diff --git a/efi/preinstall/checks.go b/efi/preinstall/checks.go index 6cc24665..bc27a8f4 100644 --- a/efi/preinstall/checks.go +++ b/efi/preinstall/checks.go @@ -489,6 +489,9 @@ func RunChecks(ctx context.Context, flags CheckFlags, loadedImages []secboot_efi } if len(deferredErrs) > 0 { + // If we are returning one or more error, then append any warnings + // to the returned errors as well. + deferredErrs = append(deferredErrs, warnings...) return nil, joinErrors(deferredErrs...) } diff --git a/efi/preinstall/checks_context_test.go b/efi/preinstall/checks_context_test.go index 922a25b7..31bda63d 100644 --- a/efi/preinstall/checks_context_test.go +++ b/efi/preinstall/checks_context_test.go @@ -22,7 +22,6 @@ package preinstall_test import ( "context" "crypto" - "encoding/json" "io" "time" @@ -1732,14 +1731,26 @@ C7E003CB tpm2.PropertyManufacturer: uint32(tpm2.TPMManufacturerINTC), }, enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, - profileOpts: PCRProfileOptionsDefault, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, + }, + profileOpts: PCRProfileOptionsDefault, prepare: func(_ int) { s.HierarchyChangeAuth(c, tpm2.HandleLockout, []byte("1234")) c.Check(s.TPM.SetPrimaryPolicy(s.TPM.OwnerHandleContext(), make([]byte, 32), tpm2.HashAlgorithmSHA256, nil), IsNil) }, - actions: []actionAndArgs{{action: ActionNone}}, + actions: []actionAndArgs{{action: ActionNone}}, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) c.Check(errs[0], ErrorMatches, `error with TPM2 device: one or more of the TPM hierarchies is already owned: - TPM_RH_LOCKOUT has an authorization value - TPM_RH_OWNER has an authorization policy @@ -1800,7 +1811,18 @@ C7E003CB tpm2.PropertyManufacturer: uint32(tpm2.TPMManufacturerINTC), }, enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, - profileOpts: PCRProfileOptionsDefault, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, + }, + profileOpts: PCRProfileOptionsDefault, prepare: func(_ int) { c.Assert(s.TPM.DictionaryAttackParameters(s.TPM.LockoutHandleContext(), 32, 7200, 86400, nil), IsNil) // Authorize the lockout hierarchy enough times with a bogus value to trip it @@ -1829,9 +1851,10 @@ C7E003CB c.Errorf("unexpected error: %v", err) } }, - actions: []actionAndArgs{{action: ActionNone}}, + actions: []actionAndArgs{{action: ActionNone}}, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) c.Check(errs[0], ErrorMatches, `error with TPM2 device: TPM is in DA lockout mode`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindTPMDeviceLockout, &TPMDeviceLockoutArgs{IntervalDuration: 2 * time.Hour, TotalDuration: 64 * time.Hour}, []Action{ActionRebootToFWSettings}, errs[0].Unwrap())) } @@ -1884,10 +1907,22 @@ C7E003CB tpm2.PropertyPSFamilyIndicator: 1, }, enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, - profileOpts: PCRProfileOptionsDefault, - actions: []actionAndArgs{{action: ActionNone}}, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, + }, + profileOpts: PCRProfileOptionsDefault, + actions: []actionAndArgs{{action: ActionNone}}, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) c.Check(errs[0], ErrorMatches, `error with TPM2 device: insufficient NV counters available`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindInsufficientTPMStorage, nil, []Action{ActionRebootToFWSettings}, errs[0].Unwrap())) } @@ -1972,9 +2007,21 @@ C7E003CB s.HierarchyChangeAuth(c, tpm2.HandleLockout, []byte("1234")) }, - actions: []actionAndArgs{{action: ActionNone}}, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, + }, + actions: []actionAndArgs{{action: ActionNone}}, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Assert(errs, HasLen, 2) + c.Assert(errs, HasLen, 5) c.Check(errs[0], ErrorMatches, `error with TPM2 device: one or more of the TPM hierarchies is already owned: - TPM_RH_LOCKOUT has an authorization value @@ -2361,6 +2408,14 @@ C7E003CB })), efitest.WithAMD64Environment("GenuineIntel", []uint64{cpuid.SDBG, cpuid.SMX}, 4, map[uint32]uint64{0x13a: (3 << 1), 0xc80: 0x40000000}), efitest.WithSysfsDevices(devices), + efitest.WithMockVars(efitest.MockVars{ + {Name: "AuditMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "BootCurrent", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x3, 0x0}}, + {Name: "BootOptionSupport", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x13, 0x03, 0x00, 0x00}}, + {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x1}}, + {Name: "SetupMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "OsIndicationsSupported", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, + }.SetSecureBoot(true).SetPK(c, efitest.NewSignatureListX509(c, snakeoilCert, efi.MakeGUID(0x03f66fa4, 0x5eee, 0x479c, 0xa408, [...]uint8{0xc4, 0xdc, 0x0a, 0x33, 0xfc, 0xde})))), ), tpmPropertyModifiers: map[tpm2.Property]uint32{ tpm2.PropertyNVCountersMax: 0, @@ -2368,9 +2423,21 @@ C7E003CB tpm2.PropertyManufacturer: uint32(tpm2.TPMManufacturerINTC), }, enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, - actions: []actionAndArgs{{action: ActionNone}}, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, + }, + actions: []actionAndArgs{{action: ActionNone}}, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 5) c.Check(errs[0], ErrorMatches, `error with system security: the platform firmware contains a debugging endpoint enabled`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindUEFIDebuggingEnabled, nil, []Action{ActionContactOEM}, errs[0].Unwrap())) } @@ -2410,6 +2477,14 @@ C7E003CB })), efitest.WithAMD64Environment("GenuineIntel", []uint64{cpuid.SDBG, cpuid.SMX}, 4, map[uint32]uint64{0x13a: (3 << 1), 0xc80: 0x40000000}), efitest.WithSysfsDevices(devices), + efitest.WithMockVars(efitest.MockVars{ + {Name: "AuditMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "BootCurrent", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x3, 0x0}}, + {Name: "BootOptionSupport", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x13, 0x03, 0x00, 0x00}}, + {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x1}}, + {Name: "SetupMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "OsIndicationsSupported", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, + }.SetSecureBoot(true).SetPK(c, efitest.NewSignatureListX509(c, snakeoilCert, efi.MakeGUID(0x03f66fa4, 0x5eee, 0x479c, 0xa408, [...]uint8{0xc4, 0xdc, 0x0a, 0x33, 0xfc, 0xde})))), ), tpmPropertyModifiers: map[tpm2.Property]uint32{ tpm2.PropertyNVCountersMax: 0, @@ -2417,9 +2492,21 @@ C7E003CB tpm2.PropertyManufacturer: uint32(tpm2.TPMManufacturerINTC), }, enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, - actions: []actionAndArgs{{action: ActionNone}}, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, + }, + actions: []actionAndArgs{{action: ActionNone}}, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 5) c.Check(errs[0], ErrorMatches, `error with system security: the platform firmware indicates that DMA protections are insufficient`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindInsufficientDMAProtection, nil, []Action{ActionRebootToFWSettings}, errs[0].Unwrap())) } @@ -2452,6 +2539,14 @@ C7E003CB efitest.WithLog(efitest.NewLog(c, &efitest.LogOptions{Algorithms: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}})), efitest.WithAMD64Environment("GenuineIntel", []uint64{cpuid.SDBG, cpuid.SMX}, 4, map[uint32]uint64{0x13a: (3 << 1), 0xc80: 0x40000000}), efitest.WithSysfsDevices(devices), + efitest.WithMockVars(efitest.MockVars{ + {Name: "AuditMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "BootCurrent", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x3, 0x0}}, + {Name: "BootOptionSupport", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x13, 0x03, 0x00, 0x00}}, + {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x1}}, + {Name: "SetupMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "OsIndicationsSupported", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, + }.SetSecureBoot(true).SetPK(c, efitest.NewSignatureListX509(c, snakeoilCert, efi.MakeGUID(0x03f66fa4, 0x5eee, 0x479c, 0xa408, [...]uint8{0xc4, 0xdc, 0x0a, 0x33, 0xfc, 0xde})))), ), tpmPropertyModifiers: map[tpm2.Property]uint32{ tpm2.PropertyNVCountersMax: 0, @@ -2459,9 +2554,21 @@ C7E003CB tpm2.PropertyManufacturer: uint32(tpm2.TPMManufacturerINTC), }, enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, - actions: []actionAndArgs{{action: ActionNone}}, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, + }, + actions: []actionAndArgs{{action: ActionNone}}, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) c.Check(errs[0], ErrorMatches, `error with system security: no kernel IOMMU support was detected`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindNoKernelIOMMU, nil, []Action{ActionContactOSVendor}, errs[0].Unwrap())) } @@ -2499,6 +2606,14 @@ C7E003CB efitest.WithLog(efitest.NewLog(c, &efitest.LogOptions{Algorithms: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}})), efitest.WithAMD64Environment("GenuineIntel", []uint64{cpuid.SDBG, cpuid.SMX}, 4, map[uint32]uint64{0x13a: (2 << 1), 0xc80: 0x40000000}), efitest.WithSysfsDevices(devices), + efitest.WithMockVars(efitest.MockVars{ + {Name: "AuditMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "BootCurrent", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x3, 0x0}}, + {Name: "BootOptionSupport", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x13, 0x03, 0x00, 0x00}}, + {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x1}}, + {Name: "SetupMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "OsIndicationsSupported", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, + }.SetSecureBoot(true).SetPK(c, efitest.NewSignatureListX509(c, snakeoilCert, efi.MakeGUID(0x03f66fa4, 0x5eee, 0x479c, 0xa408, [...]uint8{0xc4, 0xdc, 0x0a, 0x33, 0xfc, 0xde})))), ), tpmPropertyModifiers: map[tpm2.Property]uint32{ tpm2.PropertyNVCountersMax: 0, @@ -2506,9 +2621,21 @@ C7E003CB tpm2.PropertyManufacturer: uint32(tpm2.TPMManufacturerINTC), }, enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, - actions: []actionAndArgs{{action: ActionNone}}, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, + }, + actions: []actionAndArgs{{action: ActionNone}}, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) c.Check(errs[0], ErrorMatches, `error with system security: access to the discrete TPM's startup locality is available to platform firmware and privileged OS code, preventing any mitigation against reset attacks`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindTPMStartupLocalityNotProtected, nil, nil, errs[0].Unwrap())) } @@ -2545,6 +2672,14 @@ C7E003CB })), efitest.WithAMD64Environment("GenuineIntel", []uint64{cpuid.SDBG, cpuid.SMX}, 4, map[uint32]uint64{0x13a: (2 << 1), 0xc80: 0x40000000}), efitest.WithSysfsDevices(devices), + efitest.WithMockVars(efitest.MockVars{ + {Name: "AuditMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "BootCurrent", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x3, 0x0}}, + {Name: "BootOptionSupport", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x13, 0x03, 0x00, 0x00}}, + {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x1}}, + {Name: "SetupMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "OsIndicationsSupported", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, + }.SetSecureBoot(true).SetPK(c, efitest.NewSignatureListX509(c, snakeoilCert, efi.MakeGUID(0x03f66fa4, 0x5eee, 0x479c, 0xa408, [...]uint8{0xc4, 0xdc, 0x0a, 0x33, 0xfc, 0xde})))), ), tpmPropertyModifiers: map[tpm2.Property]uint32{ tpm2.PropertyNVCountersMax: 0, @@ -2552,10 +2687,21 @@ C7E003CB tpm2.PropertyManufacturer: uint32(tpm2.TPMManufacturerINTC), }, enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, - actions: []actionAndArgs{{action: ActionNone}}, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, + }, + actions: []actionAndArgs{{action: ActionNone}}, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Logf("%v", errs) - c.Assert(errs, HasLen, 2) + c.Assert(errs, HasLen, 6) c.Check(errs[0], ErrorMatches, `error with system security: the platform firmware contains a debugging endpoint enabled`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindUEFIDebuggingEnabled, nil, []Action{ActionContactOEM}, errs[0].Unwrap())) @@ -2826,7 +2972,7 @@ C7E003CB actions: []actionAndArgs{{action: ActionNone}}, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Assert(errs, HasLen, 3) + c.Assert(errs, HasLen, 4) c.Check(errs[0], ErrorMatches, `error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindPCRUnsupported, &PCRUnsupportedArgs{PCR: 1, URL: "https://github.com/canonical/secboot/issues/322"}, nil, errs[0].Unwrap())) @@ -2902,11 +3048,11 @@ C7E003CB actions: []actionAndArgs{{action: ActionNone}}, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) c.Check(errs[0], ErrorMatches, `the PCR bank for TPM_ALG_SHA384 is missing from the TCG log but active and with one or more empty PCRs on the TPM`) - c.Check(errs[0], DeepEquals, NewWithKindAndActionsErrorForTest( + c.Check(errs[0], DeepEquals, NewWithKindAndActionsError( ErrorKindEmptyPCRBanks, - map[string]json.RawMessage{"algs": []byte("[12]")}, + &EmptyPCRBanksError{Algs: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA384}}, []Action{ActionRebootToFWSettings, ActionContactOEM}, &EmptyPCRBanksError{Algs: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA384}}, )) @@ -2978,7 +3124,7 @@ C7E003CB actions: []actionAndArgs{{action: ActionNone}}, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) c.Check(errs[0], ErrorMatches, `value added retailer supplied drivers were detected to be running`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindVARSuppliedDriversPresent, nil, nil, ErrVARSuppliedDriversPresent)) } @@ -3049,7 +3195,7 @@ C7E003CB actions: []actionAndArgs{{action: ActionNone}}, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) c.Check(errs[0], ErrorMatches, `system preparation applications were detected to be running`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindSysPrepApplicationsPresent, nil, nil, ErrSysPrepApplicationsPresent)) } @@ -3120,7 +3266,7 @@ C7E003CB actions: []actionAndArgs{{action: ActionNone}}, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(errs, HasLen, 1) + c.Check(errs, HasLen, 4) c.Check(errs[0], ErrorMatches, `Absolute was detected to be active and it is advised that this is disabled`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindAbsolutePresent, nil, []Action{ActionContactOEM, ActionRebootToFWSettings}, ErrAbsoluteComputraceActive)) } @@ -3192,7 +3338,7 @@ C7E003CB profileOpts: PCRProfileOptionsDefault, actions: []actionAndArgs{{action: ActionNone}}, }) - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) c.Check(errs[0], ErrorMatches, `error with boot manager code \(PCR4\) measurements: not all EV_EFI_BOOT_SERVICES_APPLICATION boot manager launch digests could be verified`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindPCRUnusable, PCRUnusableArg(4), []Action{ActionContactOEM}, errs[0].Unwrap())) } @@ -3263,7 +3409,7 @@ C7E003CB actions: []actionAndArgs{{action: ActionNone}}, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(errs, HasLen, 1) + c.Check(errs, HasLen, 4) c.Check(errs[0], ErrorMatches, `error with secure boot policy \(PCR7\) measurements: deployed mode should be enabled in order to generate secure boot profiles`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindInvalidSecureBootMode, nil, []Action{ActionRebootToFWSettings}, errs[0].Unwrap())) } @@ -3351,7 +3497,7 @@ C7E003CB actions: []actionAndArgs{{action: ActionNone}}, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(errs, HasLen, 1) + c.Check(errs, HasLen, 4) c.Check(errs[0], ErrorMatches, `error with secure boot policy \(PCR7\) measurements: unexpected EV_EFI_VARIABLE_DRIVER_CONFIG event: all expected secure boot variable have been measured`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindPCRUnusable, PCRUnusableArg(7), []Action{ActionContactOEM}, errs[0].Unwrap())) } @@ -3424,7 +3570,7 @@ C7E003CB actions: []actionAndArgs{{action: ActionNone}}, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(errs, HasLen, 3) + c.Check(errs, HasLen, 6) c.Check(errs[0], ErrorMatches, `value added retailer supplied drivers were detected to be running`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindVARSuppliedDriversPresent, nil, nil, ErrVARSuppliedDriversPresent)) @@ -3435,165 +3581,162 @@ C7E003CB c.Check(errs[2], DeepEquals, NewWithKindAndActionsError(ErrorKindPreOSDigestVerificationDetected, nil, nil, ErrPreOSVerificationUsingDigests)) } -// TODO: This is disabled temporarily until a follow-up PR which adds warnings to the returned errors -// if RunChecks is going to return one or more errors anyway. -//func (s *runChecksContextSuite) TestRunChecksBadTPMHierarchiesOwnedAndNoSecureBootPolicySupport(c *C) { -// // Test case with more than one error. -// meiAttrs := map[string][]byte{ -// "fw_ver": []byte(`0:16.1.27.2176 -//0:16.1.27.2176 -//0:16.0.15.1624 -//`), -// "fw_status": []byte(`94000245 -//09F10506 -//00000020 -//00004000 -//00041F03 -//C7E003CB -//`), -// } -// devices := map[string][]internal_efi.SysfsDevice{ -// "iommu": []internal_efi.SysfsDevice{ -// efitest.NewMockSysfsDevice("dmar0", "/sys/devices/virtual/iommu/dmar0", "iommu", nil), -// efitest.NewMockSysfsDevice("dmar1", "/sys/devices/virtual/iommu/dmar1", "iommu", nil), -// }, -// "mei": []internal_efi.SysfsDevice{ -// efitest.NewMockSysfsDevice("mei0", "/sys/devices/pci0000:00/0000:00:16.0/mei/mei0", "mei", meiAttrs), -// }, -// } -// -// errs := s.testRun(c, &testRunChecksContextRunParams{ -// env: efitest.NewMockHostEnvironmentWithOpts( -// efitest.WithVirtMode(internal_efi.VirtModeNone, internal_efi.DetectVirtModeAll), -// efitest.WithTPMDevice(tpm2_testutil.NewTransportBackedDevice(s.Transport, false, 1)), -// efitest.WithLog(efitest.NewLog(c, &efitest.LogOptions{ -// Algorithms: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, -// })), -// efitest.WithAMD64Environment("GenuineIntel", []uint64{cpuid.SDBG, cpuid.SMX}, 4, map[uint32]uint64{0x13a: (3 << 1), 0xc80: 0x40000000}), -// efitest.WithSysfsDevices(devices), -// efitest.WithMockVars(efitest.MockVars{ -// {Name: "AuditMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, -// {Name: "BootCurrent", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x3, 0x0}}, -// {Name: "BootOptionSupport", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x13, 0x03, 0x00, 0x00}}, -// {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, -// {Name: "SetupMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, -// {Name: "OsIndicationsSupported", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, -// }.SetSecureBoot(true).SetPK(c, efitest.NewSignatureListX509(c, snakeoilCert, efi.MakeGUID(0x03f66fa4, 0x5eee, 0x479c, 0xa408, [...]uint8{0xc4, 0xdc, 0x0a, 0x33, 0xfc, 0xde})))), -// ), -// tpmPropertyModifiers: map[tpm2.Property]uint32{ -// tpm2.PropertyNVCountersMax: 0, -// tpm2.PropertyPSFamilyIndicator: 1, -// tpm2.PropertyManufacturer: uint32(tpm2.TPMManufacturerINTC), -// }, -// enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, -// prepare: func(_ int) { -// c.Assert(s.TPM.HierarchyChangeAuth(s.TPM.LockoutHandleContext(), []byte{1, 2, 3, 4}, nil), IsNil) -// }, -// loadedImages: []secboot_efi.Image{ -// &mockImage{ -// contents: []byte("mock shim executable"), -// digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), -// signatures: []*efi.WinCertificateAuthenticode{ -// efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), -// }, -// }, -// &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, -// &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, -// }, -// profileOpts: PCRProfileOptionsDefault, -// actions: []actionAndArgs{{action: ActionNone}}, -// expectedPcrAlg: tpm2.HashAlgorithmSHA256, -// }) -// c.Assert(errs, HasLen, 