search

TrenchBoot / trenchboot-issues

This repository is to centralize issues and development progress tracking for the TrenchBoot project.
3 stars 1 forks source link

Adapt GRUB code for the TrenchBoot boot protocol #31

Closed BeataZdunczyk closed 2 weeks ago

BeataZdunczyk commented 1 month ago

Refreshing existing GRUB code and implementing necessary fixes for the most up-to-date TrenchBoot boot protocol. This also includes changes to code style to make it compatible with GRUB's expectations. The code will be pushed to the TrenchBoot GRUB repository to serve as a foundation for future TrenchBoot activities.

SergiiDmytruk commented 2 weeks ago

Latest changes can be seen at https://github.com/TrenchBoot/grub/compare/b53ec06...tb-2.12-57-linux-amd. There is only one new commit for AMD SKINIT (https://github.com/TrenchBoot/grub/commit/fc42d91bfeb1cb412bbaa5e846d6685a234d42ea), one new commit with a fix (https://github.com/TrenchBoot/grub/commit/cc5e2c006f998d9f4a77b595a666407a98bd0671), the rest of the new changes were integrated into previously existing commits.

When updated GRUB is used along with SKL built from https://github.com/TrenchBoot/secure-kernel-loader/pull/21 on APU3 with Seabios, the following output is produced on slaunch:

Details

``` IOMMU disabled by a firmware, please check your settings Couldn't set up IOMMU, DMA attacks possible! shasum calculated: 0x00000000044aff5c: bc 3c 50 c9 26 5f 8f 28 54 bd cc d0 9b c1 1e c7 .(......!.....< shasum calculated: 0x00000000044aff70: fd d7 45 59 2f af ff 08 34 5f 0a fc fe b9 56 8d ..EY/...4_....V. 0x00000000044aff80: b4 89 c4 ca c6 3b 53 a3 bb 18 90 bb 4a 6f 05 f1 .....;S.....Jo.. PCR extended dlme_entry: 0x0000000002229f00: fa fc 8d 83 d0 35 01 00 01 40 02 0f 01 10 b8 10 .....5...@...... 0x0000000002229f10: 00 00 00 8e d8 8e c0 8e e0 8e e8 8e d0 8d a3 40 ...............@ 0x0000000002229f20: 0d 01 00 8d 83 2d 00 00 00 6a 08 50 cb 53 51 b8 .....-...j.P.SQ. 0x0000000002229f30: 01 00 00 00 0f a2 f7 c1 40 00 00 00 74 79 59 5b ........@...tyY[ 0x0000000002229f40: c7 83 00 36 01 00 02 00 00 00 e8 71 00 00 00 ff ...6.......q.... 0x0000000002229f50: 83 10 36 01 00 53 31 db b8 07 00 00 00 0f 37 5b ..6..S1.......7[ 0x0000000002229f60: c7 05 30 00 d2 fe 00 00 00 00 c7 05 08 00 d2 fe ..0............. 0x0000000002229f70: ff ff ff ff a1 00 03 d2 fe 8b 08 8d 44 08 08 e8 ............D... 0x0000000002229f80: ac 00 00 00 8b 70 04 89 58 20 8b 78 18 89 bb 14 .....p..X .x.... 0x0000000002229f90: 36 01 00 c7 40 24 27 00 00 00 c7 40 28 dd 08 00 6...@$'....@(... 0x0000000002229fa0: 00 50 e8 79 02 00 00 e8 54 03 00 00 58 8b 78 10 .P.y....T...X.x. 0x0000000002229fb0: e8 eb 02 00 00 eb 02 0f 0b e9 42 60 dd fe 66 90 ..........B`..f. 0x0000000002229fc0: 8b 01 25 00 f0 ff ff 8b 00 25 00 f0 ff ff 8b 00 ..%......%...... 0x0000000002229fd0: 25 00 f0 ff ff 89 83 04 36 01 00 c3 0f 1f 40 00 %.......6.....@. 0x0000000002229fe0: 39 f9 72 06 39 fa 76 02 eb 44 39 da 77 06 39 d9 9.r.9.v..D9.w.9. 0x0000000002229ff0: 73 02 eb 3a c7 05 30 00 d2 fe 1b 80 00 c0 a1 f0 s..:..0......... dlme_arg: 0x000000000008b000: 00 00 00 80 00 00 03 50 00 00 00 00 00 00 19 01 .......P........ 0x000000000008b010: 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000000008b020: 3f a3 00 10 00 00 00 00 00 00 00 00 00 00 00 00 ?............... 0x000000000008b030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ ... 0x000000000008b1e0: 00 80 00 00 00 00 00 00 08 00 00 00 00 00 00 00 ................ 0x000000000008b1f0: 00 1d 01 00 58 3d 12 00 00 00 ff ff 00 00 00 00 ....X=.......... 0x000000000008b200: eb 6a 48 64 72 53 0f 02 00 00 00 00 00 10 e0 37 .jHdrS.........7 0x000000000008b210: 72 81 00 80 00 00 00 01 00 00 00 00 00 00 00 00 r............... 0x000000000008b220: 00 00 00 00 00 8e 00 00 00 f0 08 00 ff ff ff 7f ................ 0x000000000008b230: 00 00 20 00 01 15 7f 00 ff 07 00 00 00 00 00 00 .. ............. 0x000000000008b240: 00 00 00 00 00 00 00 00 48 05 00 00 d5 a5 21 01 ........H.....!. 0x000000000008b250: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 ................ 0x000000000008b260: 00 d0 47 03 20 1a 22 01 00 05 00 00 00 00 00 00 ..G. ."......... 0x000000000008b270: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ skl_base: 0x00000000044a0000: 08 00 74 34 40 31 d4 e4 89 c5 8d 9d d4 e4 00 00 ..t4@1.......... 