Uprev tpm2 tools/tss

recipes-core/initrdscripts/initramfs-framework/tpm2

@@ -22,16 +22,18 @@
 # THE SOFTWARE.
 #
 
+# Set TCTI to use direct device communication
+export TPM2TOOLS_TCTI="device"
+
 #listpcrs sample output:
 #Supported Bank/Algorithm: TPM_ALG_SHA1(0x0004) TPM_ALG_SHA256(0x000b)
 #Cuts and for loop isolate "TPM_ALG_<hash_type>" and compare against input
 pcr_bank_exists () {
     local alg_in=$1
 
-    banks=$(tpm2_pcrlist -s | cut -d ':' -f 2)
+    banks=$(tpm2_pcrread | cut -d ':' -f 1 | grep -i "sha")
     for bank in $banks; do
-        alg=$(echo $bank | cut -d '(' -f 1)
-        if [ "$alg" = $alg_in ]; then
+        if [ "$bank" = $alg_in ]; then
             return 0
         fi
     done
@@ -75,15 +77,15 @@ tpm2_run() {
     info -n "Measuring rootfs device..."
     if pcr_bank_exists "sha256"; then
         local digest="$(sha256sum $bootparam_root | head -c64)"
-        local algid="0xB"
+        local algid="sha256"
     else
         local digest="$(sha1sum $bootparam_root | head -c40)"
-        local algid="0x4"
+        local algid="sha1"
     fi
     info "done"
 
     info -n "Extending TPM PCR..."
-    tpm2_extendpcr -c 15 -g ${algid} -s ${digest}
+    tpm2_pcrextend 15:${algid}=${digest}
     if [ $? -ne 0 ]; then
         info "PCR-15 extend failed"
         return

recipes-core/initrdscripts/initramfs-framework_%.bbappend

@@ -57,7 +57,7 @@ RDEPENDS_initramfs-module-tpm = "${PN}-base initramfs-module-bootfs tpm-tools-sa
 FILES_initramfs-module-tpm = "/init.d/92-tpm"
 
 SUMMARY_initramfs-module-tpm2 = "initramfs support for tpm2"
-RDEPENDS_initramfs-module-tpm2 = "${PN}-base initramfs-module-bootfs tpm2-tools-initrd"
+RDEPENDS_initramfs-module-tpm2 = "${PN}-base initramfs-module-bootfs tpm2-tools-pcr tpm2-tss-pcr"
 FILES_initramfs-module-tpm2 = "/init.d/92-tpm2"
 
 SUMMARY_initramfs-module-selinux = "initramfs support for selinux"

recipes-openxt/openxt-measuredlaunch/openxt-measuredlaunch/ml-functions

@@ -681,7 +681,7 @@ write_config_pcrs() {
 }
 
 # Function to configure measured launch on platform.  The next boot will cause
-#   init-root.ro to perform first sealing operation.
+#   init.root-ro to perform first sealing operation.
 # parameter 0: mount point for rootfs
 # parameter 1: key to unlock partition
 # parameter 2: device path for partition

recipes-openxt/openxt-measuredlaunch/openxt-measuredlaunch/seal-system

@@ -156,21 +156,48 @@ forward)
     pcr_forward=()
     if ! contains_only "${pcr8}" "0"; then
         # PCR4 is first extended with the digest of EV_SEPARATOR
+        # It may also first extend the "Calling EFI Application from Boot Option" string, depending on the system
         # See TCG EFI Protocol Specification 5.2 Crypto Agile Log Entry Format
         ev_separator="$(tpm_get_ev_separator)"
 
-        pcr4=$(hash_extend 0 "${ev_separator}" "${hashalg}")
+        # Get current PCR4 value to check if ev_string should be extended
+        current_pcr4="$(tpm_get_pcr 4)"
+
+        # Calculate PCR4 with ev_string extension
+        ev_string="$(printf "Calling EFI Application from Boot Option" | sha256sum | awk '{print $1}')"
+        pcr4_with_ev=$(hash_extend 0 "${ev_string}" "${hashalg}")
+        pcr4_with_ev=$(hash_extend "${pcr4_with_ev}" "${ev_separator}" "${hashalg}")
 
         hash=$(pesign -h -d "${hashalg}" -i "${pcr4_objs[0]}" | awk '{ print $2 }')
-        pcr4=$(hash_extend "${pcr4}" "${hash}" "${hashalg}") ||
+        pcr4_with_ev=$(hash_extend "${pcr4_with_ev}" "${hash}" "${hashalg}") ||
             err "failed to calculate pcr4"
 
         for o in ${pcr4_objs[@]:1}; do
             hash=$(${hashalg}sum "${o}" | awk '{ print $1 }')
-            pcr4=$(hash_extend "${pcr4}" "${hash}" "${hashalg}") ||
+            pcr4_with_ev=$(hash_extend "${pcr4_with_ev}" "${hash}" "${hashalg}") ||
                 err "failed to calculate pcr4"
         done
 
