From mboxrd@z Thu Jan  1 00:00:00 1970
From: Marcos Simo PIco <marcossp@kth.se>
Subject: Pv-grub and vTPM PCR extension
Date: Fri, 11 Sep 2015 19:37:39 +0200
Message-ID: <55F31163.1010605@kth.se>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: xen-devel@lists.xen.org
List-Id: xen-devel@lists.xenproject.org

Hi all,

I've been playing with vTPMs without any issue. I used to boot guests by 
providing the kernel from dom0. Then I wanted to boot my guests using 
pv-grub. Pv-grub succeeds connecting to the vTPM, however, PCRs are not 
extended. The only PCR reflecting measurements is PCR10 (IMA).

vTPMs seems to work properly in either cases, but I expected PCRs 4-5 to 
be extended when booting with pv-grub. Am I missing something?

This is how the guest's config file looks like:

#PV-GRUB
kernel = '/usr/lib/grub-xen/grub-x86_64-xen.bin'
extra = '(hd0,0)/boot/grub/menu.lst'
root = ''
#PV-GRUB

vcpus = '1'
memory = '3072'
disk=['tap:aio:/root/domu.img,xvda1,w']
name = 'domU'
vif = [ '','bridge=xenbr0']
dhcp = "dhcp"
on_poweroff = 'destroy'
on_reboot = 'restart'
on_crash = 'restart'
vtpm=["backend=vtpm"]

Thanks for any help you can provide.

Best,
Marcos.