Skip to content

qemu-coreboot-fbwhiptail-tpm1(-prod).config coreboot config mismatch#1980

Merged
tlaurion merged 1 commit intolinuxboot:masterfrom
Tonux599:qemu-tpm-fix
Jun 11, 2025
Merged

qemu-coreboot-fbwhiptail-tpm1(-prod).config coreboot config mismatch#1980
tlaurion merged 1 commit intolinuxboot:masterfrom
Tonux599:qemu-tpm-fix

Conversation

@Tonux599
Copy link
Copy Markdown
Contributor

@Tonux599 Tonux599 commented Jun 11, 2025

qemu-coreboot-fbwhiptail-tpm1 and qemu-coreboot-fbwhiptail-tpm1-prod use coreboot-qemu-tpm2.config and coreboot-qemu-tpm2-prod.config respectively.

This PR makes them use the qemu tmp1 coreboot config.

@Tonux599
use tpm1 coreboot config instead of tpm2 on `qemu-coreboot-fbwhiptail…
06dfa9f 
…-tpm1` and `qemu-coreboot-fbwhiptail-tpm1-prod`

Signed-off-by: Thomas Clarke <tonux@riseup.net>
@tlaurion
Copy link
Copy Markdown
Collaborator

tlaurion commented Jun 11, 2025

@Tonux599 thanks and good catch.

Never cought this on testing since init does TPM autodetection for a while now:

  • heads/initrd/init

    Lines 73 to 85 in 9fabe7f

    # Override CONFIG_TPM and CONFIG_TPM2_TOOLS from /etc/config with runtime value
    # determined above.
    #
    # Values in user config have higher priority during combining thus effectively
    # changing the value for the rest of the scripts which source /tmp/config.
    #Only set CONFIG_TPM and CONFIG_TPM2_TOOLS if they are not already set in /etc/config.user
    if ! grep -q 'CONFIG_TPM=' /etc/config.user 2>/dev/null; then
    echo "export CONFIG_TPM=\"$CONFIG_TPM\"" >>/etc/config.user
    fi
    if ! grep -q 'CONFIG_TPM2_TOOLS=' /etc/config.user 2>/dev/null; then
    echo "export CONFIG_TPM2_TOOLS=\"$CONFIG_TPM2_TOOLS\"" >>/etc/config.user
    fi

  • heads/initrd/init

    Lines 147 to 151 in 9fabe7f

    # set CONFIG_TPM dynamically off before init if no TPM device is present
    if [ ! -e /dev/tpm0 ]; then
    CONFIG_TPM='n'
    CONFIG_TPM2_TOOLS='n'
    fi

  • heads/initrd/init

    Lines 164 to 167 in 9fabe7f

    if [ "$CONFIG_TPM" = "y" ]; then
    # Initialize tpm2 encrypted sessions here
    tpmr startsession
    fi

Board config was supposed to passes tpm1/2 version desired through module inclusion detection from targets/qemu.mk:

  • heads/targets/qemu.mk

    Lines 17 to 25 in 9fabe7f

    ifeq "$(CONFIG_TPM2_TSS)" "y"
    SWTPM_TPMVER := --tpm2
    SWTPM_PRESETUP := swtpm_setup --create-config-files root,skip-if-exist
    else
    # TPM1 is the default
    SWTPM_TPMVER :=
    # No pre-setup
    SWTPM_PRESETUP := true
    endif

    But this PR/issue shows that coreboot tpmv2 is used for coreboot (SHA256), while Heads extends with SHA1, if coreboot config specifies tpmv2:
!!!!! Serial console recovery shell
[   59.237039] DEBUG: Board qemu-coreboot-fbwhiptail-tpm1 - version Heads-v0.2.0-2777-g9f197d3
[   59.261658] TPM: Extending PCR[4] to prevent any further secret unsealing
[   59.378719] DEBUG: TPM: Will extend PCR[4] with hash of filename recovery
[   59.440336] TRACE: /bin/tpmr(802): main
[   59.459475] TPM: Extending PCR[4] with hash 8b60e9d739b5a5bfd87cbfe67501ab4fa6e41504
[   59.504907] DEBUG: exec tpm extend -ix 4 -ic recovery

Where diff of coreboot configs include a little more than just TPM1.2/TPM2 selection.
Changes also include legacy differences for SPI size, to reflect ivy bridge 12mb combined 4mb+8mb SPI.

user@heads-master2:~/heads$ diff -u config/coreboot-qemu-tpm2.config config/coreboot-qemu-tpm1.config
--- config/coreboot-qemu-tpm2.config	2025-04-02 11:24:21.892978820 -0400
+++ config/coreboot-qemu-tpm1.config	2025-04-02 11:24:36.680977915 -0400
@@ -125,7 +125,7 @@
 CONFIG_FMDFILE=""
 # CONFIG_NO_POST is not set
 CONFIG_MAINBOARD_VENDOR="Emulation"
-CONFIG_CBFS_SIZE=0xfe0000
+CONFIG_CBFS_SIZE=0x980000
 # CONFIG_CONSOLE_SERIAL is not set
 CONFIG_MAX_CPUS=4
 CONFIG_ONBOARD_VGA_IS_PRIMARY=y
@@ -171,6 +171,9 @@
 CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x20000
 CONFIG_CARDBUS_PLUGIN_SUPPORT=y
 # CONFIG_DEBUG_SMI is not set
+CONFIG_PCIEXP_HOTPLUG_BUSES=32
+CONFIG_PCIEXP_HOTPLUG_MEM=0x800000
+CONFIG_PCIEXP_HOTPLUG_PREFETCH_MEM=0x10000000
 CONFIG_PS2K_EISAID="PNP0303"
 CONFIG_PS2M_EISAID="PNP0F13"
 CONFIG_D3COLD_SUPPORT=y
@@ -192,14 +195,14 @@
 # CONFIG_COREBOOT_ROMSIZE_KB_5120 is not set
 # CONFIG_COREBOOT_ROMSIZE_KB_6144 is not set
 # CONFIG_COREBOOT_ROMSIZE_KB_8192 is not set
-# CONFIG_COREBOOT_ROMSIZE_KB_10240 is not set
+CONFIG_COREBOOT_ROMSIZE_KB_10240=y
 # CONFIG_COREBOOT_ROMSIZE_KB_12288 is not set
-CONFIG_COREBOOT_ROMSIZE_KB_16384=y
+# CONFIG_COREBOOT_ROMSIZE_KB_16384 is not set
 # CONFIG_COREBOOT_ROMSIZE_KB_24576 is not set
 # CONFIG_COREBOOT_ROMSIZE_KB_32768 is not set
 # CONFIG_COREBOOT_ROMSIZE_KB_65536 is not set
-CONFIG_COREBOOT_ROMSIZE_KB=16384
-CONFIG_ROM_SIZE=0x01000000
+CONFIG_COREBOOT_ROMSIZE_KB=10240
+CONFIG_ROM_SIZE=0x00a00000
 CONFIG_HAVE_POWER_STATE_AFTER_FAILURE=y
 CONFIG_HAVE_POWER_STATE_PREVIOUS_AFTER_FAILURE=y
 CONFIG_POWER_STATE_OFF_AFTER_FAILURE=y
@@ -267,7 +270,7 @@
 #
 # Southbridge
 #
-# CONFIG_PCIEXP_HOTPLUG is not set
+CONFIG_PCIEXP_HOTPLUG=y
 CONFIG_SOUTHBRIDGE_INTEL_I82801IX=y
 CONFIG_SOUTHBRIDGE_INTEL_COMMON_RESET=y
 CONFIG_SOUTHBRIDGE_INTEL_COMMON_RTC=y
@@ -363,6 +366,9 @@
 CONFIG_PCI_ALLOW_BUS_MASTER_ANY_DEVICE=y
 # CONFIG_PCIEXP_SUPPORT_RESIZABLE_BARS is not set
 # CONFIG_PCIEXP_LANE_ERR_STAT_CLEAR is not set
+CONFIG_PCIEXP_HOTPLUG_PREFETCH_MEM_ABOVE_4G=y
+# CONFIG_PCIEXP_HOTPLUG_PREFETCH_MEM_BELOW_4G is not set
+CONFIG_PCIEXP_HOTPLUG_IO=0x2000
 # CONFIG_EARLY_PCI_BRIDGE is not set
 CONFIG_SUBSYSTEM_VENDOR_ID=0x0000
 CONFIG_SUBSYSTEM_DEVICE_ID=0x0000
@@ -427,11 +433,13 @@
 #
 # Trusted Platform Module
 #
-# CONFIG_TPM1 is not set
-CONFIG_TPM2=y
+CONFIG_TPM1=y
+# CONFIG_TPM2 is not set
 CONFIG_TPM=y
+# CONFIG_TPM_DEACTIVATE is not set
 # CONFIG_DEBUG_TPM is not set
-CONFIG_TPM_LOG_CB=y
+# CONFIG_TPM_LOG_CB is not set
+CONFIG_TPM_LOG_TPM1=y
 # CONFIG_TPM_LOG_TPM2 is not set
 CONFIG_TPM_MEASURED_BOOT_RUNTIME_DATA=""
 CONFIG_PCR_BOOT_MODE=1

But this is definitely a bug and a change needed, since TPM event log is in tpm2 format:

bash-5.1# cbmem -L
coreboot TPM log:

