Hi Simon,
On Fri, 29 Dec 2023 at 07:36, Simon Glass sjg@chromium.org wrote:
Hi Ilias,
On Fri, Dec 22, 2023 at 12:02 PM Ilias Apalodimas ilias.apalodimas@linaro.org wrote:
Hi Simon
I'll respond to the rest more thoroughly but I since I caught this early,
[...]
- Avoid calling efi_allocate_pages() and efi_allocate_pool() outside
boot-time services. This solves the problem 6. If memory is needed by an app, allocate it with malloc() and see 3. There are only two efi_allocate_pages() (smbios and efi_runtime). There are more calls of efi_allocate_pool(), but most of these seem easy to fix up. For example, efi_init_event_log() allocates a buffer, but this can be allocated in normal malloc() space or in a bloblist.
The TCG event log is only valid in the EFI world and is described by the EFI spec extensions [0]. I prefer it to remain as is
How does that relate to [1] ?
We use that today. The tl;dr is that TF-A measures the early stages, but doesn't have drivers to extend TPM PCRs. Instead, it creates an EventLog which hands over to U-Boot. The TPM subsystem searches for that and if it finds one && PCR0 == 0 replays the EventLog in hardware and copies it over to EFI memory.
That being said, I'd much prefer using a bloblist for that EventLog (which also contains information on replaying), over a DT entry that's only described in TF-A docs. But that's a future improvement.
- Don't worry too much about whether EFI will be used for booting.
The cost is likely not that great: use bootstage to measure it as is done for driver model. Try to minmise the cost of its tables, particularly for execution time, but otherwise just rely on the ability to disable EFI_LOADER.
–
Regards, Simon
[0] https://trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specificat... Thanks /Ilias
[1] https://trustedfirmware-a.readthedocs.io/en/latest/components/measured_boot/...
Cheers /Ilias