FDE is still unreliable on UC22
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
snapd |
Triaged
|
High
|
Valentin David |
Bug Description
This is a follow up to:
https:/
We're back again trying to get FDE working. This time on Ubuntu Core 22. So far it still doesn't look promising. We're exploring various boards for our next generation hardware platform. The first one I'm evaluating is the one I would expect to work out-of-the-box (as it's mostly "open"), namely Star Labs System's Byte Mk 2.
Here are some debugging data based on the previous ticket:
$ ls -lah /dev/tpm0
crw-rw---- 1 tss root 10, 224 Apr 22 12:30 /dev/tpm0
$ cat /sys/class/
2
$ sudo ./tcglog-check
open /sys/kernel/
Viktor Petersson (vpetersson) wrote : | #1 |
Valentin David (valentin.david) wrote : | #2 |
Valentin David (valentin.david) wrote : | #3 |
Also the output of "udevadm info /sys/class/
Viktor Petersson (vpetersson) wrote : | #4 |
Hi Valentin,
Sure thing:
$ findmnt --submounts /sys
TARGET SOURCE FSTYPE OPTIONS
/sys sysfs sysfs rw,nosuid,
├─/sys/
├─/sys/fs/cgroup cgroup2 cgroup2 rw,nosuid,
├─/sys/fs/pstore pstore pstore rw,nosuid,
├─/sys/
├─/sys/fs/bpf bpf bpf rw,nosuid,
├─/sys/kernel/debug debugfs debugfs rw,nosuid,
├─/sys/
├─/sys/
└─/sys/
$ udevadm info /sys/class/
P: /devices/
L: 0
E: DEVPATH=
E: DRIVER=tpm_crb
E: MODALIAS=
E: SUBSYSTEM=acpi
E: USEC_INITIALIZE
E: ID_VENDOR_
Valentin David (valentin.david) wrote : | #5 |
Is that machine using coreboot + edk2? Was the edk2 payload built with secure boot enabled?
Another common thing is wrong ACPI tables. It would be nice to get the journal output to see where the kernel failed.
What image did you test? Was it a stable build of UC22 for x86-64? Do you know which version of pc-kernel it is using?
Viktor Petersson (vpetersson) wrote : | #6 |
To add to this, we have a second device now that is behaving the same way. This device I would also expect to "just work" as it's a regular NUC (NUC13ANBi3), which should be supported by FDE on Core 22.
Debug output from this device:
$ ls -lah /dev/tpm0
crw-rw---- 1 tss root 10, 224 Apr 23 19:30 /dev/tpm0
$ cat /sys/class/
2
$ findmnt --submounts /sys
TARGET SOURCE FSTYPE OPTIONS
/sys sysfs sysfs rw,nosuid,
├─/sys/
├─/sys/fs/cgroup cgroup2 cgroup2 rw,nosuid,
├─/sys/fs/pstore pstore pstore rw,nosuid,
├─/sys/
├─/sys/fs/bpf bpf bpf rw,nosuid,
├─/sys/
├─/sys/kernel/debug debugfs debugfs rw,nosuid,
├─/sys/
└─/sys/
$ udevadm info /sys/class/
P: /devices/
L: 0
E: DEVPATH=
E: DRIVER=tpm_crb
E: MODALIAS=
E: SUBSYSTEM=acpi
E: USEC_INITIALIZE
E: ID_VENDOR_
$ sudo dmsetup ls --target crypt
No devices found
$ sudo blkid
/dev/loop1: TYPE="squashfs"
/dev/nvme0n1p5: LABEL="ubuntu-data" UUID="72f553b9-
/dev/nvme0n1p3: LABEL="ubuntu-boot" UUID="1a8e53a3-
/dev/nvme0n1p1: PARTLABEL="BIOS Boot" PARTUUID=
/dev/nvme0n1p4: LABEL="ubuntu-save" UUID="643db19f-
/dev/nvme0n1p2: LABEL_FATBOOT=
/dev/loop4: TYPE="squashfs"
/dev/loop2: TYPE="squashfs"
/dev/loop0: TYPE="squashfs"
/dev/loop3: TYPE="squashfs"
For both these devices, we used the upstream amd64 image (which should have 'prefer-encryption' set by default I believe).
Viktor Petersson (vpetersson) wrote (last edit ): | #7 |
Looks like the wires crossed. :)
> Is that machine using coreboot + edk2? Was the edk2 payload built with secure boot enabled?
We're using the upstream amd64 image to rule out any disk image errors (https:/
> Another common thing is wrong ACPI tables. It would be nice to get the journal output to see where the kernel failed.
Sure - here's the full output from `journalctl`:
https:/
> What image did you test? Was it a stable build of UC22 for x86-64? Do you know which version of pc-kernel it is using?
As mentioned, it's the upstream image.
Here's the list of snaps (after a `snap refresh` once though).
$ sudo snap list
Name Version Rev Tracking Publisher Notes
core22 20240408 1380 latest/stable canonical✓ base
pc 22-0.3 146 22/stable canonical✓ gadget
pc-kernel 5.15.0-105.115.1 1781 22/stable canonical✓ kernel
snapd 2.62 21465 latest/stable canonical✓ snapd
Valentin David (valentin.david) wrote : | #8 |
Is /sys/kernel/
I have tried the image on a NUC10i7FNB and it worked.
Also, could you look if the tpm has a lockout? Do this and give the output.
sudo snap install tpm2-tools-
sudo snap connect tpm2-tools-
sudo tpm2-tools-
If it has a lockout from another previously installed OS, then install may fail and install without tpm.
To reset the tpm you have to do
echo 5 | sudo tee /sys/class/
Then you have to reboot. You can force reinstall by rebooting with this command:
sudo snap reboot --install
For the Star Labs System's Byte Mk 2, could you give the content of all the /sys/devices/
Viktor Petersson (vpetersson) wrote (last edit ): | #9 |
For context - both of these systems should be brand new. To my knowledge, no other OS has been installed on either of them.
> Is /sys/kernel/
I need to wait until later today when my colleague wakes up to check that.
> Also, could you look if the tpm has a lockout? Do this and give the output.
Sure - this is the output from the Star Labs System device:
$ sudo snap install tpm2-tools-
tpm2-tools-
$ sudo snap connect tpm2-tools-
$ sudo tpm2-tools-
TPM2_PT_PERMANENT:
ownerAuthSet: 0
endorsementAu
lockoutAuthSet: 0
reserved1: 0
disableClear: 0
inLockout: 0
tpmGeneratedEPS: 0
reserved2: 0
TPM2_PT_
phEnable: 1
shEnable: 1
ehEnable: 1
phEnableNV: 1
reserved1: 0
orderly: 1
TPM2_PT_
TPM2_PT_HR_LOADED: 0x0
TPM2_PT_
TPM2_PT_HR_ACTIVE: 0x0
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
$ echo 5 | sudo tee /sys/class/
5
$ cat /sys/devices/
04/19/2024
24.2
coreboot
24.04
$ sudo snap reboot --install
[wait for the device to be re-instated]
$ findmnt --submounts /sys
TARGET SOURCE FSTYPE OPTIONS
/sys sysfs sysfs rw,nosuid,
├─/sys/
├─/sys/fs/cgroup cgroup2 cgroup2 rw,nosuid,
├─/sys/fs/pstore pstore pstore rw,nosuid,
├─/sys/
├─/sys/fs/bpf bpf bpf rw,nosuid,
├─/sys/kernel/debug debugfs debugfs rw,nosuid,
├─/sys/
├─/sys/
└─/sys/
$ sudo blkid
/dev/loop1: TYPE="squashfs"
/dev/nvme0n1p5: LABEL="ubuntu-data" UUID="4b2c84bc-
/dev/nvme0n1p3: LABEL="ubuntu-boot" UUID="5a2c439c-
Valentin David (valentin.david) wrote : | #10 |
For the Star Labs System, I think this is an issue with the firmware. I do not think the lockout is the issue.
Could you give the output of the following commands on the Star Labs System?
sudo cat /sys/firmware/
cat /sys/firmware/
Viktor Petersson (vpetersson) wrote : | #11 |
Sure thing:
$ sudo cat /sys/firmware/
54504D324C00000
00004000D4FE000
$ cat /sys/firmware/
cat: /sys/firmware/
$ ls /sys/firmware/
Boot0000-
Boot0001-
Boot0002-
BootCurrent-
BootOptionSuppo
BootOrder-
ConIn-8be4df61-
ConInDev-
Valentin David (valentin.david) wrote : | #12 |
It looks like the firmware on the Star Labs machine does not support secure boot. I wonder if it is a build of edk2 without secure boot and tpm2 enabled. Could you see if you can update the firmware with fwupd?
Viktor Petersson (vpetersson) wrote : | #13 |
> It looks like the firmware on the Star Labs machine does not support secure boot. I wonder if it is a build of edk2 without secure boot and tpm2 enabled. Could you see if you can update the firmware with fwupd?
I'm 99% sure it does. In fact, it will not boot anything that isn't Secure Boot
Viktor Petersson (vpetersson) wrote : | #14 |
Interesting:
$ sudo snap install test-snapd-mokutil --beta --devmode
test-snapd-mokutil (beta) 0.3.0 from Sergio Cazzolato (cachio) installed
$ test-snapd-mokutil --sb-state
This system doesn't support Secure Boot
Valentin David (valentin.david) wrote : | #15 |
> In fact, it will not boot anything that isn't Secure Boot
I think it is probably booting only UEFI and it cannot boot legacy BIOS. But I do not think it boots in secure boot.
Since they claim it can do secure boot and measured boot on their website, I expect there are newer builds of the firmware that can do it.
Or maybe there is some firmware configuration. Have you tried to go in the settings menu of the firmware? Probably pressing ESC while booting.
Viktor Petersson (vpetersson) wrote : | #16 |
Thanks, Valentin. I'm in conversation with the vendor and they are working on reproducing (and patching) the BIOS.
I'm also still awaiting the output from the other NUC.
Star Labs (starlabs) wrote : | #17 |
To update from our end. The current coreboot build is built with SecureBoot disabled and hidden.
We have since verified on our reference AMI firmware that the hardware will allow an FDE with TPM deployment of Ubuntu core 22.
Now we know the requirements, we can adjust the coreboot firmware to requirements.
Changed in snapd: | |
assignee: | nobody → Valentin David (valentin.david) |
status: | New → Triaged |
importance: | Undecided → High |
Viktor Petersson (vpetersson) wrote : | #18 |
@Valintin - I think we can rule out the Star Labs device for this for now. Will chat with the guys over there on the best way to proceed.
In the meantime, here's the output from the first NUC:
```
$ ls -l /sys/kernel/
-r--r----- 1 root root 0 Apr 25 17:38 /sys/kernel/
```
```
$ sudo snap install tpm2-tools-
tpm2-tools-
```
```
$ sudo snap connect tpm2-tools-
```
```
$ sudo tpm2-tools-
TPM2_PT_PERMANENT:
ownerAuthSet: 0
endorsementAu
lockoutAuthSet: 1
reserved1: 0
disableClear: 1
inLockout: 0
tpmGeneratedEPS: 0
reserved2: 0
TPM2_PT_
phEnable: 1
shEnable: 1
ehEnable: 1
phEnableNV: 1
reserved1: 0
orderly: 1
TPM2_PT_
TPM2_PT_HR_LOADED: 0x0
TPM2_PT_
TPM2_PT_HR_ACTIVE: 0x0
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
```
Valentin David (valentin.david) wrote : | #19 |
Yes, there is a lockout. There was probably another system using the TPM on this machine. Could you try to do the following?
echo 5 | sudo tee /sys/class/
sudo snap reboot --install
Viktor Petersson (vpetersson) wrote : | #20 |
Here's the output from the various commands after the reset:
$ sudo blkid
/dev/loop1: TYPE="squashfs"
/dev/nvme0n1p5: LABEL="ubuntu-data" UUID="d751579d-
/dev/nvme0n1p3: LABEL="ubuntu-boot" UUID="e946a179-
/dev/nvme0n1p1: PARTLABEL="BIOS Boot" PARTUUID=
/dev/nvme0n1p4: LABEL="ubuntu-save" UUID="f9db7166-
/dev/nvme0n1p2: LABEL_FATBOOT=
/dev/loop4: TYPE="squashfs"
/dev/loop2: TYPE="squashfs"
/dev/loop0: TYPE="squashfs"
/dev/loop3: TYPE="squashfs"
$ sudo dmsetup ls --target crypt
No devices found
$ lsblk -o NAME,SIZE,
NAME SIZE TYPE MOUNTPOINT
loop0 74.2M loop /snap/core22/1122
loop1 1.6M loop /snap/pc/146
loop2 296.3M loop /snap/pc-
loop3 334.8M loop /snap/pc-
loop4 40.4M loop /snap/snapd/20671
nvme0n1 238.5G disk
├─nvme0n1p1 1M part
├─nvme0n1p2 1.2G part /var/lib/snapd/seed
├─nvme0n1p3 750M part /run/mnt/
├─nvme0n1p4 32M part /var/lib/snapd/save
└─nvme0n1p5 236.5G part /writable
$ ls -l /sys/kernel/
-r--r----- 1 root root 0 May 1 13:08 /sys/kernel/
$ sudo snap install tpm2-tools-
tpm2-tools-
$ sudo snap connect tpm2-tools-
$ sudo tpm2-tools-
TPM2_PT_PERMANENT:
ownerAuthSet: 0
endorsementAu
lockoutAuthSet: 1
reserved1: 0
disableClear: 1
inLockout: 0
tpmGeneratedEPS: 0
reserved2: 0
TPM2_PT_
phEnable: 1
shEnable: 1
ehEnable: 1
phEnableNV: 1
reserved1: 0
orderly: 1
TPM2_PT_
TPM2_PT_HR_LOADED: 0x0
TPM2_PT_
TPM2_PT_HR_ACTIVE: 0x0
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
TPM2_PT_
From what I can gather based on the output, FDE did not kick in.
What is the output of "findmnt --submounts /sys"?