Bug ID 1187360
Summary tpm2_eventlog cannot read /sys/kernel/security/tpm0/binary_bios_measurements
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Kernel
Assignee kernel-bugs@opensuse.org
Reporter aplanas@suse.com
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

(Note, I think that this is a kernel issue because after fixing bsc#1185869,
this was working. See c11 in the previous report for confirmation)

In Tumbleweed tpm2_eventlog do not work when pointed to the securefs:

# uname -a
Linux dhcp189 5.12.9-1-default #1 SMP Thu Jun 3 07:44:58 UTC 2021 (f17eb01)
x86_64 x86_64 x86_64 GNU/Linux

# tpm2_eventlog /sys/kernel/security/tpm0/binary_bios_measurements
ERROR: Unable to run tpm2_eventlog

But works when reading the copied file:

# cp /sys/kernel/security/tpm0/binary_bios_measurements
binary_bios_measurements

# tpm2_eventlog binary_bios_measurements | head
---
version: 1
events:
- EventNum: 0
  PCRIndex: 0
  EventType: EV_NO_ACTION
  Digest: "0000000000000000000000000000000000000000"
  EventSize: 37
  SpecID:
  - Signature: Spec ID Event03


Running strace shows this:

# strace tpm2_eventlog /sys/kernel/security/tpm0/binary_bios_measurements
...
futex(0x7fba8bafbe18, FUTEX_WAKE_PRIVATE, 2147483647) = 0
openat(AT_FDCWD, "/sys/kernel/security/tpm0/binary_bios_measurements",
O_RDONLY) = 3
lseek(3, 0, SEEK_CUR)                   = 0
newfstatat(3, "", {st_mode=S_IFREG|0440, st_size=0, ...}, AT_EMPTY_PATH) = 0
newfstatat(3, "", {st_mode=S_IFREG|0440, st_size=0, ...}, AT_EMPTY_PATH) = 0
lseek(3, 0, SEEK_SET)                   = 0
lseek(3, 0, SEEK_SET)                   = 0
close(3)                                = 0
write(2, "ERROR: ", 7ERROR: )                  = 7
write(2, "Unable to run eventlog", 22Unable to run eventlog)  = 22
write(2, "\n", 1
)                       = 1
exit_group(1)                           = ?
+++ exited with 1 +++


# strace tpm2_eventlog binary_bios_measurements
...
futex(0x7fb147cede18, FUTEX_WAKE_PRIVATE, 2147483647) = 0
openat(AT_FDCWD, "binary_bios_measurements", O_RDONLY) = 3
lseek(3, 0, SEEK_CUR)                   = 0
newfstatat(3, "", {st_mode=S_IFREG|0440, st_size=10494, ...}, AT_EMPTY_PATH) =
0
newfstatat(3, "", {st_mode=S_IFREG|0440, st_size=10494, ...}, AT_EMPTY_PATH) =
0
lseek(3, 8192, SEEK_SET)                = 8192
read(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
2302) = 2302
lseek(3, 0, SEEK_SET)                   = 0
close(3)                                = 0
openat(AT_FDCWD, "binary_bios_measurements", O_RDONLY) = 3
newfstatat(3, "", {st_mode=S_IFREG|0440, st_size=10494, ...}, AT_EMPTY_PATH) =
0
read(3, "\0\0\0\0\3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0%\0\0\0"...,
8192) = 8192
read(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
4096) = 2302
close(3)                                = 0
write(1, "---", 3)                      = 3
...

You are receiving this mail because: