diff mbox series

[3/6] libstub,tpm: provide indication of failure when getting event log

Message ID 20240906202745.11159-4-gourry@gourry.net
State New
Headers show
Series libstub,tpm: fix small bugs and improve error reporting | expand

Commit Message

Gregory Price Sept. 6, 2024, 8:27 p.m. UTC 
If get_event_log fails, at least provide an indicator of this failure
to assist debugging later failures that attempt to interact with it.

Signed-off-by: Gregory Price <gourry@gourry.net>
---
 drivers/firmware/efi/libstub/tpm.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Comments

Ilias Apalodimas Sept. 13, 2024, 6:59 a.m. UTC | #1 
Hi Gregory,

On Fri, 6 Sept 2024 at 23:28, Gregory Price <gourry@gourry.net> wrote:
>
> If get_event_log fails, at least provide an indicator of this failure
> to assist debugging later failures that attempt to interact with it.
>
> Signed-off-by: Gregory Price <gourry@gourry.net>
> ---
>  drivers/firmware/efi/libstub/tpm.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libstub/tpm.c
> index df3182f2e63a..192914e04e0f 100644
> --- a/drivers/firmware/efi/libstub/tpm.c
> +++ b/drivers/firmware/efi/libstub/tpm.c
> @@ -185,8 +185,10 @@ void efi_retrieve_eventlog(void)
>                         get_efi_config_table(EFI_CC_FINAL_EVENTS_TABLE_GUID);
>         }
>
> -       if (status != EFI_SUCCESS || !log_location)
> +       if (status != EFI_SUCCESS || !log_location) {
> +               efi_err("TPM unable to provide Event Log\n");

s/provide/retrieve/ and yes the print is going to be useful.  Do you
know if the EventLog is mandatory. Reading at the spec GetEventlog
only has 2 return values, which implies you can't return "Not
supported", but it's not explicitly stated anywhere

Thanks
/Ilias
>                 return;
> +       }
>
>         efi_retrieve_tcg2_eventlog(version, log_location, log_last_entry,
>                                    truncated, final_events_table);
> --
> 2.43.0
>
Gregory Price Sept. 13, 2024, 12:57 p.m. UTC | #2 
On Fri, Sep 13, 2024 at 09:59:03AM +0300, Ilias Apalodimas wrote:
> Hi Gregory,
> 
> On Fri, 6 Sept 2024 at 23:28, Gregory Price <gourry@gourry.net> wrote:
> >
> > If get_event_log fails, at least provide an indicator of this failure
> > to assist debugging later failures that attempt to interact with it.
> >
> > Signed-off-by: Gregory Price <gourry@gourry.net>
> > ---
> >  drivers/firmware/efi/libstub/tpm.c | 4 +++-
> >  1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libstub/tpm.c
> > index df3182f2e63a..192914e04e0f 100644
> > --- a/drivers/firmware/efi/libstub/tpm.c
> > +++ b/drivers/firmware/efi/libstub/tpm.c
> > @@ -185,8 +185,10 @@ void efi_retrieve_eventlog(void)
> >                         get_efi_config_table(EFI_CC_FINAL_EVENTS_TABLE_GUID);
> >         }
> >
> > -       if (status != EFI_SUCCESS || !log_location)
> > +       if (status != EFI_SUCCESS || !log_location) {
> > +               efi_err("TPM unable to provide Event Log\n");
> 
> s/provide/retrieve/ and yes the print is going to be useful.  Do you
> know if the EventLog is mandatory. Reading at the spec GetEventlog
> only has 2 return values, which implies you can't return "Not
> supported", but it's not explicitly stated anywhere
> 

I believe it is mandatory from my reading of the spec - but the
"Final Event Log" was only added in 2.0.  We report an error when
2.0 is reported but the final event log is not supported, so i figure
we should probably report when the event log fails as well.

> Thanks
> /Ilias
> >                 return;
> > +       }
> >
> >         efi_retrieve_tcg2_eventlog(version, log_location, log_last_entry,
> >                                    truncated, final_events_table);
> > --
> > 2.43.0
> >
Ilias Apalodimas Sept. 13, 2024, 1:10 p.m. UTC | #3 
On Fri, 13 Sept 2024 at 15:58, Gregory Price <gourry@gourry.net> wrote:
>
> On Fri, Sep 13, 2024 at 09:59:03AM +0300, Ilias Apalodimas wrote:
> > Hi Gregory,
> >
> > On Fri, 6 Sept 2024 at 23:28, Gregory Price <gourry@gourry.net> wrote:
> > >
> > > If get_event_log fails, at least provide an indicator of this failure
> > > to assist debugging later failures that attempt to interact with it.
> > >
> > > Signed-off-by: Gregory Price <gourry@gourry.net>
> > > ---
> > >  drivers/firmware/efi/libstub/tpm.c | 4 +++-
> > >  1 file changed, 3 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libstub/tpm.c
> > > index df3182f2e63a..192914e04e0f 100644
> > > --- a/drivers/firmware/efi/libstub/tpm.c
> > > +++ b/drivers/firmware/efi/libstub/tpm.c
> > > @@ -185,8 +185,10 @@ void efi_retrieve_eventlog(void)
> > >                         get_efi_config_table(EFI_CC_FINAL_EVENTS_TABLE_GUID);
> > >         }
> > >
> > > -       if (status != EFI_SUCCESS || !log_location)
> > > +       if (status != EFI_SUCCESS || !log_location) {
> > > +               efi_err("TPM unable to provide Event Log\n");
> >
> > s/provide/retrieve/ and yes the print is going to be useful.  Do you
> > know if the EventLog is mandatory. Reading at the spec GetEventlog
> > only has 2 return values, which implies you can't return "Not
> > supported", but it's not explicitly stated anywhere
> >
>
> I believe it is mandatory from my reading of the spec - but the
> "Final Event Log" was only added in 2.0.  We report an error when
> 2.0 is reported but the final event log is not supported, so i figure
> we should probably report when the event log fails as well.

Yea I am fine with that, I was just wondering if we should do _err or
_warn. I am fine with the error

/Ilias
>
> > Thanks
> > /Ilias
> > >                 return;
> > > +       }
> > >
> > >         efi_retrieve_tcg2_eventlog(version, log_location, log_last_entry,
> > >                                    truncated, final_events_table);
> > > --
> > > 2.43.0
> > >
Gregory Price Sept. 13, 2024, 11:06 p.m. UTC | #4 
On Fri, Sep 13, 2024 at 04:10:08PM +0300, Ilias Apalodimas wrote:
> On Fri, 13 Sept 2024 at 15:58, Gregory Price <gourry@gourry.net> wrote:
> >
> > > > -       if (status != EFI_SUCCESS || !log_location)
> > > > +       if (status != EFI_SUCCESS || !log_location) {
> > > > +               efi_err("TPM unable to provide Event Log\n");
> > >
> > > s/provide/retrieve/ and yes the print is going to be useful.  Do you
> > > know if the EventLog is mandatory. Reading at the spec GetEventlog
> > > only has 2 return values, which implies you can't return "Not
> > > supported", but it's not explicitly stated anywhere
> > >
> >
> > I believe it is mandatory from my reading of the spec - but the
> > "Final Event Log" was only added in 2.0.  We report an error when
> > 2.0 is reported but the final event log is not supported, so i figure
> > we should probably report when the event log fails as well.
> 
> Yea I am fine with that, I was just wondering if we should do _err or
> _warn. I am fine with the error
> 
> /Ilias

Per Ard's notes on patch 6 i'm going to drop this.  These prints apparently
don't actually end up anywhere.

~Gregory
diff mbox series

Patch

diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libstub/tpm.c
index df3182f2e63a..192914e04e0f 100644
--- a/drivers/firmware/efi/libstub/tpm.c
+++ b/drivers/firmware/efi/libstub/tpm.c
@@ -185,8 +185,10 @@  void efi_retrieve_eventlog(void)
 			get_efi_config_table(EFI_CC_FINAL_EVENTS_TABLE_GUID);
 	}
 
-	if (status != EFI_SUCCESS || !log_location)
+	if (status != EFI_SUCCESS || !log_location) {
+		efi_err("TPM unable to provide Event Log\n");
 		return;
+	}
 
 	efi_retrieve_tcg2_eventlog(version, log_location, log_last_entry,
 				   truncated, final_events_table);