From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.1 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B2A5DC43219 for ; Thu, 2 May 2019 20:56:42 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 8006A20578 for ; Thu, 2 May 2019 20:56:42 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="KgC8Txd4" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726394AbfEBU4l (ORCPT ); Thu, 2 May 2019 16:56:41 -0400 Received: from mail-io1-f67.google.com ([209.85.166.67]:44850 "EHLO mail-io1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726359AbfEBU4k (ORCPT ); Thu, 2 May 2019 16:56:40 -0400 Received: by mail-io1-f67.google.com with SMTP id r71so3444603iod.11 for ; Thu, 02 May 2019 13:56:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=W3LPddwCKGY2xDs2u/DUWFbBGqANYJTYynM8oS/U41s=; b=KgC8Txd4sqFpfNVIU5Wc0c0htULB4U6DQmgHOL62Lo4Qhb7H8HeoP6A5oyBRfRlIxH nbujZgFqKo77czxlk/kYHMvFORPVv3giYwy/vyNp+e5oH4IrW1KDEJN1DWBhUNtI7QWi Jud+60EOp+yWaRfrdV/xm2B2vgIN4UsTjluESbASHsPOg2gqqxpsMYXqfKwILZWxH4Qf xY8RD73W6/ytjIAP8KEyoS53A04zKtk6p1VGqlaftgWj7DFwAErc2E/gr9bz3vf8H1Ae y3fHfE6gJdC97GBgVgLqfluYDtX+PSbeRDTlYIaOf3VAmN5x9tJYBIkgwJ8kvCLdXigZ Rhkw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=W3LPddwCKGY2xDs2u/DUWFbBGqANYJTYynM8oS/U41s=; b=bRtoz/d6I5cu1wQm6UQgJIyGHHcCZiy4GY6qnWhQrQ8wxBBlZYaKD8EW4JdDXz1I0o klZFB7KRh5vCAF4Ai/6CObqKcJWG3f7KvtECaECk71LA7vT+7mn3rqxo/ZsRbCq1WMN7 r0JL2qPTnuc0HhpH7z675ku4VedU/dtpTBaDpBUVVre509ITO3JjzeQGdxlHelFS7GsD DJ6RPW4wXG/OUWBMEBsKwdfAvg7vd49uJ+XVBJ7D6XX1nQxtzji2yW7tk22YE3qRoRch 1jwfmVjMcmI0VPLDJPfPQmxowuVRHe/nGvVaVBm0H8mjYkapyh/kGn5q5Vs80t12X85J W2ag== X-Gm-Message-State: APjAAAUJEE+WQ3EDkGNKbmm2GCT887fo7N60QbMv+Gc+pKRbLkQlmSdy BZOfHWTVsxqIuL7818XV0vSogHR/m5m6rVOZYyDSow== X-Google-Smtp-Source: APXvYqw8fJr5vPiI/5b4rrryNsL0YNv88XUlTZMDz7MCDm+On7B/QMbwAD7N2VgsEzqDAu88wY0gE9GedHWaSxSS7n4= X-Received: by 2002:a6b:7b47:: with SMTP id m7mr4208092iop.173.1556830599457; Thu, 02 May 2019 13:56:39 -0700 (PDT) MIME-Version: 1.0 References: <20190227202658.197113-1-matthewgarrett@google.com> <20190227202658.197113-3-matthewgarrett@google.com> In-Reply-To: From: Ard Biesheuvel Date: Thu, 2 May 2019 22:56:27 +0200 Message-ID: Subject: Re: [PATCH V5 2/4] tpm: Reserve the TPM final events table To: Matthew Garrett Cc: Jarkko Sakkinen , Ingo Molnar , Bartosz Szczepanek , linux-integrity , Peter Huewe , Jason Gunthorpe , Roberto Sassu , linux-efi , LSM List , Linux Kernel Mailing List , =?UTF-8?Q?Thi=C3=A9baud_Weksteen?= Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 2 May 2019 at 20:04, Matthew Garrett wrote: > > On Thu, May 2, 2019 at 12:15 AM Ard Biesheuvel > wrote: > > > > (+ Ingo) > > > > On Tue, 30 Apr 2019 at 21:52, Matthew Garrett wrote: > > > > > > On Tue, Apr 30, 2019 at 6:07 AM Bartosz Szczepanek wrote: > > > > > > > > I may be a little late with this comment, but I've just tested these > > > > patches on aarch64 platform (from the top of jjs/master) and got > > > > kernel panic ("Unable to handle kernel read", full log at the end of > > > > mail). I think there's problem with below call to > > > > tpm2_calc_event_log_size(), where physical address of efi.tpm_log is > > > > passed as (void *) and never remapped: > > > > > > Yes, it looks like this is just broken. Can you try with the attached patch? > > > > I'm a bit uncomfortable with EFI code that is obviously broken and > > untested being queued for the next merge window in another tree. > > The patchset was Cc:ed to linux-efi@. Is there anything else I should > have done to ensure you picked it up rather than Jarkko? No, I am not saying it was you who did anything wrong - Jarkko and I should probably have aligned better. But my own testing wouldn't have caught this particular issue either (I am still in the process of getting access to ARM machines with a TPM), so it wouldn't have made a huge difference in any case.