Re: [RFC PATCH v2 3/3] tpm: of: If available use linux,sml-log to get the log and its size

public inbox for linux-integrity@vger.kernel.org
 help / color / mirror / Atom feed

From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "Stefan Berger" <stefanb@linux.ibm.com>, <mpe@ellerman.id.au>,
	<linux-integrity@vger.kernel.org>,
	<linuxppc-dev@lists.ozlabs.org>
Cc: <linux-kernel@vger.kernel.org>, <rnsastry@linux.ibm.com>,
	<peterhuewe@gmx.de>, <viparash@in.ibm.com>,
	<devicetree@vger.kernel.org>, <jsnitsel@redhat.com>
Subject: Re: [RFC PATCH v2 3/3] tpm: of: If available use linux,sml-log to get the log and its size
Date: Tue, 12 Mar 2024 17:43:01 +0200	[thread overview]
Message-ID: <CZRVXE96ZZA8.33VFES8S07YS9@kernel.org> (raw)
In-Reply-To: <916fb19b-daf8-4c1b-bc25-f071d2b3ae33@linux.ibm.com>

On Mon Mar 11, 2024 at 10:33 PM EET, Stefan Berger wrote:
>
>
> On 3/11/24 16:25, Jarkko Sakkinen wrote:
> > On Mon Mar 11, 2024 at 3:20 PM EET, Stefan Berger wrote:
> >> If linux,sml-log is available use it to get the TPM log rather than the
> >> pointer found in linux,sml-base. This resolves an issue on PowerVM and KVM
> >> on Power where after a kexec the memory pointed to by linux,sml-base may
> >> have become inaccessible or corrupted. Also, linux,sml-log has replaced
> >> linux,sml-base and linux,sml-size on these two platforms.
> >>
> >> Keep the handling of linux,sml-base/sml-size for powernv platforms that
> >> provide the two properties via skiboot.
> >>
> >> Fixes: c5df39262dd5 ("drivers/char/tpm: Add securityfs support for event log")
> >> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> > 
> > I'm worried about not being up to date and instead using "cached" values
> > when verifying anything from a security chip. Does this guarantee that
> > TPM log is corrupted and will not get updated somehow?
>
>
> What do you mean 'guarantee that TPM log is corrupted'?

I presume that this is for power architecture but I have no idea what
leads log being corrupted, and is the scope all of that that arch or
some subset of CPUs.

The commit message is not very detailed on kexec scenario. It more like
assumes that reader knows all the detail beforehand. So probably this
will start to make sense once the backing story is improved, that's
all.

> The TPM was handed over from the firmware to Linux and the firmware then 
> freed all memory associated with the log and will then not create a new 
> log or touch the TPM or do anything that would require an update to the 
> handed-over log. Linux also does not append to the firmware log. So 
> whatever we now find in linux,sml-log would be the latest firmware log 
> and the state of the 'firmware PCRs' computed from it should correspond 
> to the current state of the 'firmware PCRs'.

So on what CPU this happens and is there any bigger picture for that
design choice in the firmware?

If it is a firmware bug, this should emit FW_BUG log message. If not,
then this commit message should provide the necessary context.

BR, Jarkko

next prev parent reply	other threads:[~2024-03-12 15:43 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-03-11 13:20 [RFC PATCH v2 0/3] Preserve TPM log across kexec Stefan Berger
2024-03-11 13:20 ` [RFC PATCH v2 1/3] powerpc/prom_init: Replace linux,sml-base/sml-size with linux,sml-log Stefan Berger
2024-03-11 17:24   ` Christophe Leroy
2024-03-11 19:10     ` Stefan Berger
2024-03-11 17:47   ` Jerry Snitselaar
2024-03-11 20:21   ` Jarkko Sakkinen
2024-03-11 13:20 ` [RFC PATCH v2 2/3] dt-bindings: tpm: Add linux,sml-log to ibm,vtpm.yaml Stefan Berger
2024-03-12 11:11   ` Lukas Wunner
2024-03-12 14:12     ` Stefan Berger
2024-03-12 15:52     ` Jarkko Sakkinen
2024-03-11 13:20 ` [RFC PATCH v2 3/3] tpm: of: If available use linux,sml-log to get the log and its size Stefan Berger
2024-03-11 20:25   ` Jarkko Sakkinen
2024-03-11 20:33     ` Stefan Berger
2024-03-12 15:43       ` Jarkko Sakkinen [this message]
2024-03-12 19:37         ` Stefan Berger

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CZRVXE96ZZA8.33VFES8S07YS9@kernel.org \
    --to=jarkko@kernel.org \
    --cc=devicetree@vger.kernel.org \
    --cc=jsnitsel@redhat.com \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linuxppc-dev@lists.ozlabs.org \
    --cc=mpe@ellerman.id.au \
    --cc=peterhuewe@gmx.de \
    --cc=rnsastry@linux.ibm.com \
    --cc=stefanb@linux.ibm.com \
    --cc=viparash@in.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox