61-93ca-11d2-aa0d-00e098032b8c, UnicodeName: "SecureBoot" } ]
 7 bdac662ac2f50e28cc04a493f47e24f46d18d9dfc6aed0ac41f267380b533194 
EV_EFI_VARIABLE_DRIVER_CONFIG [ UEFI_VARIABLE_DATA{ VariableName: 
8be4df61-93ca-11d2-aa0d-00e098032b8c, UnicodeName: "PK" } ]
 7 08bef4adae58358b14c751cdddd8123da1f64f5ea85407622f6be90d4621d958 
EV_EFI_VARIABLE_DRIVER_CONFIG [ UEFI_VARIABLE_DATA{ VariableName: 
8be4df61-93ca-11d2-aa0d-00e098032b8c, UnicodeName: "KEK" } ]
 7 9538dfd2bfb2105587901e9b5f867fc6652fb3972d3c6ce05f4b7dad11f7912b 
EV_EFI_VARIABLE_DRIVER_CONFIG [ UEFI_VARIABLE_DATA{ VariableName: 
d719b2cb-3d3a-4596-a3bc-dad00e67656f, UnicodeName: "db" } ]
 7 5c959286c9a5906201fc201930034b6438a5282bfd6542f38dde3384e0b448e0 
EV_EFI_VARIABLE_DRIVER_CONFIG [ UEFI_VARIABLE_DATA{ VariableName: 
d719b2cb-3d3a-4596-a3bc-dad00e67656f, UnicodeName: "dbx" } ]
 7 df3f619804a92fdb4057192dc43dd748ea778adc52bc498ce80524c014b81119 EV_SEPARATOR
 7 4d4a8e2c74133bbdc01a16eaf2dbb5d575afeb36f5d8dfcf609ae043909e2ee9 
EV_EFI_VARIABLE_AUTHORITY [ UEFI_VARIABLE_DATA{ VariableName: 
d719b2cb-3d3a-4596-a3bc-dad00e67656f, UnicodeName: "db" } ]
 7 922e939a5565798a5ef12fe09d8b49bf951a8e7f89a0cca7a51636693d41a34d 
EV_EFI_VARIABLE_AUTHORITY [ UEFI_VARIABLE_DATA{ VariableName: 
605dab50-e046-4300-abb6-3dd810dd8b23, UnicodeName: "SbatLevel" } ]
 7 5e19450c7a75acd95f6af49d0e32b74142972d9dd4c1b8068450653683a13016 
EV_EFI_VARIABLE_AUTHORITY [ UEFI_VARIABLE_DATA{ VariableName: 
605dab50-e046-4300-abb6-3dd810dd8b23, UnicodeName: "Shim" } ]

The first event there is a EV_EFI_ACTION event with the string "UEFI
Debug Mode". Our PCR policy calculations depend on this event not being
there for it to work for full disk-encryption. From section 2.3.4.8 of
the TCG PC Client Platform Firmware Profile Specification:

"If the platform provides a firmware debugger mode which may be used prior to 
the
UEFI environment or if the platform provides a debugger for the UEFI 
environment,
then the platform SHALL extend an EV_EFI_ACTION event into PCR[7] before
allowing use of the debugger. The event string SHALL be “UEFI Debug Mode”. The
Platform Firmware MUST log this measurement in the event log using the string
“UEFI Debug Mode” for the Event Data."

So presence of the event indicates that the platform firmware provides a
firmware debugger.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1938678

Title:
  [intel] [tgl-h][iotg] [hwe-tpm] Ubuntu Core hangs during bootup on
  TGL-H

To manage notifications about this bug go to:
https://bugs.launchpad.net/intel/+bug/1938678/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to