From 52992664ea72ffb85714b395e7ac57dc7c1e5ab2 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Sat, 24 Aug 2024 12:49:10 -0400 Subject: [PATCH 1/4] Improve TPM Extend infor in normal and DEBUG mode cbfs-init: remove temp files, measure direct cbfs output, extend PCR with proper introspection tracing flash.sh: do not die but go to recovery if flashrom fails, cosmetic fix for warning given to user kexec-insert-key: extend PCR with proper introspection tracing kexec-select-boot: extend PCR with proper introspection tracing kexec-measure-luks: extend PCR with proper introspection tracing tpmr: Add missing TRACE_FUNC, fix comments, extend give hash that was extended to tpm call in DEBUG, fix TPM startsession unsuppressed output still present ash_functions: extend PCR with proper introspection tracing insmod: DEBUG info more pertinent, extend PCR with proper introspection tracing Signed-off-by: Thierry Laurion --- initrd/bin/cbfs-init | 11 ++++------- initrd/bin/flash.sh | 4 ++-- initrd/bin/kexec-insert-key | 2 +- initrd/bin/kexec-select-boot | 4 ++-- initrd/bin/qubes-measure-luks | 2 +- initrd/bin/tpmr | 24 +++++++++++++++++------- initrd/etc/ash_functions | 2 +- initrd/sbin/insmod | 11 ++++------- 8 files changed, 32 insertions(+), 28 deletions(-) diff --git a/initrd/bin/cbfs-init b/initrd/bin/cbfs-init index 09456198..efec2ca5 100755 --- a/initrd/bin/cbfs-init +++ b/initrd/bin/cbfs-init @@ -15,17 +15,14 @@ cbfsfiles=`cbfs -t 50 -l 2>/dev/null | grep "^heads/initrd/"` for cbfsname in `echo $cbfsfiles`; do filename=${cbfsname:12} if [ ! -z "$filename" ]; then - echo "Loading $filename from CBFS" mkdir -p `dirname $filename` \ || die "$filename: mkdir failed" - cbfs -t 50 -r $cbfsname > "$filename" \ + echo "Extracting CBFS file $cbfsname into $filename" + cbfs -t 50 $CBFS_ARG -r $cbfsname > "$filename" \ || die "$filename: cbfs file read failed" if [ "$CONFIG_TPM" = "y" ]; then - TMPFILE=/tmp/cbfs.$$ - echo "$filename" > $TMPFILE - cat $filename >> $TMPFILE - DEBUG "Extending TPM PCR $CONFIG_PCR with $filename" - tpmr extend -ix "$CONFIG_PCR" -if $TMPFILE \ + echo "TPM: Extending PCR[$CONFIG_PCR with] with $filename" + tpmr extend -ix "$CONFIG_PCR" -if $filename \ || die "$filename: tpm extend failed" fi fi diff --git a/initrd/bin/flash.sh b/initrd/bin/flash.sh index 00f2801f..845d4661 100755 --- a/initrd/bin/flash.sh +++ b/initrd/bin/flash.sh @@ -48,9 +48,9 @@ flash_rom() { dd if=/tmp/pchstrp9.bin bs=1 count=4 seek=292 of=/tmp/${CONFIG_BOARD}.rom conv=notrunc >/dev/null 2>&1 fi - warn "Do not power off computer. Updating firmware, this will take a few minutes..." + warn "Do not power off computer. Updating firmware, this will take a few minutes" flashrom $CONFIG_FLASHROM_OPTIONS -w /tmp/${CONFIG_BOARD}.rom 2>&1 \ - || die "$ROM: Flash failed" + || recovery "$ROM: Flash failed" fi } diff --git a/initrd/bin/kexec-insert-key b/initrd/bin/kexec-insert-key index 8f7cd502..84bff455 100755 --- a/initrd/bin/kexec-insert-key +++ b/initrd/bin/kexec-insert-key @@ -65,7 +65,7 @@ if ! kexec-unseal-key "$INITRD_DIR/secret.key"; then fi # Override PCR 4 so that user can't read the key -DEBUG "Extending TPM PCR 4 to prevent further secret unsealing" +echo "TPM: Extending PCR[4] to prevent any future secret unsealing" tpmr extend -ix 4 -ic generic || die 'Unable to scramble PCR' diff --git a/initrd/bin/kexec-select-boot b/initrd/bin/kexec-select-boot index a5897266..f56c6e76 100755 --- a/initrd/bin/kexec-select-boot +++ b/initrd/bin/kexec-select-boot @@ -384,9 +384,9 @@ while true; do if [ "$CONFIG_TPM" = "y" ]; then if [ ! -r "$TMP_KEY_DEVICES" ]; then # Extend PCR4 as soon as possible - DEBUG "Extending TPM PCR 4 to prevent further secret unsealing" + DEBUG "TPM: Extending PCR[4] to prevent further secret unsealing" tpmr extend -ix 4 -ic generic || - die "Failed to extend PCR 4" + die "Failed to extend TPM PCR[4]" fi fi diff --git a/initrd/bin/qubes-measure-luks b/initrd/bin/qubes-measure-luks index 4f0ca281..03db5915 100755 --- a/initrd/bin/qubes-measure-luks +++ b/initrd/bin/qubes-measure-luks @@ -19,6 +19,6 @@ sha256sum /tmp/lukshdr-* >/tmp/luksDump.txt || die "Unable to hash LUKS headers" DEBUG "Removing /tmp/lukshdr-*" rm /tmp/lukshdr-* -DEBUG "Extending TPM PCR 6 with hash of LUKS headers from /tmp/luksDump.txt" +echo "TPM: Extending PCR[6] with hash of LUKS headers from /tmp/luksDump.txt" tpmr extend -ix 6 -if /tmp/luksDump.txt || die "Unable to extend PCR" diff --git a/initrd/bin/tpmr b/initrd/bin/tpmr index a740d4a0..b96eaf4f 100755 --- a/initrd/bin/tpmr +++ b/initrd/bin/tpmr @@ -29,11 +29,11 @@ else . /etc/config fi -TRACE_FUNC # Busybox xxd lacks -r, and we get hex dumps from TPM1 commands. This converts # a hex dump to binary data using sed and printf hex2bin() { + TRACE_FUNC sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf } @@ -43,6 +43,7 @@ hex2bin() { # as a file still chokes if the password begins with 'hex:', oddly tpm2-tools # accepts 'hex:' in the file content.) tpm2_password_hex() { + TRACE_FUNC echo "hex:$(echo -n "$1" | xxd -p | tr -d ' \n')" } @@ -61,7 +62,7 @@ tpm2_pcrread() { if [ -z "$APPEND" ]; then # Don't append - truncate file now so real command always - # appends + # overwrites true >"$file" fi @@ -79,7 +80,7 @@ tpm1_pcrread() { if [ -z "$APPEND" ]; then # Don't append - truncate file now so real command always - # appends + # overwrites true >"$file" fi @@ -102,9 +103,10 @@ is_hash() { # usage: # extend_pcr_state # alg - either 'sha1' or 