Measured boot reports volume full error when chaining EFI binary from the Sovereign Boot Provisioning Wizard

For some reason when chaining a trusted bootloader from the Sovereign Boot Provisioning Wizard, the TCG2 measurement protocol responsible for measured boot report VOLUME_FULL error when logging a PCR extend event to the event log:

```
ReadPcr - 05
Supported PCRs - Count = 00000004
GetSupportedAndActivePcrs - Count = 00000004
ReadPcr - HashAlg = 0x0004, Pcr[05], digest = C8 30 29 00 14 D1 85 61 B1 72 2B 34 5E 3A 75 15 7A 29 50 CB 
ReadPcr - HashAlg = 0x000B, Pcr[05], digest = 47 32 D9 B2 9E 22 91 2A 70 2A 3B D0 87 3C 53 EF 4B D1 CE D0 49 89 A8 44 72 66 EE 4F 97 DC 6C 90 
ReadPcr - HashAlg = 0x000C, Pcr[05], digest = F5 76 F1 A6 94 64 2D 28 1D 58 49 1C FD F7 B9 6E 99 D0 09 3B FD 89 91 B2 3E A9 5B 4F E4 BC 2D 0C 41 7F 6E 73 AC 39 12 AD 4B 21 D9 1B 41 AC 64 CB 
ReadPcr - HashAlg = 0x000D, Pcr[05], digest = CB 9B D8 6C 2B CC 00 18 30 0A AA 89 1B D7 42 ED A4 55 9C FF 6A 51 6F A5 B2 19 A0 F5 A4 EA A3 C6 C3 D3 C0 81 7B 5E CD 97 43 48 5F 88 39 29 58 EC 86 9A A2 96 B7 F5 63 B9 0B 02 5D 78 11 10 61 A7 
SupportedEventLogs - 0x00000002
  LogFormat - 0x00000002
DxeTpm2MeasureBootHandler - Tcg2 MeasureGptTable - Volume Full
The measured image path is PciRoot(0x0)/Pci(0x1F,0x2)/Sata(0x1,0xFFFF,0x0)/HD(1,GPT,F106CED9-E27E-964C-9964-46BAAC7A60D4,0x800,0x7F000)/\EFI\ubuntu\shimx64.efi.
ReadPcr - 04
Supported PCRs - Count = 00000004
GetSupportedAndActivePcrs - Count = 00000004
ReadPcr - HashAlg = 0x0004, Pcr[04], digest = 0A 94 68 02 EF 40 A5 36 FF 4F 1C AC 29 B5 F8 12 8D 76 AA FA 
ReadPcr - HashAlg = 0x000B, Pcr[04], digest = F3 69 0B 55 2D EE B3 81 E0 C1 8F 7D 0D AB DF 06 08 ED CA 4C 63 13 24 B6 99 BA C2 B7 80 02 A4 62 
ReadPcr - HashAlg = 0x000C, Pcr[04], digest = 44 2E 43 83 1E 92 78 20 4E F1 4F 41 28 AD 4D A4 78 CA 86 B9 FA CB 5A FE 6B 3D DA 26 3A 60 3E 74 98 90 33 1F 1E B6 08 84 5B 89 0E BB B2 0A 3E 7D 
ReadPcr - HashAlg = 0x000D, Pcr[04], digest = 1E D3 78 63 3A 54 10 4D C6 F9 8E 7A 05 DD 76 B8 4D 46 0C 6B DB 89 E7 C0 C2 A8 92 95 03 87 ED 9E F7 CC EE D0 01 11 78 61 46 62 CB 8F 66 1D A5 E3 83 0B 2B 6F 1D 77 F9 5B 64 4A E8 9C 0B 91 97 47 
SupportedEventLogs - 0x00000002
  LogFormat - 0x00000002
DxeTpm2MeasureBootHandler - Tcg2 MeasurePeImage - Volume Full
DxeTpm2MeasureBootHandler - Success

```

It can be seen on the screen when booting a SHIM:

<img width="608" height="116" alt="Image" src="https://github.com/user-attachments/assets/cb267010-0b29-4e93-bec3-f5d714e737d3" />

As a workaround, the TPM drivers have been disabled in the QEMU builds enabling Sovereign Boot Provisioning Wizard. The issue will be investigated in next project phases.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Measured boot reports volume full error when chaining EFI binary from the Sovereign Boot Provisioning Wizard #1479

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Measured boot reports volume full error when chaining EFI binary from the Sovereign Boot Provisioning Wizard #1479

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions