From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 9A0147803E0 for ; Tue, 10 Sep 2024 15:45:10 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=ob0v24DyrNeegV4r4J9fpIFljRSfoK3/1+kQePn7yZ8=; c=relaxed/simple; d=groups.io; h=MIME-version:Subject:From:In-reply-to:Date:Cc:Message-id:References:To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-type:Content-transfer-encoding; s=20240830; t=1725983110; v=1; x=1726242309; b=SDStxyGYsdx71vKupKZXWDoIwqmgLIlWEvhlJUqn0kbid6QEpwEeZAD1NK/rxjfpqivW5APH U14Uuf/UBriPmXL75INgjIwQMxyN0asux1ISEbATCe2P9TKkRS5cZXYO0NrMh/4JZZkgLSnbvfi MPdpF6rwif/rXu7oLEHQ9dxldK8F6Y91fn3L0czt//THYVEcn/A8MVrl9y5YGjUcMDicGMRqo7c tcluX706VTcU5FxZfK48ahLMPY1K4DaC6M5v5gem2XJvj0eP5D8xOQyOfrkQnzbxBGSizDfxgNk XvxLk8W7AXSQwZKlcGaIoz1hlAF8vpN2guhBnkAayC/rw== X-Received: by 127.0.0.2 with SMTP id i5hcYY7687511xh6w7Ml6bQm; Tue, 10 Sep 2024 08:45:09 -0700 X-Received: from ma-mailsvcp-mx-lapp03.apple.com (ma-mailsvcp-mx-lapp03.apple.com [17.32.222.24]) by mx.groups.io with SMTP id smtpd.web10.27098.1725983103498580979 for ; Tue, 10 Sep 2024 08:45:03 -0700 X-Received: from rn-mailsvcp-mta-lapp03.rno.apple.com (rn-mailsvcp-mta-lapp03.rno.apple.com [10.225.203.151]) by ma-mailsvcp-mx-lapp03.apple.com (Oracle Communications Messaging Server 8.1.0.23.20230328 64bit (built Mar 28 2023)) with ESMTPS id <0SJL00RFST2PN430@ma-mailsvcp-mx-lapp03.apple.com> for devel@edk2.groups.io; Tue, 10 Sep 2024 08:44:54 -0700 (PDT) X-Received: from mr55p01nt-mmpp01.apple.com (mr55p01nt-mmpp01.apple.com [10.170.185.219]) by rn-mailsvcp-mta-lapp03.rno.apple.com (Oracle Communications Messaging Server 8.1.0.23.20230328 64bit (built Mar 28 2023)) with ESMTPS id <0SJL00RP2T2R82P0@rn-mailsvcp-mta-lapp03.rno.apple.com>; Tue, 10 Sep 2024 08:44:52 -0700 (PDT) X-Received: from process_milters-daemon.mr55p01nt-mmpp01.apple.com by mr55p01nt-mmpp01.apple.com (Oracle Communications Messaging Server 8.1.0.23.20230328 64bit (built Mar 28 2023)) id <0SJL0VP00T1AQK00@mr55p01nt-mmpp01.apple.com>; Tue, 10 Sep 2024 15:44:51 +0000 (GMT) X-Va-A: X-Va-T-CD: 4c3984f1f823aa50c40fcb2a43cca4c1 X-Va-E-CD: c40cdd13cd530915072e8c6f5b81c115 X-Va-R-CD: cb226b3d113575e0c7ead9a62b61fc48 X-Va-ID: 90868364-5703-4c93-92da-456d47eec033 X-Va-CD: 0 X-V-A: X-V-T-CD: 4c3984f1f823aa50c40fcb2a43cca4c1 X-V-E-CD: c40cdd13cd530915072e8c6f5b81c115 X-V-R-CD: cb226b3d113575e0c7ead9a62b61fc48 X-V-ID: 923be45a-1c50-47dd-afa8-a23aa1b228b2 X-V-CD: 0 X-Received: from smtpclient.apple (unknown [17.11.88.207]) by mr55p01nt-mmpp01.apple.com (Oracle Communications Messaging Server 8.1.0.23.20230328 64bit (built Mar 28 2023)) with ESMTPSA id <0SJL0V0AXT2QG900@mr55p01nt-mmpp01.apple.com>; Tue, 10 Sep 2024 15:44:51 +0000 (GMT) MIME-version: 1.0 (Mac OS X Mail 16.0 \(3818.100.11.1.3\)) Subject: Re: [edk2-devel] EFI table being corrupted during Kexec From: "Andrew Fish via groups.io" In-reply-to: <20240910-juicy-festive-sambar-9ad23a@devvm32600> Date: Tue, 10 Sep 2024 08:44:40 -0700 Cc: ardb@kernel.org, linux-efi@vger.kernel.org, kexec@lists.infradead.org, bhe@redhat.com, vgoyal@redhat.com, ebiederm@xmission.com, rppt@kernel.org, usamaarif642@gmail.com, gourry@gourry.net, rmikey@meta.com Message-id: References: <20240910-juicy-festive-sambar-9ad23a@devvm32600> To: devel@edk2.groups.io, leitao@debian.org Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Tue, 10 Sep 2024 08:45:03 -0700 Resent-From: afish@apple.com Reply-To: devel@edk2.groups.io,afish@apple.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: GxMMKR10PbOqFPekCHHjLNFnx7686176AA= Content-type: text/plain; charset=utf-8 Content-transfer-encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240830 header.b=SDStxyGY; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io > On Sep 10, 2024, at 6:58=E2=80=AFAM, Breno Leitao wro= te: >=20 >=20 > We've seen a problem in upstream kernel kexec, where a EFI TPM log event = table > is being overwritten. This problem happen on real machine, as well as in= a > recent EDK2 qemu VM. >=20 > Digging deep, the table is being overwritten during kexec, more precisely= when > relocating kernel (relocate_kernel() function). >=20 > I've also found that the table is being properly reserved using > memblock_reserve() early in the boot, and that range gets overwritten lat= er in > by relocate_kernel(). In other words, kexec is overwriting a memory that = was > previously reserved (as memblock_reserve()). >=20 > Usama found that kexec only honours memory reservations from /sys/firmwar= e/memmap > which comes from e820_table_firmware table. >=20 The E820 table is not part of the UEFI standard and it is produced by a lib= rary in the OvmfPkg for =E2=80=9Cspecial cases=E2=80=9D so I guess that lib= could have a bug? > Looking at the TPM spec, I found the following part: >=20 > If the ACPI TPM2 table contains the address and size of the Platform Fir= mware TCG log, > firmware =E2=80=9Cpins=E2=80=9D the memory associated with the Platform = Firmware TCG log, and reports > this memory as =E2=80=9CReserved=E2=80=9D memory via the INT 15h/E820 in= terface. >=20 INT 15h is Legacy BIOS not UEFI. For UEFI there is just the UEFI memory map= and ACPI.=20 Thanks, Andrew Fish >=20 > From: https://trustedcomputinggroup.org/wp-content/uploads/PC-ClientPlatf= orm_Profile_for_TPM_2p0_Systems_v49_161114_public-review.pdf >=20 > I am wondering if that memory region/range should be part of e820 table t= hat is > passed by EFI firmware to kernel, and if it is not passed (as it is not b= eing > passed today), then the kernel doesn't need to respect it, and it is free= to > overwrite (as it does today). In other words, this is a firmware bug and = not a > kernel bug. >=20 > Am I missing something? >=20 > Thanks > --breno >=20 >=20 >=20 >=20 >=20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#120543): https://edk2.groups.io/g/devel/message/120543 Mute This Topic: https://groups.io/mt/108376671/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-