'sha256' to specify algorithm -# initial_state - a hash value setting the initial state +# state - a hash value setting the initial state # files/hashes... - any number of files or hashes, state is extended once for each item extend_pcr_state() { + TRACE_FUNC local alg="$1" local state="$2" local next extend @@ -250,7 +252,8 @@ tpm2_extend() { esac done tpm2 pcrextend "$index:sha256=$hash" - DO_WITH_DEBUG tpm2 pcrread "sha256:$index" + tpm2 pcrread "sha256:$index" + DEBUG "TPM: Extended PCR[$index] with $hash" } tpm2_counter_read() { @@ -348,9 +351,9 @@ tpm2_startsession() { die "tpm2_flushcontext: unable to flush saved session" tpm2 readpublic -Q -c "$PRIMARY_HANDLE" -t "$PRIMARY_HANDLE_FILE" #TODO: do the right thing to not have to suppress "WARN: check public portion the tpmkey manually" see https://github.com/linuxboot/heads/pull/1630#issuecomment-2075120429 - tpm2 startauthsession -Q -c "$PRIMARY_HANDLE_FILE" --hmac-session -S "$ENC_SESSION_FILE" 2>&1 > /dev/null + tpm2 startauthsession -Q -c "$PRIMARY_HANDLE_FILE" --hmac-session -S "$ENC_SESSION_FILE" > /dev/null 2>&1 #TODO: do the right thing to not have to suppress "WARN: check public portion the tpmkey manually" see https://github.com/linuxboot/heads/pull/1630#issuecomment-2075120429 - tpm2 startauthsession -Q -c "$PRIMARY_HANDLE_FILE" --hmac-session -S "$DEC_SESSION_FILE" 2>&1 > /dev/null + tpm2 startauthsession -Q -c "$PRIMARY_HANDLE_FILE" --hmac-session -S "$DEC_SESSION_FILE" > /dev/null 2>&1 tpm2 sessionconfig -Q --disable-encrypt "$DEC_SESSION_FILE" } @@ -381,6 +384,7 @@ cleanup_shred() { # tpm2_destroy: Destroy a sealed file in the TPM. The mechanism differs by # TPM version - TPM2 evicts the file object, so it no longer exists. tpm2_destroy() { + TRACE_FUNC index="$1" # Index of the sealed file size="$2" # Size of zeroes to overwrite for TPM1 (unused in TPM2) @@ -396,6 +400,7 @@ tpm2_destroy() { # TPM version - TPM1 overwrites the file with zeroes, since this can be done # without authorization. (Deletion requires authorization.) tpm1_destroy() { + TRACE_FUNC index="$1" # Index of the sealed file size="$2" # Size of zeroes to overwrite for TPM1 @@ -761,6 +766,10 @@ if [ "$CONFIG_TPM2_TOOLS" != "y" ]; then shift tpm1_destroy "$@" ;; + extend) + DEBUG "TPM: Extending PCR[$3] with $5" + DO_WITH_DEBUG exec tpm "$@" + ;; seal) shift tpm1_seal "$@" @@ -799,6 +808,7 @@ calcfuturepcr) replay_pcr "sha256" "$@" ;; extend) + DEBUG "TPM: Extending PCR[$2] with $4" tpm2_extend "$@" ;; counter_read) diff --git a/initrd/etc/ash_functions b/initrd/etc/ash_functions index 54b72108..bf6c6307 100644 --- a/initrd/etc/ash_functions +++ b/initrd/etc/ash_functions @@ -241,7 +241,7 @@ recovery() { DEBUG "Board $CONFIG_BOARD - version $(fw_version)" if [ "$CONFIG_TPM" = "y" ]; then - DEBUG "Extending TPM PCR 4 for recovery shell access" + echo "TPM: Extending PCR[4] to prevent any further secret unsealing" tpmr extend -ix 4 -ic recovery fi diff --git a/initrd/sbin/insmod b/initrd/sbin/insmod index 97614fc6..e383eaf4 100755 --- a/initrd/sbin/insmod +++ b/initrd/sbin/insmod @@ -28,7 +28,7 @@ fi # Unify lsmod output to use - instead of _ for comparison module_name=$(basename "$MODULE" | sed 's/_/-/g' | sed 's/\.ko$//') if lsmod | sed 's/_/-/g' | grep -q "^$module_name\\b"; then - DEBUG "$MODULE: already loaded" + DEBUG "$MODULE: already loaded, skipping" exit 0 fi @@ -39,17 +39,14 @@ if [ ! -r /sys/class/tpm/tpm0/pcrs -o ! -x /bin/tpm ]; then fi if [ -z "$tpm_missing" ]; then - DEBUG "Extending TPM PCR $MODULE_PCR with $MODULE prior of usage" + echo "TPM: Extending PCR[$MODULE_PCR] with $MODULE prior of loading into kernel" tpmr extend -ix "$MODULE_PCR" -if "$MODULE" \ || die "$MODULE: tpm extend failed" fi if [ ! -z "$*" -a -z "$tpm_missing" ]; then - DEBUG "Extending TPM PCR $MODULE_PCR with $*" - TMPFILE=/tmp/insmod.$$ - echo "$@" > $TMPFILE - DEBUG "Extending TPM PCR $MODULE_PCR with $MODULE prior of usage" - tpmr extend -ix "$MODULE_PCR" -if $TMPFILE \ + echo "TPM: Extending PCR[$MODULE_PCR] with $MODULE prior of loading into kernel" + tpmr extend -ix "$MODULE_PCR" -if "$MODULE" \ || die "$MODULE: tpm extend on arguments failed" fi From 7ca8d42cde0cf41591e2e1d757a779cde3a656b4 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Wed, 28 Aug 2024 14:09:18 -0400 Subject: [PATCH 2/4] tpmr : match desc of function in comment Co-authored-by: JonathonHall-Purism <109107914+JonathonHall-Purism@users.noreply.github.com> Signed-off-by: Thierry Laurion --- initrd/bin/tpmr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/initrd/bin/tpmr b/initrd/bin/tpmr index b96eaf4f..fb10f0c7 100755 --- a/initrd/bin/tpmr +++ b/initrd/bin/tpmr @@ -101,7 +101,7 @@ is_hash() { # extend_pcr_state - extend a PCR state value with more hashes or raw data (which is hashed) # usage: -# extend_pcr_state +# extend_pcr_state # alg - either 'sha1' or 'sha256' to specify algorithm # state - a hash value setting the initial state # files/hashes... - any number of files or hashes, state is extended once for each item From de7902f5b905626e42e670e60ac1ceca1692fa58 Mon Sep 17 00:00:00 2001 From: Jonathon Hall Date: Thu, 5 Sep 2024 14:00:58 -0400 Subject: [PATCH 3/4] cbfs-init, insmod: Bring back params/filenames into PCR measurements cbfs-init used to measure filenames as well as the data in the files, but after refactoring it only measures file data. This means files could be renamed, or contents pivoted, without affecting the PCR measurements. Bring back the filename measurement. Similarly, insmod used to measure module parameters, but no longer does. Though we don't currently insert any modules with parameters, there's no reason to leave this open to break later, bring back the measurement. Signed-off-by: Jonathon Hall --- initrd/bin/cbfs-init | 6 +++++- initrd/sbin/insmod | 12 +++++------- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/initrd/bin/cbfs-init b/initrd/bin/cbfs-init index efec2ca5..4035025c 100755 --- a/initrd/bin/cbfs-init +++ b/initrd/bin/cbfs-init @@ -22,7 +22,11 @@ for cbfsname in `echo $cbfsfiles`; do || die "$filename: cbfs file read failed" if [ "$CONFIG_TPM" = "y" ]; then echo "TPM: Extending PCR[$CONFIG_PCR with] with $filename" - tpmr extend -ix "$CONFIG_PCR" -if $filename \ + # Measure both the filename and its content. This + # ensures that renaming files or pivoting file content + # will still affect the resulting PCR measurement. + tpmr extend -ix "$CONFIG_PCR" -ic "$filename" + tpmr extend -ix "$CONFIG_PCR" -if "$filename" \ || die "$filename: tpm extend failed" fi fi diff --git a/initrd/sbin/insmod b/initrd/sbin/insmod index e383eaf4..da654257 100755 --- a/initrd/sbin/insmod +++ b/initrd/sbin/insmod @@ -39,17 +39,15 @@ if [ ! -r /sys/class/tpm/tpm0/pcrs -o ! -x /bin/tpm ]; then fi if [ -z "$tpm_missing" ]; then - echo "TPM: Extending PCR[$MODULE_PCR] with $MODULE prior of loading into kernel" + echo "TPM: Extending PCR[$MODULE_PCR] with $MODULE and parameters '$*' before loading" + # Extend with the module parameters (even if they are empty) and the + # module. Changing the parameters or the module content will result in a + # different PCR measurement. + tpmr extend -ix "$MODULE_PCR" -ic "$*" tpmr extend -ix "$MODULE_PCR" -if "$MODULE" \ || die "$MODULE: tpm extend failed" fi -if [ ! -z "$*" -a -z "$tpm_missing" ]; then - echo "TPM: Extending PCR[$MODULE_PCR] with $MODULE prior of loading into kernel" - tpmr extend -ix "$MODULE_PCR" -if "$MODULE" \ - || die "$MODULE: tpm extend on arguments failed" -fi - # Since we have replaced the real insmod, we must invoke # the busybox insmod via the original executable DEBUG "Loading $MODULE with busybox insmod" From 77d4be1dc64c593bd06a19c0ab7f9c930bd021e7 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Fri, 6 Sep 2024 15:07:51 -0400 Subject: [PATCH 4/4] TPM extend ops: Augment output of TPM1/TMP22 for filename and file content hash ops Debug logtrace, screenshots of non-debug will be added in PR #1758 TPM1: [ 4.815559] [U] hello world [ 5.099000] DEBUG: Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config) [ 5.122059] TRACE: Under init [ 5.165917] DEBUG: Applying panic_on_oom setting to sysctl [ 5.388757] TRACE: /bin/cbfs-init(5): main [ 5.516637] TRACE: /bin/cbfs-init(24): main [ 5.662271] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/pubring.kbx [ 5.732223] TRACE: /bin/tpmr(790): main [ 5.785372] DEBUG: TPM: Extending PCR[7] with hash 7ccf4f64044946cf4e5b0efe3d959f00562227ae [ 5.838082] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/pubring.kbx [ 6.081466] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/pubring.kbx [ 6.147455] TRACE: /bin/tpmr(790): main [ 6.196545] DEBUG: TPM: Extending PCR[7] with hash ee79223a3b9724ad1aab290a3785132805c79eae [ 6.251251] DEBUG: exec tpm extend -ix 7 -if /.gnupg/pubring.kbx [ 6.445119] TRACE: /bin/cbfs-init(24): main [ 6.585854] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/trustdb.gpg [ 6.659172] TRACE: /bin/tpmr(790): main [ 6.707564] DEBUG: TPM: Extending PCR[7] with hash 7236ea8e612c1435259a8a0f8e0a8f1f5dba7042 [ 6.757645] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/trustdb.gpg [ 7.013547] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/trustdb.gpg [ 7.082863] TRACE: /bin/tpmr(790): main [ 7.131022] DEBUG: TPM: Extending PCR[7] with hash ca8898407cacd96d6f2de90ae90825351be81c62 [ 7.183344] DEBUG: exec tpm extend -ix 7 -if /.gnupg/trustdb.gpg [ 7.413787] TRACE: /bin/key-init(6): main [ 8.718367] TRACE: Under /etc/ash_functions:combine_configs [ 8.803914] TRACE: Under /etc/ash_functions:pause_recovery !!! Hit enter to proceed to recovery shell !!! [ 9.045341] TRACE: /bin/setconsolefont.sh(6): main [ 9.096853] DEBUG: Board does not ship setfont, not checking console font [ 9.320494] TRACE: /bin/gui-init(641): main [ 9.356729] TRACE: Under /etc/ash_functions:enable_usb [ 9.445981] TRACE: /sbin/insmod(9): main [ 9.609464] TRACE: /sbin/insmod(53): main [ 9.660145] DEBUG: No module parameters, extending only with the module's content [ 9.791896] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ehci-hcd.ko [ 9.860477] TRACE: /bin/tpmr(790): main [ 9.914849] DEBUG: TPM: Extending PCR[5] with hash bc9ff28a99e314cda69695ba34b26ed0d8b1e4ed [ 9.976867] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ehci-hcd.ko [ 10.146966] DEBUG: Loading /lib/modules/ehci-hcd.ko with busybox insmod [ 10.184086] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver [ 10.276564] TRACE: /sbin/insmod(9): main [ 10.433503] TRACE: /sbin/insmod(53): main [ 10.486272] DEBUG: No module parameters, extending only with the module's content [ 10.620200] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/uhci-hcd.ko [ 10.698710] TRACE: /bin/tpmr(790): main [ 10.750637] DEBUG: TPM: Extending PCR[5] with hash bcb2f15c7eb52484072a76fc8a0d7399f6cf2189 [ 10.808379] DEBUG: exec tpm extend -ix 5 -if /lib/modules/uhci-hcd.ko [ 10.996254] DEBUG: Loading /lib/modules/uhci-hcd.ko with