 PCR-2 02778dad5303b911adc8828cf5101a251a9b2a5a2b711a44159fb89a5a0b5198 SHA256 [FMAP: FMAP]
 PCR-2 47b0747385d96563e24a8a391759ed53d4587784aacbb90c6126089b2a2fb835 SHA256 [CBFS: bootblock]
 PCR-2 c410192fb9fb97934d05ec8dc672bb522529c6b11d26a190e127e3fe1490890e SHA256 [CBFS: fallback/romstage]
 PCR-2 94d19ad6b992b94458b66684598f13c6a8cf28068438e1b4c76d19d539c05cd6 SHA256 [CBFS: fallback/postcar]
 PCR-2 90756a4fb35e26c78587cdcd8ffe121af29e4a92059e055198f3b892eb51d573 SHA256 [CBFS: fallback/ramstage]
 PCR-2 f0db8fa897f92d346748924b12ac94328458eb48e3d0e61171eda15e6171b939 SHA256 [CBFS: bootsplash.jpg]
 PCR-2 eea05da02d28ceef7ac1a77d2ba2998467bd96937b6811a4dc6a3487b011347b SHA256 [CBFS: fallback/payload]

@tlaurion tlaurion self-requested a review June 11, 2025 16:17
tlaurion
tlaurion approved these changes Jun 11, 2025
View reviewed changes
Copy link
Copy Markdown
Collaborator

@tlaurion tlaurion left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch @Tonux599. Merging.

@tlaurion tlaurion merged commit d0350e0 into linuxboot:master Jun 11, 2025
48 checks passed
@Tonux599 Tonux599 deleted the qemu-tpm-fix branch June 11, 2025 17:25
@Tonux599
Copy link
Copy Markdown
Contributor Author

Tonux599 commented Jun 11, 2025

No worries. Thanks! 🙂

@tlaurion
Copy link
Copy Markdown
Collaborator

tlaurion commented Jun 11, 2025

After merge:

cbmem -1 (last lines are measured boot even log traces)

[INFO ]  coreboot TPM 1.2 measurements:

[INFO ]   PCR-2 5622416ea417186aa1ac32b32c527ac09009fb5e SHA1 [FMAP: FMAP]
[INFO ]   PCR-2 eb1014ae4f9463c05f842073ccee49219db01bd1 SHA1 [CBFS: bootblock]
[INFO ]   PCR-2 e605a51c2ee2ab65a5fd848d1bebfd9b65c686c2 SHA1 [CBFS: fallback/romstage]
[INFO ]   PCR-2 1069701932b32c2bf4e0895022ebd996c67b6180 SHA1 [CBFS: fallback/postcar]
[INFO ]   PCR-2 91530593152d8e19d4462c99be17488bc789f8db SHA1 [CBFS: fallback/ramstage]
[INFO ]   PCR-2 ef3ad334fbfae32b516af1d0c4420adff24b49e1 SHA1 [CBFS: bootsplash.jpg]
[INFO ]   PCR-2 8a0af010834b95d7333a23792756af1856bef6dd SHA1 [CBFS: fallback/payload]

Event log alone (cbmem -L):

bash-5.1# cbmem -L
TCPA log:
	Specification: 1.21
	Platform class: PC Client
TCPA log entry 1:
	PCR: 2
	Event type: Action
	Digest: 5622416ea417186aa1ac32b32c527ac09009fb5e
	Event data: FMAP: FMAP
TCPA log entry 2:
	PCR: 2
	Event type: Action
	Digest: eb1014ae4f9463c05f842073ccee49219db01bd1
	Event data: CBFS: bootblock
TCPA log entry 3:
	PCR: 2
	Event type: Action
	Digest: e605a51c2ee2ab65a5fd848d1bebfd9b65c686c2
	Event data: CBFS: fallback/romstage
TCPA log entry 4:
	PCR: 2
	Event type: Action
	Digest: 1069701932b32c2bf4e0895022ebd996c67b6180
	Event data: CBFS: fallback/postcar
TCPA log entry 5:
	PCR: 2
	Event type: Action
	Digest: 91530593152d8e19d4462c99be17488bc789f8db
	Event data: CBFS: fallback/ramstage
TCPA log entry 6:
	PCR: 2
	Event type: Action
	Digest: ef3ad334fbfae32b516af1d0c4420adff24b49e1
	Event data: CBFS: bootsplash.jpg
TCPA log entry 7:
	PCR: 2
	Event type: Action
	Digest: 8a0af010834b95d7333a23792756af1856bef6dd
	Event data: CBFS: fallback/payload

TLDR:

  • TPM1.2 is SHA1.
    • ie: 8a0af010834b95d7333a23792756af1856bef6dd
  • TPM2 can be configured; standard is SHA256.
    • ie: 02778dad5303b911adc8828cf5101a251a9b2a5a2b711a44159fb89a5a0b5198

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tlaurion tlaurion tlaurion approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Tonux599 @tlaurion