diff mbox series

efi_loader: fix BootOrder variable measurement handling

Message ID 20211109094454.32570-1-masahisa.kojima@linaro.org
State Accepted
Commit c9c1cdbda3deea265838cf6c6bd6a1eb1569e15c
Headers show
Series efi_loader: fix BootOrder variable measurement handling | expand

Commit Message

Masahisa Kojima Nov. 9, 2021, 9:44 a.m. UTC 
UEFI specification does not require that BootOrder is defined.
In current implementation, boot variable measurement fails and
returns EFI_NOT_FOUND if BootOrder is not defined.

This commit correcly handles this case, skip the boot variable
measurement if BootOrder is not defined.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
---
 lib/efi_loader/efi_tcg2.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Comments

Ilias Apalodimas Nov. 9, 2021, 9:44 a.m. UTC | #1 
On Tue, 9 Nov 2021 at 11:42, Masahisa Kojima <masahisa.kojima@linaro.org>
wrote:

> UEFI specification does not require that BootOrder is defined.
> In current implementation, boot variable measurement fails and
> returns EFI_NOT_FOUND if BootOrder is not defined.
>
> This commit correcly handles this case, skip the boot variable
> measurement if BootOrder is not defined.
>
> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
> ---
>  lib/efi_loader/efi_tcg2.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
> index 586f73af6d..189e4a5ba5 100644
> --- a/lib/efi_loader/efi_tcg2.c
> +++ b/lib/efi_loader/efi_tcg2.c
> @@ -1452,8 +1452,8 @@ static efi_status_t
> tcg2_measure_boot_variable(struct udevice *dev)
>         boot_order = efi_get_var(var_name, &efi_global_variable_guid,
>                                  &var_data_size);
>         if (!boot_order) {
> -               ret = EFI_NOT_FOUND;
> -               goto error;
> +               /* If "BootOrder" is not defined, skip the boot variable
> measurement */
> +               return EFI_SUCCESS;
>         }
>
>         ret = tcg2_measure_variable(dev, 1, EV_EFI_VARIABLE_BOOT2,
> var_name,
> --
> 2.17.1
>
> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Heinrich Schuchardt Nov. 9, 2021, 11 a.m. UTC | #2 
On 11/9/21 10:44, Masahisa Kojima wrote:
> UEFI specification does not require that BootOrder is defined.
> In current implementation, boot variable measurement fails and
> returns EFI_NOT_FOUND if BootOrder is not defined.
> 
> This commit correcly handles this case, skip the boot variable
> measurement if BootOrder is not defined.
> 
> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>

=> tpm2 init && tpm2 startup TPM2_SU_CLEAR
=> efidebug boot order 1000
Found 0 disks
Missing RNG device for EFI_RNG_PROTOCOL
No EFI system partition
No EFI system partition
Failed to persist EFI variables
=> efidebug boot order
  1: Boot1000: (not defined)
=> bootefi hello
Booting /MemoryMapped(0x0,0x7ff9b1f0,0x11e0)
Boot1000 not found
Hello, world!
Running on UEFI 2.8
Have SMBIOS table
Have device tree
Load options: <none>
Boot device: /MemoryMapped(0x0,0x7ff9b1f0,0x11e0)
File path: <none>
=>

The message "Boot1000 not found" is created in
lib/efi_loader/efi_tcg2.c(1475) tcg2_measure_boot_variable().
That message should be log_debug(). But that can be done in a separate 
patch.

Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
diff mbox series

Patch

diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 586f73af6d..189e4a5ba5 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -1452,8 +1452,8 @@  static efi_status_t tcg2_measure_boot_variable(struct udevice *dev)
 	boot_order = efi_get_var(var_name, &efi_global_variable_guid,
 				 &var_data_size);
 	if (!boot_order) {
-		ret = EFI_NOT_FOUND;
-		goto error;
+		/* If "BootOrder" is not defined, skip the boot variable measurement */
+		return EFI_SUCCESS;
 	}
 
 	ret = tcg2_measure_variable(dev, 1, EV_EFI_VARIABLE_BOOT2, var_name,