From nobody Sun Feb 8 08:14:18 2026 Received: from mail-ot1-f47.google.com (mail-ot1-f47.google.com [209.85.210.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7FE601D7E4F for ; Fri, 6 Sep 2024 20:28:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.47 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725654503; cv=none; b=UGkyMv8/OnqjBUG7y3AZREfu8Z0ft08UucyyNM1m6mcPQE9q+BVOPzYKgSd6FQcINmg8RtBufoldH+FZqT4r/9NTJCzX0NFQ4w5SUY37VekV0fFyXMngJ+QxrtnLi1SMOzzHeJyi7nJpBe8orUp7ny6KgIcU1oXzkWitENmGx1U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725654503; c=relaxed/simple; bh=uC7TJ50a7SgbOtivAxR2KdbHsbIyQdSdr5oMF9F4ufo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=GAsiG7Ft/8GmpqK4+RagonzUcM4LqipjiWnUlDJGVMBBd1ylUAtlwq1HlDo+Ldq4RDHJEeGH76+RKl5nBreVJGvuAlBliUbPIDVDQ76aP73ALMZWYyi/zSk66q25q48fi2Gwd1rqjufY4DfH9fc3346J5kuu6PGYqANukRw7ctM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net; spf=pass smtp.mailfrom=gourry.net; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b=I3gKFhm5; arc=none smtp.client-ip=209.85.210.47 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gourry.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b="I3gKFhm5" Received: by mail-ot1-f47.google.com with SMTP id 46e09a7af769-710c2dcdfc8so1554580a34.0 for ; Fri, 06 Sep 2024 13:28:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gourry.net; s=google; t=1725654500; x=1726259300; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=R1Rs9Vcw1DZn6LrVte9jSPxFRjikUDDX06xvoSnqYrw=; b=I3gKFhm5poPQY0pwuhl7vAyW67hzQUyzMkUvGay9jbQSmWV9BQ2qZN8yORh0XmZDzQ L6yW4ngmZoI6YgWZuoJtuDC1FhkBnql2CHhf1Z8kiz2KC2/GdywdKO/ogxDDRzN0lF2S I/eelgLan7ZqXwVQUhk7Aucd4Tcj+u/qC+TsKsE8qmtlrdmqDs3gfrl7db/60mwcMzmf LiHCZ8lP98U58CNBDdHfAO8GHUUTW+bOm638DbS1Sp/jfm1YTB3hsZRzYbCp2EcHS5qi IxMJ6s6onnHNTpTje9PfNyC4SztHTFmo8XYv2wh/Jjn3Uk43DcGE1YpIC9c/YO8cgBYs PFKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725654500; x=1726259300; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=R1Rs9Vcw1DZn6LrVte9jSPxFRjikUDDX06xvoSnqYrw=; b=gRrO5fjHmt2KuwAIWScQWrNDzZhsb2HiVN4N91HbG+DUm/ZmVPAFnEw0u6yO4bFDDg hsfCXEEWFHFwjPk14UfpPs3G/jOyabqrqIO9hYoAqXwatYSGIxiCnCNElwC6x/mAw8SA 5+dm10ukTf1uh/O5BeDB2s9zzfJfMyX2kPNQIWK6XrRFean6k71n9lW2Rf3Du7J7TvGt /ZiIYLvFo4zrYu187xmg+jmZN4jpksdndpwE5JOYpKrITFkGheZoaNwp8wkRSfnniACB DgPvQbjkhgRkpXCKfRzPPEdXslylkwFVA9hlNUOYs/kiBotd/GF749ugsYLe0IYkenTi dHCg== X-Gm-Message-State: AOJu0YwGlUPmkbC6XmOEKFp8XpdyTGqs1YOn2gJI+5d8Bimw31Ki9vJL f8LIbpOBz0K8M/92aC6sAb4fwmwqCZc/vTYa9LcM0NvILk5N3G9f2P22p11FTlo= X-Google-Smtp-Source: AGHT+IFO7jNN/yEMP1rct1brqJ1OGNYSIYnkQ9smer8q7MIF6gg13nZKOcCXv8KpSEcVOt58+tzpXg== X-Received: by 2002:a05:6870:35d5:b0:277:fd73:8f82 with SMTP id 586e51a60fabf-27b9dcc3a29mr557037fac.45.1725654500499; Fri, 06 Sep 2024 13:28:20 -0700 (PDT) Received: from PC2K9PVX.TheFacebook.com (pool-173-79-56-208.washdc.fios.verizon.net. [173.79.56.208]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7a98ef1e653sm200519485a.5.2024.09.06.13.28.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Sep 2024 13:28:20 -0700 (PDT) From: Gregory Price To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, ardb@kernel.org, leitao@debian.org, usamaarif642@gmail.com, sathyanarayanan.kuppuswamy@linux.intel.com, ilias.apalodimas@linaro.org Subject: [PATCH 1/6] tpm: fix signed/unsigned bug when checking event logs Date: Fri, 6 Sep 2024 16:27:40 -0400 Message-ID: <20240906202745.11159-2-gourry@gourry.