[PATCH 1/5] efi_loader: increase eventlog buffer size

Ilias Apalodimas ilias.apalodimas at linaro.org
Mon Jul 12 11:27:46 CEST 2021


On Mon, 12 Jul 2021 at 11:40, Masahisa Kojima
<masahisa.kojima at linaro.org> wrote:
>
> Hi Simon,
>
> On Sun, 11 Jul 2021 at 09:01, Simon Glass <sjg at chromium.org> wrote:
> >
> > Hi Masahisa,
> >
> > On Wed, 7 Jul 2021 at 20:21, Masahisa Kojima <masahisa.kojima at linaro.org> wrote:
> > >
> > > On Wed, 7 Jul 2021 at 22:47, Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:
> > > >
> > > >
> > > >
> > > > On 7/7/21 3:36 PM, Masahisa Kojima wrote:
> > > > > This is a preperation to add eventlog support
> > > > > described in TCG PC Client PFP spec.
> > > > >
> > > > > Signed-off-by: Masahisa Kojima <masahisa.kojima at linaro.org>
> > > > > ---
> > > > >   lib/efi_loader/Kconfig | 2 +-
> > > > >   1 file changed, 1 insertion(+), 1 deletion(-)
> > > > >
> > > > > diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
> > > > > index b2ab48a048..a87bf3cc98 100644
> > > > > --- a/lib/efi_loader/Kconfig
> > > > > +++ b/lib/efi_loader/Kconfig
> > > > > @@ -327,7 +327,7 @@ config EFI_TCG2_PROTOCOL
> > > > >   config EFI_TCG2_PROTOCOL_EVENTLOG_SIZE
> > > > >       int "EFI_TCG2_PROTOCOL EventLog size"
> > > > >       depends on EFI_TCG2_PROTOCOL
> > > > > -     default 4096
> > > > > +     default 16384
> > > >
> > > > I found this text in EDK II:
> > > >
> > > > Minimum length(in bytes) of the system preboot TCG event log area(LAML)
> > > > -----------------------------------------------------------------------
> > > >
> > > > For PC Client Implementation spec up to and including 1.2 the minimum
> > > > log size is 64KB. (SecurityPkg/SecurityPkg.dec)
> > >
> > > Thank you for your feedback.
> > > I have not checked this.
> > > TCG spec also says "The Log Area Minimum Length for the TCG event log
> > > MUST be at least 64KB." in ACPI chapter.
> > > I will update to set 64KB as default.
> > >
> >
> > Is this the same as the BLOBLISTT_TPM2_TCG_LOG thing? If so, can we
> > put this in the bloblist? We want to avoid adding code in EFI which is
> > in U-Boot.
>
> I think bloblist is used for data passing from SPL/TPL to u-boot.
> Is your comment saying that the eventlog generated
> in u-boot(done in efi_tcg2.c with this patch series) should be appended
> into the buffer pointed by BLOBLISTT_TPM2_TCG_LOG blob?
>

Even in that case the eventlog can't be appended.  The TCG eventlog
hould be copied into EFI memory, since the kernel expects to find it
there.
What we could do is copy the contents of that buffer to the eventlog.
Depending on what that buffer already has (e.g the starting header of
the eventlog), we might need to strip it from the efi_tcg.c code.

Thanks
/Ilias
> Thanks,
> Masahisa Kojima
>
> >
> >
> > - Simon
> >
> > > Thanks,
> > > Masahisa Kojima
> > >
> > > >
> > > > Why should ours be smaller?
> > > >
> > > > Best regards
> > > >
> > > > Heinrich
> > > >
> > > > >       help
> > > > >               Define the size of the EventLog for EFI_TCG2_PROTOCOL. Note that
> > > > >               this is going to be allocated twice. One for the eventlog it self
> > > > >


More information about the U-Boot mailing list