From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <u-boot-bounces@lists.denx.de>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 9BCA2C61DA4
	for <u-boot@archiver.kernel.org>; Thu, 23 Feb 2023 18:07:59 +0000 (UTC)
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 470A1851EB;
	Thu, 23 Feb 2023 19:07:57 +0100 (CET)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="OMUS6alR";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id EE6CF8551C; Thu, 23 Feb 2023 19:07:55 +0100 (CET)
Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com
 [IPv6:2a00:1450:4864:20::52f])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 3E5B584528
 for <u-boot@lists.denx.de>; Thu, 23 Feb 2023 19:07:52 +0100 (CET)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org
Received: by mail-ed1-x52f.google.com with SMTP id s26so45274486edw.11
 for <u-boot@lists.denx.de>; Thu, 23 Feb 2023 10:07:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=in-reply-to:content-disposition:mime-version:references:message-id
 :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
 bh=IuWJE7vYJM3eLFeDSRbYaJun+On7shTQxhMyUiKiWQU=;
 b=OMUS6alRbFLRB2d0wM+S4bP6Uip7+HTRmLQhPwmVaAxqpdLqbiu9FdtMonhUkD1k5J
 Cjw3B7WHGPvBTHGncriUODYjL68Qc0mVEvXeHV/5k67QFNgVFMwLAA+j9J6lBQb3/O/2
 SBSDwurnFk1576PoN2ciaQYUDLZGFN7Xnt+Z8M8TroHJjuj5CVjeKa5z3tBG/c8DLutq
 pym8e0YW4qL19wC+eojvubqIREmpTOuva5qPhcT2vlSu3gcAS8Mm8qp+EG9DtrZMCKUS
 FMtHhFYdiwzBNuT1ypUoY0fS6AQL44PB64t602ikfUk59OuLWOgyX/q3vgSiHIU9luxT
 xoLQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=in-reply-to:content-disposition:mime-version:references:message-id
 :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date
 :message-id:reply-to;
 bh=IuWJE7vYJM3eLFeDSRbYaJun+On7shTQxhMyUiKiWQU=;
 b=dHxNnf3QjXhORq8AUzptyO4yTeRzz8aP8vIlBM2PngdbWuw187DMqpUhZnOhysMKRp
 A8H9Rgw29zWuitWS47nXcp+lTXP95LxTB2yMBYah+Q70EOsKXIa+aUveHuqHCn4xSfDU
 pitSYhcEwjsy5baWgK8M28j3BPYYlIizk9BCGIN5hcdsiAlQmvtQS6QnFN20V8K0xX4m
 wG5BrrslO5OTzhWX1hlvjzq3FlKyGvCPe8nNLoiDeUYR6/ppCUXlNLJc3OPZ2Mqo4+At
 dMJ5IEii0GY9yJcd252MzyCtl02Zjb8lSV+kBIOpzdjkzbfcb4BIDBlMIB0IlVnRpxyi
 5Sqg==
X-Gm-Message-State: AO0yUKXziX9xYoDuf7F82BSxDeLM4ykpvguPO+7ZgjFGmgXXfxthf7Y5
 0dndOhAYUDArk3dxpXKYm/xIww==
X-Google-Smtp-Source: AK7set8EEFpXHDM/Q5K5g8FcB8UXBLCeI6uHOsJpedc5u28dKP1JW3uzN8bxizWf+v5TV3qdv8PYvQ==
X-Received: by 2002:a17:906:2c50:b0:8af:2cf7:dd2b with SMTP id
 f16-20020a1709062c5000b008af2cf7dd2bmr21886230ejh.13.1677175671788; 
 Thu, 23 Feb 2023 10:07:51 -0800 (PST)
Received: from hera (ppp176092130041.access.hol.gr. [176.92.130.41])
 by smtp.gmail.com with ESMTPSA id
 d25-20020a50cd59000000b004acd42c8be5sm6128719edj.90.2023.02.23.10.07.50
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 23 Feb 2023 10:07:51 -0800 (PST)
Date: Thu, 23 Feb 2023 20:07:49 +0200
From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Eddie James <eajames@linux.ibm.com>
Cc: u-boot@lists.denx.de, sjg@chromium.org, xypron.glpk@gmx.de, joel@jms.id.au
Subject: Re: [PATCH v6 3/6] tpm: Support boot measurements
Message-ID: <Y/erdXXEHJi2zRWI@hera>
References: <20230222180242.4040958-1-eajames@linux.ibm.com>
 <20230222180242.4040958-4-eajames@linux.ibm.com>
 <Y/criLT3t9NrwhU8@hera>
 <CAC_iWjJXJRdM-VNUMH+0aTVyBZkyQOxEVX5YqqjQN0-W70r1ww@mail.gmail.com>
 <CAC_iWjLQAxusHhTYf92X=W_zJqpQ6A8pN+zwt3Y9gtxpae_9Kg@mail.gmail.com>
 <2e4e1a87-00dc-4a0f-9a84-162daf578292@linux.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <2e4e1a87-00dc-4a0f-9a84-162daf578292@linux.ibm.com>
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de
X-Virus-Status: Clean

Hi Eddie,

[...]

> > But at least the kernel can find the EFI config tables properly.
> > > Also, note that the ret is efi_status_t and the new function you added
> > > returns an int.  Just switch the ret here accordingly.
> > >
> > >
> > >           * platforms can use different ways to do so.
> > >           */
> > >          ret = tcg2_init_log(dev, &elog);
> > > -       if (ret != EFI_SUCCESS)
> > > -               goto free_pool;
> > > -
> > > -       memcpy(event_log.buffer, elog.log, elog.log_position);
> > > -       event_log.pos = elog.log_position;
> > > +       if (ret == EFI_SUCCESS) {
> > > +               memcpy(event_log.buffer, elog.log, elog.log_position);
> > > +               event_log.pos = elog.log_position;
> > > +       }
> > >
> > >
> > > I'll try digging into the EFI issues more once I get some time
> > Ok Ignore the previous mail. I just noticed that the specid event is
> > generated by tcg2_log_init() and that's where the errors come from.
>
>
> OK, I think I understand the problem. One problem with your solution below
> is that it's only useful for EFI; writing the event log to a temporary
> buffer in the non-EFI case is a waste of time, since it can't go anywhere.

It's not even a 'solution', it's just an ugly hack to help you understand
where things go sideways.

>
> I have a solution where the user can pass in their buffer in the
> tcg2_event_log structure in the event that no memory region is discovered.
> EFI can use that path.

Yep that sounds sane,  that way EFI can pass the efi allocated memory and
you can call call that with NULL for non-efi code.
Please keep in mind that the EventLog, if it comes from TF-A, needs to be
replayed into hardware as well, since TF-A doesn't extend PCRs.

>
>
> Thanks for the debugging effort!

yw

Cheers
/Ilias
>
> Eddie
>
>
> >
> > So something like the *really ugly hack* fixes EFI.  Can you please
> > turn it into human-readable code
> >
> >   #include <linux/unaligned/be_byteshift.h>
> >   #include <linux/unaligned/generic.h>
> >   #include <linux/unaligned/le_byteshift.h>
> > +#include <malloc.h>
> >
> >   #include "tpm-utils.h"
> >
> > @@ -634,7 +635,7 @@ __weak int tcg2_platform_get_log(struct udevice
> > *dev, void **addr, u32 *size)
> >
> >                  if (dev_read_phandle_with_args(dev, "memory-region", NULL, 0,
> >                                                 0, &args))
> > -                       return -ENODEV;
> > +                       goto alloc;
> >
> >                  a = ofnode_get_addr_size(args.node, "reg", &s);
> >                  if (a == FDT_ADDR_T_NONE)
> > @@ -643,6 +644,9 @@ __weak int tcg2_platform_get_log(struct udevice
> > *dev, void **addr, u32 *size)
> >                  *addr = map_physmem(a, s, MAP_NOCACHE);
> >                  *size = (u32)s;
> >          }
> > +alloc:
> > +       *addr = calloc(1, 4096);
> > +       *size = 4096;
> >
> >          return 0;
> >   }
> >
> > Cheers
> > /Ilias
> >
> > > Cheers
> > > /Ilias
> > > > Thanks!
> > > > /Ilias