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240906202745.11159-1-gourry@gourry.net> References: <20240906202745.11159-1-gourry@gourry.net> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" A prior bugfix that fixes a signed/unsigned error causes another signed unsigned error. A situation where log_tbl->size is invalid can cause the size passed to memblock_reserve to become negative. log_size from the main event log is an unsigned int, and the code reduces to the following u64 value =3D (int)unsigned_value; This results in sign extension, and the value sent to memblock_reserve becomes effectively negative. Fixes: be59d57f9806 ("efi/tpm: Fix sanity check of unsigned tbl_size being = less than zero") Signed-off-by: Gregory Price --- drivers/firmware/efi/tpm.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/drivers/firmware/efi/tpm.c b/drivers/firmware/efi/tpm.c index e8d69bd548f3..9c3613e6af15 100644 --- a/drivers/firmware/efi/tpm.c +++ b/drivers/firmware/efi/tpm.c @@ -40,7 +40,8 @@ int __init efi_tpm_eventlog_init(void) { struct linux_efi_tpm_eventlog *log_tbl; struct efi_tcg2_final_events_table *final_tbl; - int tbl_size; + unsigned int tbl_size; + int final_tbl_size; int ret =3D 0; =20 if (efi.tpm_log =3D=3D EFI_INVALID_TABLE_ADDR) { @@ -80,26 +81,26 @@ int __init efi_tpm_eventlog_init(void) goto out; } =20 - tbl_size =3D 0; + final_tbl_size =3D 0; if (final_tbl->nr_events !=3D 0) { void *events =3D (void *)efi.tpm_final_log + sizeof(final_tbl->version) + sizeof(final_tbl->nr_events); =20 - tbl_size =3D tpm2_calc_event_log_size(events, - final_tbl->nr_events, - log_tbl->log); + final_tbl_size =3D tpm2_calc_event_log_size(events, + final_tbl->nr_events, + log_tbl->log); } =20 - if (tbl_size < 0) { + if (final_tbl_size < 0) { pr_err(FW_BUG "Failed to parse event in TPM Final Events Log\n"); ret =3D -EINVAL; goto out_calc; } =20 memblock_reserve(efi.tpm_final_log, - tbl_size + sizeof(*final_tbl)); - efi_tpm_final_log_size =3D tbl_size; + final_tbl_size + sizeof(*final_tbl)); + efi_tpm_final_log_size =3D final_tbl_size; =20 out_calc: early_memunmap(final_tbl, sizeof(*final_tbl)); --=20 2.43.0 From nobody Sun Feb 8 08:14:18 2026 Received: from mail-ot1-f42.google.com (mail-ot1-f42.google.com [209.85.210.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B29231D9D66 for ; Fri, 6 Sep 2024 20:28:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.42 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725654504; cv=none; b=BOgQSbixgISoVF1pBuHY1FcbiFdciDiDHGs42kaUddkVTB88KwWKCIdecPERCzgWOcGTQOqD1KnISg7KdyPRl01qLh6Yqa39YAhvqNj7cajMYhLW/apGy+vousMYlxefYBybKs8t7YTVAdm3J+Fojh5BC+vR08uot3G+k4WvCjg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725654504; c=relaxed/simple; bh=XE1DPqvy7FxpeqLadro2KUo9m1LL/0BkzBaHwilluhg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=gv1jfCag0+9mChQ0mTNNOpf6lUT9SvGmdANIhmfBh3zd8ILzc7ceZJxL8Koo9EIfo0MOIGZCi9qi19CTBmJOj+lFms30USWD8e4SEtJNxRdS30i0ZdYW/YE+dG2KC/ecKYsTy0oO40BnlR4Glh3ni8DL6ex7doL3RdbDn+UKf7c= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net; spf=pass smtp.mailfrom=gourry.net; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b=BrTOkalO; arc=none smtp.client-ip=209.85.210.42 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gourry.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b="BrTOkalO" Received: by mail-ot1-f42.google.com with SMTP id 46e09a7af769-7094641d4e6so1300606a34.3 for ; Fri, 06 Sep 2024 13:28:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gourry.net; s=google; t=1725654502; x=1726259302; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=A02dTNZID78REVwXn2oyGTRvfad558GuxUE/iRRivQs=; b=BrTOkalOYwCzXgg/P9ZUP2Y3J5R27P5nH4Dg1UtHYqvwv5cyLcfaTTEIPM693NIMMk CyLhptdSVIkd+ObCZwtCYSCDZ2yX+WluVazqY/RQlES6IbYL/kC5z5+cX1mG4Mey4BCr BPB3xgnXI9ZqlFVdbxsCwavcGDjCA3LJeq8ze0bW6C9I5W4fzsz6JRRc2E+ky2JkaCJz kE4uDLEvgUBIxp7e81sk7vM1ZRnqIeNoHOfWX5aE0EuoElsnYwf/tDPUQTueSs7nZ2JT 