From patchwork Fri Sep 13 23:19:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gregory Price X-Patchwork-Id: 829039 Received: from mail-qt1-f178.google.com (mail-qt1-f178.google.com [209.85.160.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 316551714C6 for ; Fri, 13 Sep 2024 23:20:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.178 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726269645; cv=none; b=Y5tDqLaHs+B/KVxU/O1VO/l15SVpG4Gtx8rkETMH8tN33t/yhJuFfifwweM/PiJhGnUoDQyZG8dQC9+dRgbEYzD7BzVz8p/NL9WBAltpD2pLaR7lHP4UZRhWvfo/YGO4q3o5KLqJpRvrMov9cuLn5LhboXZQyrzduaIsvCAcZwA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726269645; c=relaxed/simple; bh=uC7TJ50a7SgbOtivAxR2KdbHsbIyQdSdr5oMF9F4ufo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=PWWRuxOYKu477rNsauaYr7xxk8zTbssD9BYeayB7v2pPYSya4uhAqekyNu+h8ZCaZMUC63Ikc4hWXK4Rla92MXWBo8u4cvMU/+BZo1SIHzYqpjVPh5RQodx+bNRBV8Qxq+DLeS2yU0XfhSZ+2+JS2kPXnsxonWcwkchz59OT9oE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net; spf=pass smtp.mailfrom=gourry.net; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b=GZvzxVyY; arc=none smtp.client-ip=209.85.160.178 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gourry.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b="GZvzxVyY" Received: by mail-qt1-f178.google.com with SMTP id d75a77b69052e-4581e0ed0f2so30928311cf.1 for ; Fri, 13 Sep 2024 16:20:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gourry.net; s=google; t=1726269642; x=1726874442; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=R1Rs9Vcw1DZn6LrVte9jSPxFRjikUDDX06xvoSnqYrw=; b=GZvzxVyYJXhxL5uhKbC4ps8nFJjYktP+SieYEpMXdAGofqEfy2y7pPRlXWnbu7lFbJ xZ7QRWQNe/RMeYES2A9XjgNUWmkjv7KiBFLp0qtXxEnfIcRNAV3jek5iSxIYLxdfK7YK hn40XYogjjCMch9KFraj/wJwYvwszGT9vFOSV8rZaGDrvo/1yzX3pdFJq7SwhntR5Xzh MmLGJshLfNi8vMfQcn+n3bL6wkI4i9WlHNrGyq59y843OPXdhXWlAMUr43L8spiwh6cI LI6ltVCT0uvBGXswcTU4KEcRUZPz5ZEN06iQeZXSgYoGrRPWmEAiXswsSKbBiG1Y2Hi/ F+SQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1726269642; x=1726874442; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=R1Rs9Vcw1DZn6LrVte9jSPxFRjikUDDX06xvoSnqYrw=; b=YrWJWyShhD7vjtnYR2w+u8seaAgJtJ515chgu39u5JAsWngHrRUMzC0lUWuLx4Zx0m zhBtyX9YLFVG92cZvLWFZUU8VR4IB1O3fbTbYEeI30+mnmoAF63v3ot80aFTZJlfo3k2 P/VUip1ABr5nFhdnDJ34W9vTPdK2CJcnp0SABBjjuLF0PMD5U6/4cU8eLmZfFu0vWb01 32x3CyBIlU+pMrd+4L35jk1rXbiFi+d0l5Ye7IcIgEuUtNbGUKr8XTRI/TalKyfdEFE3 prUVdnykft7b7UpA7ThVJsSUB8paBR67N8se7AHnyXar51ThE+V1kaANWNmZd2AgADLK dRmA== X-Gm-Message-State: AOJu0YwCBrLT0vckvX+yFBgpbkt0tzX2KfBG13jaUDOB/2N7oziSXvcP LMc49DubXPLzzdW3P2zYyiutm8DA/5rcSZ5WApPVJ15Pr3yCFv994k7Q5sYHWf0DxiszGDV8liT Z X-Google-Smtp-Source: AGHT+IFp0i6BEsm6qcRfgkhhKwCvAWwpyUz8Me8bMXheogGSHuS5iPPX0ul01QpecBqdsilzODu7fQ== X-Received: by 2002:a05:622a:418c:b0:44f:f271:af63 with SMTP id d75a77b69052e-4583c7adbcamr268220821cf.21.1726269642488; Fri, 13 Sep 2024 16:20:42 -0700 (PDT) Received: from PC2K9PVX.TheFacebook.com (pool-173-79-56-208.washdc.fios.verizon.net. [173.79.56.208]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-459aac7fb7bsm1245801cf.21.2024.09.13.16.20.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Sep 2024 16:20:42 -0700 (PDT) From: Gregory Price To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, ardb@kernel.org, leitao@debian.org, usamaarif642@gmail.com, sathyanarayanan.kuppuswamy@linux.intel.com, ilias.apalodimas@linaro.org Subject: [PATCH v2 1/4] tpm: fix signed/unsigned bug when checking event logs Date: Fri, 13 Sep 2024 19:19:51 -0400 Message-ID: <20240913231954.20081-2-gourry@gourry.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240913231954.20081-1-gourry@gourry.net> References: <20240913231954.20081-1-gourry@gourry.net> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 A prior bugfix that fixes a signed/unsigned error causes another signed unsigned error. A situation where log_tbl->size is invalid can cause the size passed to memblock_reserve to become negative. log_size from the main event log is an unsigned int, and the code reduces to the following u64 value = (int)unsigned_value; This results in sign extension, and the value sent to memblock_reserve becomes effectively negative. Fixes: be59d57f9806 ("efi/tpm: Fix sanity check of unsigned tbl_size being less than zero") Signed-off-by: Gregory Price --- drivers/firmware/efi/tpm.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/drivers/firmware/efi/tpm.c b/drivers/firmware/efi/tpm.c index e8d69bd548f3..9c3613e6af15 100644 --- a/drivers/firmware/efi/tpm.c +++ b/drivers/firmware/efi/tpm.c @@ -40,7 +40,8 @@ int __init efi_tpm_eventlog_init(void) { struct linux_efi_tpm_eventlog *log_tbl; struct efi_tcg2_final_events_table *final_tbl; - int tbl_size; + unsigned int tbl_size; + int final_tbl_size; int ret = 0; if (efi.tpm_log == EFI_INVALID_TABLE_ADDR) { @@ -80,26 +81,26 @@ int __init efi_tpm_eventlog_init(void) goto out; } - tbl_size = 0; + final_tbl_size = 0; if (final_tbl->nr_events != 0) { void *events = (void *)efi.tpm_final_log + sizeof(final_tbl->version) + sizeof(final_tbl->nr_events); - tbl_size = tpm2_calc_event_log_size(events, - final_tbl->nr_events, - log_tbl->log); + final_tbl_size = tpm2_calc_event_log_size(events, + final_tbl->nr_events, + log_tbl->log); } - if (tbl_size < 0) { + if (final_tbl_size < 0) { pr_err(FW_BUG "Failed to parse event in TPM Final Events Log\n"); ret = -EINVAL; goto out_calc; } memblock_reserve(efi.tpm_final_log, - tbl_size + sizeof(*final_tbl)); - efi_tpm_final_log_size = tbl_size; + final_tbl_size + sizeof(*final_tbl)); + efi_tpm_final_log_size = final_tbl_size; out_calc: early_memunmap(final_tbl, sizeof(*final_tbl)); From patchwork Fri Sep 13 23:19:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gregory Price X-Patchwork-Id: 828331 Received: from mail-qt1-f177.google.com (mail-qt1-f177.google.com [209.85.160.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6492E185B47 for ; Fri, 13 Sep 2024 23:20:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.177 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726269646; cv=none; b=heueWkPacB+x78xCBA6wYQAUuvS58qtenyiQNw2NME1u+WcITbQ6QJHgnBWTib24iv+boazImVCxjgmBDQx424/KVs6bx3y/ZoU8bRCjywj3PiBK5AnqZZNQoIrkrcAVJYQ8XJR/YcOI7Ghmgn7WywPJH+ePBUTunk97L5UN9jk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726269646; c=relaxed/simple; bh=wpENg5K7Akr//dxuFB0ettmRrYVh6xPRVyKwVZ5+LdA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=uLWM6b4KH0HV5qQMqZE0d+VATq8wdz0s3z8miWqnadqNkK5qIxC1ZGGcXwh4US/lzGzl1EzwwD64JRNh7NRV/TJO7feH+lf1HBw9oQn9HkA/4Tafxb2wZglom5xw7uAYEEBdtZdIq7t95KHyZGAWXmu07eFqQ3lW/mxnjHxgRT0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net; spf=pass smtp.mailfrom=gourry.net; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b=orcj1T0v; arc=none smtp.client-ip=209.85.160.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gourry.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b="orcj1T0v" Received: by mail-qt1-f177.google.com with SMTP id d75a77b69052e-458362e898aso22328581cf.0 for ; Fri, 13 Sep 2024 16:20:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gourry.net; s=google; t=1726269644; x=1726874444; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=mK/BpjWFhfY+uS5/8x0nkKgbHvfXWYi9NIxTZR2LU/o=; b=orcj1T0vmMbUesoQIcl2Od9wP3R3KjRLueA0eSxs9CO4ysG8kYwDMQ68XUc5rv9uKq HoAFaJGoYH1ZxhVJ7dJ3heo4doLDIwn+Cjklxemasaa+rEH/ReO5+llq8EOX66yDYMiE Rx6VUtnqGvn84MJBRhXxelBdgaFOJ5kRFfiYuALPQDzVNIRCBJ2XeJ+unn2NzSb+9jRW ndbEO/A0pFYVyVUUVvDcCCkTjiYKxjLMVolX5N397NgakHQB1PlkDHxoQPaZd6tevix1 hO6+gH79RNPpB/rJqS8du0WQFDufJgWapzqJehPVEkeY2j18KcUWP9mw12NgRZ7sbT1h UfYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1726269644; x=1726874444; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=mK/BpjWFhfY+uS5/8x0nkKgbHvfXWYi9NIxTZR2LU/o=; b=GfFL9T1U116SQ8XNAuh9EE4ojJadqIdwMDGQOS2xziiPg0PKjlOZbEj8pUMdqJbURT MKQ0eNnDirlcEh2ofiJ0SF+GI9AKeERE5rj6M7DpgqJpaQxiTIeqeFiwAhv8EnVVsiNJ OZ8gqkNafqzx+W9+2mTOkVK7VYpYVumA2sFDWuK3qBwmwtU3T5iYg19uVCuIrYDUjoC3 LXqoLiNYXuUlPEVLTMMlgWZJciRHkbi0ybuMqIpSnixzFislmUyyGm0O8OdxmpPDg3m6 e/e8Z7HFNXSlLvcGOHk/8Sfzxq8ZY3P1Gbv1LKK3OPw7bkyJ1WUzhnF393mGoCu/6fr3 FhpQ== X-Gm-Message-State: AOJu0YyOCyM/klmJ8M6R4xt1kTvCfKsDZBgsyNUliZCPymfQi1W8jnOq cnndkDtM2Ny0NFVZCaPxFGBEJSW6a0jxkl5kIQtyYjJ4jAxMj3fYROMu6jjJGbVquOIlYjpqol4 + X-Google-Smtp-Source: AGHT+IHU5jGSje/03tzXLhSjKsNALxLWzuMQn7LkdG77pbKLrDkPmNHZPN14O+1c5KiHQTAmeDwWnQ== X-Received: by 2002:ac8:5fc2:0:b0:456:802c:a67f with SMTP id d75a77b69052e-458602a9264mr127611441cf.3.1726269643753; Fri, 13 Sep 2024 16:20:43 -0700 (PDT) Received: from PC2K9PVX.TheFacebook.com (pool-173-79-56-208.washdc.fios.verizon.net. [173.79.56.208]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-459aac7fb7bsm1245801cf.21.2024.09.13.16.20.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Sep 2024 16:20:43 -0700 (PDT) From: Gregory Price To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, ardb@kernel.org, leitao@debian.org, usamaarif642@gmail.com, sathyanarayanan.kuppuswamy@linux.intel.com, ilias.apalodimas@linaro.org Subject: [PATCH v2 2/4] tpm: do not ignore memblock_reserve return value Date: Fri, 13 Sep 2024 19:19:52 -0400 Message-ID: <20240913231954.20081-3-gourry@gourry.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240913231954.20081-1-gourry@gourry.net> References: <20240913231954.20081-1-gourry@gourry.net> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 tpm code currently ignores a relevant failure case silently. Add an error to make this failure non-silent. Signed-off-by: Gregory Price --- drivers/firmware/efi/tpm.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/drivers/firmware/efi/tpm.c b/drivers/firmware/efi/tpm.c index 9c3613e6af15..b0cc2cc11d7e 100644 --- a/drivers/firmware/efi/tpm.c +++ b/drivers/firmware/efi/tpm.c @@ -61,7 +61,12 @@ int __init efi_tpm_eventlog_init(void) } tbl_size = sizeof(*log_tbl) + log_tbl->size; - memblock_reserve(efi.tpm_log, tbl_size); + if (memblock_reserve(efi.tpm_log, tbl_size)) { + pr_err("TPM Event Log memblock reserve fails (0x%lx, 0x%x)\n", + efi.tpm_log, tbl_size); + ret = -ENOMEM; + goto out; + } if (efi.tpm_final_log == EFI_INVALID_TABLE_ADDR) { pr_info("TPM Final Events table not present\n"); From patchwork Fri Sep 13 23:19:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gregory Price X-Patchwork-Id: 829038 Received: from mail-qt1-f179.google.com (mail-qt1-f179.google.com [209.85.160.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BD2E917BECD for ; Fri, 13 Sep 2024 23:20:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.179 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726269648; cv=none; b=OeJzFHz2xrFFDo5NS2n9KXCZh46yiSwebCUFZ8mnskxu9y/eISF0mxs89W55AqyIPGaDOplta91qQTIk+/00klPCtluzelZiQUQzS0Q1yTGp+AkdSzP118NveSX3/MbJkGRbkYvzqAMtJcnsdY7wOfblKMKY25eVd423HaqmPzY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726269648; c=relaxed/simple; bh=67vrryU9UsTS+odD3Hr++7bs/r/n/mJM7bxXmT5GFXI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Yfil/HKA70NWKQF6N84lDxG7VPSZdzotgwwF4s5topE1TrvWmDX56gQ7GQ8jPTizSyaoy56Hym7DlttYMemwAlslfPLt/kCcFPGA5nTpmxmH469k0LB+KKMTD1riGFYNtN4uyAVOyzE2ETPocQPFvevzM+q1xvAnHqGXdvMAlWc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net; spf=pass smtp.mailfrom=gourry.net; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b=ppu8EzRu; arc=none smtp.client-ip=209.85.160.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gourry.