From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3DA06C433DF for ; Thu, 14 May 2020 10:51:57 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 26A6D20575 for ; Thu, 14 May 2020 10:51:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726202AbgENKv4 (ORCPT ); Thu, 14 May 2020 06:51:56 -0400 Received: from mga06.intel.com ([134.134.136.31]:23270 "EHLO mga06.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726015AbgENKv4 (ORCPT ); Thu, 14 May 2020 06:51:56 -0400 IronPort-SDR: tefQ+fuE/yM/C0NNxBEbpuXQqERNCz0lwggjminhOS8x6ic0q6BErv2goSbGmhK8rXsV3MhVJy jZ4IdA9uakVw== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 May 2020 03:51:55 -0700 IronPort-SDR: 46gXR2FOU1CoYboCW4wd1pF2D2k8gL53ixan8bWkgETCODT1YK9wVtHmz6WXGaeemSCYbludmZ CbO8F9kw3+Dw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,391,1583222400"; d="scan'208";a="266202646" Received: from apogrebi-mobl2.ger.corp.intel.com ([10.249.39.119]) by orsmga006.jf.intel.com with ESMTP; 14 May 2020 03:51:53 -0700 Message-ID: Subject: Re: [PATCH] tpm: check event log version before reading final events From: Jarkko Sakkinen To: Ard Biesheuvel , =?ISO-8859-1?Q?Lo=EFc?= Yhuel Cc: linux-integrity@vger.kernel.org, Matthew Garrett , javierm@redhat.com Date: Thu, 14 May 2020 13:51:53 +0300 In-Reply-To: References: <20200512040113.277768-1-loic.yhuel@gmail.com> Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.36.1-2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org On Tue, 2020-05-12 at 14:30 +0200, Ard Biesheuvel wrote: > On Tue, 12 May 2020 at 13:40, Loïc Yhuel wrote: > > Le mar. 12 mai 2020 à 08:45, Ard Biesheuvel a écrit : > > > So what functionality do we lose here? Can we still make meaningful > > > use of the event log without the final log? I thought one was > > > incomplete without the other? > > The char driver (drivers/char/tpm/eventlog/efi.c), already ignores > > efi.tpm_final_log > > if the event log version isn't EFI_TCG2_EVENT_LOG_FORMAT_TCG_2. > > So there currently no code making use of the final log contents on > > those machines, > > besides the two cases I patched which only try to determine its size. > > > > Ah ok, thanks for clarifying. If we never consume it anyway, then I > agree this is the correct fix. I think issuing a warning would not be a bad idea given the incompleteness of the even log. /Jarkko