[PATCH 1/5] efi_loader: increase eventlog buffer size

Simon Glass sjg at chromium.org
Wed Jul 14 16:52:07 CEST 2021


Hi Ilias,

On Mon, 12 Jul 2021 at 03:28, Ilias Apalodimas
<ilias.apalodimas at linaro.org> wrote:
>
> On Mon, 12 Jul 2021 at 11:40, Masahisa Kojima
> <masahisa.kojima at linaro.org> wrote:
> >
> > Hi Simon,
> >
> > On Sun, 11 Jul 2021 at 09:01, Simon Glass <sjg at chromium.org> wrote:
> > >
> > > Hi Masahisa,
> > >
> > > On Wed, 7 Jul 2021 at 20:21, Masahisa Kojima <masahisa.kojima at linaro.org> wrote:
> > > >
> > > > On Wed, 7 Jul 2021 at 22:47, Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:
> > > > >
> > > > >
> > > > >
> > > > > On 7/7/21 3:36 PM, Masahisa Kojima wrote:
> > > > > > This is a preperation to add eventlog support
> > > > > > described in TCG PC Client PFP spec.
> > > > > >
> > > > > > Signed-off-by: Masahisa Kojima <masahisa.kojima at linaro.org>
> > > > > > ---
> > > > > >   lib/efi_loader/Kconfig | 2 +-
> > > > > >   1 file changed, 1 insertion(+), 1 deletion(-)
> > > > > >
> > > > > > diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
> > > > > > index b2ab48a048..a87bf3cc98 100644
> > > > > > --- a/lib/efi_loader/Kconfig
> > > > > > +++ b/lib/efi_loader/Kconfig
> > > > > > @@ -327,7 +327,7 @@ config EFI_TCG2_PROTOCOL
> > > > > >   config EFI_TCG2_PROTOCOL_EVENTLOG_SIZE
> > > > > >       int "EFI_TCG2_PROTOCOL EventLog size"
> > > > > >       depends on EFI_TCG2_PROTOCOL
> > > > > > -     default 4096
> > > > > > +     default 16384
> > > > >
> > > > > I found this text in EDK II:
> > > > >
> > > > > Minimum length(in bytes) of the system preboot TCG event log area(LAML)
> > > > > -----------------------------------------------------------------------
> > > > >
> > > > > For PC Client Implementation spec up to and including 1.2 the minimum
> > > > > log size is 64KB. (SecurityPkg/SecurityPkg.dec)
> > > >
> > > > Thank you for your feedback.
> > > > I have not checked this.
> > > > TCG spec also says "The Log Area Minimum Length for the TCG event log
> > > > MUST be at least 64KB." in ACPI chapter.
> > > > I will update to set 64KB as default.
> > > >
> > >
> > > Is this the same as the BLOBLISTT_TPM2_TCG_LOG thing? If so, can we
> > > put this in the bloblist? We want to avoid adding code in EFI which is
> > > in U-Boot.
> >
> > I think bloblist is used for data passing from SPL/TPL to u-boot.
> > Is your comment saying that the eventlog generated
> > in u-boot(done in efi_tcg2.c with this patch series) should be appended
> > into the buffer pointed by BLOBLISTT_TPM2_TCG_LOG blob?
> >
>
> Even in that case the eventlog can't be appended.  The TCG eventlog
> hould be copied into EFI memory, since the kernel expects to find it
> there.

Typically bloblist is relocated by U-Boot. There are lots of tables
that must be passed to linux, including ACPI and SMBIOS. With bloblist
they can all be in one place.

> What we could do is copy the contents of that buffer to the eventlog.
> Depending on what that buffer already has (e.g the starting header of
> the eventlog), we might need to strip it from the efi_tcg.c code.

I'm not really sure, but the eventlog is not just EFI thing, right?
The code should be generic.

Regards,
Simon


More information about the U-Boot mailing list