0x00000000044a0010: 36 8b 53 08 01 d3 81 c3 80 02 00 00 39 dc 7d 03 6.S.........9.}. 0x00000000044a0020: f4 eb fd 6a 00 6a 00 0f 01 1c 24 b9 14 01 01 c0 ...j.j....$..... 0x00000000044a0030: 0f 32 83 e0 fb 0f 30 c7 44 24 04 58 31 00 00 01 .2....0.D$.X1... 0x00000000044a0040: 6c 24 04 66 c7 44 24 02 1f 00 0f 01 54 24 02 83 l$.f.D$.....T$.. 0x00000000044a0050: c4 08 b8 10 00 00 00 8e d8 8e c0 31 c0 fc 8d bd ...........1.... 0x00000000044a0060: 00 40 00 00 8d 8d d4 e4 00 00 29 f9 c1 e9 02 f3 .@........)..... 0x00000000044a0070: ab 8d bd 00 40 00 00 b9 00 02 00 00 ba 63 00 20 ....@........c. 0x00000000044a0080: 00 81 ea 00 10 00 00 89 54 cf f8 e2 f4 8d bd 00 ........T....... 0x00000000044a0090: 50 00 00 8d 95 63 40 00 00 89 17 b9 ff 07 00 00 P....c@......... 0x00000000044a00a0: ba e3 00 00 00 81 ea 00 00 20 00 89 14 cf e2 f5 ......... ...... 0x00000000044a00b0: 8d bd 00 90 00 00 b9 04 00 00 00 8d 95 63 90 00 .............c.. 0x00000000044a00c0: 00 81 ea 00 10 00 00 89 54 cf f8 e2 f4 8d 95 63 ........T......c 0x00000000044a00d0: 90 00 00 89 95 00 a0 00 00 0f 20 e1 83 c9 20 0f .......... ... . 0x00000000044a00e0: 22 e1 8d 85 00 a0 00 00 0f 22 d8 b9 80 00 00 c0 "........"...... 0x00000000044a00f0: 0f 32 80 cc 01 0f 30 0f 20 c0 0d 2a 00 00 80 0f .2....0. ..*.... bootloader_data: 0x00000000044ae4d4: 4d 54 52 44 01 00 02 00 30 01 00 00 00 10 00 00 MTRD....0....... 0x00000000044ae4e4: 01 00 00 00 48 00 00 00 74 34 00 00 00 00 00 00 ....H...t4...... 0x00000000044ae4f4: 00 00 4a 04 00 00 00 00 00 d0 47 03 00 00 00 00 ..J.......G..... 0x00000000044ae504: 00 00 00 01 00 00 00 00 00 9f 22 01 00 00 00 00 .........."..... 0x00000000044ae514: 01 00 00 00 00 00 00 00 00 b0 08 00 00 00 00 00 ................ 0x00000000044ae524: 00 00 00 00 00 00 00 00 02 00 00 00 18 00 00 00 ................ 0x00000000044ae534: 02 00 00 00 00 80 00 00 00 80 b8 7d 00 00 00 00 ...........}.... 0x00000000044ae544: 03 00 00 00 b8 00 00 00 00 00 00 00 01 00 03 00 ................ 0x00000000044ae554: 12 00 01 00 02 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000000044ae564: d4 e4 4a 04 00 00 00 00 4d 65 61 73 75 72 65 64 ..J.....Measured 0x00000000044ae574: 20 53 4c 52 20 54 61 62 6c 65 00 00 00 00 00 00 SLR Table...... 0x00000000044ae584: 00 00 00 00 00 00 00 00 12 00 02 00 00 00 00 00 ................ 0x00000000044ae594: 00 10 00 00 00 00 00 00 00 b0 08 00 00 00 00 00 ................ 0x00000000044ae5a4: 4d 65 61 73 75 72 65 64 20 62 6f 6f 74 20 70 61 Measured boot pa 0x00000000044ae5b4: 72 61 6d 65 74 65 72 73 00 00 00 00 00 00 00 00 rameters........ 0x00000000044ae5c4: 12 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000000044ae5d4: 00 00 00 00 00 00 00 00 4d 65 61 73 75 72 65 64 ........Measured 0x00000000044ae5e4: 20 4b 65 72 6e 65 6c 20 63 6f 6d 6d 61 6e 64 20 Kernel command 0x00000000044ae5f4: 6c 69 6e 65 00 00 00 00 ff ff 00 00 08 00 00 00 line............ ```

krystian-hebel commented 2 weeks ago

Log after enabling IOMMU on the same platform:

