Re: [PATCH v2 0/3] Call GetEventLog before ExitBootServices

On Mon, Sep 11, 2017 at 12:00:19PM +0200, Thiebaud Weksteen wrote: > With TPM 1.2, the ACPI table ("TCPA") has two fields to recover the Event Log > Area (LAML and LASA). These logs are useful to understand and rebuild the > final values of PCRs. > > With TPM 2.0, the ACPI table ("TPM2") does not

Re: [PATCH v2 2/3] efi: call get_event_log before ExitBootServices

On Thu, Sep 14, 2017 at 12:02:47PM -0700, Jarkko Sakkinen wrote: > On Thu, Sep 14, 2017 at 11:48:54AM -0700, Matthew Garrett wrote: > > On Thu, Sep 14, 2017 at 11:43 AM, Jarkko Sakkinen > > <jarkko.sakki...@linux.intel.com> wrote: > > > On Mon, Sep 11, 2017 at 12:00

Re: [PATCH v2 2/3] efi: call get_event_log before ExitBootServices

On Mon, Sep 18, 2017 at 02:28:45PM +0200, Thiebaud Weksteen wrote: > On Thu, Sep 14, 2017 at 9:02 PM, Jarkko Sakkinen > <jarkko.sakki...@linux.intel.com> wrote: > > On Thu, Sep 14, 2017 at 11:48:54AM -0700, Matthew Garrett wrote: > >> On Thu, Sep 14, 2017 a

Re: [PATCH v3 0/5] Call GetEventLog before ExitBootServices

On Wed, Sep 20, 2017 at 10:13:35AM +0200, Thiebaud Weksteen wrote: > With TPM 1.2, the ACPI table ("TCPA") has two fields to recover the Event > Log Area (LAML and LASA). These logs are useful to understand and rebuild > the final values of PCRs. > > With TPM 2.0, the ACPI table ("TPM2") does not

Re: [PATCH v2 3/3] tpm: parse TPM event logs based on EFI table

On Mon, Sep 11, 2017 at 12:00:22PM +0200, Thiebaud Weksteen wrote: > If we are not able to retrieve the TPM event logs from the ACPI table, > check the EFI configuration table (Linux-specific GUID). > > The format version of the log may be returned by the function. If not > specified (by previous

Re: [PATCH v2 2/3] efi: call get_event_log before ExitBootServices

On Thu, Sep 14, 2017 at 11:48:54AM -0700, Matthew Garrett wrote: > On Thu, Sep 14, 2017 at 11:43 AM, Jarkko Sakkinen > <jarkko.sakki...@linux.intel.com> wrote: > > On Mon, Sep 11, 2017 at 12:00:21PM +0200, Thiebaud Weksteen wrote: > >> With TPM 2.0 specificati

Re: [PATCH v2 2/3] efi: call get_event_log before ExitBootServices

On Mon, Sep 11, 2017 at 12:00:21PM +0200, Thiebaud Weksteen wrote: > With TPM 2.0 specification, the event logs may only be accessible by > calling an EFI Boot Service. Modify the EFI stub to copy the log area to > a new Linux-specific EFI configuration table so it remains accessible > once

Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Fri, Sep 29, 2017 at 08:16:17PM +0300, Jarkko Sakkinen wrote: > On Tue, Sep 26, 2017 at 02:49:31PM +0200, Thiebaud Weksteen wrote: > > On Tue, Sep 26, 2017 at 1:45 PM, Jarkko Sakkinen > > <jarkko.sakki...@linux.intel.com> wrote: > > > On Wed, Sep 20, 2017 at 10:13

Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Wed, Oct 04, 2017 at 01:51:13PM +0300, Jarkko Sakkinen wrote: > On Fri, Sep 29, 2017 at 08:16:17PM +0300, Jarkko Sakkinen wrote: > > On Tue, Sep 26, 2017 at 02:49:31PM +0200, Thiebaud Weksteen wrote: > > > On Tue, Sep 26, 2017 at 1:45 PM, Jarkko Sakkinen > > > <j

Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Wed, Oct 04, 2017 at 01:12:27PM +0200, Thiebaud Weksteen wrote: > On Wed, Oct 4, 2017 at 12:51 PM, Jarkko Sakkinen > <jarkko.sakki...@linux.intel.com> wrote: > > On Fri, Sep 29, 2017 at 08:16:17PM +0300, Jarkko Sakkinen wrote: > >> On Tue, Sep 26, 2017 at 02:49:31

Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote: > On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote: > > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote: > > > > > The way I've agreed with James Morris to have my tree is to be rooted to > >

Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Fri, Oct 13, 2017 at 10:47:46PM +0300, Jarkko Sakkinen wrote: > On Thu, Oct 12, 2017 at 05:03:38PM +0200, Javier Martinez Canillas wrote: > > On Thu, Oct 12, 2017 at 1:38 PM, Jarkko Sakkinen > > <jarkko.sakki...@linux.intel.com> wrote: > > > > [snip] > >

Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote: > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote: > > > The way I've agreed with James Morris to have my tree is to be rooted to > > security trees next branch. > > > > James, what actions should we take?

Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote: > On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote: > > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote: > > > > > The way I've agreed with James Morris to have my tree is to be rooted to > >

Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Wed, Oct 11, 2017 at 02:53:18PM +0300, Jarkko Sakkinen wrote: > On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote: > > On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote: > > > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote: > > > > > &

Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Tue, Sep 26, 2017 at 02:49:31PM +0200, Thiebaud Weksteen wrote: > On Tue, Sep 26, 2017 at 1:45 PM, Jarkko Sakkinen > <jarkko.sakki...@linux.intel.com> wrote: > > On Wed, Sep 20, 2017 at 10:13:39AM +0200, Thiebaud Weksteen wrote: > >> With TPM 2.0 specificati

Re: [PATCH v3 2/5] tpm: rename event log provider files

{tpm_of.c => tpm_eventlog_of.c} (100%) Reviewed-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com> /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

Re: [PATCH v2 0/3] Call GetEventLog before ExitBootServices

; include/linux}/tpm_eventlog.h | 32 ++--- > 17 files changed, 301 insertions(+), 42 deletions(-) > create mode 100644 drivers/char/tpm/tpm_efi.c > create mode 100644 drivers/firmware/efi/tpm.c > rename {drivers/char/tpm => include/linux}/tpm_eventlog.h (77%) > > -- &g

Re: [PATCH -next] efi/libstub/tpm: Make function efi_retrieve_tpm2_eventlog_1_2() static

On Tue, Apr 24, 2018 at 08:39:09AM +0200, Ard Biesheuvel wrote: > On 23 April 2018 at 21:38, Jarkko Sakkinen > <jarkko.sakki...@linux.intel.com> wrote: > > On Mon, Apr 16, 2018 at 01:05:24PM +0200, Ard Biesheuvel wrote: > >> On 22 March 2018 at 15:09, Jarkko

Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Tue, Oct 17, 2017 at 10:00:15AM +0200, Thiebaud Weksteen wrote: > This patch was mainly developed and tested on Kabylake with PTT as well. > > It could be a few things. Are you booting with the EFI stub? Is the > TPM enabled within the BIOS? Does tpm_tis get loaded? Does it produce > any log?

Re: Regression from efi: call get_event_log before ExitBootServices

On Sat, 2018-03-10 at 10:45 +, Thiebaud Weksteen wrote: > On Fri, Mar 9, 2018 at 5:54 PM Jeremy Cline wrote: > > and it's hanging at "memset(log_tbl, 0, sizeof(*log_tbl) + log_size);" > > Thanks. Well, it looks like the memory that is supposedly allocated is not > usable.

Re: [PATCH -next] efi/libstub/tpm: Make function efi_retrieve_tpm2_eventlog_1_2() static

On Mon, Apr 16, 2018 at 01:05:24PM +0200, Ard Biesheuvel wrote: > On 22 March 2018 at 15:09, Jarkko Sakkinen > <jarkko.sakki...@linux.intel.com> wrote: > > On Thu, 2018-03-22 at 16:06 +0200, Jarkko Sakkinen wrote: > >> On Tue, 2018-03-20 at 14:17 +, Wei

Re: [PATCH 1/1] efi/libstub: tpm: zero initialize pointer variables for mixed mode

t;jer...@jcline.org> > Signed-off-by: Ard Biesheuvel <ard.biesheu...@linaro.org> Reviewed-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com> /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majord...@vger.kernel

Re: Regression from efi: call get_event_log before ExitBootServices

On Mon, Mar 12, 2018 at 11:41:25AM +0100, Paul Menzel wrote: > Dear Jarkko, > > > On 03/12/18 11:17, Jarkko Sakkinen wrote: > > On Sat, 2018-03-10 at 10:45 +, Thiebaud Weksteen wrote: > > > On Fri, Mar 9, 2018 at 5:54 PM Jeremy Cline <jer...@jcline.org>

Re: [PATCH -next] efi/libstub/tpm: Make function efi_retrieve_tpm2_eventlog_1_2() static

pm2_eventlog_1_2(efi_system_table_t *sys_table_arg) > { > efi_guid_t tcg2_guid = EFI_TCG2_PROTOCOL_GUID; > efi_guid_t linux_eventlog_guid = LINUX_EFI_TPM_EVENT_LOG_GUID; > Reviewed-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com> /Jarkko -- To unsubsc

Re: [PATCH -next] efi/libstub/tpm: Make function efi_retrieve_tpm2_eventlog_1_2() static

On Thu, 2018-03-22 at 16:06 +0200, Jarkko Sakkinen wrote: > On Tue, 2018-03-20 at 14:17 +, Wei Yongjun wrote: > > Fixes the following sparse warning: > > > > drivers/firmware/efi/libstub/tpm.c:62:6: warning: > > symbol 'efi_retrieve_tpm2_eventlog_1_

Re: [PATCH] efi: Include tpm_eventlog.h after asm/efi.h to avoid memcpy breakage

n > order to allow 769a8089c1fd2 to take effect on its declarations. > > Signed-off-by: Matthew Garrett Reviewed-by: Jarkko Sakkinen /Jarkko

Re: [PATCH V4 0/4] Add support for TCG2 event logs on EFI systems

On Fri, 2019-02-22 at 12:26 -0800, Matthew Garrett wrote: > This patchset adds support for obtaining the TCG2 format event log on > EFI systems, along with support for copying up the final event log to > capture events that occur after the primary log is obtained. V4 is > identical to previous

Re: [PATCH V4 2/4] tpm: Reserve the TPM final events table

On Wed, Feb 27, 2019 at 11:57:09AM -0800, Matthew Garrett wrote: > On Wed, Feb 27, 2019 at 6:03 AM Jarkko Sakkinen > wrote: > > My guess is that your patches are based a later 5.0-rcX. Unfortunately I > > cannot update my master at this point because my 5.1 PR was taken to

Re: [PATCH V4 2/4] tpm: Reserve the TPM final events table

On Fri, Feb 22, 2019 at 12:26:04PM -0800, Matthew Garrett wrote: > From: Matthew Garrett > > UEFI systems provide a boot services protocol for obtaining the TPM > event log, but this is unusable after ExitBootServices() is called. > Unfortunately ExitBootServices() itself triggers additional TPM

Re: [PATCH 1/5] tpm: Copy calc_tpm2_event_size() to TPM library

On Mon, Feb 11, 2019 at 03:30:48PM +0100, b...@semihalf.com wrote: > From: Bartosz Szczepanek > > Function to calculate event size in TPM 2.0 log will also be needed in EFI > stub. Separate it to library to make it accessible out of TPM character > driver. > > It will be removed from tpm2.c in

Re: [PATCH 3/5] tpm: Use library version of calc_tpm2_event_size in sysfs code

On Mon, Feb 11, 2019 at 03:30:50PM +0100, b...@semihalf.com wrote: > From: Bartosz Szczepanek > > Expect negative values from calc_tpm2_event_size as error codes. > Pass efispecid instead of event header to calc_tpm2_event_size. > > Also, include tpm library in the build. > > Signed-off-by:

Re: [PATCH 1/5] tpm: Copy calc_tpm2_event_size() to TPM library

On Wed, Feb 13, 2019 at 01:14:43PM +0200, Jarkko Sakkinen wrote: > On Mon, Feb 11, 2019 at 03:30:48PM +0100, b...@semihalf.com wrote: > > From: Bartosz Szczepanek > > > > Function to calculate event size in TPM 2.0 log will also be needed in EFI > > stub. Sep

Re: [PATCH 2/5] tpm: Change calc_tpm2_event_size signature

On Mon, Feb 11, 2019 at 03:30:49PM +0100, b...@semihalf.com wrote: > From: Bartosz Szczepanek > > Pass tcg_efi_specid_event as an argument instead of tcg_pcr_event, as the > former is what is actually needed to compute event size. tcg_pcr_event > structure describes TPM event log header (even

Re: [PATCH 4/5] efi/libstub/tpm: Retrieve TPM event log in 2.0 format

On Mon, Feb 11, 2019 at 03:30:51PM +0100, b...@semihalf.com wrote: > From: Bartosz Szczepanek > > Currently, the only way to get TPM 2.0 event log from firmware is to use > device tree. Introduce efi_retrieve_tpm2_eventlog_2 function to enable > retrieving it from EFI structures. > > Include

Re: linux-next: Tree for Feb 20

On Wed, Feb 20, 2019 at 11:52:52AM +0200, Jarkko Sakkinen wrote: > On Wed, Feb 20, 2019 at 05:11:15PM +0800, Zhangshaokun wrote: > > There is a compiler failure on arm64 platform, as follow: > > > > AS arch/arm64/kvm/hyp.o > > CC kernel/trace/ring_buffer.

