Open zaolin opened 2 years ago
@xaionaro @rihter007 the firmware.bin is just the first 16 MB which includes FIT, BPM and KM
Started the investigation in this branch: https://github.com/9elements/converged-security-suite/tree/support/lenovo_x1_carbon_gen9
Added some tooling there. But got stuck on the very first measurement. PCR0_DATA does not match what it should.
Just for myself:
$ ./fittool show -f ~/Downloads/pcr0/firmware.bin
# | Type | Address | Size | Version | Checksum valid | Checksum
---------------------------------------------------------------------------------------------------------------
0 | FITHeaderEntry (0x00) | 0x2020205f5449465f | 15 | 0x0100 | true | 165
1 | MicrocodeUpdateEntry (0x01) | 0xffb81000 | 0 | 0x0100 | false | 0
2 | MicrocodeUpdateEntry (0x01) | 0xffb9d000 | 0 | 0x0100 | false | 0
3 | MicrocodeUpdateEntry (0x01) | 0xffbb9000 | 0 | 0x0100 | false | 0
4 | MicrocodeUpdateEntry (0x01) | 0xffbd5000 | 0 | 0x0100 | false | 0
5 | SACM (0x02) | 0xffc40000 | 0 | 0x0100 | false | 0
6 | BIOSStartupModuleEntry (0x07) | 0xffc80000 | 24576 | 0x0100 | false | 0
7 | BIOSStartupModuleEntry (0x07) | 0xffce0000 | 36864 | 0x0100 | false | 0
8 | BIOSStartupModuleEntry (0x07) | 0xffd70000 | 102400 | 0x0100 | false | 0
9 | BIOSStartupModuleEntry (0x07) | 0xfff00000 | 4096 | 0x0100 | false | 0
10 | BIOSStartupModuleEntry (0x07) | 0xfff20000 | 12288 | 0x0100 | false | 0
11 | BIOSStartupModuleEntry (0x07) | 0xfff50000 | 45056 | 0x0100 | false | 0
12 | TXTPolicyRecord (0x0A) | 0x7a040100710070 | 0 | 0x0000 | false | 0
13 | KeyManifestRecord (0x0B) | 0xfff1b000 | 853 | 0x0100 | false | 0
14 | BootPolicyManifestRecord (0x0C) | 0xfff15000 | 1209 | 0x0100 | false | 0
[xaionaro@void converged-security-suite]$ go run ./cmd/pcr0tool display_eventlog -event-log ~/Downloads/pcr0/eventlog.bin -pcr-index 0 -hash-algo 4
# idx type hash digest data
0 0 3 4 0000000000000000000000000000000000000000 537461727475704C6F63616C6974790003
1 0 7 4 B46182FC7C3584C4355D8F4B11AE839DF90A392B 426F6F74204775617264204D6561737572656420532D4352544D00
2 0 8 4 E6BECECF6165181092670F9E2AE24F81242CAD67 4E00330032004500540037003500570020000000
3 0 2147483656 4 39961767AAD0DA9DE54635D5C50A05B62C0AAA8C 0000F0FF000000000000010000000000
4 0 2147483656 4 989851F1373AA190029584E28529E434B0AFF628 0000C0FF000000000000080000000000
5 0 2147483656 4 8652BD8997852B0E437632F360117161D5868449 000034FF000000000000430000000000
6 0 2147483656 4 E7A2E3787E080F4B32917665981AE0DA844C73D7 0000A4FF000000000000140000000000
7 0 2147483656 4 47D584AC30A73E7AA94A7D119D929A15F0B79227 000096FF0000000000000A0000000000
8 0 2147483656 4 1BEC13051D74AA49082C14A6E56CCCC02FE4C308 000077FF0000000000001F0000000000
9 0 1 4 BF7439ABEB5329A265DFC284B820FD67D126429C 414350492044415441
10 0 1 4 4A412E183453B0FFA8227CA73243C261EF6DCB08 414350492044415441
17 0 17 4 6BA0A2B9C298FFAFF045C436D53542D5765CEC34 496E74656C435378454576656E7430310000000004000000000300003000000012720F089FC4AC71B73C69814ECD0293C7F5B0FBED95C57C0D6E9195BBF79C8406304F94F394B09EA94988714CE4A86B02030000160000000F0000001700AA06010000000200000006000000010002050000160000000F0000000000581B00000000FFFFFFFFFFFFFFFF0100022D000016000000010000000000020001000000010000000000000001000102000030000000711144DF5B5533C1B5AF7C818A2A195CEC010575C266DF461EF1559C4DAC5606B84B2FB0B0FF55624975E79AFC99C9B002020000160000009600010014000B040000000000000000000000000100030400000100000002030000000400000073010000030200000400000000963031010600003000000058F91EE672008380DF9224E85D7BDD7DA5879C31291DF0F960E2464711E73EFCD67E1926C9D1FC6A11092B0E0AD0B0630206000016000000110014000000000000000000000000000000000001000107000030000000BF98F8A1E4E3F5631133B68C397178B92EE67B15F3C512BAD0F7F5BECC3C61F7C0468689ED4436E3D50CA96FA95860A002070000160000000B00E0000001F8070000000000000000000000000100010800003000000040F117E6E7CFA44007835CD039A4F6687CBAF572D5A30ACC7C327450E0FA925E59727E615FE53923B79EC6E9D47F59AC02080000160000000E0000000000041000000000000000000000000001000129000030000000A1CB5B039B4A10620DEF23E104FC01D55194EECB69AE2E852E4616B1F9D9046EBCE6D1A3451697B7C691D4CFE72DF911022900001600000005000400010061110000000000000000000000000100030300000100000000
18 0 17 4 F07DF548DCA6DC4286EF4CE0D6DB12F02EA03E06 496E74656C43537845496E666F4576656E740000010000008680E0A001000000
38 0 4 4 9069CA78E7450A285173431B3E52C5C25299E473 00000000
[xaionaro@void converged-security-suite]$ go run ./cmd/cbnt-prov/ bpm-show ~/Downloads/pcr0/firmware.bin
--BPMH--
Struct Info:
ID: __ACBP__
Version: 0x21 (33)
Variable 0: 0x20 (32)
Element Size: 0x0014 (20)
Key Signature Offset: 0x01A8 (424)
BPM Revision: 0x01
BPM SVN: 0x01
ACM SVN Auth: 0x02
Reserved 0: 0x00
NEM Data Stack: In Bytes: 0x00003000 (12288)
--IBB Segments Element--
Struct Info:
ID: __IBBS__
Version: 0x20 (32)
Variable 0: 0x00
Element Size: 0x012C (300)
Reserved 0: 0x00
Set Number: 0x00
Reserved 1: 0x00
PBET Value: PBET Value: 0x0F (15)
Flags:
Reserved 0: 0x00000080 (128)
Supports Top Swap Remediation: BIOS does not support Top Swap remediation action
TPM Failure Leaves Hierarchies Enabled: Do not leave enabled. Disable all Hierarchies or deactivate on failure.
Authority Measure: Do not extend into the Authority PCR 7
Locality 3 Startup: Issue TPM Start-up from Locality 3
DMA Protection: Enable DMA Protection
IBB MCHBAR: 0x FED10000 (4275109888: 4.0 GiB)
VT-d BAR: 0x FED90000 (4275634176: 4.0 GiB)
DMA Protection 0 Base Address: 0x00100000 (1048576: 1.0 MiB)
DMA Protection 0 Limit Address: 0x00F00000 (15728640: 15 MiB)
DMA Protection 1 Base Address: 0x 0
DMA Protection 2 Limit Address: 0x 1000000 (16777216: 16 MiB)
Post IBB Hash:
Hash Alg: AlgNull
Hash Buffer: empty (len: 0)
IBB Entry Point: 0xFFFFFFF0 (4294967280: 4.0 GiB)
Digest List:
Size: 0x0098 (152)
List: Array of "Hash List" of length 4:
item #0: Hash Structure:
Hash Alg: SHA384
Hash Buffer: 0xE024F7B1A29C87A9D150E577CF3FC86AD252D02AE02F5FB6DB6EB1C2899606BAB309C3503151818A1860403071F9AF8A (len: 48)
item #1: Hash Structure:
Hash Alg: SHA1
Hash Buffer: 0x44C4D23CC4A8C83E7128F066307AF48242DC6A7B (len: 20)
item #2: Hash Structure:
Hash Alg: SHA256
Hash Buffer: 0x46D7AA30A1DD7818CD13BBEA529B4BD5ECB9B2E23EF6D171B6FCD2674B005603 (len: 32)
item #3: Hash Structure:
Hash Alg: SM3_256
Hash Buffer: 0x6A7E84E6E287418B8B380706AB18651E41604E416920ACA83A1EDBCAF5B7B25C (len: 32)
OBB Hash:
Hash Alg: AlgNull
Hash Buffer: empty (len: 0)
Reserved 2: 0x000000
IBBSegments: Array of "IBB Segments Element" of length 6:
item #0: IBB Segment:
Reserved: 0x0000
Flags: 0x0000
Base: 0xFFC80000 (4291297280: 4.0 GiB)
Size: 0x00060000 (393216: 384 KiB)
item #1: IBB Segment:
Reserved: 0x0000
Flags: 0x0000
Base: 0xFFCE0000 (4291690496: 4.0 GiB)
Size: 0x00090000 (589824: 576 KiB)
item #2: IBB Segment:
Reserved: 0x0000
Flags: 0x0000
Base: 0xFFD70000 (4292280320: 4.0 GiB)
Size: 0x00190000 (1638400: 1.6 MiB)
item #3: IBB Segment:
Reserved: 0x0000
Flags: 0x0000
Base: 0xFFF00000 (4293918720: 4.0 GiB)
Size: 0x00010000 (65536: 64 KiB)
item #4: IBB Segment:
Reserved: 0x0000
Flags: 0x0000
Base: 0xFFF20000 (4294049792: 4.0 GiB)
Size: 0x00030000 (196608: 192 KiB)
item #5: IBB Segment:
Reserved: 0x0000
Flags: 0x0000
Base: 0xFFF50000 (4294246400: 4.0 GiB)
Size: 0x000B0000 (720896: 704 KiB)
--TXT--
Struct Info:
ID: __TXTS__
Version: 0x20 (32)
Variable 0: 0x00
Element Size: 0x0028 (40)
Reserved 0: 0x00
Set Number: 0x00
S Init Min SVN Auth: 0x00
Reserved 1: 0x00
Control Flags:
Execution Profile: A (use default selection based on differentation between clients, UP, and MP servers)
Memory Scrubbing Policy: BIOS if verified or backup action othersize
Backup Action Policy: memory power down if profile D or BtG unbreakable shutdown otherwise
Is SACM Requested To Extend Static PC Rs: Default setting. S-ACM is requested to extend static PCRs
Reset AUX Control: AUX reset leaf will reset AUX index
Pwr Down Interval: 62 (5m10s)
PTT CMOS Offset 0: 0xFE (254)
PTT CMOS Offset 1: 0xFF (255)
ACPI Base Offset: 0x0400 (1024)
Reserved 2: 0x0000
ACPI MMIO Offset: 0xFE000000 (4261412864: 4.0 GiB)
Digest List:
Size: 0x0004
List: Array of "Hash List" of length 0:
Reserved 3: 0x000000
Segment Count: 0x00
--PCD--
Struct Info:
ID: __PCDS__
Version: 0x20 (32)
Variable 0: 0x00
Element Size: 0x0034 (52)
Reserved 0: 0x0000
Data: 0x5F5F504452535F5F101900000004000050030007010401C101030007020401C101030007 (len: 36)
--PME--
not set!(optional)
--Signature--
Struct Info:
ID: __PMSG__
Version: 0x20 (32)
Variable 0: 0x00
Element Size: 0x0000
Key Signature:
Version: 0x10 (16)
Key:
Key Alg: RSA
Version: 0x10 (16)
Key Size:
In Bits: 0x0C00 (3072)
In Bytes: 0x0180 (384)
Data: 0x0100010061537C7807FDEFD9F3DAF0E5636967DF93E09031D44CBE2687ED53B8CC3266241E73F1DE84A7D1659360D3111C40AE22347A07776DD05DAAE5E150597C4C95040BA82A0C957EE086CA8DECDDC9CE78959826AC4F2E752465605880522AA569E1FE0A864F03628BF5CE99172AA0E8639DC1281134CC980913755DB6CD16C83914F680B237D67369A9BF70BE8C258A925267DBE444F578341A24C0FC0B24A1679B7AEFD3D87D8BEE60BF6CC64D120DAD410C9A0DDA04526E82F2D5D498ADDA9DEEA496FF66CB931E2F9936134E9A86F61C0209B157CB46A626373174911C9A9772FC1AB50B8A26AC2C0B63537DF95522212AED7C8BAD6EE7E7D2BC8117DD7CD1C1F3C5B3FC139E2CAAD3A3B28A87372E79E8712697341D7979213529C3ACB1B6243D7D164A76175DF247ACA0F78B32C35D723F4CD865C6154B04849E5F6AF9D022B19FC98A403922909A2558C38B224B17E3C8960EDF16EB0BF636A7DDEFABE543FF2946AC8AA8FB5191D67CFE12CEC170F62B0C30A9B0B3B27990DA164FFA8EE3 (len: 388)
Signature:
Sig Scheme: RSAPSS
Version: 0x10 (16)
Key Size:
In Bits: 0x0C00 (3072)
In Bytes: 0x0180 (384)
Hash Alg: SHA384
Data: 0xA82FC7925B00101654A733A71F8EA137B58D071B7EE1569801703F7073E6324F27F1C619FC3E1DC1F0D92F21FB627F519497224664EAE8BF125FEB3868CFDD9E12646A0B53C55EFE38046AD98364F78AE6D29BB42CCAD472793232B37093AA07A7DB40184305B47095DDA9F5D42A647371B72A7EC05813C97EF3D0FD6728FE47FEBC1FD91F249249F251C171DB97FD35E26A40F4FFD4E5F81B7C2FB9F4468808114ECEB3100116025677402FFAC32F82F9C51216D27618AB54A58EF143C578A5CEF19FBCC5F03AFFF3BC2E2661E4E1CABC805AB8FE0000F387314D604C994AD5644245CB47C711D8E17FA207EB0DDAFC453D17925C6D69987C0508CF71F070C68555763CFBFFA7B1F36A3810E1F7F6B28E29B3126E7C6290435E4C2C432CAAA7D03351ADDA4343D1C3AC6E4B730426B2FEE319EB19B9EC180B8B16FACEB56DD3F0B66F52D8799CA83C237BE2D5F3A3C75789E31915E2DEF6AC016F52F4A749FD9133B77857B364769A4EA8F41CBF58AF5DECB368096BF231A07F1BB0B14023D9
Boot Policy Manifest Pubkey Hash: 0x1de708dbb9e62835eb63496a4c6f0e62e1e115dfe1a4d6237dc9a0b35ecde2e9a2932debcf1be6a965f020a82b43376c
EventLog replays into the final PCR0 value dumped from TPM itself, so let's just analyze EventLog:
# : 0
PCR index : 0
Event Type : 3
Hash Algorithm : 4
Digest : 0000000000000000000000000000000000000000
Data : ([]uint8) (len=17 cap=17) {
> 00000000 53 74 61 72 74 75 70 4c 6f 63 61 6c 69 74 79 00 |StartupLocality.|
> 00000010 03 |.|
}
Standard initialization with locality 3.