```text 0x0000000080600000: IOMMU MMIO Base Address 0x0000000000000000: IOMMU_MMIO_STATUS_REGISTER 0x00000000044ac001: IOMMU_MMIO_DEVICE_TABLE_BA 0x00000000044ae480: Command Buffer Base 0x09000000044ae000: IOMMU_MMIO_COMMAND_BUF_BA 0x0000000000000480: IOMMU_MMIO_COMMAND_BUF_HEAD 0x08000000044ab000: IOMMU_MMIO_EVENT_LOG_BA 0x0000000000000018: IOMMU_MMIO_STATUS_REGISTER INVALIDATE_IOMMU_ALL 0x0000000800290ad2: IOMMU_MMIO_EXTENDED_FEATURE 0x000000000000000a: IOMMU_MMIO_STATUS_REGISTER Flushing IOMMU cache.Disabling SLB protection 0x0000000080600000: IOMMU MMIO Base Address 0x000000000000000a: IOMMU_MMIO_STATUS_REGISTER 0x00000000044ac001: IOMMU_MMIO_DEVICE_TABLE_BA 0x00000000044ae480: Command Buffer Base 0x09000000044ae000: IOMMU_MMIO_COMMAND_BUF_BA 0x0000000000000480: IOMMU_MMIO_COMMAND_BUF_HEAD 0x08000000044ab000: IOMMU_MMIO_EVENT_LOG_BA 0x0000000000000018: IOMMU_MMIO_STATUS_REGISTER INVALIDATE_IOMMU_ALL 0x0000000800290ad2: IOMMU_MMIO_EXTENDED_FEATURE 0x000000000000001a: IOMMU_MMIO_STATUS_REGISTER Flushing IOMMU cache IOMMU event log not empty: 0x00000000044ab000: 90 00 00 00 00 00 50 20 80 58 e9 7e 00 00 00 00 ......P .X.~.... 0x00000000044ab010: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x00000000044ab020: 90 00 00 00 00 00 50 20 c0 ff ff ff 00 00 00 00 ......P ........ 0x00000000044ab030: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x00000000044ab040: 90 00 00 00 00 00 50 20 c0 ff ff ff 00 00 00 00 ......P ........ 0x00000000044ab050: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x00000000044ab060: 90 00 00 00 00 00 50 20 c0 ff ff ff 00 00 00 00 ......P ........ 0x00000000044ab070: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x00000000044ab080: 90 00 00 00 00 00 50 20 c0 ff ff ff 00 00 00 00 ......P ........ 0x00000000044ab090: 90 00 00 00 00 00 50 20 80 58 e9 7e 00 00 00 00 ......P .X.~.... 0x00000000044ab0a0: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x00000000044ab0b0: 90 00 00 00 00 00 50 20 c0 ff ff ff 00 00 00 00 ......P ........ 0x00000000044ab0c0: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x00000000044ab0d0: 90 00 00 00 00 00 50 20 c0 ff ff ff 00 00 00 00 ......P ........ 0x00000000044ab0e0: 90 00 00 00 00 00 50 20 80 58 e9 7e 00 00 00 00 ......P .X.~.... 0x00000000044ab0f0: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x00000000044ab100: 90 00 00 00 00 00 50 20 c0 ff ff ff 00 00 00 00 ......P ........ 0x00000000044ab110: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x00000000044ab120: 90 00 00 00 00 00 50 20 c0 ff ff ff 00 00 00 00 ......P ........ 0x00000000044ab130: 90 00 00 00 00 00 50 20 80 58 e9 7e 00 00 00 00 ......P .X.~.... 0x00000000044ab140: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x00000000044ab150: 90 00 00 00 00 00 50 20 c0 ff ff ff 00 00 00 00 ......P ........ 0x00000000044ab160: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x00000000044ab170: 90 00 00 00 00 00 50 20 c0 ff ff ff 00 00 00 00 ......P ........ 0x00000000044ab180: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x00000000044ab190: 90 00 00 00 00 00 50 20 c0 ff ff ff 00 00 00 00 ......P ........ 0x00000000044ab1a0: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x00000000044ab1b0: 90 00 00 00 00 00 50 20 c0 ff ff ff 00 00 00 00 ......P ........ 0x00000000044ab1c0: 90 00 00 00 00 00 50 20 80 58 e9 7e 00 00 00 00 ......P .X.~.... 0x00000000044ab1d0: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x00000000044ab1e0: 90 00 00 00 00 00 50 20 c0 ff ff ff 00 00 00 00 ......P ........ 0x00000000044ab1f0: 90 00 00 00 00 00 50 20 00 00 00 00 01 00 00 00 ......P ........ 0x0000000000000003: IOMMU_MMIO_STATUS_REGISTER IOMMU set shasum calculated: 0x00000000044aff5c: bc 3c 50 c9 26 5f 8f 28 54 bd cc d0 9b c1 1e c7 .(......!.....< shasum calculated: 0x00000000044aff70: fd d7 45 59 2f af ff 08 34 5f 0a fc fe b9 56 8d ..EY/...4_....V. 0x00000000044aff80: b4 89 c4 ca c6 3b 53 a3 bb 18 90 bb 4a 6f 05 f1 .....;S.....Jo.. PCR extended dlme_entry: 0x0000000002229f00: fa fc 8d 83 d0 35 01 00 01 40 02 0f 01 10 b8 10 .....5...@...... 0x0000000002229f10: 00 00 00 8e d8 8e c0 8e e0 8e e8 8e d0 8d a3 40 ...............@ 0x0000000002229f20: 0d 01 00 8d 83 2d 00 00 00 6a 08 50 cb 53 51 b8 .....-...j.P.SQ. 0x0000000002229f30: 01 00 00 00 0f a2 f7 c1 40 00 00 00 74 79 59 5b ........@...tyY[ 0x0000000002229f40: c7 83 00 36 01 00 02 00 00 00 e8 71 00 00 00 ff ...6.......q.... 0x0000000002229f50: 83 10 36 01 00 53 31 db b8 07 00 00 00 0f 37 5b ..6..S1.......7[ 0x0000000002229f60: c7 05 30 00 d2 fe 00 00 00 00 c7 05 08 00 d2 fe ..0............. 0x0000000002229f70: ff ff ff ff a1 00 03 d2 fe 8b 08 8d 44 08 08 e8 ............D... 0x0000000002229f80: ac 00 00 00 8b 70 04 89 58 20 8b 78 18 89 bb 14 .....p..X .x.... 0x0000000002229f90: 36 01 00 c7 40 24 27 00 00 00 c7 40 28 dd 08 00 6...@$'....@(... 0x0000000002229fa0: 00 50 e8 79 02 00 00 e8 54 03 00 00 58 8b 78 10 .P.y....T...X.x. 0x0000000002229fb0: e8 eb 02 00 00 eb 02 0f 0b e9 42 60 dd fe 66 90 ..........B`..f. 0x0000000002229fc0: 8b 01 25 00 f0 ff ff 8b 00 25 00 f0 ff ff 8b 00 ..%......%...... 0x0000000002229fd0: 25 00 f0 ff ff 89 83 04 36 01 00 c3 0f 1f 40 00 %.......6.....@. 0x0000000002229fe0: 39 f9 72 06 39 fa 76 02 eb 44 39 da 77 06 39 d9 9.r.9.v..D9.w.9. 0x0000000002229ff0: 73 02 eb 3a c7 05 30 00 d2 fe 1b 80 00 c0 a1 f0 s..:..0......... dlme_arg: 0x000000000008b000: 00 00 00 80 00 00 03 50 00 00 00 00 00 00 19 01 .......P........ 0x000000000008b010: 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000000008b020: 3f a3 00 10 00 00 00 00 00 00 00 00 00 00 00 00 ?............... 0x000000000008b030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ ... 0x000000000008b1e0: 00 80 00 00 00 00 00 00 08 00 00 00 00 00 00 00 ................ 0x000000000008b1f0: 00 1d 01 00 58 3d 12 00 00 00 ff ff 00 00 00 00 ....X=.......... 0x000000000008b200: eb 6a 48 64 72 53 0f 02 00 00 00 00 00 10 e0 37 .jHdrS.........7 0x000000000008b210: 72 81 00 80 00 00 00 01 00 00 00 00 00 00 00 00 r............... 0x000000000008b220: 00 00 00 00 00 8e 00 00 00 f0 08 00 ff ff ff 7f ................ 0x000000000008b230: 00 00 20 00 01 15 7f 00 ff 07 00 00 00 00 00 00 .. ............. 0x000000000008b240: 00 00 00 00 00 00 00 00 48 05 00 00 d5 a5 21 01 ........H.....!. 0x000000000008b250: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 ................ 0x000000000008b260: 00 d0 47 03 20 1a 22 01 00 05 00 00 00 00 00 00 ..G. ."......... 0x000000000008b270: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ skl_base: 0x00000000044a0000: 08 00 c0 33 a0 30 d4 e4 89 c5 8d 9d d4 e4 00 00 ...3.0.......... 0x00000000044a0010: 36 8b 53 08 01 d3 81 c3 80 02 00 00 39 dc 7d 03 6.S.........9.}. 0x00000000044a0020: f4 eb fd 6a 00 6a 00 0f 01 1c 24 b9 14 01 01 c0 ...j.j....$..... 0x00000000044a0030: 0f 32 83 e0 fb 0f 30 c7 44 24 04 b8 30 00 00 01 .2....0.D$..0... 0x00000000044a0040: 6c 24 04 66 c7 44 24 02 1f 00 0f 01 54 24 02 83 l$.f.D$.....T$.. 0x00000000044a0050: c4 08 b8 10 00 00 00 8e d8 8e c0 31 c0 fc 8d bd ...........1.... 0x00000000044a0060: 00 40 00 00 8d 8d d4 e4 00 00 29 f9 c1 e9 02 f3 .