Dell XPS 7390 2-in-1: TPM PCR0 differs from reconstruction

[mrMoe]

Describe the bug

$ fwupdmgr get-devices

creates

 Update Message:      TPM PCR0 differs from reconstruction, please see https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction

for my System Firmware

Steps to Reproduce

fwupdmgr get-devices as root

Expected behavior successful parsing of the TPM PCR0

fwupd version information Please provide the version of the daemon and client.

$ fwupdmgr --version                                                                                                                                                                                                                                                 
client version: 1.4.0
compile-time dependency versions
        gusb:   0.3.4
        efivar: 37

Please note how you installed it (apt, dnf, pacman, source, etc):

pacman -S fwupd

fwupd device information Please provide the output of the fwupd devices recognized in your system.

$ fwupdmgr get-devices --show-all-devices                                                                                                                                                                                                                            
XPS 13 7390 2-in-1
│
├─Thunderbolt Controller:
│     Device ID:           ec6b4dfd3088670ee6487f23f579f7607c91aa5b
│     Summary:             Unmatched performance for high-speed I/O
│     Current version:     77.00
│     Update Error:        Missing non-active nvmem
│     GUID:                e72e778e-94f7-5ed2-b560-1c1262ee217c ← TBT-fixed
│     Device Flags:        • Internal device
│                          • Requires AC power
│   
├─Thunderbolt Controller:
│     Device ID:           03640de408f8cd76c3371fd43a80837e3b743ff5
│     Summary:             Unmatched performance for high-speed I/O
│     Current version:     77.00
│     Update Error:        Missing non-active nvmem
│     GUID:                e72e778e-94f7-5ed2-b560-1c1262ee217c ← TBT-fixed
│     Device Flags:        • Internal device
│                          • Requires AC power
│   
├─WD19TB:
│ │   Device ID:           570867f4ddda9915445da59bd85cd0e0e507270e
│ │   Summary:             High performance dock
│ │   Current version:     01.00.00.00
│ │   Minimum Version:     01.00.00.00
│ │   Vendor:              Dell Inc. (USB:0x413C)
│ │   Install Duration:    1 minute
│ │   Serial Number:       22Z0N03/3104265116064743
│ │   GUID:                cd357cf1-40b2-5d87-b8df-bb2dd82774aa ← USB\VID_413C&PID_B06E&hub&embedded
│ │   Device Flags:        • Updatable
│ │                        • Requires AC power
│ │                        • Supported on remote server
│ │                        • Device stages updates
│ │                        • Device can recover flash failures
│ │                        • Device is usable for the duration of the update
│ │ 
│ ├─Thunderbolt controller in Dell dock:
│ │     Device ID:         f15c540c02e7ab59fb1e8609633aa4fa39856a53
│ │     Summary:           Thunderbolt controller
│ │     Current version:   40.00
│ │     Vendor:            Dell Inc. (TBT:0x00D4)
│ │     Install Duration:  22 seconds
│ │     GUID:              c94770ca-1773-592c-b20a-e87243bc7cd0 ← TBT-00d4b070
│ │     Device Flags:      • Updatable
│ │                        • Requires AC power
│ │                        • Supported on remote server
│ │                        • Device stages updates
│ │   
│ ├─Package level of Dell dock:
│ │     Device ID:         b5a854df85ab30fff48e4365ec7ad2249c90806e
│ │     Summary:           A representation of dock update status
│ │     Current version:   01.00.04.01
│ │     Vendor:            Dell Inc. (USB:0x413C)
│ │     Install Duration:  5 seconds
│ │     GUID:              8ceeeffd-51b6-580c-9b75-69143227aff8 ← USB\VID_413C&PID_B06E&hub&status
│ │     Device Flags:      • Updatable
│ │                        • Supported on remote server
│ │                        • Device can recover flash failures
│ │                        • Device is usable for the duration of the update
│ │   
│ ├─RTS5413 in Dell dock:
│ │     Device ID:         0acceea54e71c4d8002593822afe0f4705616613
│ │     Summary:           USB 3.1 Generation 1 Hub
│ │     Current version:   01.21
│ │     Vendor:            Dell Inc. (USB:0x413C)
│ │     Install Duration:  14 seconds
│ │     GUIDs:             86fb40c0-8bf5-5a8b-a4ad-3156cf6bfaf4 ← USB\VID_413C&PID_B06F&REV_0101
│ │                        b27d25f1-019d-5718-b41a-02ddaefe5577 ← USB\VID_413C&PID_B06F
│ │                        ac5b774c-b49d-566b-9255-85f0f7f8a4ed ← USB\VID_413C&PID_B06F&hub
│ │     Device Flags:      • Updatable
│ │                        • Requires AC power
│ │                        • Supported on remote server
│ │                        • Device stages updates
│ │                        • Device is usable for the duration of the update
│ │   
│ ├─RTS5487 in Dell dock:
│ │     Device ID:         96969b82d977fdcbf607df084ef0dcf10119409b
│ │     Summary:           USB 3.1 Generation 2 Hub
│ │     Current version:   01.47
│ │     Vendor:            Dell Inc. (USB:0x413C)
│ │     Install Duration:  3 seconds
│ │     GUIDs:             707c63d2-e597-5c40-84db-9b1bb4c48d96 ← USB\VID_413C&PID_B06E&REV_0101
│ │                        acfcd89b-105d-55b9-b85b-08bf8508f38c ← USB\VID_413C&PID_B06E
│ │                        568ffa1e-a0db-5287-9ea3-872b60f7730b ← USB\VID_413C&PID_B06E&hub
│ │     Device Flags:      • Updatable
│ │                        • Requires AC power
│ │                        • Supported on remote server
│ │                        • Device stages updates
│ │                        • Device is usable for the duration of the update
│ │   
│ └─VMM5331 in Dell dock:
│       Device ID:         228ac6846b64d532dd1ea1b7e651e8f5f55fbc34
│       Summary:           Multi Stream Transport controller
│       Current version:   05.03.10
│       Vendor:            Dell Inc. (USB:0x413C)
│       Install Duration:  6 minutes
│       GUID:              89fec0b6-6b76-5008-b82c-5e5c6c164007 ← MST-panamera-vmm5331-259
│       Device Flags:      • Updatable
│                          • Requires AC power
│                          • Supported on remote server
│                          • Device stages updates
│                          • Device is usable for the duration of the update
│     
├─Intel(R) Core™ i7-1065G7 CPU @ 1.30GHz:
│     Device ID:           4bde70ba4e39b28f9eab1628f9dd6e6244c03027
│     Current version:     0x46
│     Vendor:              GenuineIntel
│     GUID:                b9a2dd81-159e-5537-a7db-e7101d164d3f ← cpu
│     Device Flags:        • Internal device
│   
├─Iris Plus Graphics G7:
│     Device ID:           bbbf1ce3d1cf15550c3760b354592040292415bb
│     Current version:     07
│     Vendor:              Intel Corporation (PCI:0x8086)
│     GUIDs:               c213be4c-faf8-5fe6-9430-b458722b2656 ← PCI\VEN_8086&DEV_8A52&REV_07
│                          43ede583-c357-55e5-854d-f6f15dab900d ← PCI\VEN_8086&DEV_8A52
│     Device Flags:        • Internal device
│                          • Cryptographic hash verification is available
│   
├─KBG40ZPZ1T02 NVMe KIOXIA 1024GB:
│     Device ID:           ac1ce3be70e444b92f99fe08c9b957efb9d0ee53
│     Summary:             NVM Express Solid State Drive
│     Current version:     10400104
│     Vendor:              Intel Corporation (NVME:0x1E0F)
│     Serial Number:       Y9C100ZENTRL
│     GUIDs:               fbef9958-2179-5fb1-9e91-31c22cc29b2d ← STORAGE-DELL-107871
│                          b2cca4ac-d65f-e811-9c2d-fa7ae01bbebc
│     Device Flags:        • Internal device
│                          • Updatable
│                          • Requires AC power
│                          • Needs a reboot after installation
│                          • Device is usable for the duration of the update
│   
├─System Firmware:
│     Device ID:           fb5523b663445df99fe178d162a221546e1974af
│     Current version:     66305
│     Minimum Version:     66305
│     Vendor:              Dell Inc. (DMI:Dell Inc.)
│     Update Message:      TPM PCR0 differs from reconstruction, please see https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction
│     GUID:                20448dae-1dd2-5653-a2b3-c81b77007d2f
│     Device Flags:        • Internal device
│                          • Updatable
│                          • Requires AC power
│                          • Needs a reboot after installation
│                          • Cryptographic hash verification is available
│                          • Device is usable for the duration of the update
│   
├─TPM:
│ │   Device ID:           c6a80ac3a22083423992a3cb15018989f37834d6
│ │   Current version:     74.8.17568.5511
│ │   Vendor:              ST Microelectronics (TPM:STM)
│ │   GUIDs:               ff71992e-52f7-5eea-94ef-883e56e034c6 ← system-tpm
│ │                        84df3581-f896-54d2-bd1a-372602f04c32 ← TPM\VEN_STM&DEV_0001
│ │                        bfaed10a-bbc1-525b-a329-35da2f63e918 ← TPM\VEN_STM&MOD_
│ │                        70b7b833-7e1a-550a-a291-b94a12d0f319 ← TPM\VEN_STM&DEV_0001&VER_2.0
│ │                        06f005e9-cb62-5d1a-82d9-13c534c53c48 ← TPM\VEN_STM&MOD_&VER_2.0
│ │   Device Flags:        • Internal device
│ │ 
│ └─Event Log:
│       Device ID:         58bd405f31c48e6eca290b425f530a94c91e955c
│       GUID:              a25657fe-b5dc-5be0-8b78-8b9dfec678ff ← system-tpm-eventlog
│       Device Flags:      • Internal device
│     
└─Touchpad:
      Device ID:           08fadf5c169ee39d8c8f08f264108ea3c8aeee30
      Current version:     1.4.2888190
      Bootloader Version:  54.0.0
      Vendor:              Synaptics (HIDRAW:0x06CB)
      GUIDs:               a9c1b42d-a78c-5068-9b5b-af7ee1d65c88 ← HIDRAW\VEN_06CB&DEV_CD7A&REV_00
                           58d4ca98-ced2-549c-b505-c12d49eb400b ← HIDRAW\VEN_06CB&DEV_CD7A
                           9073e287-0769-5fd5-9342-8df98eefbb6c ← SYNAPTICS_RMI\TM3450-001
                           e5b92a29-f5df-5c45-b280-c5bb2dc127e1 ← SYNAPTICS_RMI\TM3450
      Device Flags:        • Internal

