TPM PCR values change after the first reboot
My setup consists of a QEMU image with u-boot 2024.01 and 6.6 Linux kernel. As a TPM I'm using swtpm. For some reason, if I reboot the device the PCR register values are different in the initial boot than in the subsequent boots.
To elaborate more, my problem is the following: I boot the device, and the PCR 0 has for example value A. After a reboot the PCR value is different, let's say B. On subsequent reboots, the PCR values stay the same, B. If I close the QEMU emulator and restart it, the PCR value is again A, until I reboot it and it is again B. I'm using PCR 0 as an example, but this applies to all of the PCRs (except the ones that are never extended).
This is the case if I read the PCR registers with the tpm2_pcrread command. However, reading with tpm2_eventlog /sys/kernel/security/tpm0/binary_bios_measurements command would suggest that the PCR registers are always the same value. This would make me believe that something happens to the PCRs after u-boot measurements are performed. Or do these measurements get reset in the reboot?
I have also checked that during a reboot the PCR registers are reset to their default values in u-boot after the TPM has been initialized, so to me it seems like the TPM gets reset correctly between reboots.
In addition to this, I have also noticed an issue where u-boot hangs for about five seconds to the "Starting kernel ..." print after loading the kernel. After that, the kernel logs are printed normally. This would also suggest that something odd happens after the first boot.
Are any of my assumptions here correct? Is it correct to assume that the PCR values should be identical on every boot?