Re: [PATCH] efi: Include tpm_eventlog.h after asm/efi.h to avoid memcpy breakage

On Wed, Apr 03, 2019 at 12:32:37PM -0700, Matthew Garrett wrote: > 769a8089c1fd2 (x86, efi, kasan: #undef memset/memcpy/memmove per arch) > disables the KASAN version of certain memory calls in the EFI boot stub. > tpm_eventlog.h references memcpy, so must be included after asm/efi.h in > order to

Re: [PATCH V7 0/4] Add support for crypto agile logs

On Sat, May 25, 2019 at 05:22:34AM +1000, James Morris wrote: > On Fri, 24 May 2019, Jarkko Sakkinen wrote: > > > I'm referring to these: > > > > https://lore.kernel.org/linux-integrity/20190329115544.ga27...@linux.intel.com/ > > > > I got respo

Re: [PATCH V2] tpm: Don't duplicate events from the final event log in the TCG2 log

that occured before > ExitBootServices() and only append events that were not also logged to > the main log. > > Signed-off-by: Matthew Garrett > Reported-by: Joe Richey > Suggested-by: Joe Richey Reviewed-by: Jarkko Sakkinen /Jarkko

Re: [PATCH] tpm: Don't duplicate events from the final event log in the TCG2 log

On Tue, Jun 04, 2019 at 12:35:11PM -0700, Matthew Garrett wrote: > After the first call to GetEventLog() on UEFI systems using the TCG2 > crypto agile log format, any further log events (other than those > triggered by ExitBootServices()) will be logged in both the main log and > also in the Final

Re: [PATCH 0/1] Fix crash in __calc_tpm2_event_size

On Wed, Jun 05, 2019 at 12:04:32AM +0100, Chris Coulson wrote: > I've been testing the latest code in the linux-tpmdd branch and I'm > experiencing a crash in __calc_tpm2_event_size when it's called to > calculate the size of events in the final log. I hope I'm not stepping on > anyone's toes, but

Re: [PATCH 1/1] tpm: Don't dereference event after it's unmapped in __calc_tpm2_event_size

of the loop. This results in an invalid access for on subsequent > loop iterations for log entries that have more than one digest. > > Signed-off-by: Chris Coulson Reviewed-by: Jarkko Sakkinen /Jarkko

Re: [PATCH] efi: Fix TPM code build failure on ARM

On Wed, Jun 05, 2019 at 11:11:40AM -0700, Matthew Garrett wrote: > asm/early_ioremap.h needs to be #included before tpm_eventlog.h in order > to ensure that early_memremap is available. > > Signed-off-by: Matthew Garrett Thanks, squashed to "tpm: Reserve the TPM final events table". /Jarkko

Re: [PATCH V2 2/2] tpm: Don't duplicate events from the final event log in the TCG2 log

On Fri, Jun 07, 2019 at 11:11:21PM +0200, Ard Biesheuvel wrote: > Acked-by: Ard Biesheuvel Ard, is it cool if I include these to my next TPM PR along with the other Matthew's changes? Just sanity checking given that crossing subsystems... /Jarkko

Re: [PATCH V2 2/2] tpm: Don't duplicate events from the final event log in the TCG2 log

that occured before > ExitBootServices() and only append events that were not also logged to > the main log. > > Signed-off-by: Matthew Garrett > Reported-by: Joe Richey > Suggested-by: Joe Richey Reviewed-by: Jarkko Sakkinen /Jarkko

Re: [PATCH V2 1/2] Abstract out support for locating an EFI config table

On Fri, Jun 07, 2019 at 01:51:46PM -0700, Matthew Garrett wrote: > We want to grab a pointer to the TPM final events table, so abstract out > the existing code for finding an FDT table and make it generic. > > Signed-off-by: Matthew Garrett Reviewed-by: Jarkko Sakkinen /Jarkko

Re: [PATCH V2 1/2] Abstract out support for locating an EFI config table

On Mon, Jun 10, 2019 at 10:46:35AM -0700, Matthew Garrett wrote: > On Mon, Jun 10, 2019 at 9:58 AM Jarkko Sakkinen > wrote: > > > > On Fri, Jun 07, 2019 at 01:51:46PM -0700, Matthew Garrett wrote: > > > We want to grab a pointer to the TPM final events table, so abst

Re: [PATCH] drivers: firmware: efi: fix gcc warning -Wint-conversion

On Wed, Jun 19, 2019 at 03:48:23PM -0700, Matthew Garrett wrote: > On Wed, Jun 19, 2019 at 2:55 AM Ard Biesheuvel > wrote: > > > > (+ Jarkko, tpmdd, Matthew) > > > > On Sat, 15 Jun 2019 at 06:02, Hariprasad Kelam > > wrote: > > > > > > This patch fixes below warning > > > > > >

Re: [PATCH] drivers: firmware: efi: fix gcc warning -Wint-conversion

On Thu, 2019-06-20 at 15:00 -0700, Matthew Garrett wrote: > On Thu, Jun 20, 2019 at 2:37 PM Jarkko Sakkinen > wrote: > > Right! OK, I squashed just the fix to the earlier patch. Master and > > next are updated. Can you take a peek of [1] and see if it looks > > legit g

Re: [PATCH V2 1/2] Abstract out support for locating an EFI config table

On Fri, Jun 07, 2019 at 01:51:46PM -0700, Matthew Garrett wrote: > We want to grab a pointer to the TPM final events table, so abstract out > the existing code for finding an FDT table and make it generic. > > Signed-off-by: Matthew Garrett Just to clarify are these extensions to what you did

Re: [PATCH V7 0/4] Add support for crypto agile logs

On Thu, May 23, 2019 at 03:14:49PM +0300, Jarkko Sakkinen wrote: > On Mon, May 20, 2019 at 01:54:57PM -0700, Matthew Garrett wrote: > > Identical to previous version except without the KSAN workaround - Ard > > has a better solution for that. > > > Reviewed-by: J

Re: [PATCH V7 0/4] Add support for crypto agile logs

On Mon, May 20, 2019 at 01:54:57PM -0700, Matthew Garrett wrote: > Identical to previous version except without the KSAN workaround - Ard > has a better solution for that. Reviewed-by: Jarkko Sakkinen Tested-by: Jarkko Sakkinen /Jarkko

Re: [PATCH V7 0/4] Add support for crypto agile logs

On Fri, May 24, 2019 at 02:54:20AM +1000, James Morris wrote: > On Thu, 23 May 2019, Jarkko Sakkinen wrote: > > > On Thu, May 23, 2019 at 03:14:49PM +0300, Jarkko Sakkinen wrote: > > > On Mon, May 20, 2019 at 01:54:57PM -0700, Matthew Garrett wrote: > > > > Ide

Re: [PATCH] x86/boot: provide KASAN compatible aliases for string routines

> tpm.c:(.text+0x2a8): undefined reference to `__memcpy' > > So let's expose the __ prefixed symbols in the decompressor when > KASAN is enabled. > > Cc: Andrey Konovalov > Cc: Matthew Garrett > Signed-off-by: Ard Biesheuvel Acked-by: Jarkko Sakkinen /Jarkko

Re: [PATCH V7 0/4] Add support for crypto agile logs

On Mon, May 20, 2019 at 01:54:57PM -0700, Matthew Garrett wrote: > Identical to previous version except without the KSAN workaround - Ard > has a better solution for that. I'll check in detail through tomorrow but probably will get merged now that we have Ard's ack's (thanks Ard for all the

Re: [PATCH 1/2] efi+tpm: Don't access event->count when it isn't mapped.

On Mon, Aug 26, 2019 at 10:44:31AM -0700, Matthew Garrett wrote: > On Mon, Aug 26, 2019 at 9:28 AM Jarkko Sakkinen > wrote: > > > > On Mon, Aug 26, 2019 at 11:30:27AM -0400, Peter Jones wrote: > > > Some machines generate a lot of event log entries. When we're > >

Re: [PATCH 1/2] efi+tpm: Don't access event->count when it isn't mapped.

t. Hilarity ensues. > > This patch keeps the info from the header in local variables so we don't > need to access that page again or keep track of if it's mapped. > > Signed-off-by: Peter Jones > Tested-by: Lyude Paul Reviewed-by: Jarkko Sakkinen /Jarkko

Re: [PATCH 2/2] efi+tpm: don't traverse an event log with no events

al_tbl->version) > + + sizeof(final_tbl->nr_events); > + tbl_size = tpm2_calc_event_log_size(events, > + final_tbl->nr_events, > + log_tbl->log); > + } Reviewed-by: Jarkko Sakkinen /Jarkko

Re: [PATCH 1/2] efi+tpm: Don't access event->count when it isn't mapped.

On Tue, Aug 27, 2019 at 02:03:44PM +0300, Jarkko Sakkinen wrote: > > Jarkko, these two should probably go to 5.3 if possible - I > > independently had a report of a system hitting this issue last week > > (Intel apparently put a surprising amount of data in the event logs on >

Re: [PATCH 1/2] efi+tpm: Don't access event->count when it isn't mapped.

On Tue, Aug 27, 2019 at 06:11:58PM -0400, Peter Jones wrote: > On Tue, Aug 27, 2019 at 04:41:55PM +0300, Jarkko Sakkinen wrote: > > On Tue, Aug 27, 2019 at 02:03:44PM +0300, Jarkko Sakkinen wrote: > > > > Jarkko, these two should probably go to 5.3 if possible - I >

Re: [PATCH 5.3 regression fix] efi-stub: Fix get_efi_config_table on mixed-mode setups

On Wed, Aug 07, 2019 at 11:59:03PM +0200, Hans de Goede wrote: > Fix get_efi_config_table using the wrong structs when booting a > 64 bit kernel on 32 bit firmware. > > Cc: Matthew Garrett > Cc: Ard Biesheuvel > Cc: Jarkko Sakkinen > Fixes: 82d736ac56d7 ("Abstrac

Re: [PATCH v2 1/2] efi+tpm: Don't access event->count when it isn't mapped.

On Wed, Sep 25, 2019 at 09:41:33AM -0700, Jerry Snitselaar wrote: > On Wed Sep 25 19, Jerry Snitselaar wrote: > > On Wed Sep 25 19, Jarkko Sakkinen wrote: > > > On Wed, Sep 25, 2019 at 12:25:05PM +0200, Ard Biesheuvel wrote: > > > > On Wed, 25 Sep 2019 at 12:16,

Re: [PATCH v3] tpm: only set efi_tpm_final_log_size after successful event log parsing

event parsing > in this case is resolved by Peter Jone's patchset dealing with large > event logs where crossing over a page boundary causes the page with > the event count to be unmapped. > > Fixes: c46f3405692de ("tpm: Reserve the TPM final events table") > Cc: linux-efi@vger.kernel.org > Cc: linux-integr...@vger.kernel.org > Cc: sta...@vger.kernel.org > Cc: Matthew Garrett > Cc: Ard Biesheuvel > Cc: Jarkko Sakkinen > Signed-off-by: Jerry Snitselaar Reviewed-by: /Jarkko

Re: [PATCH v2 1/2] efi+tpm: Don't access event->count when it isn't mapped.

On Wed, Sep 25, 2019 at 08:16:16AM -0700, Jerry Snitselaar wrote: > On Wed Sep 25 19, Jarkko Sakkinen wrote: > > On Wed, Sep 25, 2019 at 12:25:05PM +0200, Ard Biesheuvel wrote: > > > On Wed, 25 Sep 2019 at 12:16, Jarkko Sakkinen > > > wrote: > > > > > >

Re: [PATCH] efi/tpm: return -EINVAL when determining tpm final events log size fails

Cc: Ard Biesheuvel > Cc: Jarkko Sakkinen > Cc: linux-efi@vger.kernel.org > Cc: linux-integr...@vger.kernel.org > Fixes: e658c82be556 ("efi/tpm: Only set 'efi_tpm_final_log_size' after > successful event log parsing") > Suggested-by: Dan Carpenter > Signed-off-by

Re: [PATCH v3] x86, efi: never relocate kernel below lowest acceptable address

On Mon, Oct 14, 2019 at 11:18:25PM +0200, Borislav Petkov wrote: > On Mon, Oct 14, 2019 at 11:21:11PM +0300, Jarkko Sakkinen wrote: > > Was there a section in the patch submission documentation to point out > > when people send patches with all the possible twists for an acrony

Re: [PATCH v3] x86, efi: never relocate kernel below lowest acceptable address

On Wed, Oct 16, 2019 at 08:23:56AM -0700, Joe Perches wrote: > On Wed, 2019-10-16 at 18:20 +0300, Jarkko Sakkinen wrote: > > On Mon, Oct 14, > 2019 at 11:18:25PM +0200, Borislav Petkov wrote: > > > On Mon, Oct 14, 2019 at 11:21:11PM +0300, Jarkko Sakkinen wrote: > &

Re: Add support for TCG2 log format on UEFI systems

On Wed, Feb 27, 2019 at 12:26:54PM -0800, Matthew Garrett wrote: > Identical to V4, but based on tpmdd-next This is not found /sys/kernel/security/tpm0/ascii_bios_measurements But still [0.00] efi: ACPI 2.0=0x69ca2000 ACPI=0x69ca2000 TPMFinalLog=0x69ce4000 SMBIOS=0x69f63000 SMBIOS

Re: Add support for TCG2 log format on UEFI systems

On Thu, Mar 14, 2019 at 02:04:02PM -0700, Matthew Garrett wrote: > On Thu, Mar 14, 2019 at 2:35 AM Jarkko Sakkinen > wrote: > > > > On Wed, Feb 27, 2019 at 12:26:54PM -0800, Matthew Garrett wrote: > > > Identical to V4, but based on tpmdd-next > > > > This

Re: Add support for TCG2 log format on UEFI systems

On Wed, Feb 27, 2019 at 12:26:54PM -0800, Matthew Garrett wrote: > Identical to V4, but based on tpmdd-next OK, so on my GLK NUC I get valid final log and invalid event log after adding some extra klogs. I.e. - if (efi.tpm_log == EFI_INVALID_TABLE_ADDR) + if (efi.tpm_log ==

Re: Add support for TCG2 log format on UEFI systems

On Mon, Apr 01, 2019 at 08:32:26PM -0700, Matthew Garrett wrote: > On Mon, Apr 1, 2019 at 4:52 PM Jarkko Sakkinen > wrote: > > > > On Wed, Feb 27, 2019 at 12:26:54PM -0800, Matthew Garrett wrote: > > > Identical to V4, but based on tpmdd-next > > > > OK,

Re: Add support for TCG2 log format on UEFI systems

On Tue, Apr 02, 2019 at 10:15:39AM -0700, Matthew Garrett wrote: > On Tue, Apr 2, 2019 at 6:07 AM Jarkko Sakkinen > wrote: > > Reviewed-by: Jarkko Sakkinen > > Tested-by: Jarkko Sakkinen > > > > I'll apply all patches soonish and include them to the next PR. >

Re: [PATCH 1/2] efi: Fix cast to pointer from integer of different size in TPM log code

rett Reviewed-by: Jarkko Sakkinen /Jarkko

Re: [PATCH 2/2] tpm: Fix builds on platforms that lack early_memremap()

ned-off-by: Matthew Garrett Reviewed-by: Jarkko Sakkinen /Jarkko

Re: [PATCH] TCG2 log support build fixes for non-x86_64

On Tue, Apr 02, 2019 at 02:55:54PM -0700, Matthew Garrett wrote: > Couple of patches to fix ktest reported issues with the crypto-agile log > format support. I guess I squash these to your earlier commits? /Jarkko

Re: [PATCH] TCG2 log support build fixes for non-x86_64

On Tue, Apr 02, 2019 at 02:55:54PM -0700, Matthew Garrett wrote: > Couple of patches to fix ktest reported issues with the crypto-agile log > format support. Applied and squashed. Should be soon in linux-next. /Jarkko

Re: [PATCH V5 2/4] tpm: Reserve the TPM final events table

On Tue, Apr 30, 2019 at 03:07:09PM +0200, Bartosz Szczepanek wrote: > I may be a little late with this comment, but I've just tested these > patches on aarch64 platform (from the top of jjs/master) and got > kernel panic ("Unable to handle kernel read", full log at the end of > mail). I think

Re: [PATCH V5 2/4] tpm: Reserve the TPM final events table

On Thu, May 02, 2019 at 09:14:49AM +0200, Ard Biesheuvel wrote: > (+ Ingo) > > On Tue, 30 Apr 2019 at 21:52, Matthew Garrett wrote: > > > > On Tue, Apr 30, 2019 at 6:07 AM Bartosz Szczepanek > > wrote: > > > > > > I may be a little late with this comment, but I've just tested these > > >

Re: [PATCH V5 2/4] tpm: Reserve the TPM final events table

On Thu, May 02, 2019 at 11:03:08AM -0700, Matthew Garrett wrote: > On Thu, May 2, 2019 at 1:32 AM Jarkko Sakkinen > wrote: > > > > On Tue, Apr 30, 2019 at 03:07:09PM +0200, Bartosz Szczepanek wrote: > > > I may be a little late with this comment, but I've just

Re: [PATCH V5 2/4] tpm: Reserve the TPM final events table

On Fri, May 03, 2019 at 08:02:18AM +0200, Ingo Molnar wrote: > > * Matthew Garrett wrote: > > > On Thu, May 2, 2019 at 12:15 AM Ard Biesheuvel > > wrote: > > > > > > (+ Ingo) > > > > > > On Tue, 30 Apr 2019 at 21:52, Matthew Garrett wrote: > > > > > > > > On Tue, Apr 30, 2019 at 6:07 AM

Re: [PATCH v2 1/2] efi+tpm: Don't access event->count when it isn't mapped.

On Wed, Sep 25, 2019 at 12:25:05PM +0200, Ard Biesheuvel wrote: > On Wed, 25 Sep 2019 at 12:16, Jarkko Sakkinen > wrote: > > > > From: Peter Jones > > > > Some machines generate a lot of event log entries. When we're > > iterating over them, the code remove

[PATCH v2 2/2] efi+tpm: don't traverse an event log with no events

by: Jarkko Sakkinen Acked-by: Matthew Garrett Acked-by: Ard Biesheuvel Signed-off-by: Jarkko Sakkinen --- drivers/firmware/efi/tpm.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/drivers/firmware/efi/tpm.c b/drivers/firmware/efi/tpm.c index 1d3f5ca3eaaf..b9ae5c6f9

[PATCH v2 1/2] efi+tpm: Don't access event->count when it isn't mapped.

es Tested-by: Lyude Paul Reviewed-by: Jarkko Sakkinen Acked-by: Matthew Garrett Acked-by: Ard Biesheuvel Signed-off-by: Jarkko Sakkinen --- include/linux/tpm_eventlog.h | 14 +++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/include/linux/tpm_eventlog.h b/inc

Re: [PATCH v2] x86, efi: never relocate kernel below lowest acceptable address

On Fri, Sep 20, 2019 at 12:05:21AM +0800, Kairui Song wrote: > Currently, kernel fails to boot on some HyperV VMs when using EFI. > And it's a potential issue on all platforms. > > It's caused a broken kernel relocation on EFI systems, when below three > conditions are met: > > 1. Kernel image

Re: [RFC PATCH] tpm: only set efi_tpm_final_log_size after successful event log parsing

On Wed, Sep 18, 2019 at 12:16:26PM -0700, Jerry Snitselaar wrote: > + if (tbl_size < 0) { > + pr_err("Failed to parse event in TPM Final Event log\n"); FW_BUG? > + goto calc_out; > + } > + > memblock_reserve((unsigned long)final_tbl, >

Re: [PATCH v3] x86, efi: never relocate kernel below lowest acceptable address

On Mon, Oct 14, 2019 at 12:14:19PM +0200, Borislav Petkov wrote: > Your spelling of "EFI" is like a random number generator in this > paragraph: "Efi", "efi" and "EFI". Can you please be more careful when > writing your commit messages? They're not some random text you hurriedly > jot down before

Re: [PATCH] efi: expose TPM event log to userspace via sysfs

On Fri Apr 26, 2024 at 11:19 AM EEST, Mikko Rapeli wrote: > Hi, > > On Fri, Apr 26, 2024 at 10:40:20AM +0300, Jarkko Sakkinen wrote: > > On Fri Apr 26, 2024 at 10:35 AM EEST, Jarkko Sakkinen wrote: > > > On Thu Apr 25, 2024 at 5:01 PM EEST, Jarkko Sakkinen wrote: > >

Re: [PATCH] efi: expose TPM event log to userspace via sysfs

On Fri Apr 26, 2024 at 10:35 AM EEST, Jarkko Sakkinen wrote: > On Thu Apr 25, 2024 at 5:01 PM EEST, Jarkko Sakkinen wrote: > > On Thu Apr 25, 2024 at 12:58 PM EEST, Lennart Poettering wrote: > > > General purpose distros typically don't build all TPM drivers into the > >

Re: [PATCH] efi: expose TPM event log to userspace via sysfs

On Thu Apr 25, 2024 at 5:01 PM EEST, Jarkko Sakkinen wrote: > On Thu Apr 25, 2024 at 12:58 PM EEST, Lennart Poettering wrote: > > General purpose distros typically don't build all TPM drivers into the > > kernel, but ship some in the initrd instead. Then, udev is responsible > &

Re: [PATCH] efi: expose TPM event log to userspace via sysfs

On Thu Apr 25, 2024 at 11:56 AM EEST, Mikko Rapeli wrote: > 1) is there a TPM device Translates to "Does /sys/class/tpm/tpm0 exists?" TPM version can be determined with /sys/class/tpm/tpm0/tpm_version_major BR, Jarkko

Re: [PATCH] efi: expose TPM event log to userspace via sysfs

On Thu Apr 25, 2024 at 12:58 PM EEST, Lennart Poettering wrote: > General purpose distros typically don't build all TPM drivers into the > kernel, but ship some in the initrd instead. Then, udev is responsible > for iterating all buses/devices and auto-loading the necessary > drivers. Each loaded