Additional questions

• Operating system and version: Arch Linux

  uname -a                                                                                                                                                                                                                                                           
  Linux rtfm 5.6.11-arch1-1 fwupd/fwupd#1 SMP PREEMPT Wed, 06 May 2020 17:32:37 +0000 x86_64 GNU/Linux

• Have you tried rebooting? yes; multiple times
• Is this a regression? unknown

fwupdtpmevlog.txt

[superm1]

The root cause for this issue is expected to be the same root cause as https://github.com/fwupd/fwupd/issues/1981

They both appear to be firmware issues not fwupd issues.

[superm1]

A bug with PCR0 reconstruction was identified in fwupd code. This bug has been fixed in the stable branches for all applicable releases: 1_3_X, 1_4_X and master.

Can you please upgrade to a version with the fix, and confirm if this behavior still happens?

[mrMoe]

I just got the arch update to version 1.4.4 and am sadly to say the error still persists

$ fwupdmgr --version                                                                                       
client version: 1.4.4
compile-time dependency versions
        gusb:   0.3.4
        efivar: 37
daemon version: 1.4.4

$ fwupdmgr get-devices                                                                                     
XPS 13 7390 2-in-1
│
├─Thunderbolt Controller:
│     Device ID:           afcc9427ef083d0bb017d0010c530014d7c99aaf
│     Summary:             Unmatched performance for high-speed I/O
│     Current version:     77.00
│     Update Error:        Missing non-active nvmem
│     GUID:                e72e778e-94f7-5ed2-b560-1c1262ee217c ← TBT-fixed
│     Device Flags:        • Internal device
│                          • Requires AC power
│   
├─KBG40ZPZ1T02 NVMe KIOXIA 1024GB:
│     Device ID:           ac1ce3be70e444b92f99fe08c9b957efb9d0ee53
│     Summary:             NVM Express Solid State Drive
│     Current version:     10400104
│     Vendor:              Intel Corporation (NVME:0x1E0F)
│     Serial Number:       Y9C100ZENTRL
│     GUIDs:               fbef9958-2179-5fb1-9e91-31c22cc29b2d ← STORAGE-DELL-107871
│                          b2cca4ac-d65f-e811-9c2d-fa7ae01bbebc
│     Device Flags:        • Internal device
│                          • Updatable
│                          • Requires AC power
│                          • Needs a reboot after installation
│                          • Device is usable for the duration of the update
│   
├─System Firmware:
│     Device ID:           fb5523b663445df99fe178d162a221546e1974af
│     Current version:     66560
│     Minimum Version:     66560
│     Vendor:              Dell Inc. (DMI:Dell Inc.)
│     Update Message:      TPM PCR0 differs from reconstruction, please see https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction
│     GUID:                20448dae-1dd2-5653-a2b3-c81b77007d2f
│     Device Flags:        • Internal device
│                          • Updatable
│                          • Requires AC power
│                          • Needs a reboot after installation
│                          • Cryptographic hash verification is available
│                          • Device is usable for the duration of the update
│   
├─Touchpad:
│     Device ID:           08fadf5c169ee39d8c8f08f264108ea3c8aeee30
│     Current version:     1.4.2888190
│     Bootloader Version:  54.0.0
│     Vendor:              Synaptics (HIDRAW:0x06CB)
│     GUIDs:               a9c1b42d-a78c-5068-9b5b-af7ee1d65c88 ← HIDRAW\VEN_06CB&DEV_CD7A&REV_00
│                          58d4ca98-ced2-549c-b505-c12d49eb400b ← HIDRAW\VEN_06CB&DEV_CD7A
│                          9073e287-0769-5fd5-9342-8df98eefbb6c ← SYNAPTICS_RMI\TM3450-001
│                          e5b92a29-f5df-5c45-b280-c5bb2dc127e1 ← SYNAPTICS_RMI\TM3450
│     Device Flags:        • Internal device
│                          • Updatable
│   
└─USB Keyboard:
      Device ID:           6e840ff67ccd6980286a0c4b83f4edc7df3328cb
      Summary:             USB PD
      Current version:     149.1.4.3
      Vendor:              VIA Labs, Inc. (USB:0x2109)
      Serial Number:       0000000000000001
      GUIDs:               9b630f16-62b2-57a2-a4d3-36df60ac08ad ← USB\VID_2109&PID_D101&REV_0301
                           56a509c6-b4c3-5cf3-bf9d-8c98bc8562dc ← USB\VID_2109&PID_D101
                           446d3992-2a03-5143-a99c-6189ec313d86 ← USB\VID_2109&PID_D101&DEV_VL102
      Device Flags:        • Updatable
                           • Cryptographic hash verification is available

[superm1]

Unfortunately it's not in 1.4.4, it is a commit not yet tagged. So you would need to hand compile or wait for 1.4.5 to check it.

[didierm]

COPR version fwupd-1.5.0-0.591.20200617git (https://copr.fedorainfracloud.org/coprs/rhughes/fwupd/build/1474841/) does not seem to fix this issue :

# fwupdmgr get-devices --show-all-devices          
XPS 13 7390 2-in-1
...
├─System Firmware:
│     Device ID:           fb5523b663445df99fe178d162a221546e1974af
│     Current version:     66305
│     Minimum Version:     66305
│     Vendor:              Dell Inc. (DMI:Dell Inc.)
│     Update Message:      TPM PCR0 differs from reconstruction, please see https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction
...

Furthermore :

• the version string 66305 is somewhat peculiar (installed BIOS = 1.3.1) ;
• a more current and available BIOS version (1.4.1) is not reported.

[superm1]

Thanks for confirming; then that means there is a secondary problem to that one reported.

Can you please with that build share fwupdtpmevlog output? and also contrast it to tpm2_readpcrs / tpm2_listpcrs (whichever command is appropriate on your system)?

The version string is actually intended behavior until an update is made available on LVFS. You can update from the EXE file on support.dell.com in the F12 POST menu, or by using the stuff mentioned in README here: https://github.com/fwupd/firmware-dell

[didierm]

Requested outputs attached. tpm2_pcrread.out.gz fwupdtpmevlog.out.gz

[superm1]

Thanks. It looks like the others are re-calculating right, it's just PCR0 problem right now. Can you please do the following:

1. Upgrade to latest firmware.
2. Check if this is happening on every single boot? Or is it only on a cold boot some times, or only on a warm boot? Just a handful of reboots on warm and a handful of cold boots should be sufficient ot see if it happens every time.

[didierm]

In the meantime, I had already upgraded tot the latest BIOS FW v1.4.0. After a warm reboot (Fedora 32, kernel 5.7.4) and subsequent suspend/resume test cycle :

├─System Firmware:
│     Device ID:           fb5523b663445df99fe178d162a221546e1974af
│     Current version:     66560
│     Minimum Version:     66560
│     Vendor:              Dell Inc. (DMI:Dell Inc.)
│     Update State:        success
│     Update Message:      TPM PCR0 differs from reconstruction, please see https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction
│     GUIDs:               20448dae-1dd2-5653-a2b3-c81b77007d2f
│                          230c8b18-8d9b-53ec-838b-6cfc0383493a ← main-system-firmware
│                          1d203f3b-1409-598e-92d6-2633efe29caa ← UEFI\RES_{20448DAE-1DD2-5653-A2B3-C81B77007D2F}

As I am using this system in production use (with some tens of windows concurrently open, divided over 8 workspaces, and uptimes of 10-30 days), restoring my desktop setup after reboot is not too pleasant, and takes some time.

OK if I test this after my next major kernel upgrade + subsequent reboot(s) ?

[didierm]

Past week, I upgraded to kernel-5.7.9-200.fc32.x86_64 (from 5.7.4), and the required kernel reboot, the availability of a new Dell FW 1.5.0 and a new fwupd version (fwupd-1.5.0-0.603.20200706git) provided an excellent occasion to reassess fwupd.

1. Installing fwupd-1.5.0-0.603.20200706git (not rebooted yet, uptime 22 days, still with kernel-5.7.4 and Dell FW 1.4.0) leads to a chain of anomalies :

• pesign dependency error :

  
  # dnf install https://download.copr.fedorainfracloud.org/results/rhughes/fwupd/fedora-32-x86_64/01518729-fwupd/fwupd-1.5.0-0.603.20200706git.fc32.x86_64.rpm

"Failed to try-restart pesign.service: Unit pesign.service not found."

Reference : https://bugzilla.redhat.com/show_bug.cgi?id=1776680

* **efivarfs** error : 

fwupdmgr get-devices --show-all-devices

... ├─System Firmware: │ Device ID: fb5523b663445df99fe178d162a221546e1974af │ Current version: 66560 │ Minimum Version: 66560 │ Vendor: Dell Inc. (DMI:Dell Inc.) │ Update Error: /sys/firmware/efi/efivars was not mounted │ GUIDs: 20448dae-1dd2-5653-a2b3-c81b77007d2f │ 230c8b18-8d9b-53ec-838b-6cfc0383493a ← main-system-firmware │ 1d203f3b-1409-598e-92d6-2633efe29caa ← UEFI\RES_{20448DAE-1DD2-5653-A2B3-C81B77007D2F} │ Device Flags: • Internal device │ • Requires AC power │ • Needs a reboot after installation │ • Cryptographic hash verification is available ...

mount | grep efivars

efivarfs on /sys/firmware/efi/efivars type efivarfs (rw,relatime)

mount -t efivarfs efivarfs /sys/firmware/efi/efivars

-> same error

* **firmware update** error : 

/usr/share/fwupd/install_dell_bios_exe.py /tmp/XPS_13_7390_2-in-1_1.5.0.exe

Installing to System Firmware Wrote capsule /tmp/tmpldfc8hn7/firmware.bin GUID: 20448dae-1dd2-5653-a2b3-c81b77007d2f HdrSz: 0x1000 Flags: 0x70000 PayloadSz: 0xd62420 Generated CAB file /tmp/tmpldfc8hn7/firmware.cab [ ] 0% idle FwupdError: Device System Firmware [fb5523b663445df99fe178d162a221546e1974af] does not currently allow updates (10)

2. Downgrading fwupd fixes the firmware upgrade issue : 

dnf downgrade fwupd

fwupdmgr --version

client version: 1.4.4 compile-time dependency versions gusb: 0.3.4 efivar: 37 daemon version: 1.4.4

fwupdmgr get-devices --show-all-devices

... ├─System Firmware: │ Device ID: fb5523b663445df99fe178d162a221546e1974af │ Current version: 66560 │ Minimum Version: 66560 │ Vendor: Dell Inc. (DMI:Dell Inc.) │ Update Message: Platform firmware measurement unavailable. Secure boot is disabled in BIOS setup, enabling it may fix this issue │ GUID: 20448dae-1dd2-5653-a2b3-c81b77007d2f │ Device Flags: • Internal device │ • Updatable │ • Requires AC power │ • Needs a reboot after installation │ • Cryptographic hash verification is available │ • Device is usable for the duration of the update ...

/usr/share/fwupd/install_dell_bios_exe.py /tmp/XPS_13_7390_2-in-1_1.5.0.exe

Installing to System Firmware Wrote capsule /tmp/tmp2gmi3wn8/firmware.bin GUID: 20448dae-1dd2-5653-a2b3-c81b77007d2f HdrSz: 0x1000 Flags: 0x70000 PayloadSz: 0xd62420 Generated CAB file /tmp/tmp2gmi3wn8/firmware.cab [ ] 0% idle [ ] 0% idle [ ] 0% scheduling Updating System Firmware [ ] 0% idle [ ] 0% unknown

An update requires a reboot to complete Restart now? (Y/N) Y

3. Rebooted ; now running Dell FW 1.5.0 , kernel-5.7.9 , fwupd 1.4.4 : 

fwupdmgr get-devices --show-all-devices

... ├─System Firmware: │ Device ID: fb5523b663445df99fe178d162a221546e1974af │ Current version: 66816 │ Minimum Version: 66816 │ Vendor: Dell Inc. (DMI:Dell Inc.) │ Update State: success │ Update Message: TPM PCR0 differs from reconstruction, please see https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction │ GUID: 20448dae-1dd2-5653-a2b3-c81b77007d2f │ Device Flags: • Internal device │ • Updatable │ • Requires AC power │ • Needs a reboot after installation │ • Cryptographic hash verification is available │ • Device is usable for the duration of the update ...

4. Upgrading fwupd again to fwupd-1.5.0-0.603.20200706git appears to fix the **TPM PCR0** issue now : 

dnf update https://download.copr.fedorainfracloud.org/results/rhughes/fwupd/fedora-32-x86_64/01518729-fwupd/fwupd-1.5.0-0.603.20200706git.fc32.x86_64.rpm

fwupdmgr --version

client version: 1.5.0 compile-time dependency versions gusb: 0.3.4 efivar: 37 daemon version: 1.5.0

fwupdmgr get-devices --show-all-devices

... ├─System Firmware: │ Device ID: fb5523b663445df99fe178d162a221546e1974af │ Current version: 66816 │ Minimum Version: 66816 │ Vendor: Dell Inc. (DMI:Dell Inc.) │ Update State: success │ GUIDs: 20448dae-1dd2-5653-a2b3-c81b77007d2f │ 230c8b18-8d9b-53ec-838b-6cfc0383493a ← main-system-firmware │ 1d203f3b-1409-598e-92d6-2633efe29caa ← UEFI\RES_{20448DAE-1DD2-5653-A2B3-C81B77007D2F} │ Device Flags: • Internal device │ • Updatable │ • Requires AC power │ • Needs a reboot after installation │ • Cryptographic hash verification is available │ • Device is usable for the duration of the update ...

5. Summary : 
 * upgrading to fwupd 1.5.0-0.603.20200706git causes lots of issues all over the place ;
 * downgrading to 1.4.4 allows to upgrade the Dell FW ;
 * rebooting and re-upgrading to 1.5.0-0.603.20200706git appears to fix the TPM PCR0 issue.

[hughsie]

upgrading to fwupd 1.5.0-0.603.20200706git

This won't work if you have secure boot turned on as the binary is not signed.

20200706git appears to fix the TPM PCR0 issue

As expected.

[didierm]

upgrading to fwupd 1.5.0-0.603.20200706git

This won't work if you have secure boot turned on as the binary is not signed.

Is this a general remark, or specific to my report ? (FYI, IIRC, secure boot was/is turned off on my system)

[superm1]

General remark, only official distro builds typically get signed.

[superm1]

I'll close this issue since it's indeed fixed in master, should be available in 1.5.0+ or 1.4.5+ when tagged.

[mrMoe]

I can confirm it is fixed in 1.4.5 on arch linux