[PATCH v2] efi_loader: tcg2: Return success even when TPM device is not found
For systems which have TPM support enabled but actual device is missing there is no reason to show a message that measurement failed in efi_load_pe(). To ensure that the patch is returning EFI_SUCCESS even for cases where TPM device is not found. The reason is that other parts of the code return also EFI_NOT_FOUND in tcg2_measure_pe_image() (e.g efi_search_protocol) that's why this error code can't be checked but still it needs to be reported.
The same logic is also used in efi_tcg2_get_eventlog() added by commit c8d0fd582576 ("efi_loader: Introduce eventlog support for TCG2_PROTOCOL").
Signed-off-by: Michal Simek michal.simek@xilinx.com ---
Changes in v2: - Change subject and description - Change logic in different location - Origin thread was https://lore.kernel.org/r/657a869c04e9b09e3bd2e6fd74ff94320b7fbe9b.163819116...
lib/efi_loader/efi_tcg2.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c index 8c1f22e3377b..db785f4d8c27 100644 --- a/lib/efi_loader/efi_tcg2.c +++ b/lib/efi_loader/efi_tcg2.c @@ -888,7 +888,8 @@ efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
ret = platform_get_tpm2_device(&dev); if (ret != EFI_SUCCESS) - return ret; + /* don't fail when TPM is not found */ + return EFI_SUCCESS;
switch (handle->image_type) { case IMAGE_SUBSYSTEM_EFI_APPLICATION:
On Mon, 29 Nov 2021 at 16:26, Michal Simek michal.simek@xilinx.com wrote:
For systems which have TPM support enabled but actual device is missing there is no reason to show a message that measurement failed in efi_load_pe(). To ensure that the patch is returning EFI_SUCCESS even for cases where TPM device is not found. The reason is that other parts of the code return also EFI_NOT_FOUND in tcg2_measure_pe_image() (e.g efi_search_protocol) that's why this error code can't be checked but still it needs to be reported.
The same logic is also used in efi_tcg2_get_eventlog() added by commit c8d0fd582576 ("efi_loader: Introduce eventlog support for TCG2_PROTOCOL").
Signed-off-by: Michal Simek michal.simek@xilinx.com
Changes in v2:
- Change subject and description
- Change logic in different location
- Origin thread was https://lore.kernel.org/r/657a869c04e9b09e3bd2e6fd74ff94320b7fbe9b.163819116...
lib/efi_loader/efi_tcg2.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c index 8c1f22e3377b..db785f4d8c27 100644 --- a/lib/efi_loader/efi_tcg2.c +++ b/lib/efi_loader/efi_tcg2.c @@ -888,7 +888,8 @@ efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
ret = platform_get_tpm2_device(&dev); if (ret != EFI_SUCCESS)
return ret;
/* don't fail when TPM is not found */return EFI_SUCCESS; switch (handle->image_type) { case IMAGE_SUBSYSTEM_EFI_APPLICATION:-- 2.33.1
Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org
On 11/29/21 15:55, Ilias Apalodimas wrote:
On Mon, 29 Nov 2021 at 16:26, Michal Simek michal.simek@xilinx.com wrote:
For systems which have TPM support enabled but actual device is missing there is no reason to show a message that measurement failed in efi_load_pe(). To ensure that the patch is returning EFI_SUCCESS even for cases where TPM device is not found. The reason is that other parts of the code return also EFI_NOT_FOUND in tcg2_measure_pe_image() (e.g efi_search_protocol) that's why this error code can't be checked but still it needs to be reported.
The same logic is also used in efi_tcg2_get_eventlog() added by commit c8d0fd582576 ("efi_loader: Introduce eventlog support for TCG2_PROTOCOL").
Signed-off-by: Michal Simek michal.simek@xilinx.com
Changes in v2:
Change subject and description
Change logic in different location
Origin thread was https://lore.kernel.org/r/657a869c04e9b09e3bd2e6fd74ff94320b7fbe9b.163819116...
lib/efi_loader/efi_tcg2.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c index 8c1f22e3377b..db785f4d8c27 100644 --- a/lib/efi_loader/efi_tcg2.c +++ b/lib/efi_loader/efi_tcg2.c @@ -888,7 +888,8 @@ efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
ret = platform_get_tpm2_device(&dev); if (ret != EFI_SUCCESS)
return ret;
/* don't fail when TPM is not found */return EFI_SUCCESS; switch (handle->image_type) { case IMAGE_SUBSYSTEM_EFI_APPLICATION:-- 2.33.1
Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org
This patch means:
You can run some command that initializes the TCG2 protocol (e.g. debug_hd), then unbind the TPM, run a first EFI binary which diverts EFI API addresses, bind the TPM again and run the normal binary and nobody will see the first binary in boot measurement.
Best regards
Heinrich
Heinrich,
On Mon, 29 Nov 2021 at 18:41, Heinrich Schuchardt xypron.glpk@gmx.de wrote:
On 11/29/21 15:55, Ilias Apalodimas wrote:
On Mon, 29 Nov 2021 at 16:26, Michal Simek michal.simek@xilinx.com wrote:
For systems which have TPM support enabled but actual device is missing there is no reason to show a message that measurement failed in efi_load_pe(). To ensure that the patch is returning EFI_SUCCESS even for cases where TPM device is not found. The reason is that other parts of the code return also EFI_NOT_FOUND in tcg2_measure_pe_image() (e.g efi_search_protocol) that's why this error code can't be checked but still it needs to be reported.
The same logic is also used in efi_tcg2_get_eventlog() added by commit c8d0fd582576 ("efi_loader: Introduce eventlog support for TCG2_PROTOCOL").
Signed-off-by: Michal Simek michal.simek@xilinx.com
Changes in v2:
Change subject and description
Change logic in different location
Origin thread was https://lore.kernel.org/r/657a869c04e9b09e3bd2e6fd74ff94320b7fbe9b.163819116...
lib/efi_loader/efi_tcg2.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c index 8c1f22e3377b..db785f4d8c27 100644 --- a/lib/efi_loader/efi_tcg2.c +++ b/lib/efi_loader/efi_tcg2.c @@ -888,7 +888,8 @@ efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
ret = platform_get_tpm2_device(&dev); if (ret != EFI_SUCCESS)
return ret;
/* don't fail when TPM is not found */return EFI_SUCCESS; switch (handle->image_type) { case IMAGE_SUBSYSTEM_EFI_APPLICATION:-- 2.33.1
Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org
This patch means:
You can run some command that initializes the TCG2 protocol (e.g. debug_hd), then unbind the TPM, run a first EFI binary which diverts EFI API addresses, bind the TPM again and run the normal binary and nobody will see the first binary in boot measurement.
Why? What you describe is an issue with, or without this patch. The code never stops if tcg2_measure_pe_image() fails. The only thing this patch does is silence a print if a TPM device is not found.
Regards /Ilias
Best regards
Heinrich
On Mon, 29 Nov 2021 at 18:50, Ilias Apalodimas ilias.apalodimas@linaro.org wrote:
Heinrich,
On Mon, 29 Nov 2021 at 18:41, Heinrich Schuchardt xypron.glpk@gmx.de wrote:
On 11/29/21 15:55, Ilias Apalodimas wrote:
On Mon, 29 Nov 2021 at 16:26, Michal Simek michal.simek@xilinx.com wrote:
For systems which have TPM support enabled but actual device is missing there is no reason to show a message that measurement failed in efi_load_pe(). To ensure that the patch is returning EFI_SUCCESS even for cases where TPM device is not found. The reason is that other parts of the code return also EFI_NOT_FOUND in tcg2_measure_pe_image() (e.g efi_search_protocol) that's why this error code can't be checked but still it needs to be reported.
The same logic is also used in efi_tcg2_get_eventlog() added by commit c8d0fd582576 ("efi_loader: Introduce eventlog support for TCG2_PROTOCOL").
Signed-off-by: Michal Simek michal.simek@xilinx.com
Changes in v2:
Change subject and description
Change logic in different location
Origin thread was https://lore.kernel.org/r/657a869c04e9b09e3bd2e6fd74ff94320b7fbe9b.163819116...
lib/efi_loader/efi_tcg2.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c index 8c1f22e3377b..db785f4d8c27 100644 --- a/lib/efi_loader/efi_tcg2.c +++ b/lib/efi_loader/efi_tcg2.c @@ -888,7 +888,8 @@ efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
ret = platform_get_tpm2_device(&dev); if (ret != EFI_SUCCESS)
return ret;
/* don't fail when TPM is not found */return EFI_SUCCESS; switch (handle->image_type) { case IMAGE_SUBSYSTEM_EFI_APPLICATION:-- 2.33.1
Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org
This patch means:
You can run some command that initializes the TCG2 protocol (e.g. debug_hd), then unbind the TPM, run a first EFI binary which diverts EFI API addresses, bind the TPM again and run the normal binary and nobody will see the first binary in boot measurement.
Why? What you describe is an issue with, or without this patch. The code never stops if tcg2_measure_pe_image() fails. The only thing this patch does is silence a print if a TPM device is not found.
But tbh we can sort out Heinrich's concern while not printing that error message. I'll come up with a patch shortly.
Cheers /Ilias
Regards /Ilias
Best regards
Heinrich
participants (3)
-
Heinrich Schuchardt -
Ilias Apalodimas -
Michal Simek