From patchwork Tue May 30 06:39:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilias Apalodimas X-Patchwork-Id: 686864 Delivered-To: patch@linaro.org Received: by 2002:a5d:4d8a:0:0:0:0:0 with SMTP id b10csp575312wru; Mon, 29 May 2023 23:39:54 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6bphynTpPajtMPt/Ew1uHO6htTP/nDfe/BG6QsMukHgGaPHUePGw+X8A1gyTt/OtjtWu8b X-Received: by 2002:a05:6a00:1346:b0:63b:7fc0:a4af with SMTP id k6-20020a056a00134600b0063b7fc0a4afmr1556956pfu.26.1685428793951; Mon, 29 May 2023 23:39:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685428793; cv=none; d=google.com; s=arc-20160816; b=mR6PJfUP5e2QJbYw0y5jZL/OYtgKYXZmYEh7gFowOj+9kE++0w/EP9Uqwu73vajXH/ Scao3jfpnrwodZRFreNfXmcCaU007DN7uQINo30q4q37GSomfidgd85331bZlktB0nHo bIPsHJRL6DHgxHw5UvfDlda9dtUjPTFzSxU4vJ/2T+2oPmaHE+k5hRPE+VGFUzVXyBio ru+auppmeaiELDhELbIT6RlyzvK/4OFfmuI2YuOppyV3NsyJO1A7SEV0vSxNde65NtoB CHpFBOGMmX4p4NZVVxBKTLU7xm7u1JjgxV+Qr7kukm7PAeYEEyCJJegRqva7OMRVJXPY CZjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature; bh=Xz3yqUyBuR6eMiqmeEXenp9Dj79JX6yqMiSVJnSFYuY=; b=P1uuFMSl9ykx7/xQU6VoqHzWN6GoIKe3WzCREuxb7JmbSNXsxOF/PWJS9zUyHAwQSP dmiNxiyF3wcPhJ/cb1T/zpWxwFycpiP0mrupkqLHciOF9Ek2OdcCBUDVlCgDKjTzT8k3 5HaQNS5z4lhAlz74hBe0Uj0re7G9BXq3t0x1LfobJSW+GL5lWsgWFp9X2csUAXQALYXm Ylzk5SeGr6oQVwr7BNceo3DEKqeldUfgsdE9oX/DUqo+xcsAD2Tcle29+SxTa3OYn5wp xa1+b2IuC9HPzSPgCsOspyka6VzgDnU2mSfjofsrwxooQIl4a6nbQe3snCposEPZcMMC jLhA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=px29vPzG; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id y27-20020aa78f3b000000b0064ca7ac8938si1221029pfr.166.2023.05.29.23.39.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 May 2023 23:39:53 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=px29vPzG; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id D5A6884699; Tue, 30 May 2023 08:39:46 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="px29vPzG"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id F16578471B; Tue, 30 May 2023 08:39:44 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [IPv6:2a00:1450:4864:20::62f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id E1A9A84592 for ; Tue, 30 May 2023 08:39:41 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org Received: by mail-ej1-x62f.google.com with SMTP id a640c23a62f3a-973f8dbcc02so382278366b.3 for ; Mon, 29 May 2023 23:39:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685428781; x=1688020781; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=Xz3yqUyBuR6eMiqmeEXenp9Dj79JX6yqMiSVJnSFYuY=; b=px29vPzG8y7X+7LsZH4Doqt/uRu5XHri9N31B9ougaZR+S6B1NibKoq1pHi9BOsnE6 UA29q3JRF/jEwYt51jRm4SgCrQdep4Kl0HljqBTJBAn8fis+RJP186RlBJ1l78imIsaS 24EDLae14CcoaVlEyeo9N6NTkYiWfeirIcIPC8kPgXQzRkJpI91ZDCfn5BkjOVMf2DjM vFr961bxCFMyBgV7xWxYmIRC29nya0LM79dhjvDhLLT72XxoOk2zyDyoHT+yfFOaMEnZ b+XW4UyPoIQ0NY5cWQuaJrsknn2ryt37sHS6+Vt43YfQ+YZfM2tn8JyxlLZGJShzzjXy QGTQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685428781; x=1688020781; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Xz3yqUyBuR6eMiqmeEXenp9Dj79JX6yqMiSVJnSFYuY=; b=HvoFRxNgCG69Daus4vkynAOMTRauOKwn/DTe69WjquLXKy5OIw1qr4m6AuIgweXsfO R/vc6AQCqtD4zDZHFPNw81+RrqrApWdYQfWL/M60uZkZXxoPWbQuN/r7IQgpsq/zTCaM AjIavOa2FQvtI59XOwb0kItTlGRooZ0HN7j75xhXZbrLZt08C+RhShVYQn9wC6oqxnFU GA/G8bRvpKrOyRLOGqu50vpBuHUJvyoxI+XNXqfU4RjOMws2IwQsvuky6c+UO+SW6MKp S50YG2Xv34VYvksAB5v0huJ5MXpEVmmnt96/4ueCAbpFDKJqgfBnmajhaRkwsDou6giA Mx7w== X-Gm-Message-State: AC+VfDzdrFlKSUXyBa+PAYkDZXHUU7x9l2nP8tVAxlTxwshvvBRdnUms S01lwMSRcc+AljAziRLoXRq74FSWB8i7eqyJW4s= X-Received: by 2002:a17:907:1ca5:b0:973:8198:bbf7 with SMTP id nb37-20020a1709071ca500b009738198bbf7mr1543410ejc.11.1685428781424; Mon, 29 May 2023 23:39:41 -0700 (PDT) Received: from localhost.localdomain (ppp089210114029.access.hol.gr. [89.210.114.29]) by smtp.gmail.com with ESMTPSA id ja20-20020a170907989400b0096f89c8a2f7sm6934276ejc.90.2023.05.29.23.39.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 May 2023 23:39:41 -0700 (PDT) From: Ilias Apalodimas To: u-boot@lists.denx.de, Stuart.Yoder@arm.com, Vincent.Stehle@arm.com Cc: Ilias Apalodimas , Heinrich Schuchardt Subject: [PATCH] efi_loader: explicitly return EFI_UNSUPPORTED for TCG 1.0 compatibility Date: Tue, 30 May 2023 09:39:32 +0300 Message-Id: <20230530063932.310959-1-ilias.apalodimas@linaro.org> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean In the EFI TCG spec EFI_TCG2_BOOT_SERVICE_CAPABILITY struct is versioned -- there are 1.0 and 1.1 versions of that struct. The spec [0] describes: "Version of the EFI_TCG2_BOOT_SERVICE_CAPABILITY structure itself. For this version of the protocol, the Major version SHALL be set to 1 and the Minor version SHALL be set to 1." which is what we currently support. The SCT tests perfromed By Arms SIE(Security interface extensions) [1] perform a check for clients supporting the older 1.0 version of the spec (Test 30.1.1.4). Given than this spec is 7 years old, there should be no need for the older 1.0 version support. Instead of returning EFI_BUFFER_TOO_SMALLL switch to EFI_UNSUPPORTED which is more appropriate. It's worth noting that the spec doesn't explicitly describe the return value at the moment. [0] https://trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf [1] https://github.com/stuyod01/edk2-test/blob/master/uefi-sct/Doc/UEFI-SCT-Case-Spec/30_Protocols_TCG2_Test.md Signed-off-by: Ilias Apalodimas --- Heinrich, Stuart is investigating the chance of the spec getting updated adding EFI_UNSUPPORTED. In any case I think the patch should be aplied since the new return code makes more sense. If for some reason the spec change is rejected, I can go back and add support for 1.0 structure versions. lib/efi_loader/efi_tcg2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.39.2 diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c index a83ae7a46cf3..220c442bdf93 100644 --- a/lib/efi_loader/efi_tcg2.c +++ b/lib/efi_loader/efi_tcg2.c @@ -750,7 +750,7 @@ efi_tcg2_get_capability(struct efi_tcg2_protocol *this, if (capability->size < sizeof(*capability)) { capability->size = sizeof(*capability); - efi_ret = EFI_BUFFER_TOO_SMALL; + efi_ret = EFI_UNSUPPORTED; goto out; }