From: Usama Arif <usamaarif642@gmail.com>
To: Gregory Price <gourry@gourry.net>, Jiri Slaby <jirislaby@kernel.org>
Cc: Ard Biesheuvel <ardb+git@google.com>,
linux-efi@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>,
stable@vger.kernel.org, Breno Leitao <leitao@debian.org>
Subject: Re: [PATCH] efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption
Date: Wed, 30 Oct 2024 18:24:23 +0000 [thread overview]
Message-ID: <30899696-def7-4f1e-a54b-65fc6901a998@gmail.com> (raw)
In-Reply-To: <ZyJ0r_zZ5UD8pvzX@PC2K9PVX.TheFacebook.com>
On 30/10/2024 18:02, Gregory Price wrote:
> On Wed, Oct 30, 2024 at 05:13:14PM +0000, Usama Arif wrote:
>>
>>
>> On 30/10/2024 05:25, Jiri Slaby wrote:
>>> On 25. 10. 24, 15:27, Usama Arif wrote:
>>>> Could you share the e820 map, reserve setup_data and TPMEventLog address with and without the patch?
>>>> All of these should be just be in the dmesg.
>>>
>>> It's shared in the aforementioned bug [1] already.
>>>
>>> 6.11.2 dmesg (bad run):
>>> https://bugzilla.suse.com/attachment.cgi?id=877874
>>>
>>> 6.12-rc2 dmesg (good run):
>>> https://bugzilla.suse.com/attachment.cgi?id=877887
>>>
>>> FWIW from https://bugzilla.suse.com/attachment.cgi?id=878051:
>>> good TPMEventLog=0x682aa018
>>> bad TPMEventLog=0x65a6b018
>>>
>>> [1] https://bugzilla.suse.com/show_bug.cgi?id=1231465
>>>
> ... snip ...
>>> efi: EFI v2.6 by American Megatrends
>>> efi: ACPI=0x7a255000 ACPI 2.0=0x7a255000 SMBIOS=0x7b140000 SMBIOS 3.0=0x7b13f000 TPMFinalLog=0x7a892000 ESRT=0x7b0deb18 [-MEMATTR=0x77535018-] {+MEMATTR=0x77526018+} MOKvar=0x7b13e000 RNG=0x7a254018 [-TPMEventLog=0x65a6f018-] {+TPMEventLog=0x682ac018+}
>>>
>>>
>>> thanks,
>>
>> Thanks for sharing this.
>>
>> This looks a bit weird for me.
>>
>> The issue this patch was trying to fix was TPMEventLog being overwritten during kexec.
>> We are using efi libstub.
>> Without this patch we would see
>> BIOS-e820: [mem 0x0000000000100000-0x0000000064763fff] usable
>> TPMEventLog=0x5ed47018
>> i.e. TPMEventLog was usable memory and therefore was prone to corruption during kexec.
>>
>> With this patch
>> BIOS-e820: [mem 0x00000000a8c01000-0x00000000a8cebfff] ACPI data
>> TPMEventLog=0xa8ca8018
>> i.e. TPMEventLog is reserved as ACPI data, hence cant be corrupted during kexec.
>>
>>
>> In your case, from the logs you shared, good run without the patch:
>> [ 0.000000] [ T0] BIOS-e820: [mem 0x0000000065a6f000-0x0000000065a7dfff] ACPI data
>> [ 0.000000] [ T0] BIOS-e820: [mem 0x0000000065a7e000-0x000000006a5acfff] usable
>> [ 0.000000] [ T0] BIOS-e820: [mem 0x000000006a5ad000-0x000000006a5adfff] ACPI NVS
>> TPMEventLog=0x65a6f018
>> bad run with the patch:
>> [ 0.000000] [ T0] BIOS-e820: [mem 0x00000000682ac000-0x00000000682bafff] ACPI data
>> [ 0.000000] [ T0] BIOS-e820: [mem 0x00000000682bb000-0x000000006a5acfff] usable
>> [ 0.000000] [ T0] BIOS-e820: [mem 0x000000006a5ad000-0x000000006a5adfff] ACPI NVS
>> TPMEventLog=0x682ac018
>> Both with and without the fix, the TPMEventLog is part of ACPI data.
>>
>
> Just wondering - why would the TPM log move a total of ~40MB between COLD boots.
>
> I would expect this location to be relatively fixed (give or take a small amount of
> memory) - especially since it's so early in boot.
>
This is a good point. I think if we suspect this patch, it would be good to compare
dmesg of kernel cold boot with this patch vs the commit just before this patch, rather
than comparing with 6.12.
Thanks
>> It means your firmware has already marked that area as ACPI data. Are you using efi/libstub?
>>
>> Thanks,
>> Usama
>>
>>
>>
>>
next prev parent reply other threads:[~2024-10-30 18:24 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-12 15:52 [PATCH] efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption Ard Biesheuvel
2024-09-13 6:27 ` Ilias Apalodimas
2024-09-13 10:00 ` Breno Leitao
2024-10-24 16:20 ` Jiri Slaby
2024-10-25 5:07 ` Jiri Slaby
2024-10-25 5:09 ` Jiri Slaby
2024-10-25 7:30 ` Ard Biesheuvel
2024-10-30 16:32 ` Gregory Price
2024-10-31 7:55 ` Jiri Slaby
2024-10-31 9:04 ` Ard Biesheuvel
2024-10-25 13:27 ` Usama Arif
2024-10-30 5:25 ` Jiri Slaby
2024-10-30 17:13 ` Usama Arif
2024-10-30 18:02 ` Gregory Price
2024-10-30 18:24 ` Usama Arif [this message]
2024-10-31 8:38 ` Jiri Slaby
2024-10-30 18:26 ` Gregory Price
2024-10-30 19:43 ` Ard Biesheuvel
2024-10-30 20:30 ` Gregory Price
2024-10-31 8:19 ` Jiri Slaby
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=30899696-def7-4f1e-a54b-65fc6901a998@gmail.com \
--to=usamaarif642@gmail.com \
--cc=ardb+git@google.com \
--cc=ardb@kernel.org \
--cc=gourry@gourry.net \
--cc=jirislaby@kernel.org \
--cc=leitao@debian.org \
--cc=linux-efi@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox