-
Notifications
You must be signed in to change notification settings - Fork 143
Sealing to PCR 0 to 7 Values when using QEMU
QEMU is under permanent development and a new version is released every few months. When doing an upgrade of QEMU you may get a new version of the firmware as well, such as SeaBIOS or EDK2 (UEFI) for x86_64 or SLOF for ppc64 for example, and with an upgrade the PCR values may change since the measurements that these firmwares are taking on their code also change. Measured/trusted boot is supposed to work like, but it has some negative side effects on blobs you may have sealed against PCRs. So, while Windows BitLocker may work, you have to be prepared for being prompted for a recovery password in case the PCR values have changed due to the upgrade.
Here's a table that shows which PCR values changed from QEMU 5.1 to QEMU 5.2 for the SHA 256 PCR values of a TPM 2 in an x86_64 VM running SeaBIOS:
| PCRs | PCR Purpose | QEMU 5.1 | QEMU 5.2 |
|---|---|---|---|
| PCR-0 | S-CRTM, POST BIOS, Option ROMs | d2 7c c1 26 14 ... | d2 7c c1 26 14 ... |
| PCR-1 | Host Platform Configuration | 14 ec e5 54 62 ... | 62 90 4e 68 8b ... |
| PCR-2 | Option ROM Code | e4 cf b5 4c b3 ... | 1b 44 46 1a 7f ... |
| PCR-3 | Option ROM Config and Data | d2 7c c1 26 14 ... | d2 7c c1 26 14 ... |
| PCR-4 | Initial Program Loader (IPL) | 76 00 be 69 2f ... | 76 00 be 69 2f ... |
| PCR-5 | IPL Config and Data | 33 db 54 cd 0e ... | 33 db 54 cd 0e ... |
| PCR-6 | State Transition and Wake Events | d2 7c c1 26 14 ... | d2 7c c1 26 14 ... |
| PCR-7 | Host Platform Manufacturer Conrol | d2 7c c1 26 14 ... | d2 7c c1 26 14 ... |
As you can see, the PCR values for PCR-1 and PCR-2 have changed! If your application sealed against those PCRs, it will not be able to get to the PCR values anymore. Your application will have to provide you a path to easily deal with this situation.