busybox insmod [ 11.026108] uhci_hcd: USB Universal Host Controller Interface driver [ 11.040703] uhci_hcd 0000:00:1d.0: UHCI Host Controller [ 11.053129] uhci_hcd 0000:00:1d.0: new USB bus registered, assigned bus number 1 [ 11.061568] uhci_hcd 0000:00:1d.0: detected 2 ports [ 11.070973] uhci_hcd 0000:00:1d.0: irq 16, io base 0x0000ff00 [ 11.089004] hub 1-0:1.0: USB hub found [ 11.097535] hub 1-0:1.0: 2 ports detected [ 11.114890] uhci_hcd 0000:00:1d.1: UHCI Host Controller [ 11.123848] uhci_hcd 0000:00:1d.1: new USB bus registered, assigned bus number 2 [ 11.134989] uhci_hcd 0000:00:1d.1: detected 2 ports [ 11.142404] uhci_hcd 0000:00:1d.1: irq 17, io base 0x0000fee0 [ 11.153338] hub 2-0:1.0: USB hub found [ 11.160572] hub 2-0:1.0: 2 ports detected [ 11.176481] uhci_hcd 0000:00:1d.2: UHCI Host Controller [ 11.183898] uhci_hcd 0000:00:1d.2: new USB bus registered, assigned bus number 3 [ 11.193509] uhci_hcd 0000:00:1d.2: detected 2 ports [ 11.201574] uhci_hcd 0000:00:1d.2: irq 18, io base 0x0000fec0 [ 11.211182] hub 3-0:1.0: USB hub found [ 11.219256] hub 3-0:1.0: 2 ports detected [ 11.314467] TRACE: /sbin/insmod(9): main [ 11.468430] TRACE: /sbin/insmod(53): main [ 11.521914] DEBUG: No module parameters, extending only with the module's content [ 11.656647] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ohci-hcd.ko [ 11.726721] TRACE: /bin/tpmr(790): main [ 11.778253] DEBUG: TPM: Extending PCR[5] with hash f563e46fbbed46423a1e10219953233d310792f5 [ 11.831718] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ohci-hcd.ko [ 12.010752] DEBUG: Loading /lib/modules/ohci-hcd.ko with busybox insmod [ 12.044192] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver [ 12.136462] TRACE: /sbin/insmod(9): main [ 12.293409] TRACE: /sbin/insmod(53): main [ 12.345947] DEBUG: No module parameters, extending only with the module's content [ 12.481562] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ohci-pci.ko [ 12.547754] TRACE: /bin/tpmr(790): main [ 12.604827] DEBUG: TPM: Extending PCR[5] with hash a24699fdaac9976cc9447fd0cd444a469299ad2f [ 12.661256] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ohci-pci.ko [ 12.847247] DEBUG: Loading /lib/modules/ohci-pci.ko with busybox insmod [ 12.870986] ohci-pci: OHCI PCI platform driver [ 12.959387] TRACE: /sbin/insmod(9): main [ 13.112275] TRACE: /sbin/insmod(53): main [ 13.163112] DEBUG: No module parameters, extending only with the module's content [ 13.291360] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ehci-pci.ko [ 13.364853] TRACE: /bin/tpmr(790): main [ 13.438536] DEBUG: TPM: Extending PCR[5] with hash b80a90e11a01eba40bb7e566f3374d0aad326acb [ 13.505500] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ehci-pci.ko [ 13.679865] DEBUG: Loading /lib/modules/ehci-pci.ko with busybox insmod [ 13.704539] ehci-pci: EHCI PCI platform driver [ 13.725570] ehci-pci 0000:00:1d.7: EHCI Host Controller [ 13.735562] ehci-pci 0000:00:1d.7: new USB bus registered, assigned bus number 4 [ 13.745092] ehci-pci 0000:00:1d.7: irq 19, io mem 0xfcf80000 [ 13.773286] ehci-pci 0000:00:1d.7: USB 2.0 started, EHCI 1.00 [ 13.783544] hub 4-0:1.0: USB hub found [ 13.791110] hub 4-0:1.0: 6 ports detected [ 13.800844] hub 1-0:1.0: USB hub found [ 13.807808] hub 1-0:1.0: 2 ports detected [ 13.823094] hub 2-0:1.0: USB hub found [ 13.829910] hub 2-0:1.0: 2 ports detected [ 13.839182] hub 3-0:1.0: USB hub found [ 13.846231] hub 3-0:1.0: 2 ports detected [ 13.946297] TRACE: /sbin/insmod(9): main [ 14.099143] TRACE: /sbin/insmod(53): main [ 14.149765] DEBUG: No module parameters, extending only with the module's content [ 14.291413] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/xhci-hcd.ko [ 14.372815] TRACE: /bin/tpmr(790): main [ 14.426919] DEBUG: TPM: Extending PCR[5] with hash 1fc55e846b9d5c93e58c6c8b6f867e744fa694bc [ 14.482815] DEBUG: exec tpm extend -ix 5 -if /lib/modules/xhci-hcd.ko [ 14.670419] DEBUG: Loading /lib/modules/xhci-hcd.ko with busybox insmod [ 14.783374] TRACE: /sbin/insmod(9): main [ 14.939364] TRACE: /sbin/insmod(53): main [ 14.995136] DEBUG: No module parameters, extending only with the module's content [ 15.135482] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/xhci-pci.ko [ 15.204263] TRACE: /bin/tpmr(790): main [ 15.255478] DEBUG: TPM: Extending PCR[5] with hash bbdd85242570aa438b908420a43b8d7042db8b4f [ 15.305598] DEBUG: exec tpm extend -ix 5 -if /lib/modules/xhci-pci.ko [ 15.480844] DEBUG: Loading /lib/modules/xhci-pci.ko with busybox insmod [ 15.512476] xhci_hcd 0000:00:04.0: xHCI Host Controller [ 15.528230] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 5 [ 15.540456] xhci_hcd 0000:00:04.0: hcc params 0x00087001 hci version 0x100 quirks 0x0000000000000010 [ 15.554225] hub 5-0:1.0: USB hub found [ 15.562061] hub 5-0:1.0: 4 ports detected [ 15.572058] xhci_hcd 0000:00:04.0: xHCI Host Controller [ 15.589966] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 6 [ 15.598116] xhci_hcd 0000:00:04.0: Host supports USB 3.0 SuperSpeed [ 15.606150] usb usb6: We don't know the algorithms for LPM for this host, disabling LPM. [ 15.616354] hub 6-0:1.0: USB hub found [ 15.623767] hub 6-0:1.0: 4 ports detected [ 15.909854] usb 5-1: new high-speed USB device number 2 using xhci_hcd [ 16.193548] usb 6-2: new SuperSpeed Gen 1 USB device number 2 using xhci_hcd [ 16.345381] usb 5-3: new full-speed USB device number 3 using xhci_hcd [ 17.674973] TRACE: /etc/functions(715): detect_boot_device [ 17.718114] TRACE: /etc/functions(682): mount_possible_boot_device [ 17.759829] TRACE: /etc/functions(642): is_gpt_bios_grub [ 17.833271] TRACE: /dev/vda1 is partition 1 of vda [ 17.925490] TRACE: /etc/functions(619): find_lvm_vg_name [ 18.068352] TRACE: Try mounting /dev/vda1 as /boot [ 18.114444] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: (null) [ 18.158648] TRACE: /bin/gui-init(319): clean_boot_check [ 18.247883] TRACE: /bin/gui-init(348): check_gpg_key [ 18.338052] TRACE: /bin/gui-init(185): update_totp [ 18.419286] TRACE: /bin/unseal-totp(8): main [ 18.511352] TRACE: /bin/tpmr(614): tpm1_unseal [ 18.624811] DEBUG: Running at_exit handlers [ 18.661992] TRACE: /bin/tpmr(390): cleanup_shred [ 18.692897] !!! ERROR: Unable to unseal TOTP secret !!! [ 21.295284] TRACE: /bin/unseal-totp(8): main [ 21.386377] TRACE: /bin/tpmr(614): tpm1_unseal [ 21.496183] DEBUG: Running at_exit handlers [ 21.527060] TRACE: /bin/tpmr(390): cleanup_shred [ 21.558625] !!! ERROR: Unable to unseal TOTP secret !!! [ 24.162881] TRACE: /bin/unseal-totp(8): main [ 24.249549] TRACE: /bin/tpmr(614): tpm1_unseal [ 24.362331] DEBUG: Running at_exit handlers [ 24.394154] TRACE: /bin/tpmr(390): cleanup_shred [ 24.427400] !!! ERROR: Unable to unseal TOTP secret !!! [ 26.475340] DEBUG: CONFIG_TPM: y [ 26.521538] DEBUG: CONFIG_TPM2_TOOLS: [ 26.578490] DEBUG: Show PCRs [ 26.730805] DEBUG: PCR-00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.751488] PCR-01: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.778571] PCR-02: C0 A9 54 C8 45 5C 78 49 80 EC 1C DB D8 E8 9B CC 65 11 58 BF [ 26.808771] PCR-03: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.830508] PCR-04: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.849538] PCR-05: 2C 3A 40 05 70 DB 21 89 4F CD C2 F8 D6 AE 40 DA 56 E1 B6 74 [ 26.878951] PCR-06: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.895421] PCR-07: 7A 8A 4C E6 BA B0 AA 26 22 B1 26 A2 F6 36 BD F3 86 23 50 B6 TPM2: [ 5.305235] [U] hello world [ 5.591175] DEBUG: Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config) [ 5.615802] TRACE: Under init [ 5.657823] DEBUG: Applying panic_on_oom setting to sysctl [ 5.831457] TRACE: /bin/tpmr(349): tpm2_startsession [ 6.567984] TRACE: /bin/cbfs-init(5): main [ 6.695758] TRACE: /bin/cbfs-init(24): main [ 6.811665] TRACE: /bin/tpmr(832): main [ 6.870411] DEBUG: TPM: Extending PCR[7] with /.gnupg/pubring.kbx [ 6.907262] TRACE: /bin/tpmr(234): tpm2_extend [ 6.983504] TRACE: /bin/tpmr(247): tpm2_extend [ 7.037543] DEBUG: TPM: Will extend PCR[7] with hash of string /.gnupg/pubring.kbx [ 7.192665] TRACE: /bin/tpmr(265): tpm2_extend [ 7.246318] DEBUG: TPM: Extended PCR[7] with hash 96ab5053e4630a040d55549ba73cff2178d401d763147776771f9774597b86a1 [ 7.355327] TRACE: /bin/tpmr(832): main [ 7.409042] DEBUG: TPM: Extending PCR[7] with /.gnupg/pubring.kbx [ 7.446920] TRACE: /bin/tpmr(234): tpm2_extend [ 7.485782] TRACE: /bin/tpmr(252): tpm2_extend [ 7.540496] DEBUG: TPM: Will extend PCR[7] with hash of file content /.gnupg/pubring.kbx [ 7.759033] TRACE: /bin/tpmr(265): tpm2_extend [ 7.811693] DEBUG: TPM: Extended PCR[7] with hash f196f9cae98362568d31638e7522eee5042286b2c18627b06b30a0275207872e [ 7.903033] TRACE: /bin/cbfs-init(24): main [ 8.026099] TRACE: /bin/tpmr(832): main [ 8.077074] DEBUG: TPM: Extending PCR[7] with /.gnupg/trustdb.gpg [ 8.108061] TRACE: /bin/tpmr(234): tpm2_extend [ 8.180580] TRACE: /bin/tpmr(247): tpm2_extend [ 8.234748] DEBUG: TPM: Will extend PCR[7] with hash of string /.gnupg/trustdb.gpg [ 8.412522] TRACE: /bin/tpmr(265): tpm2_extend [ 8.469868] DEBUG: TPM: Extended PCR[7] with hash 53b843fe9bb52894d3a7d00197c776d56f3059f6a285124c7916724cd5013b0b [ 8.596316] TRACE: /bin/tpmr(832): main [ 8.655651] DEBUG: TPM: Extending PCR[7] with /.gnupg/trustdb.gpg [ 8.690508] TRACE: /bin/tpmr(234): tpm2_extend [ 8.723206] TRACE: /bin/tpmr(252): tpm2_extend [ 8.782554] DEBUG: TPM: Will extend PCR[7] with hash of file content /.gnupg/trustdb.gpg [ 8.999969] TRACE: /bin/tpmr(265): tpm2_extend [ 9.066744] DEBUG: TPM: Extended PCR[7] with hash abf745ef9f960af5d8b19a1acd4bc0a19da056f607b06cce6b920eab83cbbdec [ 9.215143] TRACE: /bin/key-init(6): main [ 10.661503] TRACE: Under /etc/ash_functions:combine_configs [ 10.749050] TRACE: Under /etc/ash_functions:pause_recovery !!! Hit enter to proceed to recovery shell !!! [ 10.998267] TRACE: /bin/setconsolefont.sh(6): main [ 11.059640] DEBUG: Board does not ship setfont, not checking console font [ 11.303012] TRACE: /bin/gui-init(641): main [ 11.334099] TRACE: Under /etc/ash_functions:enable_usb [ 11.421487] TRACE: /sbin/insmod(9): main [ 11.578754] TRACE: /sbin/insmod(53): main [ 11.630500] DEBUG: No module parameters, extending only with the module's content [ 11.741780] TRACE: /bin/tpmr(832): main [ 11.789365] DEBUG: TPM: Extending PCR[5] with /lib/modules/ehci-hcd.ko [ 11.823496] TRACE: /bin/tpmr(234): tpm2_extend [ 11.862739] TRACE: /bin/tpmr(252): tpm2_extend [ 11.920404] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ehci-hcd.ko [ 12.123507] TRACE: /bin/tpmr(265): tpm2_extend [ 12.175292] DEBUG: TPM: Extended PCR[5] with hash 40c5206f06702e45d8e6632632255258af433be0641c96f514ea75ac14523a30 [ 12.234130] DEBUG: Loading /lib/modules/ehci-hcd.ko with busybox insmod [ 12.278479] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver [ 12.371875] TRACE: /sbin/insmod(9): main [ 12.523874] TRACE: /sbin/insmod(53): main [ 12.578418] DEBUG: No module parameters, extending only