# : 1
PCR index : 0
Event Type : 7
Hash Algorithm : 4
Digest : B46182FC7C3584C4355D8F4B11AE839DF90A392B
Data : ([]uint8) (len=27 cap=27) {
> 00000000 42 6f 6f 74 20 47 75 61 72 64 20 4d 65 61 73 75 |Boot Guard Measu|
> 00000010 72 65 64 20 53 2d 43 52 54 4d 00 |red S-CRTM.|
}
We expect it to be PCR0_DATA, but I cannot reproduce it using provided TXT Public Space. I also tried to bruteforce possible bitflips in the register, but it also didn't help
# : 2
PCR index : 0
Event Type : 8
Hash Algorithm : 4
Digest : E6BECECF6165181092670F9E2AE24F81242CAD67
Data : ([]uint8) (len=20 cap=20) {
> 00000000 4e 00 33 00 32 00 45 00 54 00 37 00 35 00 57 00 |N.3.2.E.T.7.5.W.|
> 00000010 20 00 00 00 | ...|
}
We expect it to be "PCD Vendor Version". Should be extractible pretty easy, but will check later.
# : 3
PCR index : 0
Event Type : 2147483656
Hash Algorithm : 4
Digest : 39961767AAD0DA9DE54635D5C50A05B62C0AAA8C
Data : ([]uint8) (len=16 cap=16) {
> 00000000 00 00 f0 ff 00 00 00 00 00 00 01 00 00 00 00 00 |................|
}
It looks like it measures 0xFFF00000-0xFFF10000. To be validated. But even if will be validated, then it is unclear where these pointers get from. FIT and BPM does not contain some of the pointers of this type of measurements (from this log). Though I see for example module ReportFvPei
contains all these pointers, so I guess it is just might be hardcoded there or in some other code. To be validated as well.
# : 4
PCR index : 0
Event Type : 2147483656
Hash Algorithm : 4
Digest : 989851F1373AA190029584E28529E434B0AFF628
Data : ([]uint8) (len=16 cap=16) {
> 00000000 00 00 c0 ff 00 00 00 00 00 00 08 00 00 00 00 00 |................|
}
It looks like it measures 0xFFC00000-0xFFC80000. Same issues as above.
# : 5
PCR index : 0
Event Type : 2147483656
Hash Algorithm : 4
Digest : 8652BD8997852B0E437632F360117161D5868449
Data : ([]uint8) (len=16 cap=16) {
> 00000000 00 00 34 ff 00 00 00 00 00 00 43 00 00 00 00 00 |..4.......C.....|
}
It looks like it measures 0xFF340000-0xFF770000. Same issues as above.
# : 6
PCR index : 0
Event Type : 2147483656
Hash Algorithm : 4
Digest : E7A2E3787E080F4B32917665981AE0DA844C73D7
Data : ([]uint8) (len=16 cap=16) {
> 00000000 00 00 a4 ff 00 00 00 00 00 00 14 00 00 00 00 00 |................|
}
It looks like it measures 0xFFA40000-0xFFB80000. Same issues as above.
# : 7
PCR index : 0
Event Type : 2147483656
Hash Algorithm : 4
Digest : 47D584AC30A73E7AA94A7D119D929A15F0B79227
Data : ([]uint8) (len=16 cap=16) {
> 00000000 00 00 96 ff 00 00 00 00 00 00 0a 00 00 00 00 00 |................|
}
It looks like it measures 0xFF960000-0xFFA00000. Same issues as above.
# : 8
PCR index : 0
Event Type : 2147483656
Hash Algorithm : 4
Digest : 1BEC13051D74AA49082C14A6E56CCCC02FE4C308
Data : ([]uint8) (len=16 cap=16) {
> 00000000 00 00 77 ff 00 00 00 00 00 00 1f 00 00 00 00 00 |..w.............|
}
It looks like it measures 0xFF770000-0xFF960000. Same issues as above.