+        # Use the PCR4 calculation with string extended only if it matches the current PCR value
+        # Rather than checking the value and "guessing", it would be better to check the PCR4 event log to see if the ev_string was extended.
+        # This log is currently not available to us, but it may be worth it in the future to investigate this further.
+        if [[ "${pcr4_with_ev}" == *"${current_pcr4}"* ]]; then
+            pcr4="${pcr4_with_ev}"
+        else
+            # Calculate PCR4 without ev_string extension
+            pcr4=$(hash_extend 0 "${ev_separator}" "${hashalg}")
+
+            hash=$(pesign -h -d "${hashalg}" -i "${pcr4_objs[0]}" | awk '{ print $2 }')
+            pcr4=$(hash_extend "${pcr4}" "${hash}" "${hashalg}") ||
+                err "failed to calculate pcr4"
+
+            for o in ${pcr4_objs[@]:1}; do
+                hash=$(${hashalg}sum "${o}" | awk '{ print $1 }')
+                pcr4=$(hash_extend "${pcr4}" "${hash}" "${hashalg}") ||
+                    err "failed to calculate pcr4"
+            done
+        fi
+
         pcr8="0"
 
         for o in ${pcr8_objs[@]}; do
@@ -186,8 +213,8 @@ forward)
                 err "failed to calculate pcr8"
         done
 
-        pcr_forward[4]=":${pcr4}"
-        pcr_forward[8]=":${pcr8}"
+        pcr_forward[4]="=${pcr4}"
+        pcr_forward[8]="=${pcr8}"
     fi
 
     if pcr_in_selection 15 ; then
@@ -208,7 +235,7 @@ forward)
         pcr15=$(hash_extend 0 ${root_hash} ${hashalg}) ||
                 err "failed to hash root device"
 
-        pcr_forward[15]=":${pcr15}"
+        pcr_forward[15]="=${pcr15}"
     fi
 
     # Calculate DRTM PCRs if set (ie. PCR17 is not all f)
@@ -225,9 +252,9 @@ forward)
         pcr18=$(echo $pcrs | awk '{ print $2 }')
         pcr19=$(echo $pcrs | awk '{ print $3 }')
 
-        pcr_forward[17]=":${pcr17}"
-        pcr_forward[18]=":${pcr18}"
-        pcr_forward[19]=":${pcr19}"
+        pcr_forward[17]="=${pcr17}"
+        pcr_forward[18]="=${pcr18}"
+        pcr_forward[19]="=${pcr19}"
     fi
 
     rm -f /boot/system/tpm/forward_pcr.lst

recipes-openxt/xenclient-root-ro/xenclient-root-ro/init.root-ro

@@ -287,7 +287,7 @@ unlock_config()
     local sig=$(dd if="${lv_path}" bs=4 count=1 2>/dev/null)
     case "${sig}" in
     LUKS)
-        if [ -e /boot/system/tpm/enabled ]; then
+        if [ -e ${SYS_TPM_DIR}/enabled ]; then
             # This will seal/reboot or fail/halt
             if [ -e ${SYS_TPM_DIR}/setup ]; then
                 # create a small tmpfs to use for sealing, then remove
@@ -432,8 +432,8 @@ then
     #cap pcr 15 in all available banks. This is a cheap operation and works for all cases
     sha256cap=$(echo -n "MEASUREDLAUNCHCLOSED"|sha256sum|cut -f1 -d\ |tr -d "\n")
     sha1cap=$(echo -n "MEASUREDLAUNCHCLOSED"|sha1sum|cut -f1 -d\ |tr -d "\n")
-    pcr_bank_exists "sha256" && tpm2_extendpcr -c 15 -g 0xB -s "${sha256cap}"
-    pcr_bank_exists "sha1" && tpm2_extendpcr -c 15 -g 0x4 -s "${sha1cap}"
+    pcr_bank_exists "sha256" && tpm2_pcrextend -Q 15:sha256="${sha256cap}"
+    pcr_bank_exists "sha1"   && tpm2_pcrextend -Q 15:sha1="${sha1cap}"
 else
     echo -n "MEASUREDLAUNCHCLOSED" | TCSD_LOG_OFF=yes tpm_extendpcr_sa -p 15
 fi