From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mark Kettenis Date: Wed, 21 Oct 2020 15:21:51 +0200 (CEST) Subject: [PATCH] efi_loader: Disable devices before handing over control In-Reply-To: (message from Ilias Apalodimas on Wed, 21 Oct 2020 15:42:02 +0300) References: <20201021073224.1871106-1-ilias.apalodimas@linaro.org> <20201021114130.GA1896086@apalos.home> Message-ID: List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de > From: Ilias Apalodimas > Date: Wed, 21 Oct 2020 15:42:02 +0300 > > Hi Heinrich, > > > On Wed, 21 Oct 2020 at 15:35, Heinrich Schuchardt wrote: > > > > On 21.10.20 13:41, Ilias Apalodimas wrote: > > > Hi Heinrich, > > > > > > On Wed, Oct 21, 2020 at 12:17:29PM +0200, Heinrich Schuchardt wrote: > > >> On 10/21/20 9:32 AM, Ilias Apalodimas wrote: > > >>> U-Boot Driver Model is supposed to remove devices with either > > >>> DM_REMOVE_ACTIVE_DMA or DM_REMOVE_OS_PREPARE flags set, before exiting. > > >>> Our bootm command does that by explicitly calling calling > > >>> "dm_remove_devices_flags(DM_REMOVE_ACTIVE_ALL);" and we also disable any > > >>> USB devices. > > >>> > > >>> The EFI equivalent is doing none of those at the moment. As a result > > >>> probing an fTPM driver now renders it unusable in Linux. During our > > >>> (*probe) callback we open a session with OP-TEE, which is supposed to > > >>> close with our (*remove) callback. Since the (*remove) is never called, > > >>> once we boot into Linux and try to probe the device again we are getting > > >>> a busy error response. We also never free > > >>> > > >>> So let's fix this by mimicking what bootm does and disconnect devices > > >>> when efi_exit_boot_services() is called. Note that for the OP-TEE case > > >>> and in particular any subsequent bootloader that wants to use a device > > >>> (e.g GRUB) will need to call exit_boot_services() in order to close the > > >>> session. > > >> > > >> Hello Ilias, > > >> > > >> thanks for the patch. Adding the function calls looks correct to me, > > > > > > Well the only doubt I have is what if GRUB has to extend some PCRs before > > > calling Linux? Any idea if it's currently calling ExitBootSevices? > > > I was considering if it would be a better idea to call the device unbinding during > > > some kind of "exit" from U-boot's EFI code. (i.e before StartImage) > > > > ExitBootServices() is called by the Linux EFI stub in function > > allocate_new_fdt_and_exit_boot(). > > > > If GRUB would call ExitBootServices(), it would not be able to launch > > the EFI stub via StartImage(). > > Yea that's my point. So with the current patch, you won't be able to > access the fTPM driver from GRUB > (or any other EFI application) until the Linux EFI stub calls exit > boot services. Maybe calling those 2 functions in > StartImage is a better idea? Shouldn't an EFI application (such as GRUB) be using EFI protocols to access the TPM?