[edk2-devel] Problem: TPM 2.0 event log by OVMF is shown empty in Linux kernel versions after 5.8

Thore Sommer public at thson.de
Mon Apr 26 19:56:37 UTC 2021 

Dear Maintainers,

during my testing with OVMF and swtpm I found out that kernel versions 
newer than 5.8 don't show any information in 
"/sys/kernel/security/tpm0/binary_bios_measurements" if swtpm emulates a 
TPM 2.0 device.
The file is still created but is empty.
The expected result would be that 
"/sys/kernel/security/tpm0/binary_bios_measurements" contains the TPM 
event log. TPM 1.2 devices are not affected.

With the help of git bisect I found out that the breaking kernel commit 
is 85467f63a05c43364ba0b90d0c05bb89191543fa.
Reverting this on top the 5.12 release restores the expected functionality.

Thanks to apalos and leiflindholm on the #edk2 IRC channel for helping 
me with that.

I don't know if this is a bug in OVMF or in the Linux kernel, because on 
a real device with a TPM 2.0 the output was as expected.

Tested with edk2-ovmf 202102, swtpm 0.5.2 and qemu 5.2.0 on Ubuntu 20.04.

If further information is needed to resolve this problem, I'd be happy 
to provide them.

Best regards
Thore Sommer

efi and TPM dmesg output
...
[    0.000000] efi: EFI v2.70 by EDK II
[    0.000000] efi: SMBIOS=0x7e9d8000 TPMFinalLog=0x7ebf7000 
ACPI=0x7eb7e000 ACPI 2.0=0x7eb7e014 MEMATTR=0x7da77298 RNG=0x7e9c4a98 
TPMEventLog=0x7da6f018
[    0.000000] efi: seeding entropy pool
[    0.000000] random: fast init done
[    0.000000] SMBIOS 2.8 present.
...
[    0.017241] ACPI: Early table checksum verification disabled
[    0.017275] ACPI: RSDP 0x000000007EB7E014 000024 (v02 BOCHS )
[    0.017284] ACPI: XSDT 0x000000007EB7D0E8 000054 (v01 BOCHS  BXPCFACP 
00000001      01000013)
[    0.017295] ACPI: FACP 0x000000007EB79000 0000F4 (v03 BOCHS  BXPCFACP 
00000001 BXPC 00000001)
[    0.017308] ACPI: DSDT 0x000000007EB7A000 0021C8 (v01 BOCHS  BXPCDSDT 
00000001 BXPC 00000001)
[    0.017321] ACPI: FACS 0x000000007EBC5000 000040
[    0.017326] ACPI: APIC 0x000000007EB78000 000088 (v01 BOCHS  BXPCAPIC 
00000001 BXPC 00000001)
[    0.017333] ACPI: TPM2 0x000000007EB77000 00004C (v04 BOCHS  BXPCTPM2 
00000001 BXPC 00000001)
[    0.017338] ACPI: MCFG 0x000000007EB76000 00003C (v01 BOCHS  BXPCMCFG 
00000001 BXPC 00000001)
[    0.017343] ACPI: WAET 0x000000007EB75000 000028 (v01 BOCHS  BXPCWAET 
00000001 BXPC 00000001)
[    0.017347] ACPI: BGRT 0x000000007EB74000 000038 (v01 INTEL  EDK2 
00000002      01000013)
[    0.017351] ACPI: Reserving FACP table memory at [mem 
0x7eb79000-0x7eb790f3]
[    0.017354] ACPI: Reserving DSDT table memory at [mem 
0x7eb7a000-0x7eb7c1c7]
[    0.017355] ACPI: Reserving FACS table memory at [mem 
0x7ebc5000-0x7ebc503f]
[    0.017356] ACPI: Reserving APIC table memory at [mem 
0x7eb78000-0x7eb78087]
[    0.017358] ACPI: Reserving TPM2 table memory at [mem 
0x7eb77000-0x7eb7704b]
[    0.017359] ACPI: Reserving MCFG table memory at [mem 
0x7eb76000-0x7eb7603b]
[    0.017360] ACPI: Reserving WAET table memory at [mem 
0x7eb75000-0x7eb75027]
[    0.017361] ACPI: Reserving BGRT table memory at [mem 
0x7eb74000-0x7eb74037]
[    0.017390] ACPI: Local APIC address 0xfee00000





-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#74437): https://edk2.groups.io/g/devel/message/74437
Mute This Topic: https://groups.io/mt/82391340/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list