2) -// -// c.Check(errs[0], ErrorMatches, `error with TPM2 device: one or more of the TPM hierarchies is already owned: -//- TPM_RH_LOCKOUT has an authorization value -//`) -// c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindTPMHierarchiesOwned, &TPM2OwnedHierarchiesError{WithAuthValue: tpm2.HandleList{tpm2.HandleLockout}}, []Action{ActionRebootToFWSettings}, errs[0].Unwrap())) -// -// c.Check(errs[1], ErrorMatches, `error with secure boot policy \(PCR7\) measurements: deployed mode should be enabled in order to generate secure boot profiles`) -// c.Check(errs[1], DeepEquals, NewWithKindAndActionsError(ErrorKindInvalidSecureBootMode, nil, []Action{ActionRebootToFWSettings}, errs[1].Unwrap())) -//} - -// TODO: This is disabled temporarily until a follow-up PR which adds warnings to the returned errors -// if RunChecks is going to return one or more errors anyway. -//func (s *runChecksContextSuite) TestRunChecksBadEmptyPCRBankAndNoBootManagerCodeProfileSupport(c *C) { -// s.RequireAlgorithm(c, tpm2.AlgorithmSHA384) -// -// meiAttrs := map[string][]byte{ -// "fw_ver": []byte(`0:16.1.27.2176 -//0:16.1.27.2176 -//0:16.0.15.1624 -//`), -// "fw_status": []byte(`94000245 -//09F10506 -//00000020 -//00004000 -//00041F03 -//C7E003CB -//`), -// } -// devices := map[string][]internal_efi.SysfsDevice{ -// "iommu": []internal_efi.SysfsDevice{ -// efitest.NewMockSysfsDevice("dmar0", "/sys/devices/virtual/iommu/dmar0", "iommu", nil), -// efitest.NewMockSysfsDevice("dmar1", "/sys/devices/virtual/iommu/dmar1", "iommu", nil), -// }, -// "mei": []internal_efi.SysfsDevice{ -// efitest.NewMockSysfsDevice("mei0", "/sys/devices/pci0000:00/0000:00:16.0/mei/mei0", "mei", meiAttrs), -// }, -// } -// -// errs := s.testRun(c, &testRunChecksContextRunParams{ -// env: efitest.NewMockHostEnvironmentWithOpts( -// efitest.WithVirtMode(internal_efi.VirtModeNone, internal_efi.DetectVirtModeAll), -// efitest.WithTPMDevice(tpm2_testutil.NewTransportBackedDevice(s.Transport, false, 1)), -// efitest.WithLog(efitest.NewLog(c, &efitest.LogOptions{ -// Algorithms: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, -// })), -// efitest.WithAMD64Environment("GenuineIntel", []uint64{cpuid.SDBG, cpuid.SMX}, 4, map[uint32]uint64{0x13a: (3 << 1), 0xc80: 0x40000000}), -// efitest.WithSysfsDevices(devices), -// efitest.WithMockVars(efitest.MockVars{ -// {Name: "AuditMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, -// {Name: "BootCurrent", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x3, 0x0}}, -// {Name: "BootOptionSupport", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x13, 0x03, 0x00, 0x00}}, -// {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, -// {Name: "SetupMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, -// {Name: "OsIndicationsSupported", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, -// }.SetSecureBoot(true).SetPK(c, efitest.NewSignatureListX509(c, snakeoilCert, efi.MakeGUID(0x03f66fa4, 0x5eee, 0x479c, 0xa408, [...]uint8{0xc4, 0xdc, 0x0a, 0x33, 0xfc, 0xde})))), -// ), -// tpmPropertyModifiers: map[tpm2.Property]uint32{ -// tpm2.PropertyNVCountersMax: 0, -// tpm2.PropertyPSFamilyIndicator: 1, -// tpm2.PropertyManufacturer: uint32(tpm2.TPMManufacturerINTC), -// }, -// enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256, tpm2.HashAlgorithmSHA384}, -// loadedImages: []secboot_efi.Image{ -// &mockImage{ -// contents: []byte("mock shim executable"), -// digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), -// signatures: []*efi.WinCertificateAuthenticode{ -// efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), -// }, -// }, -// &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, -// }, -// profileOpts: PCRProfileOptionsDefault, -// actions: []actionAndArgs{{action: ActionNone}}, -// expectedPcrAlg: tpm2.HashAlgorithmSHA256, -// }) -// c.Assert(errs, HasLen, 2) -// -// c.Check(errs[0], ErrorMatches, `the PCR bank for TPM_ALG_SHA384 is missing from the TCG log but active and with one or more empty PCRs on the TPM`) -// c.Check(errs[0], DeepEquals, NewWithKindAndActionsError( -// ErrorKindEmptyPCRBanks, -// &EmptyPCRBanksError{Algs: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA384}}, -// []Action{ActionRebootToFWSettings, ActionContactOEM}, -// errs[0].Unwrap(), -// )) -// -// c.Check(errs[1], ErrorMatches, `error with boot manager code \(PCR4\) measurements: not all EV_EFI_BOOT_SERVICES_APPLICATION boot manager launch digests could be verified`) -// c.Check(errs[1], DeepEquals, NewWithKindAndActionsError(ErrorKindPCRUnusable, PCRUnusableArg(4), []Action{ActionContactOEM}, errs[1].Unwrap())) -//} +func (s *runChecksContextSuite) TestRunChecksBadTPMHierarchiesOwnedAndNoSecureBootPolicySupport(c *C) { + // Test case with more than one error. + meiAttrs := map[string][]byte{ + "fw_ver": []byte(`0:16.1.27.2176 +0:16.1.27.2176 +0:16.0.15.1624 +`), + "fw_status": []byte(`94000245 +09F10506 +00000020 +00004000 +00041F03 +C7E003CB +`), + } + devices := map[string][]internal_efi.SysfsDevice{ + "iommu": []internal_efi.SysfsDevice{ + efitest.NewMockSysfsDevice("dmar0", "/sys/devices/virtual/iommu/dmar0", "iommu", nil), + efitest.NewMockSysfsDevice("dmar1", "/sys/devices/virtual/iommu/dmar1", "iommu", nil), + }, + "mei": []internal_efi.SysfsDevice{ + efitest.NewMockSysfsDevice("mei0", "/sys/devices/pci0000:00/0000:00:16.0/mei/mei0", "mei", meiAttrs), + }, + } + + errs := s.testRun(c, &testRunChecksContextRunParams{ + env: efitest.NewMockHostEnvironmentWithOpts( + efitest.WithVirtMode(internal_efi.VirtModeNone, internal_efi.DetectVirtModeAll), + efitest.WithTPMDevice(tpm2_testutil.NewTransportBackedDevice(s.Transport, false, 1)), + efitest.WithLog(efitest.NewLog(c, &efitest.LogOptions{ + Algorithms: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, + })), + efitest.WithAMD64Environment("GenuineIntel", []uint64{cpuid.SDBG, cpuid.SMX}, 4, map[uint32]uint64{0x13a: (3 << 1), 0xc80: 0x40000000}), + efitest.WithSysfsDevices(devices), + efitest.WithMockVars(efitest.MockVars{ + {Name: "AuditMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "BootCurrent", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x3, 0x0}}, + {Name: "BootOptionSupport", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x13, 0x03, 0x00, 0x00}}, + {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "SetupMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "OsIndicationsSupported", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, + }.SetSecureBoot(true).SetPK(c, efitest.NewSignatureListX509(c, snakeoilCert, efi.MakeGUID(0x03f66fa4, 0x5eee, 0x479c, 0xa408, [...]uint8{0xc4, 0xdc, 0x0a, 0x33, 0xfc, 0xde})))), + ), + tpmPropertyModifiers: map[tpm2.Property]uint32{ + tpm2.PropertyNVCountersMax: 0, + tpm2.PropertyPSFamilyIndicator: 1, + tpm2.PropertyManufacturer: uint32(tpm2.TPMManufacturerINTC), + }, + enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, + prepare: func(_ int) { + c.Assert(s.TPM.HierarchyChangeAuth(s.TPM.LockoutHandleContext(), []byte{1, 2, 3, 4}, nil), IsNil) + }, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, + }, + profileOpts: PCRProfileOptionsDefault, + actions: []actionAndArgs{{action: ActionNone}}, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, + }) + c.Logf("%v", errs) + c.Assert(errs, HasLen, 5) + + c.Check(errs[0], ErrorMatches, `error with TPM2 device: one or more of the TPM hierarchies is already owned: +- TPM_RH_LOCKOUT has an authorization value +`) + c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindTPMHierarchiesOwned, &TPM2OwnedHierarchiesError{WithAuthValue: tpm2.HandleList{tpm2.HandleLockout}}, []Action{ActionRebootToFWSettings}, errs[0].Unwrap())) + + c.Check(errs[4], ErrorMatches, `error with secure boot policy \(PCR7\) measurements: deployed mode should be enabled in order to generate secure boot profiles`) + c.Check(errs[4], DeepEquals, NewWithKindAndActionsError(ErrorKindInvalidSecureBootMode, nil, []Action{ActionRebootToFWSettings}, errs[4].Unwrap())) +} + +func (s *runChecksContextSuite) TestRunChecksBadEmptyPCRBankAndNoBootManagerCodeProfileSupport(c *C) { + s.RequireAlgorithm(c, tpm2.AlgorithmSHA384) + + meiAttrs := map[string][]byte{ + "fw_ver": []byte(`0:16.1.27.2176 +0:16.1.27.2176 +0:16.0.15.1624 +`), + "fw_status": []byte(`94000245 +09F10506 +00000020 +00004000 +00041F03 +C7E003CB +`), + } + devices := map[string][]internal_efi.SysfsDevice{ + "iommu": []internal_efi.SysfsDevice{ + efitest.NewMockSysfsDevice("dmar0", "/sys/devices/virtual/iommu/dmar0", "iommu", nil), + efitest.NewMockSysfsDevice("dmar1", "/sys/devices/virtual/iommu/dmar1", "iommu", nil), + }, + "mei": []internal_efi.SysfsDevice{ + efitest.NewMockSysfsDevice("mei0", "/sys/devices/pci0000:00/0000:00:16.0/mei/mei0", "mei", meiAttrs), + }, + } + + errs := s.testRun(c, &testRunChecksContextRunParams{ + env: efitest.NewMockHostEnvironmentWithOpts( + efitest.WithVirtMode(internal_efi.VirtModeNone, internal_efi.DetectVirtModeAll), + efitest.WithTPMDevice(tpm2_testutil.NewTransportBackedDevice(s.Transport, false, 1)), + efitest.WithLog(efitest.NewLog(c, &efitest.LogOptions{ + Algorithms: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, + })), + efitest.WithAMD64Environment("GenuineIntel", []uint64{cpuid.SDBG, cpuid.SMX}, 4, map[uint32]uint64{0x13a: (3 << 1), 0xc80: 0x40000000}), + efitest.WithSysfsDevices(devices), + efitest.WithMockVars(efitest.MockVars{ + {Name: "AuditMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "BootCurrent", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x3, 0x0}}, + {Name: "BootOptionSupport", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x13, 0x03, 0x00, 0x00}}, + {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "SetupMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "OsIndicationsSupported", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, + }.SetSecureBoot(true).SetPK(c, efitest.NewSignatureListX509(c, snakeoilCert, efi.MakeGUID(0x03f66fa4, 0x5eee, 0x479c, 0xa408, [...]uint8{0xc4, 0xdc, 0x0a, 0x33, 0xfc, 0xde})))), + ), + tpmPropertyModifiers: map[tpm2.Property]uint32{ + tpm2.PropertyNVCountersMax: 0, + tpm2.PropertyPSFamilyIndicator: 1, + tpm2.PropertyManufacturer: uint32(tpm2.TPMManufacturerINTC), + }, + enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256, tpm2.HashAlgorithmSHA384}, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + }, + profileOpts: PCRProfileOptionsDefault, + actions: []actionAndArgs{{action: ActionNone}}, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, + }) + c.Assert(errs, HasLen, 6) + + c.Check(errs[0], ErrorMatches, `the PCR bank for TPM_ALG_SHA384 is missing from the TCG log but active and with one or more empty PCRs on the TPM`) + c.Check(errs[0], DeepEquals, NewWithKindAndActionsError( + ErrorKindEmptyPCRBanks, + &EmptyPCRBanksError{Algs: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA384}}, + []Action{ActionRebootToFWSettings, ActionContactOEM}, + errs[0].Unwrap(), + )) + + c.Check(errs[1], ErrorMatches, `error with boot manager code \(PCR4\) measurements: not all EV_EFI_BOOT_SERVICES_APPLICATION boot manager launch digests could be verified`) + c.Check(errs[1], DeepEquals, NewWithKindAndActionsError(ErrorKindPCRUnusable, PCRUnusableArg(4), []Action{ActionContactOEM}, errs[1].Unwrap())) +} func (s *runChecksContextSuite) TestRunChecksBadEmptyPCRBankAndNoKernelIOMMU(c *C) { s.RequireAlgorithm(c, tpm2.AlgorithmSHA384) @@ -3629,7 +3772,7 @@ C7E003CB {Name: "AuditMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, {Name: "BootCurrent", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x3, 0x0}}, {Name: "BootOptionSupport", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x13, 0x03, 0x00, 0x00}}, - {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x1}}, {Name: "SetupMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, {Name: "OsIndicationsSupported", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, }.SetSecureBoot(true).SetPK(c, efitest.NewSignatureListX509(c, snakeoilCert, efi.MakeGUID(0x03f66fa4, 0x5eee, 0x479c, 0xa408, [...]uint8{0xc4, 0xdc, 0x0a, 0x33, 0xfc, 0xde})))), @@ -3655,7 +3798,7 @@ C7E003CB actions: []actionAndArgs{{action: ActionNone}}, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Assert(errs, HasLen, 2) + c.Assert(errs, HasLen, 5) c.Check(errs[0], ErrorMatches, `the PCR bank for TPM_ALG_SHA384 is missing from the TCG log but active and with one or more empty PCRs on the TPM`) c.Check(errs[0], DeepEquals, NewWithKindAndActionsError(ErrorKindEmptyPCRBanks, &EmptyPCRBanksError{Algs: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA384}}, []Action{ActionRebootToFWSettings, ActionContactOEM}, errs[0].Unwrap())) diff --git a/efi/preinstall/checks_test.go b/efi/preinstall/checks_test.go index c126289a..24050fbe 100644 --- a/efi/preinstall/checks_test.go +++ b/efi/preinstall/checks_test.go @@ -2154,6 +2154,101 @@ func (s *runChecksSuite) TestRunChecksBadTPM2DeviceDisabled(c *C) { c.Check(errors.As(err, &te), testutil.IsTrue) } +func (s *runChecksSuite) TestRunChecksBadErrorsIncludeWarnings(c *C) { + // Have an explicit test case that demonstrate we return any warnings as + // errors in the case where we are returning errors anyway. + meiAttrs := map[string][]byte{ + "fw_ver": []byte(`0:16.1.27.2176 +0:16.1.27.2176 +0:16.0.15.1624 +`), + "fw_status": []byte(`94000245 +09F10506 +00000020 +00004000 +00041F03 +C7E003CB +`), + } + devices := map[string][]internal_efi.SysfsDevice{ + "iommu": []internal_efi.SysfsDevice{ + efitest.NewMockSysfsDevice("dmar0", "/sys/devices/virtual/iommu/dmar0", "iommu", nil), + efitest.NewMockSysfsDevice("dmar1", "/sys/devices/virtual/iommu/dmar1", "iommu", nil), + }, + "mei": []internal_efi.SysfsDevice{ + efitest.NewMockSysfsDevice("mei0", "/sys/devices/pci0000:00/0000:00:16.0/mei/mei0", "mei", meiAttrs), + }, + } + + _, err := s.testRunChecks(c, &testRunChecksParams{ + env: efitest.NewMockHostEnvironmentWithOpts( + efitest.WithVirtMode(internal_efi.VirtModeNone, internal_efi.DetectVirtModeAll), + efitest.WithTPMDevice(tpm2_testutil.NewTransportBackedDevice(s.Transport, false, 1)), + efitest.WithLog(efitest.NewLog(c, &efitest.LogOptions{Algorithms: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}})), + efitest.WithAMD64Environment("GenuineIntel", []uint64{cpuid.SDBG, cpuid.SMX}, 4, map[uint32]uint64{0xc80: 0x40000000, 0x13a: (3 << 1)}), + efitest.WithSysfsDevices(devices), + efitest.WithMockVars(efitest.MockVars{ + {Name: "AuditMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "BootCurrent", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x3, 0x0}}, + {Name: "BootOptionSupport", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x13, 0x03, 0x00, 0x00}}, + {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x1}}, + {Name: "SetupMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "OsIndicationsSupported", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, + }.SetSecureBoot(true).SetPK(c, efitest.NewSignatureListX509(c, snakeoilCert, efi.MakeGUID(0x03f66fa4, 0x5eee, 0x479c, 0xa408, [...]uint8{0xc4, 0xdc, 0x0a, 0x33, 0xfc, 0xde})))), + ), + tpmPropertyModifiers: map[tpm2.Property]uint32{ + tpm2.PropertyNVCountersMax: 0, + tpm2.PropertyPSFamilyIndicator: 1, + tpm2.PropertyManufacturer: uint32(tpm2.TPMManufacturerINTC), + }, + enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, + prepare: func() { + // Trip the DA logic by setting newMaxTries to 0 in order to generate an error + c.Assert(s.TPM.DictionaryAttackParameters(s.TPM.LockoutHandleContext(), 0, 10000, 10000, nil), IsNil) + + // Invalidate PCR0 in order to generate a warning because of the presence of + // PermitNoPlatformFirmwareProfileSupport. + _, err := s.TPM.PCREvent(s.TPM.PCRHandleContext(0), []byte("foo"), nil) + c.Check(err, IsNil) + }, + flags: PermitNoPlatformFirmwareProfileSupport | PermitNoPlatformConfigProfileSupport | PermitNoDriversAndAppsConfigProfileSupport | PermitNoBootManagerCodeProfileSupport | PermitNoBootManagerConfigProfileSupport | PermitNoSecureBootPolicyProfileSupport, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, + }, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, + }) + c.Check(err, ErrorMatches, `5 errors detected: +- error with TPM2 device: TPM is in DA lockout mode +- error with platform firmware \(PCR0\) measurements: PCR value mismatch \(actual from TPM 0xe9995745ca25279ec699688b70488116fe4d9f053cb0991dd71e82e7edfa66b5, reconstructed from log 0xa6602a7a403068b5556e78cc3f5b00c9c76d33d514093ca9b584dce7590e6c69\) +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) + + var ce CompoundError + c.Assert(err, Implements, &ce) + ce = err.(CompoundError) + errs := ce.Unwrap() + c.Assert(errs, HasLen, 5) + + var te *TPM2DeviceError + c.Assert(errors.As(errs[0], &te), testutil.IsTrue) + c.Check(errors.Is(te, ErrTPMLockout), testutil.IsTrue) + + var pfe *PlatformFirmwarePCRError + c.Assert(errors.As(errs[1], &pfe), testutil.IsTrue) + var pme *PCRValueMismatchError + c.Check(errors.As(pfe, &pme), testutil.IsTrue) +} + func (s *runChecksSuite) TestRunChecksBadTPMOwnedHierarchiesAndLockedOut(c *C) { // Test case with more than TPM error. meiAttrs := map[string][]byte{ @@ -2186,6 +2281,14 @@ C7E003CB efitest.WithLog(efitest.NewLog(c, &efitest.LogOptions{Algorithms: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}})), efitest.WithAMD64Environment("GenuineIntel", []uint64{cpuid.SDBG, cpuid.SMX}, 4, map[uint32]uint64{0xc80: 0x40000000, 0x13a: (3 << 1)}), efitest.WithSysfsDevices(devices), + efitest.WithMockVars(efitest.MockVars{ + {Name: "AuditMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "BootCurrent", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x3, 0x0}}, + {Name: "BootOptionSupport", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x13, 0x03, 0x00, 0x00}}, + {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x1}}, + {Name: "SetupMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "OsIndicationsSupported", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, + }.SetSecureBoot(true).SetPK(c, efitest.NewSignatureListX509(c, snakeoilCert, efi.MakeGUID(0x03f66fa4, 0x5eee, 0x479c, 0xa408, [...]uint8{0xc4, 0xdc, 0x0a, 0x33, 0xfc, 0xde})))), ), tpmPropertyModifiers: map[tpm2.Property]uint32{ tpm2.PropertyNVCountersMax: 0, @@ -2200,19 +2303,34 @@ C7E003CB // Take ownership of the storage hierarchy s.HierarchyChangeAuth(c, tpm2.HandleOwner, []byte("1234")) }, - flags: PermitNoPlatformConfigProfileSupport | PermitNoDriversAndAppsConfigProfileSupport | PermitNoBootManagerCodeProfileSupport | PermitNoBootManagerConfigProfileSupport | PermitNoSecureBootPolicyProfileSupport, + flags: PermitNoPlatformConfigProfileSupport | PermitNoDriversAndAppsConfigProfileSupport | PermitNoBootManagerConfigProfileSupport, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, + }, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `2 errors detected: + c.Check(err, ErrorMatches, `5 errors detected: - error with TPM2 device: one or more of the TPM hierarchies is already owned: - TPM_RH_OWNER has an authorization value - error with TPM2 device: TPM is in DA lockout mode +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet `) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 2) + c.Assert(errs, HasLen, 5) var te *TPM2DeviceError c.Assert(errors.As(errs[0], &te), testutil.IsTrue) @@ -2427,6 +2545,14 @@ C7E003CB })), efitest.WithAMD64Environment("GenuineIntel", []uint64{cpuid.SDBG, cpuid.SMX}, 4, map[uint32]uint64{0xc80: 0x40000000, 0x13a: (3 << 1)}), efitest.WithSysfsDevices(devices), + efitest.WithMockVars(efitest.MockVars{ + {Name: "AuditMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "BootCurrent", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x3, 0x0}}, + {Name: "BootOptionSupport", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x13, 0x03, 0x00, 0x00}}, + {Name: "DeployedMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeNonVolatile | efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x1}}, + {Name: "SetupMode", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x0}}, + {Name: "OsIndicationsSupported", GUID: efi.GlobalVariable}: &efitest.VarEntry{Attrs: efi.AttributeBootserviceAccess | efi.AttributeRuntimeAccess, Payload: []byte{0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, + }.SetSecureBoot(true).SetPK(c, efitest.NewSignatureListX509(c, snakeoilCert, efi.MakeGUID(0x03f66fa4, 0x5eee, 0x479c, 0xa408, [...]uint8{0xc4, 0xdc, 0x0a, 0x33, 0xfc, 0xde})))), ), tpmPropertyModifiers: map[tpm2.Property]uint32{ tpm2.PropertyNVCountersMax: 0, @@ -2434,18 +2560,34 @@ C7E003CB tpm2.PropertyManufacturer: uint32(tpm2.TPMManufacturerINTC), }, enabledBanks: []tpm2.HashAlgorithmId{tpm2.HashAlgorithmSHA256}, - flags: PermitNoPlatformConfigProfileSupport | PermitNoDriversAndAppsConfigProfileSupport | PermitNoBootManagerCodeProfileSupport | PermitNoBootManagerConfigProfileSupport | PermitNoSecureBootPolicyProfileSupport, + flags: PermitNoPlatformConfigProfileSupport | PermitNoDriversAndAppsConfigProfileSupport | PermitNoBootManagerConfigProfileSupport, + loadedImages: []secboot_efi.Image{ + &mockImage{ + contents: []byte("mock shim executable"), + digest: testutil.DecodeHexString(c, "25e1b08db2f31ff5f5d2ea53e1a1e8fda6e1d81af4f26a7908071f1dec8611b7"), + signatures: []*efi.WinCertificateAuthenticode{ + efitest.ReadWinCertificateAuthenticodeDetached(c, shimUbuntuSig4), + }, + }, + &mockImage{contents: []byte("mock grub executable"), digest: testutil.DecodeHexString(c, "d5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0")}, + &mockImage{contents: []byte("mock kernel executable"), digest: testutil.DecodeHexString(c, "2ddfbd91fa1698b0d133c38ba90dbba76c9e08371ff83d03b5fb4c2e56d7e81f")}, + }, + expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `2 errors detected: + c.Check(err, ErrorMatches, `6 errors detected: - error with system security: the platform firmware contains a debugging endpoint enabled - error with system security: no kernel IOMMU support was detected +- error with secure boot policy \(PCR7\) measurements: unexpected EV_EFI_ACTION event "UEFI Debug Mode" whilst measuring config +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet `) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 2) + c.Assert(errs, HasLen, 6) var hse *HostSecurityError c.Assert(errors.As(errs[0], &hse), testutil.IsTrue) @@ -2588,13 +2730,17 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet`) + c.Check(err, ErrorMatches, `3 errors detected: +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 3) var pce *PlatformConfigPCRError c.Check(errors.As(errs[0], &pce), testutil.IsTrue) @@ -2660,13 +2806,17 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet`) + c.Check(err, ErrorMatches, `3 errors detected: +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 3) var dce *DriversAndAppsConfigPCRError c.Check(errors.As(errs[0], &dce), testutil.IsTrue) @@ -2732,13 +2882,17 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet`) + c.Check(err, ErrorMatches, `3 errors detected: +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 3) var bmce *BootManagerConfigPCRError c.Check(errors.As(errs[0], &bmce), testutil.IsTrue) @@ -2807,13 +2961,18 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `value added retailer supplied drivers were detected to be running`) + c.Check(err, ErrorMatches, `4 errors detected: +- value added retailer supplied drivers were detected to be running +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) c.Check(errors.Is(errs[0], ErrVARSuppliedDriversPresent), testutil.IsTrue) } @@ -2881,13 +3040,18 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `system preparation applications were detected to be running`) + c.Check(err, ErrorMatches, `4 errors detected: +- system preparation applications were detected to be running +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) c.Check(errors.Is(errs[0], ErrSysPrepApplicationsPresent), testutil.IsTrue) } @@ -2955,13 +3119,18 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `Absolute was detected to be active and it is advised that this is disabled`) + c.Check(err, ErrorMatches, `4 errors detected: +- Absolute was detected to be active and it is advised that this is disabled +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) c.Check(errors.Is(errs[0], ErrAbsoluteComputraceActive), testutil.IsTrue) } @@ -3027,13 +3196,18 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `error with boot manager code \(PCR4\) measurements: not all EV_EFI_BOOT_SERVICES_APPLICATION boot manager launch digests could be verified`) + c.Check(err, ErrorMatches, `4 errors detected: +- error with boot manager code \(PCR4\) measurements: not all EV_EFI_BOOT_SERVICES_APPLICATION boot manager launch digests could be verified +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) var bme *BootManagerCodePCRError c.Assert(errors.As(errs[0], &bme), testutil.IsTrue) @@ -3104,16 +3278,19 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `2 errors detected: + c.Check(err, ErrorMatches, `5 errors detected: - a weak cryptographic algorithm was detected during secure boot verification - some pre-OS components were authenticated from the authorized signature database using an Authenticode digest +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet `) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 2) + c.Assert(errs, HasLen, 5) c.Check(errors.Is(errs[0], ErrWeakSecureBootAlgorithmDetected), testutil.IsTrue) c.Check(errors.Is(errs[1], ErrPreOSVerificationUsingDigests), testutil.IsTrue) @@ -3183,13 +3360,18 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `some pre-OS components were authenticated from the authorized signature database using an Authenticode digest`) + c.Check(err, ErrorMatches, `4 errors detected: +- some pre-OS components were authenticated from the authorized signature database using an Authenticode digest +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) c.Check(errors.Is(errs[0], ErrPreOSVerificationUsingDigests), testutil.IsTrue) } @@ -3259,13 +3441,18 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `error with boot manager code \(PCR4\) measurements: log contains unexpected EV_EFI_BOOT_SERVICES_APPLICATION digest for OS-present application mock image: log digest matches flat file digest \(0xd5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0\) which suggests an image loaded outside of the LoadImage API and firmware lacking support for the EFI_TCG2_PROTOCOL and\/or the PE_COFF_IMAGE flag`) + c.Check(err, ErrorMatches, `4 errors detected: +- error with boot manager code \(PCR4\) measurements: log contains unexpected EV_EFI_BOOT_SERVICES_APPLICATION digest for OS-present application mock image: log digest matches flat file digest \(0xd5a9780e9f6a43c2e53fe9fda547be77f7783f31aea8013783242b040ff21dc0\) which suggests an image loaded outside of the LoadImage API and firmware lacking support for the EFI_TCG2_PROTOCOL and\/or the PE_COFF_IMAGE flag +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) var bce *BootManagerCodePCRError c.Check(errors.As(errs[0], &bce), testutil.IsTrue) @@ -3331,13 +3518,18 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `error with secure boot policy \(PCR7\) measurements: deployed mode should be enabled in order to generate secure boot profiles`) + c.Check(err, ErrorMatches, `4 errors detected: +- error with secure boot policy \(PCR7\) measurements: deployed mode should be enabled in order to generate secure boot profiles +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) var sbe *SecureBootPolicyPCRError c.Assert(errors.As(errs[0], &sbe), testutil.IsTrue) @@ -3404,13 +3596,18 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `error with system security: access to the discrete TPM's startup locality is available to platform firmware and privileged OS code, preventing any mitigation against reset attacks`) + c.Check(err, ErrorMatches, `4 errors detected: +- error with system security: access to the discrete TPM's startup locality is available to platform firmware and privileged OS code, preventing any mitigation against reset attacks +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) var hse *HostSecurityError c.Assert(errors.As(errs[0], &hse), testutil.IsTrue) @@ -3480,13 +3677,18 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `error with system security: access to the discrete TPM's startup locality is available to platform firmware and privileged OS code, preventing any mitigation against reset attacks`) + c.Check(err, ErrorMatches, `4 errors detected: +- error with system security: access to the discrete TPM's startup locality is available to platform firmware and privileged OS code, preventing any mitigation against reset attacks +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) var hse *HostSecurityError c.Assert(errors.As(errs[0], &hse), testutil.IsTrue) @@ -3556,13 +3758,18 @@ C7E003CB }, expectedPcrAlg: tpm2.HashAlgorithmSHA256, }) - c.Check(err, ErrorMatches, `error with system security: access to the discrete TPM's startup locality is available to platform firmware and privileged OS code, preventing any mitigation against reset attacks`) + c.Check(err, ErrorMatches, `4 errors detected: +- error with system security: access to the discrete TPM's startup locality is available to platform firmware and privileged OS code, preventing any mitigation against reset attacks +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) var hse *HostSecurityError c.Assert(errors.As(errs[0], &hse), testutil.IsTrue) @@ -3631,13 +3838,18 @@ C7E003CB expectedUsedSecureBootCAs: []*X509CertificateID{NewX509CertificateID(testutil.ParseCertificate(c, msUefiCACert))}, expectedFlags: NoPlatformConfigProfileSupport | NoDriversAndAppsConfigProfileSupport | NoBootManagerConfigProfileSupport, }) - c.Assert(err, ErrorMatches, `the PCR bank for TPM_ALG_SHA384 is missing from the TCG log but active and with one or more empty PCRs on the TPM`) + c.Assert(err, ErrorMatches, `4 errors detected: +- the PCR bank for TPM_ALG_SHA384 is missing from the TCG log but active and with one or more empty PCRs on the TPM +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet +`) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 1) + c.Assert(errs, HasLen, 4) var be *EmptyPCRBanksError c.Check(errors.As(errs[0], &be), testutil.IsTrue) @@ -3708,17 +3920,20 @@ C7E003CB expectedUsedSecureBootCAs: []*X509CertificateID{NewX509CertificateID(testutil.ParseCertificate(c, msUefiCACert))}, expectedFlags: NoPlatformConfigProfileSupport | NoDriversAndAppsConfigProfileSupport | NoBootManagerConfigProfileSupport, }) - c.Assert(err, ErrorMatches, `2 errors detected: + c.Assert(err, ErrorMatches, `5 errors detected: - error with TPM2 device: one or more of the TPM hierarchies is already owned: - TPM_RH_LOCKOUT has an authorization value - error with secure boot policy \(PCR7\) measurements: deployed mode should be enabled in order to generate secure boot profiles +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet `) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 2) + c.Assert(errs, HasLen, 5) var te *TPM2DeviceError c.Assert(errors.As(errs[0], &te), testutil.IsTrue) @@ -3792,16 +4007,19 @@ C7E003CB expectedUsedSecureBootCAs: []*X509CertificateID{NewX509CertificateID(testutil.ParseCertificate(c, msUefiCACert))}, expectedFlags: NoPlatformConfigProfileSupport | NoDriversAndAppsConfigProfileSupport | NoBootManagerConfigProfileSupport, }) - c.Assert(err, ErrorMatches, `2 errors detected: + c.Assert(err, ErrorMatches, `5 errors detected: - the PCR bank for TPM_ALG_SHA384 is missing from the TCG log but active and with one or more empty PCRs on the TPM - error with boot manager code \(PCR4\) measurements: not all EV_EFI_BOOT_SERVICES_APPLICATION boot manager launch digests could be verified +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet `) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 2) + c.Assert(errs, HasLen, 5) var be *EmptyPCRBanksError c.Check(errors.As(errs[0], &be), testutil.IsTrue) @@ -3871,16 +4089,19 @@ C7E003CB expectedUsedSecureBootCAs: []*X509CertificateID{NewX509CertificateID(testutil.ParseCertificate(c, msUefiCACert))}, expectedFlags: NoPlatformConfigProfileSupport | NoDriversAndAppsConfigProfileSupport | NoBootManagerConfigProfileSupport, }) - c.Assert(err, ErrorMatches, `2 errors detected: + c.Assert(err, ErrorMatches, `5 errors detected: - the PCR bank for TPM_ALG_SHA384 is missing from the TCG log but active and with one or more empty PCRs on the TPM - error with system security: no kernel IOMMU support was detected +- error with platform config \(PCR1\) measurements: generating profiles for PCR 1 is not supported yet +- error with drivers and apps config \(PCR3\) measurements: generating profiles for PCR 3 is not supported yet +- error with boot manager config \(PCR5\) measurements: generating profiles for PCR 5 is not supported yet `) var ce CompoundError c.Assert(err, Implements, &ce) ce = err.(CompoundError) errs := ce.Unwrap() - c.Assert(errs, HasLen, 2) + c.Assert(errs, HasLen, 5) var be *EmptyPCRBanksError c.Check(errors.As(errs[0], &be), testutil.IsTrue)