Re: [tpmdd-devel] [PATCH v2 2/3] efi: call get_event_log before ExitBootServices

efi_tpm_eventlog_init should be in patch 0003 and not 0002. I'll send a new version of the patch set once I've received more feedback. On Wed, Sep 13, 2017 at 4:49 PM, kbuild test robot wrote: > Hi Thiebaud, > > [auto build test ERROR on efi/next] > [also build test ERROR on

Re: [tpmdd-devel] [PATCH v2 3/3] tpm: parse TPM event logs based on EFI table

Fixed in next patch set On Wed, Sep 13, 2017 at 6:27 PM, kbuild test robot wrote: > Hi Thiebaud, > > [auto build test ERROR on efi/next] > [also build test ERROR on next-20170913] > [cannot apply to char-misc/char-misc-testing linus/master v4.13] > [if your patch is applied to

Re: [tpmdd-devel] [PATCH v2 2/3] efi: call get_event_log before ExitBootServices

On Thu, Sep 14, 2017 at 12:24 PM, Javier Martinez Canillas <javi...@redhat.com> wrote: > On 09/11/2017 12:00 PM, Thiebaud Weksteen via tpmdd-devel wrote: >> With TPM 2.0 specification, the event logs may only be accessible by >> calling an EFI Boot Service. Modify the EFI stub

Re: [tpmdd-devel] [PATCH v2 3/3] tpm: parse TPM event logs based on EFI table

On Tue, Sep 12, 2017 at 10:48 AM, Thiebaud Weksteen wrote: > On Mon, Sep 11, 2017 at 10:47:50AM -0600, Jason Gunthorpe wrote: >> On Mon, Sep 11, 2017 at 12:00:22PM +0200, Thiebaud Weksteen wrote: >> >> > chip->bin_log_seqops.chip = chip; >> > - if (chip->flags &

Re: [tpmdd-devel] [PATCH v2 2/3] efi: call get_event_log before ExitBootServices

On Thu, Sep 14, 2017 at 9:02 PM, Jarkko Sakkinen wrote: > On Thu, Sep 14, 2017 at 11:48:54AM -0700, Matthew Garrett wrote: >> On Thu, Sep 14, 2017 at 11:43 AM, Jarkko Sakkinen >> wrote: >> > On Mon, Sep 11, 2017 at 12:00:21PM

Re: [tpmdd-devel] [PATCH v2 3/3] tpm: parse TPM event logs based on EFI table

On Thu, Sep 14, 2017 at 8:47 PM, Jarkko Sakkinen wrote: > On Mon, Sep 11, 2017 at 12:00:22PM +0200, Thiebaud Weksteen wrote: >> If we are not able to retrieve the TPM event logs from the ACPI table, >> check the EFI configuration table (Linux-specific GUID). >> >>

[tpmdd-devel] [PATCH v3 5/5] tpm: parse TPM event logs based on EFI table

If we are not able to retrieve the TPM event logs from the ACPI table, check the EFI configuration table (Linux-specific GUID). The format version of the log is now returned by the provider function. Signed-off-by: Thiebaud Weksteen --- drivers/char/tpm/Makefile|

[tpmdd-devel] [PATCH v3 0/5] Call GetEventLog before ExitBootServices

With TPM 1.2, the ACPI table ("TCPA") has two fields to recover the Event Log Area (LAML and LASA). These logs are useful to understand and rebuild the final values of PCRs. With TPM 2.0, the ACPI table ("TPM2") does not contain these fields anymore. The recommended method is now to call the

[tpmdd-devel] [PATCH v3 2/5] tpm: rename event log provider files

Rename the current TPM Event Log provider files (ACPI and OF) for clarity. Signed-off-by: Thiebaud Weksteen --- drivers/char/tpm/Makefile| 4 ++-- drivers/char/tpm/{tpm_acpi.c => tpm_eventlog_acpi.c} | 0 drivers/char/tpm/{tpm_of.c =>

[tpmdd-devel] [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

With TPM 2.0 specification, the event logs may only be accessible by calling an EFI Boot Service. Modify the EFI stub to copy the log area to a new Linux-specific EFI configuration table so it remains accessible once booted. When calling this service, it is possible to specify the expected format

[tpmdd-devel] [PATCH v3 3/5] tpm: add event log format version

Although defined as part of the TCG EFI specification, we add these definitions here so that any event log provider may reference them. Signed-off-by: Thiebaud Weksteen --- include/linux/tpm_eventlog.h | 3 +++ 1 file changed, 3 insertions(+) diff --git

[tpmdd-devel] [PATCH v3 1/5] tpm: move tpm_eventlog.h outside of drivers folder

The generic definitions of data structures in tpm_eventlog.h are required by other part of the kernel (namely, the EFI stub). Signed-off-by: Thiebaud Weksteen --- drivers/char/tpm/tpm-chip.c| 3 +- drivers/char/tpm/tpm-interface.c |

Re: [tpmdd-devel] [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Wed, Oct 4, 2017 at 12:51 PM, Jarkko Sakkinen wrote: > On Fri, Sep 29, 2017 at 08:16:17PM +0300, Jarkko Sakkinen wrote: >> On Tue, Sep 26, 2017 at 02:49:31PM +0200, Thiebaud Weksteen wrote: >> > On Tue, Sep 26, 2017 at 1:45 PM, Jarkko Sakkinen >> >

Re: [tpmdd-devel] [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Mon, Oct 16, 2017 at 1:49 PM, Jarkko Sakkinen wrote: > On Mon, Oct 16, 2017 at 02:28:33PM +0300, Jarkko Sakkinen wrote: >> On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote: >> > On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote: >> > >

[tpmdd-devel] [PATCH v2 1/3] tpm: move tpm_eventlog.h outside of drivers folder

The generic definitions of data structures in tpm_eventlog.h are required by other part of the kernel (namely, the EFI stub). Signed-off-by: Thiebaud Weksteen --- drivers/char/tpm/tpm-chip.c| 3 +- drivers/char/tpm/tpm-interface.c |

[tpmdd-devel] [PATCH v2 3/3] tpm: parse TPM event logs based on EFI table

If we are not able to retrieve the TPM event logs from the ACPI table, check the EFI configuration table (Linux-specific GUID). The format version of the log may be returned by the function. If not specified (by previous implementation: tpm_acpi and tpm_of), we default to the version of the chip

Re: [tpmdd-devel] [PATCH 1/2] efi: call get_event_log before ExitBootServices

Hi Ard, Thanks for reviewing the patch. (Non-addressed comments are fixed in the next patch set). On Wed, Sep 06, 2017 at 03:53:33PM +0100, Ard Biesheuvel wrote: > Hi Thiebaud, > > On 6 September 2017 at 15:25, Thiebaud Weksteen wrote: > > With TPM 2.0, access to the event

Re: [tpmdd-devel] TPM2.0: No binary_bios_measurements file in securityFS

Hi Kam, Access to the binary event log for TPM 2.0 is not fully supported. I've recently sent a patch to implement it: https://lkml.org/lkml/2017/9/11/118 Thanks, Thiebaud On Tue, Sep 12, 2017 at 12:44 AM, Nasim, Kam wrote: > Hi folks, > > > I am building my TPM 2.0

Re: [tpmdd-devel] [PATCH v2 3/3] tpm: parse TPM event logs based on EFI table

On Mon, Sep 11, 2017 at 10:47:50AM -0600, Jason Gunthorpe wrote: > On Mon, Sep 11, 2017 at 12:00:22PM +0200, Thiebaud Weksteen wrote: > > > chip->bin_log_seqops.chip = chip; > > - if (chip->flags & TPM_CHIP_FLAG_TPM2) > > + > > + if (log_version == EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 || > >

[tpmdd-devel] [PATCH 1/2] efi: call get_event_log before ExitBootServices

With TPM 2.0, access to the event log is only possible by using the EFI TPM2 Boot Service. Modify the EFI stub to copy the log area to a new Linux-specific EFI table so it remains accessible for future use. Signed-off-by: Thiebaud Weksteen --- arch/x86/boot/compressed/eboot.c