9tf139+UoxtsCkikLTLjAlWVOyTeTBY3mAukNIQ+YfWqTeba/J/E4c5/nSHnQf+Wbx99 elpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725654502; x=1726259302; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=A02dTNZID78REVwXn2oyGTRvfad558GuxUE/iRRivQs=; b=Wjg/5A7tb0YPaEvB+9621J+j+1IJgirdrXnsBorsBiRrgD9ikA5+mK5Dy/aTDtmg68 Bg1hKT3bb/PbXpWNDAvPmgA87efU+h61oijomzszqcDEfgQY04qymagF+8Y8zMkQAIpP tt/yyJMYiOSbXGlbosPTodtnjBogJmP/10VXEm3dlW8Hog0keiXXbSvCqlMKN+QLROEB cXfGP75kxoY5epgfP+W4stvqZFOyB8LwjUsRsPSI6Y1xUOJJR6t/4x8LBsYNScvoDxWc 74Inaw+s6e+bobNEQvyVo0pWeRlm6kxWStV3lSv44P/3iuTrnX2ZWI9Sqat5XhGzizU4 irdg== X-Gm-Message-State: AOJu0Yyc0edgOBQTUvmRHGc4aLKldbRNe8XaKu2/t0SLX7aV6nI2L8nK /HKrtEqV2W954LEweDirZpDEcFL5A44DjeXUQY7o5A9NNArp9Un+CH86Ozs0qF4= X-Google-Smtp-Source: AGHT+IHMKBTOuPM+P+e6Ggmk8kf5Wxmw6zLzgTDlsCLWT0LO88jBX8ugAR5TeZND93bpHJwoa1Ix3w== X-Received: by 2002:a05:6359:4127:b0:1b8:34a3:11b7 with SMTP id e5c5f4694b2df-1b8386e6514mr427253555d.22.1725654501791; Fri, 06 Sep 2024 13:28:21 -0700 (PDT) Received: from PC2K9PVX.TheFacebook.com (pool-173-79-56-208.washdc.fios.verizon.net. [173.79.56.208]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7a98ef1e653sm200519485a.5.2024.09.06.13.28.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Sep 2024 13:28:21 -0700 (PDT) From: Gregory Price To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, ardb@kernel.org, leitao@debian.org, usamaarif642@gmail.com, sathyanarayanan.kuppuswamy@linux.intel.com, ilias.apalodimas@linaro.org Subject: [PATCH 2/6] tpm: do not ignore memblock_reserve return value Date: Fri, 6 Sep 2024 16:27:41 -0400 Message-ID: <20240906202745.11159-3-gourry@gourry.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240906202745.11159-1-gourry@gourry.net> References: <20240906202745.11159-1-gourry@gourry.net> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" tpm code currently ignores a relevant failure case silently. Add an error to make this failure non-silent. Signed-off-by: Gregory Price --- drivers/firmware/efi/tpm.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/firmware/efi/tpm.c b/drivers/firmware/efi/tpm.c index 9c3613e6af15..6e03eed0dc6f 100644 --- a/drivers/firmware/efi/tpm.c +++ b/drivers/firmware/efi/tpm.c @@ -61,7 +61,11 @@ int __init efi_tpm_eventlog_init(void) } =20 tbl_size =3D sizeof(*log_tbl) + log_tbl->size; - memblock_reserve(efi.tpm_log, tbl_size); + if (memblock_reserve(efi.tpm_log, tbl_size)) { + pr_err("TPM Event Log memblock reserve fails (0x%lx, 0x%x)\n", + efi.tpm_log, tbl_size); + goto out; + } =20 if (efi.tpm_final_log =3D=3D EFI_INVALID_TABLE_ADDR) { pr_info("TPM Final Events table not present\n"); --=20 2.43.0 From nobody Sun Feb 8 08:14:18 2026 Received: from mail-qk1-f170.google.com (mail-qk1-f170.google.com [209.85.222.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 161A81DA63C for ; Fri, 6 Sep 2024 20:28:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.170 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725654505; cv=none; b=nPUXAf3B2BybqAg/jL/uJrEIzCccuewUwvf/SxhcN5J0boqDYRmTvRKOxMeNggviSU3VH3OB8Gr11511rvNWIUStVBcfnyPMt+Quqnk/4TVfwjRal8K8Oajm8FW643Wxe9yzzAGkZ2JfwDuf3BpbhOJtwCR5u6IsPJtlL4IYbis= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725654505; c=relaxed/simple; bh=E3uOxF1ZH/iR4ucEQmsFO/keFaNTqRqQ7i07DVck9j4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ogPWJkmRBt8AczMzbenrR3s1pvlDe3yoKr//D/v1AZZJ39G0L/SIP0cI5P80q0Nf4LAy8oT/hyw+gYFUA/Ll2c5FkGaES2H4r6///e8Tp9/YA2Rx6yBsWwdSWD4XLhJsSAabj+onO97A6ZPQsBOTO0taNkMpheNVuF2PMg/UNNs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net; spf=pass smtp.mailfrom=gourry.net; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b=CUgMNPLR; arc=none smtp.client-ip=209.85.222.170 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gourry.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b="CUgMNPLR" Received: by mail-qk1-f170.google.com with SMTP id af79cd13be357-7a99e8c32c0so50439085a.3 for ; Fri, 06 Sep 2024 13:28:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gourry.net; s=google; t=1725654503; x=1726259303; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=nnAfWEx/aiVhm89Fpzc3fk7i/4x7q8oY7L/gONXGmMI=; b=CUgMNPLRvex5vKPhRtEPkNwsuf+vBVuMMpH51OIEwSU3fZ4XEXKXytK5ROwGKs5/R/ NgJ1eibl2+lbAdw3ysyPLSFhlTWpwLhP6cXIjYG4gjRD5hSYHzgwzk0Tb691w85957tH fQVD1NJkvJD+RH6p401AOCIFdrgbHKnBrXqm/zy8ySff3sxz6j38y6iMx25wwasIfpeG DXCU6sK6iqTIFO6zCjla8iG3bcw3img+k/NyY9WYyRvxi/oQMAGmDxDhabiiiIbEAeLv Vnbt1tYWFYFJkznlTPmauYKZjazdFAFDd6tysJ6Imzh/YU4rGkikJYDGq1Nr8Gak4xVY vJdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725654503; x=1726259303; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=nnAfWEx/aiVhm89Fpzc3fk7i/4x7q8oY7L/gONXGmMI=; b=BQxpAeEWXnybR/kNVfZ8UTMTPPJG1srqkZ2/1aeH40h8wnc40Mb42dAQkLno1Y50M4 i8ChHRuen2d6H1q1ghpFrhpSQcCwk3x6DO8gNHzgLptr673A3E0pG5Ml5txuHbNh45UT t8JX3+9EqXsANn9TaX1MDaQABkDFn4TsCYt2Yof3NW78kFxQKqO0dc/HdbviOc3EPwSJ 3J8skUtOzP2meaT37h2KQvZ//Q/UEMmKOfqGEFDvwDEt5YpvsK88B5v+OgqIYFYJsa7k 4On9hQuDkq7tQWR7HrX/wm/TW95EHi1N4KG8uXdS2GLefv8/1gY4yuF829R60h1F1LNt O4WA== X-Gm-Message-State: AOJu0YytldE7TdbH19EreEtG169d1+aPGyIXDI8gC90Fdeawk/P3ArjQ 6nQgA9SoDEXPzfBes2CAUQK2g37gb5mBChrEdcqeiop5VSZ1ieBa2egIXl6mc+E= X-Google-Smtp-Source: AGHT+IGNKUXGcQEHZ7PXWPlir8YbvSOsbPfUe2vpAa/Zk++V48k/OP1Q/5znMUllsHdgKaBBuRjP6A== X-Received: by 2002:a05:620a:4490:b0:7a3:6dd9:efbb with SMTP id af79cd13be357-7a997339e8bmr471752785a.33.1725654503233; Fri, 06 Sep 2024 13:28:23 -0700 (PDT) Received: from PC2K9PVX.TheFacebook.com (pool-173-79-56-208.washdc.fios.verizon.net. [173.79.56.208]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7a98ef1e653sm200519485a.5.2024.09.06.13.28.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Sep 2024 13:28:22 -0700 (PDT) From: Gregory Price To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, ardb@kernel.org, leitao@debian.org, usamaarif642@gmail.com, sathyanarayanan.kuppuswamy@linux.intel.com, ilias.apalodimas@linaro.org Subject: [PATCH 3/6] libstub,tpm: provide indication of failure when getting event log Date: Fri, 6 Sep 2024 16:27:42 -0400 Message-ID: <20240906202745.11159-4-gourry@gourry.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240906202745.11159-1-gourry@gourry.net> References: <20240906202745.11159-1-gourry@gourry.net> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" If get_event_log fails, at least provide an indicator of this failure to assist debugging later failures that attempt to interact with it. Signed-off-by: Gregory Price --- drivers/firmware/efi/libstub/tpm.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libs= tub/tpm.c index df3182f2e63a..192914e04e0f 100644 --- a/drivers/firmware/efi/libstub/tpm.c +++ b/drivers/firmware/efi/libstub/tpm.c @@ -185,8 +185,10 @@ void efi_retrieve_eventlog(void) get_efi_config_table(EFI_CC_FINAL_EVENTS_TABLE_GUID); } =20 - if (status !=3D EFI_SUCCESS || !log_location) + if (status !=3D EFI_SUCCESS || !log_location) { + efi_err("TPM unable to provide Event Log\n"); return; + } =20 efi_retrieve_tcg2_eventlog(version, log_location, log_last_entry, truncated, final_events_table); --=20 2.43.0 From nobody Sun Feb 8 08:14:18 2026 Received: from mail-qk1-f179.google.com (mail-qk1-f179.google.com [209.85.222.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7D49A1DCB34 for ; Fri, 6 Sep 2024 20:28:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.179 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725654507; cv=none; b=JfA3xCGENO2/OgxWunFGqT8NnC2077PfDzmlvBWYTTUPidJW/tWdUNC9j13nrrjlDbD60XaWmXxHNBZWaGQcXzmjW3zGocxepGC7MzfkVVuM5BV3TdF7vREYfYVGyaKERi2ulekM3SEAozT33y9TcdE/7BOwS7eZBri8SEglfdU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725654507; c=relaxed/simple; bh=hMwki+dcsbLSJG/zbiuWzszPS/hNwanGor9EwaxpvVU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ZiIHaojcu+L5wo7bFmeiWh0NuiKkdnG5f8Dgeeew5PKhXVxEecfDEB8Llojd2dxDeZOVV/9rUug1IDd95vJIUr2lLwWwkXb84UVf3S7j3b/8+N03o2x/Suff1riRF7B67dL1IAdVJD/UZjtuD2aEYcpgEF6o+yzGsb+0hP+WJuI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net; spf=pass smtp.mailfrom=gourry.net; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b=alTob8Lr; arc=none smtp.client-ip=209.85.222.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gourry.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b="alTob8Lr" Received: by mail-qk1-f179.google.com with SMTP id af79cd13be357-7a9a30a045cso19832385a.2 for ; Fri, 06 Sep 2024 13:28:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gourry.net; s=google; t=1725654504; x=1726259304; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=eknZRfIStyWrln5IWKBJNYWwEsPBbo1CU0FqbBLiCHg=; b=alTob8LrRLGNsjFWOtknaYxPevfLDoKpYubg2FnaILkfKWoLYLD4A2MT3fWXwmFJkg KeaRTGZrh9ETOwhzAArn1+sDI197UIjoCCsZ5IHQEP/R51PIWT3T8TId5Zzgcmq2XI8c pWfFLDBCoOVuZsj9HlrkRK2rHom8ENqmn1LIZ6SlQDof+4k7MFp0ynW9BSjk9qUjOQ+E xxHGMaza39GK6JBKUh2Ye2drrehyMBdSQhfaZ3EWvfXM86oiZbxbdvqDvkL0ptGWHINV qPujfIbVYVLmAi2jIrkaTvuY4YtEwYbbRbHzn2K93W499g1scnz+Tu9ZVt0z3daPs+CP 9FZg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725654504; x=1726259304; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=eknZRfIStyWrln5IWKBJNYWwEsPBbo1CU0FqbBLiCHg=; b=XGBtmpOb01cYZSt9tHp6FOlzRXiFMqQESnCjUJJWdeYmT3MSwBaqBnISWHwUz6s7uR 7OaZMoOlpoJWwtSMDX2XFi5RCvtxXXtJ0VuJ48Ru5LGdNA7odDEWlBppoxrfNHf1K1G0 rKvfY3JX3Y3a+2sgbVGH0KQUMzwIuLMmAXmS+DTJezCWt7YuXaVEhm6j1krMF+A5JNLS nD+ocNCHRNEZAgz5zPEKv1BqfiUrK9rmxqc4LlPazFCwp/ogjrMdsOAx8Q2N28e0ZPbW OmKCfAymi0mhb9+dknP/ilKsTIOQW8NT1LE2qvURhyjFCGY2YaRWaP+hvxZZXuij/7xq E6gA== X-Gm-Message-State: AOJu0YyH54eBC10sKEMEeCcSJ+ER0UINlFDuGfeKj7ZIchz+NcAVX6x7 54y0pANEMkUAERUxy8dw8VsZjRH9QBd0ak1y0zJncL41eD8MzS99umYzOcLQREw= X-Google-Smtp-Source: AGHT+IHqdgv3zHpFAbavJQlusxa0A7QBFhgVKAX0yRe62fA02oH9vdiDW+r2y09yybfljROV4ERQzg== X-Received: by 2002:a05:620a:2495:b0:79f:90:7d50 with SMTP id af79cd13be357-7a997340551mr595628685a.32.1725654504388; Fri, 06 Sep 2024 13:28:24 -0700 (PDT) Received: from PC2K9PVX.TheFacebook.com (pool-173-79-56-208.washdc.fios.verizon.net. [173.79.56.208]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7a98ef1e653sm200519485a.5.2024.09.06.13.28.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Sep 2024 13:28:24 -0700 (PDT) From: Gregory Price To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, ardb@kernel.org, leitao@debian.org, usamaarif642@gmail.com, sathyanarayanan.kuppuswamy@linux.intel.com, ilias.apalodimas@linaro.org Subject: [PATCH 4/6] tpm: sanity check the log version before using it Date: Fri, 6 Sep 2024 16:27:43 -0400 Message-ID: <20240906202745.11159-5-gourry@gourry.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240906202745.11159-1-gourry@gourry.net> References: <20240906202745.11159-1-gourry@gourry.net> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" If the log version is not sane (0 or >2), don't attempt to use the rest of the log values for anything to avoid potential corruption. Signed-off-by: Gregory Price --- drivers/firmware/efi/tpm.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/drivers/firmware/efi/tpm.c b/drivers/firmware/efi/tpm.c index 6e03eed0dc6f..9a080887a3e0 100644 --- a/drivers/firmware/efi/tpm.c +++ b/drivers/firmware/efi/tpm.c @@ -60,6 +60,15 @@ int __init efi_tpm_eventlog_init(void) return -ENOMEM; } =20 + if (!log_tbl->version || + log_tbl->version > EFI_TCG2_EVENT_LOG_FORMAT_TCG_2) { + pr_err(FW_BUG "TPM Events table version invalid (%x)\n", + log_tbl->version); + early_memunmap(log_tbl, sizeof(*log_tbl)); + efi.tpm_log =3D EFI_INVALID_TABLE_ADDR; + return -EINVAL; + } + tbl_size =3D sizeof(*log_tbl) + log_tbl->size; if (memblock_reserve(efi.tpm_log, tbl_size)) { pr_err("TPM Event Log memblock reserve fails (0x%lx, 0x%x)\n", --=20 2.43.0 From nobody Sun Feb 8 08:14:18 2026 Received: from mail-ua1-f53.google.com (mail-ua1-f53.google.com [209.85.222.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C70551E009F for ; Fri, 6 Sep 2024 20:28:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.53 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725654508; cv=none; b=OeZHP4w9ckRasoJ4cMLUmm3QXbJNPJtV0fNmgSdsDNgBv2MotWSsqTOX4k4QlmEDhq01LtCTx/dJLaNXuqA6KoIEYq9uhWjHm2mXu9+H5aRFr7p/uYv3fe3t4QDDv8FnX0grK6C0No0pTADqLq6BwvVcpzHoHzSHFrzq4Sn57Zw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725654508; c=relaxed/simple; bh=5DrUFp6j6wXIZ4N7IoF/p+lmyHVDI6Endn0V+tYMssw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Y2DN8CwTWO4XCpY7syxAnVm0Pkf1rjBwr36JU7lvxfsi/qHnzlLPkQNUCCpRJj96BJHaC9K4UI0wwWPGsZ5WwTtolLA1xdeMuP5YWxpwZCORQ3bAeHq8K1mGVjV5T+G5VceWrYVcPczt2a0pr/wiPL7NHU/wuTCffnCYGxBopSs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net; spf=pass smtp.mailfrom=gourry.net; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b=hoe5lUD0; arc=none smtp.client-ip=209.85.222.53 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gourry.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b="hoe5lUD0" Received: by mail-ua1-f53.google.com with SMTP id a1e0cc1a2514c-846db33f4e5so663071241.1 for ; Fri, 06 Sep 2024 13:28:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gourry.net; s=google; t=1725654506; x=1726259306; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=cldmkf1vC0Pr0XJbmfuzeqw9dySvEdpYki9ytzXFT1c=; b=hoe5lUD06sTs9lhXKb8zXNrCVWpueOhUQSQM/zmDvbfE5KPoGnTsu65pnYQD88Eyu6 +MMBKB//Fv3dEU6IazKRdMw8FGUe0S0YKa0wuT3xZG4bl/FxMMVnA3FSGKFh1tvdA+rc XZr8ZUP3f7fWYTgArm+WWlkX3s7F7JrTBpKl8TaYtUuyNTVMyxcB+nn229KjH8Q9FpYO xErpBpmXvh+xwxnUZE8mP2TcSJH8Khb8bXCkXhvLeQBcizDwtFJBmc8vPzXDF3S+JHV6 XgE8PiwWo/M810iIfNhqyW3EBRLz2o/h2MuHYGC3wdPVFfoxVi4lRmGxbUKddUXkB6Wx KFwQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725654506; x=1726259306; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=cldmkf1vC0Pr0XJbmfuzeqw9dySvEdpYki9ytzXFT1c=; b=wAChZodw9/wJ5qhkhg9qmB6kiT+4Y2u6ZnsqA5bqqOl1TCrw6QGtPriMD+6ofSoPyy flMQIIUzkw0jQwIDLcPzcW6w5PEB8OYtuEvadBEyWiEoVEAFFqaFPyiNs8iFdrBY5WvE f/GpCYt00EFYq2XtlXkUbFzcayVU0SEqm1jSys8DyKqCeMHZiaYWTuIhwEBSDN4FiYd6 7Y94/3DNN3yQYkRtc5Jqx/OAjAh6URluU1EuOql+tzwg8zPSOEdWqPCUHHmlcjpC0Q/g rAR55ta7jYFUKJiCVnUiEKPsfmRFD/HU1dqbop0jaXBZzVwxs7iFqvrdbWu9kMaRtBCn Ap5w== X-Gm-Message-State: AOJu0YyozvtfUoEOeC4APeGihwR2gOYLd/WsYEVYpB2y3r/LU22iWwfn lvzJzm1yZQeA5a6gNmkOyQVQfKq9mn5xAsiLUo/aDWZGHq0xxEYuOD/m2YBWqE4= X-Google-Smtp-Source: AGHT+IGTLRBA/MYnsSvHU5PnGiuRmzazXBamsUEm4o4g0ut4x8zSLeqiqZGlvBZ9w4nkz5c9KxFqEw== X-Received: by 2002:a05:6102:1609:b0:492:a11f:a87a with SMTP id ada2fe7eead31-49bedd008admr158299137.25.1725654505650; Fri, 06 Sep 2024 13:28:25 -0700 (PDT) Received: from PC2K9PVX.TheFacebook.com (pool-173-79-56-208.washdc.fios.verizon.net. [173.79.56.208]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7a98ef1e653sm200519485a.5.2024.09.06.13.28.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Sep 2024 13:28:25 -0700 (PDT) From: Gregory Price To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, ardb@kernel.org, leitao@debian.org, usamaarif642@gmail.com, sathyanarayanan.kuppuswamy@linux.intel.com, ilias.apalodimas@linaro.org Subject: [PATCH 5/6] tpm: fix unsigned/signed mismatch errors related to __calc_tpm2_event_size Date: Fri, 6 Sep 2024 16:27:44 -0400 Message-ID: <20240906202745.11159-6-gourry@gourry.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240906202745.11159-1-gourry@gourry.net> References: <20240906202745.11159-1-gourry@gourry.net> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" __calc_tpm2_event_size returns 0 or a positive length, but return values are often interpreted as ints. Convert everything over to u32 to avoid signed/unsigned logic errors. Signed-off-by: Gregory Price --- drivers/firmware/efi/libstub/tpm.c | 6 +++--- drivers/firmware/efi/tpm.c | 2 +- include/linux/tpm_eventlog.h | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libs= tub/tpm.c index 192914e04e0f..4f9f0e049a7a 100644 --- a/drivers/firmware/efi/libstub/tpm.c +++ b/drivers/firmware/efi/libstub/tpm.c @@ -57,7 +57,7 @@ static void efi_retrieve_tcg2_eventlog(int version, efi_p= hysical_addr_t log_loca struct linux_efi_tpm_eventlog *log_tbl =3D NULL; unsigned long first_entry_addr, last_entry_addr; size_t log_size, last_entry_size; - int final_events_size =3D 0; + u32 final_events_size =3D 0; =20 first_entry_addr =3D (unsigned long) log_location; =20 @@ -110,9 +110,9 @@ static void efi_retrieve_tcg2_eventlog(int version, efi= _physical_addr_t log_loca */ if (final_events_table && final_events_table->nr_events) { struct tcg_pcr_event2_head *header; - int offset; + u32 offset; void *data; - int event_size; + u32 event_size; int i =3D final_events_table->nr_events; =20 data =3D (void *)final_events_table; diff --git a/drivers/firmware/efi/tpm.c b/drivers/firmware/efi/tpm.c index 9a080887a3e0..7673cf8e53d6 100644 --- a/drivers/firmware/efi/tpm.c +++ b/drivers/firmware/efi/tpm.c @@ -19,7 +19,7 @@ EXPORT_SYMBOL(efi_tpm_final_log_size); static int __init tpm2_calc_event_log_size(void *data, int count, void *si= ze_info) { struct tcg_pcr_event2_head *header; - int event_size, size =3D 0; + u32 event_size, size =3D 0; =20 while (count > 0) { header =3D data + size; diff --git a/include/linux/tpm_eventlog.h b/include/linux/tpm_eventlog.h index 7d68a5cc5881..891368e82558 100644 --- a/include/linux/tpm_eventlog.h +++ b/include/linux/tpm_eventlog.h @@ -157,7 +157,7 @@ struct tcg_algorithm_info { * Return: size of the event on success, 0 on failure */ =20 -static __always_inline int __calc_tpm2_event_size(struct tcg_pcr_event2_he= ad *event, +static __always_inline u32 __calc_tpm2_event_size(struct tcg_pcr_event2_he= ad *event, struct tcg_pcr_event *event_header, bool do_mapping) { --=20 2.43.0 From nobody Sun Feb 8 08:14:18 2026 Received: from mail-qk1-f171.google.com (mail-qk1-f171.google.com [209.85.222.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EE47C1E1A18 for ; Fri, 6 Sep 2024 20:28:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.171 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725654509; cv=none; b=nVPJWSIIhBJVbzkALRNHZm/DglDQK+mN3CrXLpJBkm749ngpT0ySlcVL1KejmDZeGoKhAhd+CpEDUsCvBkMUk/n/ey8xJiMfwRAbNJvXW2hGSJA/HBm4Mji5k6IrMaO0S80Lm1Wqh1GAWfyux1FAIi4MSbRvGTjBuyVxxTH/FLI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725654509; c=relaxed/simple; bh=JZ41Hb7/UZd2+fA36sYxks+5a7KG3YyM6CyHkbkpwr0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=XV4XCTtIXHEU4XduFq2yr9viSRF/Plna50xDYdzRoDVb8OXdBSpOmGYQAtb1Hl9EmNO76iKk8gfdItIi+FZB06/QjYn+VoNq1fnbjpEFjMqro7NBEzhJXbJRMJvhgBOR3zCJ2S7UaEuueDOc/2Q38gAm7okYYvgyqhZpn1pYmQU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net; spf=pass smtp.mailfrom=gourry.net; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b=m1eWSad5; arc=none smtp.client-ip=209.85.222.171 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gourry.