# : 9
PCR index : 0
Event Type : 1
Hash Algorithm : 4
Digest : BF7439ABEB5329A265DFC284B820FD67D126429C
Data : ([]uint8) (len=9 cap=9) {
> 00000000 41 43 50 49 20 44 41 54 41 |ACPI DATA|
}
"ACPI DATA". It looks like this is ACPI static tables, but for some unknown reason they have EventType 0x1 (EV_POST_CODE) instead of 0x80000009 (EV_EFI_HANDOFF_TABLES). To be investigated how to extract ACPI static tables, and if this is indeed them.
# : 10
PCR index : 0
Event Type : 1
Hash Algorithm : 4
Digest : 4A412E183453B0FFA8227CA73243C261EF6DCB08
Data : ([]uint8) (len=9 cap=9) {
> 00000000 41 43 50 49 20 44 41 54 41 |ACPI DATA|
}
Same here.
# : 17
PCR index : 0
Event Type : 17
Hash Algorithm : 4
Digest : 6BA0A2B9C298FFAFF045C436D53542D5765CEC34
Data : ([]uint8) (len=642 cap=642) {
> 00000000 49 6e 74 65 6c 43 53 78 45 45 76 65 6e 74 30 31 |IntelCSxEEvent01|
> 00000010 00 00 00 00 04 00 00 00 00 03 00 00 30 00 00 00 |............0...|
> 00000020 12 72 0f 08 9f c4 ac 71 b7 3c 69 81 4e cd 02 93 |.r.....q.<i.N...|
> 00000030 c7 f5 b0 fb ed 95 c5 7c 0d 6e 91 95 bb f7 9c 84 |.......|.n......|
> 00000040 06 30 4f 94 f3 94 b0 9e a9 49 88 71 4c e4 a8 6b |.0O......I.qL..k|
> 00000050 02 03 00 00 16 00 00 00 0f 00 00 00 17 00 aa 06 |................|
> 00000060 01 00 00 00 02 00 00 00 06 00 00 00 01 00 02 05 |................|
> 00000070 00 00 16 00 00 00 0f 00 00 00 00 00 58 1b 00 00 |............X...|
> 00000080 00 00 ff ff ff ff ff ff ff ff 01 00 02 2d 00 00 |.............-..|
> 00000090 16 00 00 00 01 00 00 00 00 00 02 00 01 00 00 00 |................|
> 000000a0 01 00 00 00 00 00 00 00 01 00 01 02 00 00 30 00 |..............0.|
> 000000b0 00 00 71 11 44 df 5b 55 33 c1 b5 af 7c 81 8a 2a |..q.D.[U3...|..*|
> 000000c0 19 5c ec 01 05 75 c2 66 df 46 1e f1 55 9c 4d ac |.\...u.f.F..U.M.|
> 000000d0 56 06 b8 4b 2f b0 b0 ff 55 62 49 75 e7 9a fc 99 |V..K/...UbIu....|
> 000000e0 c9 b0 02 02 00 00 16 00 00 00 96 00 01 00 14 00 |................|
> 000000f0 0b 04 00 00 00 00 00 00 00 00 00 00 00 00 01 00 |................|
> 00000100 03 04 00 00 01 00 00 00 02 03 00 00 00 04 00 00 |................|
> 00000110 00 73 01 00 00 03 02 00 00 04 00 00 00 00 96 30 |.s.............0|
> 00000120 31 01 06 00 00 30 00 00 00 58 f9 1e e6 72 00 83 |1....0...X...r..|
> 00000130 80 df 92 24 e8 5d 7b dd 7d a5 87 9c 31 29 1d f0 |...$.]{.}...1)..|
> 00000140 f9 60 e2 46 47 11 e7 3e fc d6 7e 19 26 c9 d1 fc |.`.FG..>..~.&...|
> 00000150 6a 11 09 2b 0e 0a d0 b0 63 02 06 00 00 16 00 00 |j..+....c.......|
> 00000160 00 11 00 14 00 00 00 00 00 00 00 00 00 00 00 00 |................|
