incomplete measured boot and CCEL eventlog

[mythi]

I've followed the steps in this repo to build an image based on 23.10 and I have

# cat /etc/os-release 
PRETTY_NAME="Ubuntu 23.10"
NAME="Ubuntu"
VERSION_ID="23.10"
VERSION="23.10 (Mantic Minotaur)"
VERSION_CODENAME=mantic
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=mantic
LOGO=ubuntu-logo

I was checking the content of CCEL and could not find any logs that the most important parts, i.e., kernel/initrd/cmdline get measured. To see the log, I used https://github.com/canonical/tcglog-parser

# xxd -c2  /sys/firmware/acpi/tables/data/CCEL | grep -v ffff | xxd -r > /tmp/ccel.bin 
# ./tcglog-dump /tmp/ccel.bin -v

All of the grub measurements are missing. In contrast, on my TPM enabled laptop I can see, e.g.,

$ sudo ./tcglog-dump -v | grep \/vmlinuz | grep ^9
9    de0861d9a7b0c8a8d498eeac3bd1bf98cb01f5d7bb864e431cf6e826239758d3  EV_IPL                            /vmlinuz-6.6.13-amd64
$ sha256sum /boot/vmlinuz-6.6.13-amd64 
de0861d9a7b0c8a8d498eeac3bd1bf98cb01f5d7bb864e431cf6e826239758d3  /boot/vmlinuz-6.6.13-amd64

[sathyaintel]

I think this issue is related to missing cmdline/initrd measurement issue reported in https://github.com/canonical/tdx/issues/40

Can you try it with Linus tip tree or upcoming v6.9-rc1 release? It has fixes related to cmdline measurements in CC platforms.

[mythi]

This is different.

[mythi]

I've followed the steps in this repo to build an image based on 23.10 and I have

I checked with vanilla 24.04 and the result is still the same

[hector-cao]

Hello @mythi , i checked it on 24.04 and i see the event log for initrd

To check it yourself, i have a ongoing merge request for the branch https://github.com/canonical/tdx/tree/tdx-testing-ng that contains tests for TDX, i have a test for making sure that the initrd is measured into the event log table

if you are on the branch and on a 24.04 TDX system, you can run the test with:

$ cd tests
$ ./run.sh pytest bin/test_guest_eventlog.py::test_guest_eventlog_initrd

[syncronize-issues-to-jira[bot]]

Thank you for reporting us your feedback!

The internal ticket has been created: https://warthogs.atlassian.net/browse/PEK-680.

This message was autogenerated

[mythi]

i checked it on 24.04 and i see the event log for initrd

It was not clear in my original report: the eventlog exists but it's incomplete (it does not contain any of the grub2 measurements) but stops at what OVMF has measured.

[hector-cao]

@mythi Hello, i did some investigation on this issue and discovered that we have an issue on grub where grub will skip loading the tpm module (in charge of doing measurement both for TPM and Confidential Computing platform) if the tpm is not present (see https://github.com/hector-cao/grub/commit/30708dfe3bebd62a5487437554da8a24253f519f ), we will need to fix it to allow the tpm module to be loaded when TPM is not present but CC is available (basically check for the protocol : EFI_CC_MEASUREMENT_PROTOCOL) . I will work on this patch and submit it to Ubuntu and also grub upstream

[mythi]

@hector-cao nice find, thanks so much!

[hector-cao]

Here is the upstream patch : https://lists.gnu.org/archive/html/grub-devel/2024-05/msg00273.html