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b="m1eWSad5" Received: by mail-qk1-f171.google.com with SMTP id af79cd13be357-7a9782651bdso296027585a.1 for ; Fri, 06 Sep 2024 13:28:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gourry.net; s=google; t=1725654507; x=1726259307; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=7qY1HTk2ePHnVObjiUrKBcGOuLQv3wyl16cvFBMoBIo=; b=m1eWSad5PBFvwie1QaX62vmL8UuQRjMFUROf/tNySEOG5ARrGOKO6JrEs84OnHNWLX ncGh0b8ssIFRNS6fBWBtqqQ+ZCNWOrlygYWTb1L5zZ+2iWWyxzpoWNyXH7AKhtpyNW3V +Iv4qux7FlABozayIJN3odj3YaHsyGSFEK+JgHd7WeZgqUruCpN+oLLsXxpKBMolLxjg ZmS8fPrFbmNhkYbU/7Yye+iLM0pO+JxjakSE6KNsIBRDON4xNN5s369U5rlLJxMDbcBK NbkLu/HXXCbJZ2chTf1Hrs6C8E3CVRZ9diLFmfoZT8dv0oi5q0l7cx2Df3gjejAFfXiI 7/Xg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725654507; x=1726259307; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7qY1HTk2ePHnVObjiUrKBcGOuLQv3wyl16cvFBMoBIo=; b=JjFsSlSqBd434Cwey6sGu4sjnLRB4YMY+0ObazM+k09VHnGS84Yejx2lu/u+3/yWiR aDTycM/uMaQY2b3hzOqIqfXdjVFMfVT6NYsQJ+7DF9Nq5uRihz6n71XF4drElmd6iV7K pC2q9anDE5Hx23j/9cQeH6MF8uaLPXBdRNPqetydevs5h2h2DBKJAyMXOwXIpU9PYtCg xgeeMn0afS+PoLyAiKuJ7Onilh4e/mhcWNyMc1IEPilccl1yD68ZHN0pK6hIspS2hHM0 2BanNkpqoz+APzBJZKHkBGeNxsmlVH8un8MaSTx8Y1jkfDxlvyDhC6LRk/wmRrRkQaQZ R5TQ== X-Gm-Message-State: AOJu0YwenH5vOQzLpITc3txFYr2Mxt6WajGv6EMWY3ktjyIumqnjh/4i NZzcMJY/+9rftVPmfdx1q1uHjxzR2nEKoT4F9wEJeGz68WfoelyPoZFA57f/VZI= X-Google-Smtp-Source: AGHT+IHFAOsyAS1saP4F/TdfdR3JBN+Ae7crbCz/ei1WfpsqQgWENY6HB+FbK+cs01k0KPOEVsJfTg== X-Received: by 2002:a05:620a:3187:b0:7a8:512:b57f with SMTP id af79cd13be357-7a98870d102mr1939603085a.0.1725654506873; Fri, 06 Sep 2024 13:28:26 -0700 (PDT) Received: from PC2K9PVX.TheFacebook.com (pool-173-79-56-208.washdc.fios.verizon.net. [173.79.56.208]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7a98ef1e653sm200519485a.5.2024.09.06.13.28.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Sep 2024 13:28:26 -0700 (PDT) From: Gregory Price To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, ardb@kernel.org, leitao@debian.org, usamaarif642@gmail.com, sathyanarayanan.kuppuswamy@linux.intel.com, ilias.apalodimas@linaro.org Subject: [PATCH 6/6] libstub,tpm: do not ignore failure case when reading final event log Date: Fri, 6 Sep 2024 16:27:45 -0400 Message-ID: <20240906202745.11159-7-gourry@gourry.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240906202745.11159-1-gourry@gourry.net> References: <20240906202745.11159-1-gourry@gourry.net> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Current code fails to check for an error case when reading events from final event log to calculate offsets. Check the error case, report the error, and break early because all subsequent calls will also fail. Signed-off-by: Gregory Price --- drivers/firmware/efi/libstub/tpm.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libs= tub/tpm.c index 4f9f0e049a7a..c71b0d3e66d2 100644 --- a/drivers/firmware/efi/libstub/tpm.c +++ b/drivers/firmware/efi/libstub/tpm.c @@ -124,6 +124,10 @@ static void efi_retrieve_tcg2_eventlog(int version, ef= i_physical_addr_t log_loca event_size =3D __calc_tpm2_event_size(header, (void *)(long)log_location, false); + if (!event_size) { + efi_err("Invalid TPM Final Event Log Entry\n"); + break; + } final_events_size +=3D event_size; i--; } --=20 2.43.0