> 00000170 00 00 00 00 00 01 00 01 07 00 00 30 00 00 00 bf |...........0....|
> 00000180 98 f8 a1 e4 e3 f5 63 11 33 b6 8c 39 71 78 b9 2e |......c.3..9qx..|
> 00000190 e6 7b 15 f3 c5 12 ba d0 f7 f5 be cc 3c 61 f7 c0 |.{..........<a..|
> 000001a0 46 86 89 ed 44 36 e3 d5 0c a9 6f a9 58 60 a0 02 |F...D6....o.X`..|
> 000001b0 07 00 00 16 00 00 00 0b 00 e0 00 00 01 f8 07 00 |................|
> 000001c0 00 00 00 00 00 00 00 00 00 00 00 01 00 01 08 00 |................|
> 000001d0 00 30 00 00 00 40 f1 17 e6 e7 cf a4 40 07 83 5c |.0...@......@..\|
> 000001e0 d0 39 a4 f6 68 7c ba f5 72 d5 a3 0a cc 7c 32 74 |.9..h|..r....|2t|
> 000001f0 50 e0 fa 92 5e 59 72 7e 61 5f e5 39 23 b7 9e c6 |P...^Yr~a_.9#...|
> 00000200 e9 d4 7f 59 ac 02 08 00 00 16 00 00 00 0e 00 00 |...Y............|
> 00000210 00 00 00 04 10 00 00 00 00 00 00 00 00 00 00 00 |................|
> 00000220 00 01 00 01 29 00 00 30 00 00 00 a1 cb 5b 03 9b |....)..0.....[..|
> 00000230 4a 10 62 0d ef 23 e1 04 fc 01 d5 51 94 ee cb 69 |J.b..#.....Q...i|
> 00000240 ae 2e 85 2e 46 16 b1 f9 d9 04 6e bc e6 d1 a3 45 |....F.....n....E|
> 00000250 16 97 b7 c6 91 d4 cf e7 2d f9 11 02 29 00 00 16 |........-...)...|
> 00000260 00 00 00 05 00 04 00 01 00 61 11 00 00 00 00 00 |.........a......|
> 00000270 00 00 00 00 00 00 00 01 00 03 03 00 00 01 00 00 |................|
> 00000280 00 00 |..|
}
I have no idea what is this. Since the Digest
of the next entry is reproducible by just hashing the Data
, I guess this Data
just was cut.
# : 18
PCR index : 0
Event Type : 17
Hash Algorithm : 4
Digest : F07DF548DCA6DC4286EF4CE0D6DB12F02EA03E06
Data : ([]uint8) (len=32 cap=32) {
> 00000000 49 6e 74 65 6c 43 53 78 45 49 6e 66 6f 45 76 65 |IntelCSxEInfoEve|
> 00000010 6e 74 00 00 01 00 00 00 86 80 e0 a0 01 00 00 00 |nt..............|
}
And I have no idea what is this. But if we just hash Data
we receive Digest
.
# : 38
PCR index : 0
Event Type : 4
Hash Algorithm : 4
Digest : 9069CA78E7450A285173431B3E52C5C25299E473
Data : ([]uint8) (len=4 cap=4) {
> 00000000 00 00 00 00 |....|
}
Standard and well-known separator.
ReportFvPei
)?IntelCSxE
events and I have no idea what is that. Is there any documentation on the topic?OK, found some explanation for IntelCSxE
in the Internet, but still cannot reproduce.
Started the investigation in this branch: https://github.com/9elements/converged-security-suite/tree/support/lenovo_x1_carbon_gen9
Added some tooling there. But got stuck on the very first measurement. PCR0_DATA does not match what it should.
Started a new branch: https://github.com/9elements/converged-security-suite/tree/feature/lenovo_x1_carbon_gen9
test-data.zip