From: Philip Li <philip.li@intel.com>
To: kbuild-all@lists.01.org
Subject: Re: [PATCH v3 1/3] efi: generalize efi_get_secureboot
Date: Thu, 05 Nov 2020 15:10:48 +0800 [thread overview]
Message-ID: <20201105071047.GB5349@intel.com> (raw)
In-Reply-To: <CAMj1kXH7T4Bu6oa7hGiO0cpKwdRu6jptGm7=tr_xQ-Cy8=pXGQ@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 6302 bytes --]
On Wed, Nov 04, 2020 at 07:52:19PM +0100, Ard Biesheuvel wrote:
> On Wed, 4 Nov 2020 at 19:14, Mimi Zohar <zohar@linux.ibm.com> wrote:
> >
> > On Wed, 2020-11-04 at 12:20 +0800, kernel test robot wrote:
> > > Hi Chester,
> > >
> > > Thank you for the patch! Perhaps something to improve:
> > >
> > > [auto build test WARNING on efi/next]
> > > [also build test WARNING on arm64/for-next/core integrity/next-integrity v5.10-rc2 next-20201103]
> > > [If your patch is applied to the wrong git tree, kindly drop us a note.
> > > And when submitting patch, we suggest to use '--base' as documented in
> > > https://git-scm.com/docs/git-format-patch]
> > >
> > > url: https://github.com/0day-ci/linux/commits/Chester-Lin/add-ima_arch-support-for-ARM64/20201030-141043
> > > base: https://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git next
> > > config: i386-randconfig-s031-20201103 (attached as .config)
> > > compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
> > > reproduce:
> > > # apt-get install sparse
> > > # sparse version: v0.6.3-76-gf680124b-dirty
> > > # https://github.com/0day-ci/linux/commit/945001ead079043268e8ad1b9d1df9bd5cabf020
> > > git remote add linux-review https://github.com/0day-ci/linux
> > > git fetch --no-tags linux-review Chester-Lin/add-ima_arch-support-for-ARM64/20201030-141043
> > > git checkout 945001ead079043268e8ad1b9d1df9bd5cabf020
> > > # save the attached .config to linux build tree
> > > make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' ARCH=i386
> > >
> > > If you fix the issue, kindly add following tag as appropriate
> > > Reported-by: kernel test robot <lkp@intel.com>
> > >
> > >
> > > "sparse warnings: (new ones prefixed by >>)"
> > > >> drivers/firmware/efi/libstub/tpm.c:36:30: sparse: sparse: incorrect type in argument 1 (different modifiers) @@ expected unsigned short [usertype] *name @@ got unsigned short const * @@
> > > >> drivers/firmware/efi/libstub/tpm.c:36:30: sparse: expected unsigned short [usertype] *name
> > > >> drivers/firmware/efi/libstub/tpm.c:36:30: sparse: got unsigned short const *
> > > drivers/firmware/efi/libstub/tpm.c:42:21: sparse: sparse: incorrect type in argument 1 (different modifiers) @@ expected unsigned short [usertype] *name @@ got unsigned short const * @@
> > > drivers/firmware/efi/libstub/tpm.c:42:21: sparse: expected unsigned short [usertype] *name
> > > drivers/firmware/efi/libstub/tpm.c:42:21: sparse: got unsigned short const *
> > >
> >
> > This seems to be the result of commit 36b649760e94 ("efi: Use string
> > literals for efi_char16_t variable initializers"), not this patch.
> >
>
> Indeed. tpm.c is not even touched by the patch in question afaict.
sorry for false positive, we will look into it to resolve ths issue.
>
>
>
> >
> > > vim +36 drivers/firmware/efi/libstub/tpm.c
> > >
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 15
> > > 33b6d03469b2206 Thiebaud Weksteen 2017-09-20 16 #ifdef CONFIG_RESET_ATTACK_MITIGATION
> > > 36b649760e94968 Ard Biesheuvel 2018-03-12 17 static const efi_char16_t efi_MemoryOverWriteRequest_name[] =
> > > 36b649760e94968 Ard Biesheuvel 2018-03-12 18 L"MemoryOverwriteRequestControl";
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 19
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 20 #define MEMORY_ONLY_RESET_CONTROL_GUID \
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 21 EFI_GUID(0xe20939be, 0x32d4, 0x41be, 0xa1, 0x50, 0x89, 0x7f, 0x85, 0xd4, 0x98, 0x29)
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 22
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 23 /*
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 24 * Enable reboot attack mitigation. This requests that the firmware clear the
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 25 * RAM on next reboot before proceeding with boot, ensuring that any secrets
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 26 * are cleared. If userland has ensured that all secrets have been removed
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 27 * from RAM before reboot it can simply reset this variable.
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 28 */
> > > cd33a5c1d53e43b Ard Biesheuvel 2019-12-24 29 void efi_enable_reset_attack_mitigation(void)
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 30 {
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 31 u8 val = 1;
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 32 efi_guid_t var_guid = MEMORY_ONLY_RESET_CONTROL_GUID;
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 33 efi_status_t status;
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 34 unsigned long datasize = 0;
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 35
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 @36 status = get_efi_var(efi_MemoryOverWriteRequest_name, &var_guid,
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 37 NULL, &datasize, NULL);
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 38
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 39 if (status == EFI_NOT_FOUND)
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 40 return;
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 41
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 42 set_efi_var(efi_MemoryOverWriteRequest_name, &var_guid,
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 43 EFI_VARIABLE_NON_VOLATILE |
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 44 EFI_VARIABLE_BOOTSERVICE_ACCESS |
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 45 EFI_VARIABLE_RUNTIME_ACCESS, sizeof(val), &val);
> > > ccc829ba3624beb Matthew Garrett 2017-08-25 46 }
> > > 33b6d03469b2206 Thiebaud Weksteen 2017-09-20 47
> > >
> > > ---
> > > 0-DAY CI Kernel Test Service, Intel Corporation
> > > https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
> >
> >
> _______________________________________________
> kbuild-all mailing list -- kbuild-all(a)lists.01.org
> To unsubscribe send an email to kbuild-all-leave(a)lists.01.org
next prev parent reply other threads:[~2020-11-05 7:10 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <975b1b2c05fdbd73f25b09b85d6a23370e557536.camel@linux.ibm.com>
2020-11-04 18:52 ` [PATCH v3 1/3] efi: generalize efi_get_secureboot Ard Biesheuvel
2020-11-05 7:10 ` Philip Li [this message]
2020-10-30 6:08 [PATCH v3 0/3] add ima_arch support for ARM64 Chester Lin
2020-10-30 6:08 ` [PATCH v3 1/3] efi: generalize efi_get_secureboot Chester Lin
2020-10-30 6:08 ` Chester Lin
2020-10-30 11:51 ` Ard Biesheuvel
2020-10-30 11:51 ` Ard Biesheuvel
2020-11-02 5:30 ` Chester Lin
2020-11-02 5:30 ` Chester Lin
2020-10-31 2:39 ` kernel test robot
2020-11-02 13:03 ` kernel test robot
2020-11-04 4:20 ` kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201105071047.GB5349@intel.com \
--to=philip.li@intel.com \
--cc=kbuild-all@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.