with the module's content [ 12.697785] TRACE: /bin/tpmr(832): main [ 12.753607] DEBUG: TPM: Extending PCR[5] with /lib/modules/uhci-hcd.ko [ 12.786940] TRACE: /bin/tpmr(234): tpm2_extend [ 12.819199] TRACE: /bin/tpmr(252): tpm2_extend [ 12.879805] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/uhci-hcd.ko [ 13.088925] TRACE: /bin/tpmr(265): tpm2_extend [ 13.158660] DEBUG: TPM: Extended PCR[5] with hash 1877332107fb8737a5636da26d4db2c10ffe4d1db2bcbde30b47774cdf05e02f [ 13.223888] DEBUG: Loading /lib/modules/uhci-hcd.ko with busybox insmod [ 13.253700] uhci_hcd: USB Universal Host Controller Interface driver [ 13.269580] uhci_hcd 0000:00:1d.0: UHCI Host Controller [ 13.278675] uhci_hcd 0000:00:1d.0: new USB bus registered, assigned bus number 1 [ 13.287280] uhci_hcd 0000:00:1d.0: detected 2 ports [ 13.296481] uhci_hcd 0000:00:1d.0: irq 16, io base 0x0000ff00 [ 13.314557] hub 1-0:1.0: USB hub found [ 13.332614] hub 1-0:1.0: 2 ports detected [ 13.352400] uhci_hcd 0000:00:1d.1: UHCI Host Controller [ 13.361016] uhci_hcd 0000:00:1d.1: new USB bus registered, assigned bus number 2 [ 13.368653] uhci_hcd 0000:00:1d.1: detected 2 ports [ 13.376700] uhci_hcd 0000:00:1d.1: irq 17, io base 0x0000fee0 [ 13.395046] hub 2-0:1.0: USB hub found [ 13.403107] hub 2-0:1.0: 2 ports detected [ 13.418573] uhci_hcd 0000:00:1d.2: UHCI Host Controller [ 13.426975] uhci_hcd 0000:00:1d.2: new USB bus registered, assigned bus number 3 [ 13.434733] uhci_hcd 0000:00:1d.2: detected 2 ports [ 13.442497] uhci_hcd 0000:00:1d.2: irq 18, io base 0x0000fec0 [ 13.460237] hub 3-0:1.0: USB hub found [ 13.467466] hub 3-0:1.0: 2 ports detected [ 13.579102] TRACE: /sbin/insmod(9): main [ 13.730892] TRACE: /sbin/insmod(53): main [ 13.781345] DEBUG: No module parameters, extending only with the module's content [ 13.891152] TRACE: /bin/tpmr(832): main [ 13.954015] DEBUG: TPM: Extending PCR[5] with /lib/modules/ohci-hcd.ko [ 13.995207] TRACE: /bin/tpmr(234): tpm2_extend [ 14.031074] TRACE: /bin/tpmr(252): tpm2_extend [ 14.095694] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ohci-hcd.ko [ 14.315253] TRACE: /bin/tpmr(265): tpm2_extend [ 14.369608] DEBUG: TPM: Extended PCR[5] with hash 8a12ce4abfc87f11a023d4f1c26c225f5cffae248f9dad1fd30e78022996df02 [ 14.425800] DEBUG: Loading /lib/modules/ohci-hcd.ko with busybox insmod [ 14.455207] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver [ 14.548050] TRACE: /sbin/insmod(9): main [ 14.693175] TRACE: /sbin/insmod(53): main [ 14.742761] DEBUG: No module parameters, extending only with the module's content [ 14.855233] TRACE: /bin/tpmr(832): main [ 14.908035] DEBUG: TPM: Extending PCR[5] with /lib/modules/ohci-pci.ko [ 14.940321] TRACE: /bin/tpmr(234): tpm2_extend [ 14.970307] TRACE: /bin/tpmr(252): tpm2_extend [ 15.018421] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ohci-pci.ko [ 15.226408] TRACE: /bin/tpmr(265): tpm2_extend [ 15.279951] DEBUG: TPM: Extended PCR[5] with hash 2065ee6544d78a5d31e67983166a9b8cf60dbe61bf0ee99c39e92816cc3a98db [ 15.335930] DEBUG: Loading /lib/modules/ohci-pci.ko with busybox insmod [ 15.360537] ohci-pci: OHCI PCI platform driver [ 15.446600] TRACE: /sbin/insmod(9): main [ 15.597149] TRACE: /sbin/insmod(53): main [ 15.649850] DEBUG: No module parameters, extending only with the module's content [ 15.753738] TRACE: /bin/tpmr(832): main [ 15.809086] DEBUG: TPM: Extending PCR[5] with /lib/modules/ehci-pci.ko [ 15.847559] TRACE: /bin/tpmr(234): tpm2_extend [ 15.878030] TRACE: /bin/tpmr(252): tpm2_extend [ 15.930320] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ehci-pci.ko [ 16.131948] TRACE: /bin/tpmr(265): tpm2_extend [ 16.190395] DEBUG: TPM: Extended PCR[5] with hash 116145df2c495dfd58354025799fe5bb9b4d8e078960e8d0d7ceda746e4f2d06 [ 16.247675] DEBUG: Loading /lib/modules/ehci-pci.ko with busybox insmod [ 16.275465] ehci-pci: EHCI PCI platform driver [ 16.296704] ehci-pci 0000:00:1d.7: EHCI Host Controller [ 16.306151] ehci-pci 0000:00:1d.7: new USB bus registered, assigned bus number 4 [ 16.316293] ehci-pci 0000:00:1d.7: irq 19, io mem 0xfcf80000 [ 16.340527] ehci-pci 0000:00:1d.7: USB 2.0 started, EHCI 1.00 [ 16.357688] hub 4-0:1.0: USB hub found [ 16.365707] hub 4-0:1.0: 6 ports detected [ 16.376687] hub 1-0:1.0: USB hub found [ 16.384573] hub 1-0:1.0: 2 ports detected [ 16.393986] hub 2-0:1.0: USB hub found [ 16.401424] hub 2-0:1.0: 2 ports detected [ 16.410387] hub 3-0:1.0: USB hub found [ 16.418087] hub 3-0:1.0: 2 ports detected [ 16.513839] TRACE: /sbin/insmod(9): main [ 16.670778] TRACE: /sbin/insmod(53): main [ 16.721953] DEBUG: No module parameters, extending only with the module's content [ 16.835964] TRACE: /bin/tpmr(832): main [ 16.888003] DEBUG: TPM: Extending PCR[5] with /lib/modules/xhci-hcd.ko [ 16.919798] TRACE: /bin/tpmr(234): tpm2_extend [ 16.957470] TRACE: /bin/tpmr(252): tpm2_extend [ 17.013535] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/xhci-hcd.ko [ 17.225097] TRACE: /bin/tpmr(265): tpm2_extend [ 17.281099] DEBUG: TPM: Extended PCR[5] with hash 7f5a6bd0f7de6104e49374e1e5ce421e11795fcc4f53014ef9259d630d7876bc [ 17.337551] DEBUG: Loading /lib/modules/xhci-hcd.ko with busybox insmod [ 17.448660] TRACE: /sbin/insmod(9): main [ 17.595458] TRACE: /sbin/insmod(53): main [ 17.653305] DEBUG: No module parameters, extending only with the module's content [ 17.763612] TRACE: /bin/tpmr(832): main [ 17.817350] DEBUG: TPM: Extending PCR[5] with /lib/modules/xhci-pci.ko [ 17.849196] TRACE: /bin/tpmr(234): tpm2_extend [ 17.879069] TRACE: /bin/tpmr(252): tpm2_extend [ 17.927859] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/xhci-pci.ko [ 18.126778] TRACE: /bin/tpmr(265): tpm2_extend [ 18.188056] DEBUG: TPM: Extended PCR[5] with hash 5502fa8c101f7e509145b9826094f06dd0e225c2311a14edc9ae9c812518a250 [ 18.247945] DEBUG: Loading /lib/modules/xhci-pci.ko with busybox insmod [ 18.286509] xhci_hcd 0000:00:04.0: xHCI Host Controller [ 18.294553] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 5 [ 18.308276] xhci_hcd 0000:00:04.0: hcc params 0x00087001 hci version 0x100 quirks 0x0000000000000010 [ 18.320288] hub 5-0:1.0: USB hub found [ 18.328425] hub 5-0:1.0: 4 ports detected [ 18.337635] xhci_hcd 0000:00:04.0: xHCI Host Controller [ 18.344430] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 6 [ 18.351769] xhci_hcd 0000:00:04.0: Host supports USB 3.0 SuperSpeed [ 18.360900] usb usb6: We don't know the algorithms for LPM for this host, disabling LPM. [ 18.371095] hub 6-0:1.0: USB hub found [ 18.378046] hub 6-0:1.0: 4 ports detected [ 18.673695] usb 5-1: new high-speed USB device number 2 using xhci_hcd [ 18.960744] usb 6-2: new SuperSpeed Gen 1 USB device number 2 using xhci_hcd [ 19.112485] usb 5-3: new full-speed USB device number 3 using xhci_hcd [ 20.433294] TRACE: /etc/functions(715): detect_boot_device [ 20.489580] TRACE: /etc/functions(682): mount_possible_boot_device [ 20.546126] TRACE: /etc/functions(642): is_gpt_bios_grub [ 20.653417] TRACE: /dev/vda1 is partition 1 of vda [ 20.777737] TRACE: /etc/functions(619): find_lvm_vg_name [ 20.946450] TRACE: Try mounting /dev/vda1 as /boot [ 20.997145] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: (null) [ 21.053058] TRACE: /bin/gui-init(319): clean_boot_check [ 21.157752] TRACE: /bin/gui-init(348): check_gpg_key [ 21.260339] TRACE: /bin/gui-init(185): update_totp [ 21.376906] TRACE: /bin/unseal-totp(8): main [ 21.497372] TRACE: /bin/tpmr(569): tpm2_unseal [ 21.574501] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass= [ 22.212056] DEBUG: Running at_exit handlers [ 22.247818] TRACE: /bin/tpmr(374): cleanup_session [ 22.301292] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session [ 22.423005] !!! ERROR: Unable to unseal TOTP secret !!! [ 25.058227] TRACE: /bin/unseal-totp(8): main [ 25.205031] TRACE: /bin/tpmr(569): tpm2_unseal [ 25.284388] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass= [ 25.914243] DEBUG: Running at_exit handlers [ 25.947988] TRACE: /bin/tpmr(374): cleanup_session [ 26.001694] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session [ 26.126464] !!! ERROR: Unable to unseal TOTP secret !!! [ 28.766165] TRACE: /bin/unseal-totp(8): main [ 28.898452] TRACE: /bin/tpmr(569): tpm2_unseal [ 28.982708] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass= [ 29.609216] DEBUG: Running at_exit handlers [ 29.643372] TRACE: /bin/tpmr(374): cleanup_session [ 29.696741] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session [ 29.822748] !!! ERROR: Unable to unseal TOTP secret !!! [ 31.890980] DEBUG: CONFIG_TPM: y [ 31.945147] DEBUG: CONFIG_TPM2_TOOLS: y [ 31.999643] DEBUG: Show PCRs [ 32.157607] DEBUG: sha256: [ 32.190288] 0 : 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.221302] 1 : 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.251240] 2 : 0x9FC171D45D54BDD49D40E8438BCF15808427BA72B11EC2DF1ACE877CA0CF4F14 [ 32.282127] 3 : 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.315382] 4 : 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.345767] 5 : 0xD76470232B7C3FD7D18D4DF3B77DACAFFDB876DBF3E84C996D74F7ECFA0FF60F [ 32.379099] 6 : 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.409630] 7 : 0x2E3147A8ADA1FEBEB2D32D7F50F25DC10F47D7CD48DF1D61A2D6BF958114A231 [ 32.439780] 8 : 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.508514] 9 : 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.537395] 10: 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.583510] 11: 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.622661] 12: 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.651831] 13: 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.687298] 14: 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.721766] 15: 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.751345] 16: 0x0000000000000000000000000000000000000000000000000000000000000000 [ 32.782919] 17: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF [ 32.813071] 18: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF [ 32.841994] 19: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF [ 32.869358] 20: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF [ 32.907215] 21: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF [ 32.937346] 22: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF [ 32.967810] 23: 0x0000000000000000000000000000000000000000000000000000000000000000 Signed-off-by: Thierry Laurion --- .../qemu-coreboot-whiptail-tpm2.config | 6 ++--- initrd/bin/cbfs-init | 3 ++- initrd/bin/kexec-insert-key | 1 + initrd/bin/kexec-select-boot | 1 + initrd/bin/qubes-measure-luks | 1 + initrd/bin/tpmr | 24 +++++++++++++++++-- initrd/etc/ash_functions | 1 + initrd/sbin/insmod | 15 +++++++++--- 8 files changed, 43 insertions(+), 9 deletions(-) diff --git a/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config b/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config index cdcd3946..2b46cf46 100644 --- a/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config +++ b/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config @@ -17,10 +17,10 @@ CONFIG_LINUX_CONFIG=config/linux-qemu.config #export CONFIG_HAVE_GPG_KEY_BACKUP=y #Enable DEBUG output -export CONFIG_DEBUG_OUTPUT=y -export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y +#export CONFIG_DEBUG_OUTPUT=y +#export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y #Enable TPM2 pcap output under /tmp -export CONFIG_TPM2_CAPTURE_PCAP=y +#export CONFIG_TPM2_CAPTURE_PCAP=y #On-demand hardware support (modules.cpio) CONFIG_LINUX_USB=y diff --git a/initrd/bin/cbfs-init b/initrd/bin/cbfs-init index 4035025c..c54991f4 100755 --- a/initrd/bin/cbfs-init +++ b/initrd/bin/cbfs-init @@ -21,7 +21,8 @@ for cbfsname in `echo $cbfsfiles`; do cbfs -t 50 $CBFS_ARG -r $cbfsname > "$filename" \ || die "$filename: cbfs file read failed" if [ "$CONFIG_TPM" = "y" ]; then - echo "TPM: Extending PCR[$CONFIG_PCR with] with $filename" + TRACE_FUNC + echo "TPM: Extending PCR[$CONFIG_PCR] with $filename" # Measure both the filename and its content. This # ensures that renaming files or pivoting file content # will still affect the resulting PCR measurement. diff --git a/initrd/bin/kexec-insert-key b/initrd/bin/kexec-insert-key index 84bff455..0028e348 100755 --- a/initrd/bin/kexec-insert-key +++ b/initrd/bin/kexec-insert-key @@ -65,6 +65,7 @@ if ! kexec-unseal-key "$INITRD_DIR/secret.key"; then fi # Override PCR 4 so that user can't read the key +TRACE_FUNC echo "TPM: Extending PCR[4] to prevent any future secret unsealing" tpmr extend -ix 4 -ic generic || die 'Unable to scramble PCR' diff --git a/initrd/bin/kexec-select-boot b/initrd/bin/kexec-select-boot index f56c6e76..b3b55c30 100755 --- a/initrd/bin/kexec-select-boot +++ b/initrd/bin/kexec-select-boot @@ -384,6 +384,7 @@ while true; do if [ "$CONFIG_TPM" = "y" ]; then if [ ! -r "$TMP_KEY_DEVICES" ]; then # Extend PCR4 as soon as possible + TRACE_FUNC DEBUG "TPM: Extending PCR[4] to prevent further secret unsealing" tpmr extend -ix 4 -ic generic || die "Failed to extend TPM PCR[4]" diff --git a/initrd/bin/qubes-measure-luks b/initrd/bin/qubes-measure-luks index 03db5915..bef6fb10 100755 --- a/initrd/bin/qubes-measure-luks +++ b/initrd/bin/qubes-measure-luks @@ -19,6 +19,7 @@ sha256sum /tmp/lukshdr-* >/tmp/luksDump.txt || die "Unable to hash LUKS headers" DEBUG "Removing /tmp/lukshdr-*" rm /tmp/lukshdr-* +TRACE_FUNC echo "TPM: Extending PCR[6] with hash of LUKS headers from /tmp/luksDump.txt" tpmr extend -ix 6 -if /tmp/luksDump.txt || die "Unable to extend PCR" diff --git a/initrd/bin/tpmr b/initrd/bin/tpmr index fb10f0c7..78b71ea1 100755 --- a/initrd/bin/tpmr +++ b/initrd/bin/tpmr @@ -235,14 +235,20 @@ tpm2_extend() { while true; do case "$1" in -ix) + # store index and shift so -ic and -if can be processed index="$2" shift 2 ;; -ic) + string=$(echo -n "$2") hash="$(echo -n "$2" | sha256sum | cut -d' ' -f1)" + TRACE_FUNC + DEBUG "TPM: Will extend PCR[$index] with hash of string $string" shift 2 ;; -if) + TRACE_FUNC + DEBUG "TPM: Will extend PCR[$index] with hash of file content $2" hash="$(sha256sum "$2" | cut -d' ' -f1)" shift 2 ;; @@ -253,7 +259,9 @@ tpm2_extend() { done tpm2 pcrextend "$index:sha256=$hash" tpm2 pcrread "sha256:$index" - DEBUG "TPM: Extended PCR[$index] with $hash" + + TRACE_FUNC + DEBUG "TPM: Extended PCR[$index] with hash $hash" } tpm2_counter_read() { @@ -767,7 +775,18 @@ if [ "$CONFIG_TPM2_TOOLS" != "y" ]; then tpm1_destroy "$@" ;; extend) - DEBUG "TPM: Extending PCR[$3] with $5" + #check if we extend with a hash or a file + if [ "$4" = "-if" ]; then + DEBUG "TPM: Will extend PCR[$3] hash content of file $5" + hash="$(sha1sum "$5" | cut -d' ' -f1)" + elif [ "$4" = "-ic" ]; then + string=$(echo -n "$5") + DEBUG "TPM: Will extend PCR[$3] with hash of filename $string" + hash="$(echo -n "$5" | sha1sum | cut -d' ' -f1)" + fi + + TRACE_FUNC + DEBUG "TPM: Extending PCR[$3] with hash $hash" DO_WITH_DEBUG exec tpm "$@" ;; seal) @@ -808,6 +827,7 @@ calcfuturepcr) replay_pcr "sha256" "$@" ;; extend) + TRACE_FUNC DEBUG "TPM: Extending PCR[$2] with $4" tpm2_extend "$@" ;; diff --git a/initrd/etc/ash_functions b/initrd/etc/ash_functions index bf6c6307..f8b9f79e 100644 --- a/initrd/etc/ash_functions +++ b/initrd/etc/ash_functions @@ -241,6 +241,7 @@ recovery() { DEBUG "Board $CONFIG_BOARD - version $(fw_version)" if [ "$CONFIG_TPM" = "y" ]; then + TRACE_FUNC echo "TPM: Extending PCR[4] to prevent any further secret unsealing" tpmr extend -ix 4 -ic recovery fi diff --git a/initrd/sbin/insmod b/initrd/sbin/insmod index da654257..359bf68f 100755 --- a/initrd/sbin/insmod +++ b/initrd/sbin/insmod @@ -43,9 +43,18 @@ if [ -z "$tpm_missing" ]; then # Extend with the module parameters (even if they are empty) and the # module. Changing the parameters or the module content will result in a # different PCR measurement. - tpmr extend -ix "$MODULE_PCR" -ic "$*" - tpmr extend -ix "$MODULE_PCR" -if "$MODULE" \ - || die "$MODULE: tpm extend failed" + if [ -n "$*" ]; then + TRACE_FUNC + DEBUG "Extending with module parameters and the module's content" + tpmr extend -ix "$MODULE_PCR" -ic "$*" + tpmr extend -ix "$MODULE_PCR" -if "$MODULE" \ + || die "$MODULE: tpm extend failed" + else + TRACE_FUNC + DEBUG "No module parameters, extending only with the module's content" + tpmr extend -ix "$MODULE_PCR" -if "$MODULE" \ + || die "$MODULE: tpm extend failed" + fi fi # Since we have replaced the real insmod, we must invoke