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b="ppu8EzRu" Received: by mail-qt1-f179.google.com with SMTP id d75a77b69052e-45821ebb4e6so21401861cf.2 for ; Fri, 13 Sep 2024 16:20:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gourry.net; s=google; t=1726269645; x=1726874445; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5qmyPO2gV2TdLvoy/ahfQtBr82+inMJIdQs23EMKWKs=; b=ppu8EzRuBCtot/9pVwqKfojTcHOa6UFnKCl25Klu0ZXuHLPcDnDDqZdirctt1HdGv9 zmoIXrzZlzmuv+hZ8NvAt0MlXVWKVk2nYUU9BcOZUyxv79bii28Ep43XUQ6RPTG6pyZX d2IiHRpx0+NWiqgB8OBwGDeY5k8slc2o3J+aPFScCQVkk29RdQbuATnhX5+O7wlHvdko Zd8MvixTD32fFaVU8EwAgprUZLg3UIe3Au8HEApq4MM08Vtt4UC57k79eeTLS5qQP5YU LqtzoG0NGxPsmrhT9JzNEk4jsQnZ8Yz3GqZdYy82g//g2QlYVJizyn9levz+l430MXkM aIvA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1726269645; x=1726874445; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5qmyPO2gV2TdLvoy/ahfQtBr82+inMJIdQs23EMKWKs=; b=iRbVBtaR5S0Yv4M/UXSM3Dzes+tjlgAT18f8+pMmiqlntthNUHE60aHGQMMXb1VioI GLg+prlXJzLJnRcSbAxEqMF4bTx87X77FmiD0Xm00T3A7gxpeNqFEGd+BevJrj2cAQyf 7ZAW6feU0/OKn0oIx7bDzFXsumv8OAhF38/t+i4W/eJE/KcM/SvzM5Q6wua5wu3/CL1e R2tS9WjpvDQ7Fl88vwIom32L12HCZFoNbSzP+pO68n91CRH2mbCpQ4znMpAfa3vFxMCY nU9UzDRjUG8+cmWbayqsRhbAotF8DEJBitYWaF0YsZmK3LPR5JEXbPFJRmTnj6/bkqpc W7jw== X-Gm-Message-State: AOJu0YyjIu87R7jETF4ebJIGwlj+8tbPfXIDOuoSDr4YUr9gPsSe2sYA dJ7vweTD+zXnnGnzawmQEzYxcQyl868VH07VYycIFqPypjJEka8jp6tTdBwl6tZtYUFz2s9/O0/ S X-Google-Smtp-Source: AGHT+IEv2T5u2KP3uo5VZTlultKi7QNfE9nP2N/YxwrZuzhrSep3tbOlZyBFH3cqwRpFuYqPrBzOSg== X-Received: by 2002:a05:622a:1892:b0:458:4c0d:bbd0 with SMTP id d75a77b69052e-4586032a0bamr103252871cf.30.1726269645075; Fri, 13 Sep 2024 16:20:45 -0700 (PDT) Received: from PC2K9PVX.TheFacebook.com (pool-173-79-56-208.washdc.fios.verizon.net. [173.79.56.208]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-459aac7fb7bsm1245801cf.21.2024.09.13.16.20.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Sep 2024 16:20:44 -0700 (PDT) From: Gregory Price To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, ardb@kernel.org, leitao@debian.org, usamaarif642@gmail.com, sathyanarayanan.kuppuswamy@linux.intel.com, ilias.apalodimas@linaro.org Subject: [PATCH v2 3/4] tpm: fix unsigned/signed mismatch errors related to __calc_tpm2_event_size Date: Fri, 13 Sep 2024 19:19:53 -0400 Message-ID: <20240913231954.20081-4-gourry@gourry.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240913231954.20081-1-gourry@gourry.net> References: <20240913231954.20081-1-gourry@gourry.net> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 __calc_tpm2_event_size returns 0 or a positive length, but return values are often interpreted as ints. Convert everything over to u32 to avoid signed/unsigned logic errors. Signed-off-by: Gregory Price --- drivers/firmware/efi/libstub/tpm.c | 6 +++--- drivers/firmware/efi/tpm.c | 2 +- include/linux/tpm_eventlog.h | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libstub/tpm.c index df3182f2e63a..f194e43f00ad 100644 --- a/drivers/firmware/efi/libstub/tpm.c +++ b/drivers/firmware/efi/libstub/tpm.c @@ -57,7 +57,7 @@ static void efi_retrieve_tcg2_eventlog(int version, efi_physical_addr_t log_loca struct linux_efi_tpm_eventlog *log_tbl = NULL; unsigned long first_entry_addr, last_entry_addr; size_t log_size, last_entry_size; - int final_events_size = 0; + u32 final_events_size = 0; first_entry_addr = (unsigned long) log_location; @@ -110,9 +110,9 @@ static void efi_retrieve_tcg2_eventlog(int version, efi_physical_addr_t log_loca */ if (final_events_table && final_events_table->nr_events) { struct tcg_pcr_event2_head *header; - int offset; + u32 offset; void *data; - int event_size; + u32 event_size; int i = final_events_table->nr_events; data = (void *)final_events_table; diff --git a/drivers/firmware/efi/tpm.c b/drivers/firmware/efi/tpm.c index b0cc2cc11d7e..cdd431027065 100644 --- a/drivers/firmware/efi/tpm.c +++ b/drivers/firmware/efi/tpm.c @@ -19,7 +19,7 @@ EXPORT_SYMBOL(efi_tpm_final_log_size); static int __init tpm2_calc_event_log_size(void *data, int count, void *size_info) { struct tcg_pcr_event2_head *header; - int event_size, size = 0; + u32 event_size, size = 0; while (count > 0) { header = data + size; diff --git a/include/linux/tpm_eventlog.h b/include/linux/tpm_eventlog.h index 7d68a5cc5881..891368e82558 100644 --- a/include/linux/tpm_eventlog.h +++ b/include/linux/tpm_eventlog.h @@ -157,7 +157,7 @@ struct tcg_algorithm_info { * Return: size of the event on success, 0 on failure */ -static __always_inline int __calc_tpm2_event_size(struct tcg_pcr_event2_head *event, +static __always_inline u32 __calc_tpm2_event_size(struct tcg_pcr_event2_head *event, struct tcg_pcr_event *event_header, bool do_mapping) { From patchwork Fri Sep 13 23:19:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gregory Price X-Patchwork-Id: 828330 Received: from mail-qt1-f182.google.com (mail-qt1-f182.google.com [209.85.160.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BAC0B189B93 for ; Fri, 13 Sep 2024 23:20:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726269649; cv=none; b=pw7ZtkKN6N7mIWwy8Uvume0nfasQ6BH8O5TnY2WOkzCR2MB05BXe0oobIt7OhKydH8vgfPzd753s8GDv5XAKhwHPcx7Z5nVG7z4ZeBAp3pRs3zJKFbcnr106+LqpyYC4myftEMswDb0p6Qy2q6POs306muZd2g/Ll/O9J2WTgyw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726269649; c=relaxed/simple; bh=Crzg9hmq5LPADdASQA4zRbh7dPjZ1xqI+Kmgq3o6Oc0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=DRr1GHkDvED1Sloq0XaEtXp3whnnMKZX/wtfxZHtlKirELOm1ZO1Gaxh9O1pTIO9lnvOQQN3c8OsnpoF7nsSm4wHKJmZrh0d1XHHZJPy8e16k1zgh/LNBEHNzPW7SQsnxmQJn4jb1Fn1iM1S+PosEDdigTPsXHEtKpSnux3Uicg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net; spf=pass smtp.mailfrom=gourry.net; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b=n8sNxF0e; arc=none smtp.client-ip=209.85.160.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gourry.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gourry.