From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "Stefan Berger" <stefanb@linux.ibm.com>,
<linux-integrity@vger.kernel.org>
Cc: <linux-kernel@vger.kernel.org>, "Andy Liang" <andy.liang@hpe.com>,
"Takashi Iwai" <tiwai@suse.de>
Subject: Re: [PATCH] tpm/eventlog: Limit memory allocations for event logs with excessive size
Date: Sat, 14 Dec 2024 05:51:36 +0200 [thread overview]
Message-ID: <D6B49LBSZXN4.3V519030X0YCG@kernel.org> (raw)
In-Reply-To: <20241210222608.598424-1-stefanb@linux.ibm.com>
On Wed Dec 11, 2024 at 12:26 AM EET, Stefan Berger wrote:
> The TPM2 ACPI BIOS eventlog of a particular machine indicates that the
> length of the log is 4MB, even though the actual length of its useful data,
> when dumped, are only 69kb. To avoid allocating excessive amounts of memory
> for the event log, limit the size of any eventlog to 128kb. This should be
> sufficient memory and also not unnecessarily truncate event logs on any
> other machine.
>
> Reported-by: Andy Liang <andy.liang@hpe.com>
> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219495
> Cc: Takashi Iwai <tiwai@suse.de>
> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> ---
> drivers/char/tpm/eventlog/acpi.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/drivers/char/tpm/eventlog/acpi.c b/drivers/char/tpm/eventlog/acpi.c
> index 69533d0bfb51..701fd7d4cc28 100644
> --- a/drivers/char/tpm/eventlog/acpi.c
> +++ b/drivers/char/tpm/eventlog/acpi.c
> @@ -26,6 +26,8 @@
> #include "../tpm.h"
> #include "common.h"
>
> +#define MAX_TPM_LOG_LEN (128 * 1024)
Instead, to common.h:
/*
* Cap the log size to the given number of bytes. Applied to the TPM2
* ACPI logs.
*/
#define TPM_MAX_LOG_SIZE (128 * 1024)
>
> +
> struct acpi_tcpa {
> struct acpi_table_header hdr;
> u16 platform_class;
> @@ -135,6 +137,12 @@ int tpm_read_log_acpi(struct tpm_chip *chip)
> return -EIO;
> }
>
> + if (len > MAX_TPM_LOG_LEN) {
> + dev_warn(&chip->dev, "Excessive TCPA log len %llu truncated to %u bytes\n",
> + len, MAX_TPM_LOG_LEN);
> + len = MAX_TPM_LOG_LEN;
> + }
First, you are changing also TPM1 code path. Also in the case of
TPM2 code path the log message is incorrect as TCPA does not exist.
Second, this does not make sense as the log ends up to be corrupted
(i.e. not complete).
Instead, in the TPM2 code path:
start = tpm2_phy->log_area_start_address;
if (!start || !len) {
acpi_put_table((struct acpi_table_header *)tbl);
return -ENODEV;
}
if (len > TPM_MAX_LOG_SIZE) {
dev_warn(&chip->dev, "Excessive TPM2 log size of %llu bytes (> %u)\n",
len, MAX_TPM_LOG_LEN);
log->bios_event_log = start;
chip->flags |= TPM_CHIP_FLAG_TPM2_ACPI;
return 0;
}
This can then be used in tpm2.c to create a "slow path" in tpm2.c for
parsing TPM2 ACPI log directly by mapping IO memory.
BR, Jarkko
next prev parent reply other threads:[~2024-12-14 3:51 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-10 22:26 [PATCH] tpm/eventlog: Limit memory allocations for event logs with excessive size Stefan Berger
2024-12-14 3:51 ` Jarkko Sakkinen [this message]
2024-12-16 19:29 ` Stefan Berger
2024-12-19 15:29 ` Jarkko Sakkinen
2024-12-19 15:38 ` Jarkko Sakkinen
2024-12-20 10:15 ` Takashi Iwai
2024-12-20 1:47 ` Liang, Andy (Linux Ecosystem Engineering)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D6B49LBSZXN4.3V519030X0YCG@kernel.org \
--to=jarkko@kernel.org \
--cc=andy.liang@hpe.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stefanb@linux.ibm.com \
--cc=tiwai@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox