From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 6B1BB740051 for ; Tue, 10 Sep 2024 15:14:40 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=2Xkv+lCp/f4bQsM+ESsBwaBaPqSsYMvxwqanBwIAwrY=; c=relaxed/simple; d=groups.io; h=Date:From:To:Cc:Subject:Message-ID:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Disposition:Content-Transfer-Encoding; s=20240830; t=1725981280; v=1; x=1726240478; b=lCEETHIuLh/v29c57niUiGhF69+ZGumR8OPPtxGglPclPmgjdutQpM3JSE3aAglB+HSAb42a hE46sW0z5KIx1KfdFc1kdx0GIvH9zirRSJAH3WtxAvSC4itHH5ayB7AsIqQ8BolmaGgni9C/yq6 YOkZ7wgUKKNa52SK68L88rNIrNvKUeBJM2YmeVLnKhQ79+HfVQAcVaODe/5W39iOZpLRFUMMf+7 YkSIJEydO4fp88IhDUK4MfpRh3uKHzIliXT7vXdwb7dMDLrLX0CU7/JBPK0qsz3rlXadRT3TQFi 65KTFGBl33Cl7rUEqxLgnpMPYhnLkErU5OFHHhMXuWYQw== X-Received: by 127.0.0.2 with SMTP id Po9TYY7687511xGpThVgDM4r; Tue, 10 Sep 2024 08:14:38 -0700 X-Received: from mail-lf1-f45.google.com (mail-lf1-f45.google.com [209.85.167.45]) by mx.groups.io with SMTP id smtpd.web10.24248.1725976730063924325 for ; Tue, 10 Sep 2024 06:58:50 -0700 X-Received: by mail-lf1-f45.google.com with SMTP id 2adb3069b0e04-5365c512b00so971370e87.3 for ; Tue, 10 Sep 2024 06:58:49 -0700 (PDT) X-Forwarded-Encrypted: i=1; AJvYcCVdKKhRjsl6fDQpbln5PuqRvZEApRkCFMgKNvixvf1A3hyk+YNd3mqAig2Rt8myBV2d6t32VA==@edk2.groups.io X-Gm-Message-State: 8nwwsj12slgBSIkUtnk7WuPrx7686176AA= X-Google-Smtp-Source: AGHT+IHhEuv8mrvn4438U00xZWueYNo2K4Ra1vZJaFUb6cxmb836Wz2QI3yrmjwC9AzNyQBdfgDXfg== X-Received: by 2002:a05:6512:2215:b0:530:e228:7799 with SMTP id 2adb3069b0e04-53658813717mr11032307e87.58.1725976727247; Tue, 10 Sep 2024 06:58:47 -0700 (PDT) X-Received: from gmail.com (fwdproxy-lla-002.fbsv.net. [2a03:2880:30ff:2::face:b00c]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8d2593cffcsm486589666b.55.2024.09.10.06.58.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Sep 2024 06:58:46 -0700 (PDT) Date: Tue, 10 Sep 2024 06:58:44 -0700 From: Breno Leitao To: ardb@kernel.org, linux-efi@vger.kernel.org, kexec@lists.infradead.org, bhe@redhat.com, vgoyal@redhat.com, devel@edk2.groups.io, ebiederm@xmission.com Cc: rppt@kernel.org, usamaarif642@gmail.com, gourry@gourry.net, rmikey@meta.com Subject: [edk2-devel] EFI table being corrupted during Kexec Message-ID: <20240910-juicy-festive-sambar-9ad23a@devvm32600> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Tue, 10 Sep 2024 08:14:33 -0700 Resent-From: leitao@debian.org Reply-To: devel@edk2.groups.io,leitao@debian.org List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240830 header.b=lCEETHIu; dmarc=none; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io We've seen a problem in upstream kernel kexec, where a EFI TPM log event table is being overwritten. This problem happen on real machine, as well as in a recent EDK2 qemu VM. Digging deep, the table is being overwritten during kexec, more precisely when relocating kernel (relocate_kernel() function). I've also found that the table is being properly reserved using memblock_reserve() early in the boot, and that range gets overwritten later in by relocate_kernel(). In other words, kexec is overwriting a memory that was previously reserved (as memblock_reserve()). Usama found that kexec only honours memory reservations from /sys/firmware/memmap which comes from e820_table_firmware table. Looking at the TPM spec, I found the following part: If the ACPI TPM2 table contains the address and size of the Platform Firmware TCG log, firmware “pins” the memory associated with the Platform Firmware TCG log, and reports this memory as “Reserved” memory via the INT 15h/E820 interface. From: https://trustedcomputinggroup.org/wp-content/uploads/PC-ClientPlatform_Profile_for_TPM_2p0_Systems_v49_161114_public-review.pdf I am wondering if that memory region/range should be part of e820 table that is passed by EFI firmware to kernel, and if it is not passed (as it is not being passed today), then the kernel doesn't need to respect it, and it is free to overwrite (as it does today). In other words, this is a firmware bug and not a kernel bug. Am I missing something? Thanks --breno -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#120541): https://edk2.groups.io/g/devel/message/120541 Mute This Topic: https://groups.io/mt/108376671/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-