Re: [tpmdd-devel] [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Tue, Sep 26, 2017 at 1:45 PM, Jarkko Sakkinen wrote: > On Wed, Sep 20, 2017 at 10:13:39AM +0200, Thiebaud Weksteen wrote: >> With TPM 2.0 specification, the event logs may only be accessible by >> calling an EFI Boot Service. Modify the EFI stub to copy the log

Re: [tpmdd-devel] Regression from efi: call get_event_log before ExitBootServices

On Wed, Mar 7, 2018 at 6:33 PM Jeremy Cline wrote: > On 03/07/2018 03:41 AM, Thiebaud Weksteen wrote: > > Hi, > > > > Thanks for testing and sending this report! This patch relies heavily on > > the functions exposed by the firmware. My first guess would be that some of > >

Re: [tpmdd-devel] Regression from efi: call get_event_log before ExitBootServices

On Mon, Mar 12, 2018 at 6:30 PM Ard Biesheuvel wrote: > On 12 March 2018 at 17:01, Jeremy Cline wrote: > > On 03/12/2018 10:56 AM, Ard Biesheuvel wrote: > >> On 12 March 2018 at 14:30, Jeremy Cline wrote: > >>> On 03/12/2018

Re: [tpmdd-devel] Regression from efi: call get_event_log before ExitBootServices

On Mon, Mar 12, 2018 at 7:33 PM Jeremy Cline wrote: > On 03/12/2018 02:29 PM, Thiebaud Weksteen wrote: > > On Mon, Mar 12, 2018 at 6:30 PM Ard Biesheuvel < ard.biesheu...@linaro.org> > > wrote: > > > >> On 12 March 2018 at 17:01, Jeremy Cline wrote: > >>>

Re: [tpmdd-devel] Regression from efi: call get_event_log before ExitBootServices

On Mon, Mar 12, 2018 at 10:03 PM Ard Biesheuvel wrote: > On 12 March 2018 at 19:55, Thiebaud Weksteen wrote: > > On Mon, Mar 12, 2018 at 7:33 PM Jeremy Cline wrote: > > > >> On 03/12/2018 02:29 PM, Thiebaud Weksteen wrote: > >> >

Re: [tpmdd-devel] Regression from efi: call get_event_log before ExitBootServices

On Tue, Mar 13, 2018 at 8:59 AM Ard Biesheuvel wrote: > On 13 March 2018 at 07:47, Hans de Goede wrote: > > Hi, > > > > > > On 12-03-18 20:55, Thiebaud Weksteen wrote: > >> > ... > >> > >> Hans, you said you configured the tablet to use the 32-bit

Re: [tpmdd-devel] Regression from efi: call get_event_log before ExitBootServices

On Tue, Mar 13, 2018 at 2:43 PM Ard Biesheuvel wrote: > On 13 March 2018 at 13:41, Jeremy Cline wrote: > > On 03/13/2018 03:59 AM, Ard Biesheuvel wrote: > >> On 13 March 2018 at 07:47, Hans de Goede wrote: > >>> Hi, > >>> > >>>

Re: [tpmdd-devel] Regression from efi: call get_event_log before ExitBootServices

On Fri, Mar 9, 2018 at 5:54 PM Jeremy Cline wrote: > On Fri, Mar 09, 2018 at 10:43:50AM +, Thiebaud Weksteen wrote: > > Thanks a lot for trying out the patch! > > > > Please don't modify your install at this stage, I think we are hitting a > > firmware bug and that would

Re: [tpmdd-devel] Regression from efi: call get_event_log before ExitBootServices

Hi, Thanks for testing and sending this report! This patch relies heavily on the functions exposed by the firmware. My first guess would be that some of these may not be implemented correctly by the manufacturer. Could you share more information on this specific device? Do you have any link to

Re: [tpmdd-devel] [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

On Mon, Mar 5, 2018 at 4:40 PM Marc-André Lureau wrote: > Hi Thiebaud > On Wed, Sep 20, 2017 at 10:13 AM, Thiebaud Weksteen wrote: > > With TPM 2.0 specification, the event logs may only be accessible by > > calling an EFI Boot Service. Modify the