@........)..... 0x00000000044a0070: ab 8d bd 00 40 00 00 b9 00 02 00 00 ba 63 00 20 ....@........c. 0x00000000044a0080: 00 81 ea 00 10 00 00 89 54 cf f8 e2 f4 8d bd 00 ........T....... 0x00000000044a0090: 50 00 00 8d 95 63 40 00 00 89 17 b9 ff 07 00 00 P....c@......... 0x00000000044a00a0: ba e3 00 00 00 81 ea 00 00 20 00 89 14 cf e2 f5 ......... ...... 0x00000000044a00b0: 8d bd 00 90 00 00 b9 04 00 00 00 8d 95 63 90 00 .............c.. 0x00000000044a00c0: 00 81 ea 00 10 00 00 89 54 cf f8 e2 f4 8d 95 63 ........T......c 0x00000000044a00d0: 90 00 00 89 95 00 a0 00 00 0f 20 e1 83 c9 20 0f .......... ... . 0x00000000044a00e0: 22 e1 8d 85 00 a0 00 00 0f 22 d8 b9 80 00 00 c0 "........"...... 0x00000000044a00f0: 0f 32 80 cc 01 0f 30 0f 20 c0 0d 2a 00 00 80 0f .2....0. ..*.... bootloader_data: 0x00000000044ae4d4: 4d 54 52 44 01 00 02 00 30 01 00 00 00 10 00 00 MTRD....0....... 0x00000000044ae4e4: 01 00 00 00 48 00 00 00 c0 33 00 00 00 00 00 00 ....H....3...... 0x00000000044ae4f4: 00 00 4a 04 00 00 00 00 00 d0 47 03 00 00 00 00 ..J.......G..... 0x00000000044ae504: 00 00 00 01 00 00 00 00 00 9f 22 01 00 00 00 00 .........."..... 0x00000000044ae514: 01 00 00 00 00 00 00 00 00 b0 08 00 00 00 00 00 ................ 0x00000000044ae524: 00 00 00 00 00 00 00 00 02 00 00 00 18 00 00 00 ................ 0x00000000044ae534: 02 00 00 00 00 80 00 00 00 80 b8 7d 00 00 00 00 ...........}.... 0x00000000044ae544: 03 00 00 00 b8 00 00 00 00 00 00 00 01 00 03 00 ................ 0x00000000044ae554: 12 00 01 00 02 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000000044ae564: d4 e4 4a 04 00 00 00 00 4d 65 61 73 75 72 65 64 ..J.....Measured 0x00000000044ae574: 20 53 4c 52 20 54 61 62 6c 65 00 00 00 00 00 00 SLR Table...... 0x00000000044ae584: 00 00 00 00 00 00 00 00 12 00 02 00 00 00 00 00 ................ 0x00000000044ae594: 00 10 00 00 00 00 00 00 00 b0 08 00 00 00 00 00 ................ 0x00000000044ae5a4: 4d 65 61 73 75 72 65 64 20 62 6f 6f 74 20 70 61 Measured boot pa 0x00000000044ae5b4: 72 61 6d 65 74 65 72 73 00 00 00 00 00 00 00 00 rameters........ 0x00000000044ae5c4: 12 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000000044ae5d4: 00 00 00 00 00 00 00 00 4d 65 61 73 75 72 65 64 ........Measured 0x00000000044ae5e4: 20 4b 65 72 6e 65 6c 20 63 6f 6d 6d 61 6e 64 20 Kernel command 0x00000000044ae5f4: 6c 69 6e 65 00 00 00 00 ff ff 00 00 08 00 00 00 line............ skl_main() is about to exit ```

However, I think that the changes cover also https://github.com/TrenchBoot/trenchboot-issues/issues/32 and https://github.com/TrenchBoot/trenchboot-issues/issues/33. For the latter, we can update Qubes OS builder CI (the config we used was recently removed), but #32 will be complete together with this issue.

I've added two comments that should be fixed: https://github.com/TrenchBoot/grub/commit/fc42d91bfeb1cb412bbaa5e846d6685a234d42ea#r145084754 (suboptimal memory allocation) and https://github.com/TrenchBoot/grub/commit/da0161f28c1c70794aa15c3cf8b5025073b999e6#r145085228 (timing problem that caused unexpected PCR values on release builds earlier).

SergiiDmytruk commented 2 weeks ago

Addressed the comments, changes: https://github.com/TrenchBoot/grub/compare/fc42d91bfeb1cb412bbaa5e846d6685a234d42ea..tb-2.12-57-linux-amd (also spotted and fixed some incorrect formatting).

krystian-hebel commented 2 weeks ago

For easier tracking and review, changes to GRUB were moved to https://github.com/TrenchBoot/grub/pull/22. That PR has been merged, which closes this task and #32.