From 9978aa6134cbd371778322d788a2a433715efea9 Mon Sep 17 00:00:00 2001 From: gaspar-ilom Date: Tue, 18 Feb 2025 21:30:47 +0100 Subject: [PATCH] add some warning to the t480 board config about the TPM GPIO reset attack https://mkukri.xyz/2024/06/01/tpm-gpio-fail.html Signed-off-by: gaspar-ilom --- boards/t480-hotp-maximized/t480-hotp-maximized.config | 7 +++++++ boards/t480-maximized/t480-maximized.config | 7 +++++++ 2 files changed, 14 insertions(+) diff --git a/boards/t480-hotp-maximized/t480-hotp-maximized.config b/boards/t480-hotp-maximized/t480-hotp-maximized.config index a04bf8ff..876c1482 100644 --- a/boards/t480-hotp-maximized/t480-hotp-maximized.config +++ b/boards/t480-hotp-maximized/t480-hotp-maximized.config @@ -1,5 +1,12 @@ # Configuration for a T480 running Qubes 4.2.3 and other Linux Based OSes (through kexec) # +# CAVEATS: +# This board is vulnerable to a TPM reset attack, i.e. the PCRs are reset while the system is running. +# This attack can be used to bypass measured boot when an attacker succeeds at modifying the SPI flash. +# Also it can be used to extract FDE keys from a TPM. +# The related coreboot issue contains more information: https://ticket.coreboot.org/issues/576 +# Make sure you understand the implications of the attack for your threat model before using this board. +# # Includes # - Deactivated+neutered+deguarded ME and expanded consequent IFD BIOS regions # - Forged GBE MAC address to 00:DE:AD:C0:FF:EE MAC address (if not extracting gbe.bin from backup with blobs/xx80/extract.sh) diff --git a/boards/t480-maximized/t480-maximized.config b/boards/t480-maximized/t480-maximized.config index 5e6a8d1e..71be0ed7 100644 --- a/boards/t480-maximized/t480-maximized.config +++ b/boards/t480-maximized/t480-maximized.config @@ -1,5 +1,12 @@ # Configuration for a T480 running Qubes 4.2.3 and other Linux Based OSes (through kexec) # +# CAVEATS: +# This board is vulnerable to a TPM reset attack, i.e. the PCRs are reset while the system is running. +# This attack can be used to bypass measured boot when an attacker succeeds at modifying the SPI flash. +# Also it can be used to extract FDE keys from a TPM. +# The related coreboot issue contains more information: https://ticket.coreboot.org/issues/576 +# Make sure you understand the implications of the attack for your threat model before using this board. +# # Includes # - Deactivated+neutered+deguarded ME and expanded consequent IFD BIOS regions # - Forged GBE MAC address to 00:DE:AD:C0:FF:EE MAC address (if not extracting gbe.bin from backup with blobs/xx80/extract.sh)