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gourry.net header.i=@gourry.net header.b="n8sNxF0e" Received: by mail-qt1-f182.google.com with SMTP id d75a77b69052e-457ce5fda1aso21503941cf.1 for ; Fri, 13 Sep 2024 16:20:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gourry.net; s=google; t=1726269646; x=1726874446; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=VKowLLj1rEpuegkSJn+z8DbnyDQaIfPDvu9JHxdaX6I=; b=n8sNxF0eb8GprolGb4AdpdjfLnIqtI0ZYFhCotbgTKlhclcQlrkXmDhtIvNuzFkfAc i/dxGjS1hvgarNCOshEwqo7iImi238GXeUJn2/jZMOXY+lGdn17JTUBZc6pY7W4xiEmC bcF1PC02kxBkqGHGlYdUJMYz2U+Fk29QMfpKUWzN4OcaWoin/2lkZMSYBxAdLdXGLdwB TtO7McmO+lS1T2NH4rPbG+eg+xoDXvc5XmvKXKtfSGNEcVD3QuUU9P9N6k3QrTnC/q4y thxRds+TPwvUrxggef9bF+ja6qyDmY4HCXiKh8J0FPVse5baPgimOV4Q7VIrmr/k4qRV xMxw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1726269646; x=1726874446; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VKowLLj1rEpuegkSJn+z8DbnyDQaIfPDvu9JHxdaX6I=; b=wq3UVPC0CLl8kD5Y7mOP4VE8yx9MUKCh6JSpcnQbAb6bHDAQQOthLR3kVPm96vekJQ YVbKpW1IxMxYI2KsGtb14AnSTPm0sHusBXf7FKaQvkhRPCeaIQRAjCwFa44DBKCsaZqn tZyP89jB+AQ+mhdA6mEjVsb7wT7riVkk1tpDqvK2yK2fO9vPvL4scevUh2rVf3r7H+aT FFVN0He8IhWOPKLrzi5St9S4A5E1Qcq8sjOHFDJNCeTSipWksvfod6aMEq2jhlXTnh6B lVI1ehxZPV3/Eu9fm1VI8avpH8KUphR0NSipIKn+vSuhN+ikBEZz+nFh5s8dcPrnxyWh 1PHA== X-Gm-Message-State: AOJu0YxQRq0CPfe69wGLq0AxJWLg4oN/6NGJBZEzelqRZNj569zyeLqf Eiv9Bpczc7SCR6YRx1rRV7p/wvDgb3VrfFCLRXhggPY10702v214gDNM/6tUkW57+XSxTIDhGDw C X-Google-Smtp-Source: AGHT+IF5NIHVlHuaEE4y3ptAaRlLmvMbZI36tTwSTYRpK7t/TOQFWvaJeuPFPNFrOnexOkgerUG54A== X-Received: by 2002:a05:622a:28e:b0:458:3766:964c with SMTP id d75a77b69052e-4586032d392mr123607251cf.30.1726269646221; Fri, 13 Sep 2024 16:20:46 -0700 (PDT) Received: from PC2K9PVX.TheFacebook.com (pool-173-79-56-208.washdc.fios.verizon.net. [173.79.56.208]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-459aac7fb7bsm1245801cf.21.2024.09.13.16.20.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Sep 2024 16:20:45 -0700 (PDT) From: Gregory Price To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, ardb@kernel.org, leitao@debian.org, usamaarif642@gmail.com, sathyanarayanan.kuppuswamy@linux.intel.com, ilias.apalodimas@linaro.org Subject: [PATCH v2 4/4] libstub,tpm: do not ignore failure case when reading final event log Date: Fri, 13 Sep 2024 19:19:54 -0400 Message-ID: <20240913231954.20081-5-gourry@gourry.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240913231954.20081-1-gourry@gourry.net> References: <20240913231954.20081-1-gourry@gourry.net> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Current code fails to check for an error case when reading events from final event log to calculate offsets. Check the error case, and break early because all subsequent calls will also fail. Signed-off-by: Gregory Price --- drivers/firmware/efi/libstub/tpm.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libstub/tpm.c index f194e43f00ad..8e04aaf428d0 100644 --- a/drivers/firmware/efi/libstub/tpm.c +++ b/drivers/firmware/efi/libstub/tpm.c @@ -124,6 +124,9 @@ static void efi_retrieve_tcg2_eventlog(int version, efi_physical_addr_t log_loca event_size = __calc_tpm2_event_size(header, (void *)(long)log_location, false); + /* If calc fails this is a malformed log */ + if (!event_size) + break; final_events_size += event_size; i--; }