From patchwork Sat Sep 28 15:46:55 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1168856 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46gY275k34z9sPG; Sun, 29 Sep 2019 01:47:11 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1iEEw2-0000MI-OC; Sat, 28 Sep 2019 15:47:02 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1iEEw1-0000K2-CG for kernel-team@lists.ubuntu.com; Sat, 28 Sep 2019 15:47:01 +0000 Received: from mail-io1-f72.google.com ([209.85.166.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1iEEw1-0005ld-3V for kernel-team@lists.ubuntu.com; Sat, 28 Sep 2019 15:47:01 +0000 Received: by mail-io1-f72.google.com with SMTP id a22so19257298ioq.23 for ; Sat, 28 Sep 2019 08:47:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=4CtU6u1yPDFgt5D6HhpTygtDrhQ6XN2N9xIstCEWaCA=; b=IrGip8MFAvWruNtCSN9G3KvhDfvojiLksaXNaVIYS5KK2XHBOuXT64vQXwmu8y1oF1 hbpJfMT8AtC85Z5cFalsPzgB2xJDj8qppoA6Pw9C7QudNkYBqBwxRhwrkutRyjh8U9n5 ofKpEZdwUPFOud/ZcMTrQ5Y6lTMERrNR7+PazMYXLhZMJj1VUMPnVEAtDPZ8D5v+YFu4 xWcOnlLjAVAR0L08R1NlNBEUkaAv+HM1oqozb4hGITrMhRDZoMp/tW8xKv6NMXfQf1zB Uhw8l/MOd61PcUJNmSEQ9uJy4FmXUv/78wko3hwxnfUbX2KYa5hP70SIydYWpNe35vhO qAtg== X-Gm-Message-State: APjAAAV9yT1I6TBuAq4SOJbpqshx72ymRP0z/rDG08fLY/mjto320kU5 3OOytAUbQmjoAJYrZXzdpbxEasthqEpS3EEOCmhntkb7qUI3EtpBu/g3/LSnjrRb57THNJT0ZVJ 74Q+smdFhbPtQXDH+YcWCyz9m39zLHd1S7blXvpeUAw== X-Received: by 2002:a92:d651:: with SMTP id x17mr11002061ilp.285.1569685620004; Sat, 28 Sep 2019 08:47:00 -0700 (PDT) X-Google-Smtp-Source: APXvYqy9ngWv8IAmsgYb1XegBmFiKjAeKUI5pgSDwuOLMmCdv3avW4wdgpA8FvfTx9hT0SwxLvBX7g== X-Received: by 2002:a92:d651:: with SMTP id x17mr11002049ilp.285.1569685619780; Sat, 28 Sep 2019 08:46:59 -0700 (PDT) Received: from localhost ([2605:a601:ac3:9720:4dd1:efb0:71b2:398e]) by smtp.gmail.com with ESMTPSA id 6sm2875850ion.66.2019.09.28.08.46.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 28 Sep 2019 08:46:58 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH 0/3][SRU][E] Fix panic when parsing tpm event log from firmware Date: Sat, 28 Sep 2019 10:46:55 -0500 Message-Id: <20190928154658.12957-1-seth.forshee@canonical.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/1845454 SRU Justification Impact: Some systems are getting kernel panics during boot while parsing tpm event logs from the firmware. This happens only when the tpm and secure boot are both enabled in the firmware. Fix: 3 patches which are currently applied to the upstream EFI maintainer tree. Test Case: On an affected system, booting a 5.3-based kernel will panic during boot when the tpm and secure boot are enabled. A patched kernel will boot successfully. The patches have been verified to fix the issue on a gen 6 Lenovo X1 Carbon. Regression Potential: If the patches have bugs they could cause regressions on systems not currently experiencing issues. The patches are pretty straightforward though and tagged for stable, so I believe the risk is minimal and (given the severity of the issue on affected hardware) acceptable. Thanks, Seth Jerry Snitselaar (1): efi/tpm: only set efi_tpm_final_log_size after successful event log parsing Peter Jones (2): efi/tpm: Don't access event->count when it isn't mapped. efi/tpm: don't traverse an event log with no events drivers/firmware/efi/tpm.c | 24 ++++++++++++++++++------ include/linux/tpm_eventlog.h | 16 ++++++++++++---- 2 files changed, 30 insertions(+), 10 deletions(-) Acked-by: Andrea Righi Acked-by: Kleber Sacilotto de Souza