[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1938760 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
focal/fwupd 1.5.11 landed ** Changed in: fwupd (Ubuntu Focal) Status: Fix Committed => Fix Released ** Changed in: fwupd-signed (Ubuntu Focal) Status: Fix Committed => Fix Released ** Changed in: oem-priority Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1933916 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Changed in: oem-priority Status: Triaged => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
Test on HP machine with fwupd 1.5.11. Verified pass on focal. [result] System Firmware: │ │ Device ID: 1517a2173378bb70b45d775b788e754b79627b2f │ │ Current version:16847872 │ │ Minimum Version:1 │ │ Vendor: HP (DMI:HP) │ │ GUIDs: 563e71f8-8344-418c-a722-9b55c56997e5 │ │ 230c8b18-8d9b-53ec-838b-6cfc0383493a │ │ c3b7206a-ea08-5da4-83c3-5f6405a801ee │ │ Device Flags: • Internal device │ │ • Updatable │ │ • System requires external power source │ │ • Needs a reboot after installation │ │ • Cryptographic hash verification is available │ │ • Device is usable for the duration of the update -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
Now we have fwupd 1.5.11 in the focal-proposed channel, Please kindly test it and update the result here, thank you. ** Changed in: fwupd (Ubuntu Focal) Status: Triaged => Fix Committed ** Changed in: fwupd-signed (Ubuntu Focal) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1932230 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1931653 ** Tags added: originate-from-1931669 ** Tags added: originate-from-1931323 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Description changed: [Impact] * TPM PCR0 differs from reconstruction, if your PCR0 contains one (or more) zero byte(s) then the PCR0 will mismatch. (zero byte(s) be ignored) [Test Plan] * run $ fwupdmgr get-devices ... └─System Firmware: Device ID: c8489035f8df6f87a1a3cd1baff36129262a5ac1 Current version: 92.1.0 Minimum Version: 0.0.1 Vendor: HP (DMI:HP) Update Error: TPM PCR0 differs from reconstruction, please see https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction GUID: 116180f2-105d-4ab2-809e-7fabed71217b will get the failed. * already tried on bug1891966 bug1893018 bug1896855 bug1897674 bug1899914 bug1902835 bug1903660 bug1909539 bug1910197 bug1914335 bug1918600 bug1918866 bug1919270 bug1919424 bug1920714 and this patch could solve the error. [Where problems could occur] * the all zero PCR0 is invalid, the original logic is to check whether a byte is zero. If zero then skip. It cause the PCR0 will potentially miss some valid zero byte. (e.g. 0x0C>>00<<62898247F8FE3085960E5B0270E7667B6F7D4CAE17A503950499D45B4116) * this patch will not skip zero byte. Instead, add a flag to check whether all bytes are zero. * for this change, it makes sense and didn't see any potential regression. --- In some of HP platforms, the TPM PCR checking will fail on focal ubuntu $ fwupdmgr get-devices ... └─System Firmware: Device ID: c8489035f8df6f87a1a3cd1baff36129262a5ac1 Current version: 92.1.0 Minimum Version: 0.0.1 Vendor: HP (DMI:HP) Update Error: TPM PCR0 differs from reconstruction, please see https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction GUID: 116180f2-105d-4ab2-809e-7fabed71217b Device Flags: • Internal device • Updatable • Requires AC power • Needs a reboot after installation • Cryptographic hash verification is available • Device is usable for the duration of the update Update Error: TPM PCR0 differs from reconstruction, please see https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction --- This issue is fixed by upstream commit https://github.com/fwupd/fwupd/pull/2394/commits/e265dd1d8687965bee77259ef3482b09b92033c1 + + X-HWE-Bug: Bug #1931189 ** Tags added: originate-from-1931189 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1929671 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1929044 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
This bug was fixed in the package fwupd-signed - 1.30.1 --- fwupd-signed (1.30.1) groovy; urgency=medium * Build depend on fwupd 1.4.7-0~20.10.1 - LP: #1921544 - LP: #1921539 - LP: #1909734 - LP: #1886912 - LP: #1900935 -- Mario Limonciello Fri, 26 Mar 2021 14:04:01 -0500 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
This bug was fixed in the package fwupd - 1.4.7-0~20.10.1 --- fwupd (1.4.7-0~20.10.1) groovy; urgency=medium * new upstream version (1.4.7) * Bug fixes: - Check returned volumes before accessing them - Correct a Thunderbolt assertion if kernel failed FW read - Do not dedupe NVMe devices - Do not match all HIDRAW\VEN_06CB devices - Don't allow device updates while needing activation - Fix adding multiple flags to devices - Fix critical warning regression with 'fwupdate -a' - Fix probe warning for the Logitech Unifying device - Fix the quirk key name for the Lenovo HDMI with power - Make TPM more optional - Make udisks2 errors more apparent - Only set the version format for ESRT entries - Remove the Hughski public key - Restore recognizing gpg and pkcs7 types still - Wait a few ms for the Logitech hardware to settle after detach * New features - Add support for SBAT. (LP: #1921539) - Adds support for Synaptics fingerprinter reader (LP:# 1900935) * Fixes TPM PCR0 reading failures if all characters are 0. (LP: #1909734) * Fixes Synaptics RMI probe causing touchscreen failures (LP: #1886912) * Backport a patch from upstream 1_4_X branch to fix SBAT character. * Backport a patch from upstream 1_4_X branch to fix vendor-id requirement error on Dell WD19 (LP: #1921544) -- Mario Limonciello Fri, 26 Mar 2021 13:45:02 -0500 ** Changed in: fwupd (Ubuntu Groovy) Status: Fix Committed => Fix Released ** Changed in: fwupd-signed (Ubuntu Groovy) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags removed: verification-needed ** Changed in: fwupd-signed (Ubuntu) Status: New => Fix Released ** Changed in: fwupd-signed (Ubuntu Hirsute) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
[Device] HP EliteOne 800 G6 27 [BIOS version] S11 Ver. 02.04.01 [Package version] fwupd-signed 1.30.1 result: System Firmware: │ Device ID: 90990a533de3259eb645e61a64ad25068f6f3c48 │ Current version:33816832 │ Minimum Version:1 │ Vendor: HP (DMI:HP) │ GUID: 510876c2-f1e5-4d9c-8c81-3e002f1b4792 │ Device Flags: • Internal device │ • Updatable │ • Requires AC power │ • Needs a reboot after installation │ • Cryptographic hash verification is available │ • Device is usable for the duration of the update ** Tags removed: verification-needed-groovy ** Tags added: verification-done-groovy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
Hello jeremyszu, or anyone else affected, Accepted fwupd into groovy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/fwupd/1.4.7-0~20.10.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- groovy to verification-done-groovy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-groovy. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: fwupd (Ubuntu Groovy) Status: Triaged => Fix Committed ** Tags added: verification-needed verification-needed-groovy ** Also affects: fwupd-signed (Ubuntu) Importance: Undecided Status: New ** Changed in: fwupd-signed (Ubuntu Groovy) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1922029 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Description changed: + [Impact] + + * TPM PCR0 differs from reconstruction, if your PCR0 contains one (or + more) zero byte(s) then the PCR0 will mismatch. (zero byte(s) be + ignored) + + [Test Plan] + + * run + + $ fwupdmgr get-devices + ... + └─System Firmware: + Device ID: c8489035f8df6f87a1a3cd1baff36129262a5ac1 + Current version: 92.1.0 + Minimum Version: 0.0.1 + Vendor: HP (DMI:HP) + Update Error: TPM PCR0 differs from reconstruction, please see https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction + GUID: 116180f2-105d-4ab2-809e-7fabed71217b + +will get the failed. + + * already tried on bug1891966 bug1893018 bug1896855 bug1897674 + bug1899914 bug1902835 bug1903660 bug1909539 bug1910197 bug1914335 + bug1918600 bug1918866 bug1919270 bug1919424 bug1920714 and this patch + could solve the error. + + [Where problems could occur] + + * the all zero PCR0 is invalid, the original logic is to check whether + a byte is zero. If zero then skip. It cause the PCR0 will potentially + miss some valid zero byte. (e.g. + 0x0C>>00<<62898247F8FE3085960E5B0270E7667B6F7D4CAE17A503950499D45B4116) + + * this patch will not skip zero byte. Instead, add a flag to check + whether all bytes are zero. + + * for this change, it makes sense and didn't see any potential + regression. + + --- + In some of HP platforms, the TPM PCR checking will fail on focal ubuntu $ fwupdmgr get-devices ... └─System Firmware: Device ID: c8489035f8df6f87a1a3cd1baff36129262a5ac1 Current version: 92.1.0 Minimum Version: 0.0.1 Vendor: HP (DMI:HP) Update Error: TPM PCR0 differs from reconstruction, please see https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction GUID: 116180f2-105d-4ab2-809e-7fabed71217b Device Flags: • Internal device • Updatable • Requires AC power • Needs a reboot after installation • Cryptographic hash verification is available • Device is usable for the duration of the update Update Error: TPM PCR0 differs from reconstruction, please see https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction --- This issue is fixed by upstream commit https://github.com/fwupd/fwupd/pull/2394/commits/e265dd1d8687965bee77259ef3482b09b92033c1 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1920714 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1919424 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1919270 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: fwupd -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
for today, github tag: 1.4.6 / 1.5.7 ubuntu groovy: 1.4.5-1 hirsute: 1.5.7-2 AI: check if 1.4.5-1 is updated enough or not. AI: per check git source of 1.4.5, it does not have that patch. It's likely we need to upgrade to 1.4.6. Given so, a debdiff to bring up to 1.4.6 will be needed. AI: check other requirements and decide if 1.4.6 is enough. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1918866 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1918600 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1914335 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
#2 has linked the correct commit for 1.5.x version, which is already present in Hirsute. 1.4.x and 1.3.x don't have tagged releases with the commit but the commit is present on the stable trees for those releases: For 1_4_X (groovy): https://github.com/fwupd/fwupd/commit/a3d85438b70dfb60d410f83d6beab2ed377e924c For 1_3_x (focal): https://github.com/fwupd/fwupd/commit/0d091efff1b421929e245aa4e8fcee2387689fe6 ** Also affects: fwupd (Ubuntu Hirsute) Importance: Undecided Status: New ** Also affects: fwupd (Ubuntu Groovy) Importance: Undecided Status: New ** Also affects: fwupd (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: fwupd (Ubuntu Hirsute) Status: New => Fix Released ** Changed in: fwupd (Ubuntu Groovy) Status: New => Triaged ** Changed in: fwupd (Ubuntu Focal) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Also affects: fwupd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** No longer affects: fwts (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
There are bugs in the fwupd for reconstruct the PCR value on some platforms. https://github.com/fwupd/fwupd/pull/2394 >From the comment#1, tested pass with the new fwupd version. ** Changed in: fwts (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Changed in: fwts (Ubuntu) Assignee: (unassigned) => Ivan Hu (ivan.hu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
** Tags added: originate-from-1910197 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1909734 Title: TPM PCR checking will fail if the all characters are 0 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1909734] Re: TPM PCR checking will fail if the all characters are 0
The result is passed after install the latest fwupd
$sudo snap install fwupd --edge --classic
...
└─System Firmware:
│ Device ID: c8489035f8df6f87a1a3cd1baff36129262a5ac1
│ Current version: 1543569408
│ Minimum Version: 1
│ Vendor: HP (DMI:HP)
│ GUIDs: 116180f2-105d-4ab2-809e-7fabed71217b
│ 230c8b18-8d9b-53ec-838b-6cfc0383493a ← main-system-firmware
│ d4b3b8bf-ba40-574c-8e55-e7dcb89aff07 ←
UEFI\RES_{116180F2-105D-4AB2-809E-7FABED71217B}
│ Device Flags: • Internal device
│ • Updatable
│ • System requires external power source
│ • Needs a reboot after installation
│ • Cryptographic hash verification is available
│ • Device is usable for the duration of the update
** Description changed:
+ In some of HP platforms, the TPM PCR checking will fail on focal ubuntu
+
$ fwupdmgr get-devices
...
└─System Firmware:
- Device ID: c8489035f8df6f87a1a3cd1baff36129262a5ac1
- Current version: 92.1.0
- Minimum Version: 0.0.1
- Vendor: HP (DMI:HP)
- Update Error: TPM PCR0 differs from reconstruction, please see
https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction
- GUID: 116180f2-105d-4ab2-809e-7fabed71217b
- Device Flags: • Internal device
-• Updatable
-• Requires AC power
-• Needs a reboot after installation
-• Cryptographic hash verification is available
-• Device is usable for the duration of the update
+ Device ID: c8489035f8df6f87a1a3cd1baff36129262a5ac1
+ Current version: 92.1.0
+ Minimum Version: 0.0.1
+ Vendor: HP (DMI:HP)
+ Update Error: TPM PCR0 differs from reconstruction, please see
https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction
+ GUID: 116180f2-105d-4ab2-809e-7fabed71217b
+ Device Flags: • Internal device
+ • Updatable
+ • Requires AC power
+ • Needs a reboot after installation
+ • Cryptographic hash verification is available
+ • Device is usable for the duration of the update
- Update Error: TPM PCR0 differs from reconstruction, please see
+ Update Error: TPM PCR0 differs from reconstruction, please see
https://github.com/fwupd/fwupd/wiki/TPM-PCR0-differs-from-reconstruction
---
This issue is fixed by upstream commit
https://github.com/fwupd/fwupd/pull/2394/commits/e265dd1d8687965bee77259ef3482b09b92033c1
** Tags added: oem-priority originate-from-1893018 stella
** Tags added: originate-from-1896855
** Tags added: originate-from-1897674
** Tags added: originate-from-1899914
** Tags added: originate-from-1902835
** Tags added: originate-from-1903660
** Tags added: originate-from-1891966
** Tags added: originate-from-1909539
** Changed in: oem-priority
Assignee: (unassigned) => jeremyszu (os369510)
** Changed in: oem-priority
Importance: Undecided => High
** Changed in: oem-priority
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1909734
Title:
TPM PCR checking will fail if the all characters are 0
To manage notifications about this bug go to:
https://bugs.launchpad.net/oem-priority/+bug/1909734/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
