From patchwork Tue Apr 2 21:55:55 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthew Garrett X-Patchwork-Id: 10882389 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id AFBCA1390 for ; Tue, 2 Apr 2019 21:56:18 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9ADFA287C8 for ; Tue, 2 Apr 2019 21:56:18 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8EED328800; Tue, 2 Apr 2019 21:56:18 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-14.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,RCVD_IN_DNSWL_HI,USER_IN_DEF_DKIM_WL autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 47719287C8 for ; Tue, 2 Apr 2019 21:56:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726785AbfDBV4I (ORCPT ); Tue, 2 Apr 2019 17:56:08 -0400 Received: from mail-pg1-f201.google.com ([209.85.215.201]:46573 "EHLO mail-pg1-f201.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726615AbfDBV4G (ORCPT ); Tue, 2 Apr 2019 17:56:06 -0400 Received: by mail-pg1-f201.google.com with SMTP id r13so10758144pga.13 for ; Tue, 02 Apr 2019 14:56:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=2arIsG/tUSBODeVZx7IuFZx2ONfMcieJcM9WtFlfh5Y=; b=irdhOPyj25p21xUXEp9WqiYzCS+PN+hSOPVjqRf/1pMl2yr+Srt+K7/1wUPnJoGYm0 poW3I8ln2Q54tERGmk/Gaeo0mM71hWfqCx0tzpbnwQ59fBDlEMxigRqlQucX31Ybs0jo 0JgMgAiRNNLxUfqaX35Y/KFntKmR/yBwecK5W7VLhffmD/TZRyfC+XOYhLf/594xGDaw MEMwPwsok0sMsLOFuWvrEPl/Kn0NzTWNEC64KgFaoK6z5NmCVZ0GaWaKoQSpRKtjgu3k jtX0IGiLHE//Isvb8+5wBdrWS+W+pAFyC3bXafIEseARTrtGQyeGuyKXfpuVG7jrSUHg c3uQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=2arIsG/tUSBODeVZx7IuFZx2ONfMcieJcM9WtFlfh5Y=; b=fucouBoZkhchnvxlRWQvT1SqDDiOPsDjNi4hOxE6GBeXuZFhRjWUagXE0q4Q88FBTy x82N9IOiDL2QThDmNr1G7RFc8t3EL2jY+IvNBABClsuiIYJ8tp1RZfoA+ER8Jrf8hZ+I hXYgsCyQHFEdu0RQLjPDRB89dQQ4eAReukO81ztFOjzomYh3PosLH05bOcjac8EECoCH wuVKosEpF58mB6ACQEV6/K5TlzvJtM42lUzdkmpj43ILvpd0pMTQ6iPLMAbJm35JfDld BWuH5gol9+6O3Fzal0O9fBq0di4z8yQ5tklGlJoG07I2GXKDbMstFkG+y6eALPMKP7uu ZwnA== X-Gm-Message-State: APjAAAVnfgRl1WMhjSadvqPC4RvuHlKQly2RcrNolbp4a9+VMsTUo0EL Cwg/ll4wqKoFCdyJrGjT5Z+Vana5oVeBDvM6UupLqg== X-Google-Smtp-Source: APXvYqyDf5uijU2bb1TFP10+0uBx4zXwelGC8AzwFvArYzNvm6TDP60F9adar3mAL+ydsK93+s7oHZ13Yk2FE3z5G7Jrtg== X-Received: by 2002:a63:7c01:: with SMTP id x1mr1196450pgc.146.1554242165653; Tue, 02 Apr 2019 14:56:05 -0700 (PDT) Date: Tue, 2 Apr 2019 14:55:55 -0700 In-Reply-To: <20190402215556.257406-1-matthewgarrett@google.com> Message-Id: <20190402215556.257406-2-matthewgarrett@google.com> Mime-Version: 1.0 References: <20190402215556.257406-1-matthewgarrett@google.com> X-Mailer: git-send-email 2.21.0.392.gf8f6787159e-goog Subject: [PATCH 1/2] efi: Fix cast to pointer from integer of different size in TPM log code From: Matthew Garrett To: linux-integrity@vger.kernel.org Cc: peterhuewe@gmx.de, jarkko.sakkinen@linux.intel.com, jgg@ziepe.ca, roberto.sassu@huawei.com, linux-efi@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, tweek@google.com, Matthew Garrett , Matthew Garrett Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP 8bfcff4a6a1d9d7226bb63a7da758b82d9ab4373 introduced a cast from efi_physical_address_t to (void *), which are different sizes on 32-bit. Fix that. Caught by the 0-day test bot. Signed-off-by: Matthew Garrett Reviewed-by: Jarkko Sakkinen Acked-by: Ard Biesheuvel --- drivers/firmware/efi/libstub/tpm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libstub/tpm.c index b6e93e14fcf1..6b3b507a54eb 100644 --- a/drivers/firmware/efi/libstub/tpm.c +++ b/drivers/firmware/efi/libstub/tpm.c @@ -114,8 +114,8 @@ void efi_retrieve_tpm2_eventlog(efi_system_table_t *sys_table_arg) */ last_entry_size = __calc_tpm2_event_size((void *)last_entry_addr, - (void *)log_location, - false); + (void *)(long)log_location, + false); } else { last_entry_size = sizeof(struct tcpa_event) + ((struct tcpa_event *) last_entry_addr)->event_size; From patchwork Tue Apr 2 21:55:56 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthew Garrett X-Patchwork-Id: 10882385 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8F3711708 for ; Tue, 2 Apr 2019 21:56:12 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 778ED2881B for ; Tue, 2 Apr 2019 21:56:12 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 69E40287C8; Tue, 2 Apr 2019 21:56:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-14.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,RCVD_IN_DNSWL_HI,USER_IN_DEF_DKIM_WL autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EF880287C8 for ; Tue, 2 Apr 2019 21:56:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726825AbfDBV4K (ORCPT ); Tue, 2 Apr 2019 17:56:10 -0400 Received: from mail-ua1-f73.google.com ([209.85.222.73]:34525 "EHLO mail-ua1-f73.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725990AbfDBV4J (ORCPT ); Tue, 2 Apr 2019 17:56:09 -0400 Received: by mail-ua1-f73.google.com with SMTP id h9so2292146uap.1 for ; Tue, 02 Apr 2019 14:56:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=xAnLkZL1jyDU4wUU0qf3ZAhpM4BKPDzENsbu9cKQ3gk=; b=hBwOt1KY/S2uIniM4uFql4vhJq1+I+SV0JwBPnd6cpnh5u70Q0egl+Pda6RtRrk4G9 XryZ14ijBJwA90CttJ9xqQr6MT9kqr4AEkbbh+8ZUJd2jF63Lv8fYLSIRyjaO1hFTaHe qypGhs4EgIN1eTJKz/p/VN/BhNNnmpZk50RIDbb5H0nB+IHXMnULLix0LEuMkhkpJUzh GoA0tqd6LYz52L1efoenVNY0J/7oyv2FpYrLzz9oQrdAnINEU8S4uowwVAoMDh/9tTLk R5oWdSWJ83ZoR9Jz9MSFKG5Lo3ikcvUfQTS1yQlu1lsTwFAQWs764Z/15Hp1WYjPxPhr RpLA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=xAnLkZL1jyDU4wUU0qf3ZAhpM4BKPDzENsbu9cKQ3gk=; b=SDAfXPhM2eXQY5iE5wVKbX/r2PXcpC3QxaRQymkjaK0xUq/MIORJ4q9vHgCOMGUY6G 9Q0lZKGhKglxp1dr/O7wkgWy8ErWO21Mx3rGpS7NuZo2KiPFUEaZD2a8pjHp9wePUpCg tkzekQeCcb0YoUSbYLvXQV+1y0KZ14FDiUUilIPV1SK7pbzS0LQ6RjOqE8XMk6qp9PdR LqPyRQ8s4tsWmK0FK0KUCIuq6Vplw0xTQi01QL+YhXthB/V/j9g4obhd5ckpcvsRZ0H3 A8l0iwwNkSA52ncpZJneUFo4+PIYI2LQYXyWk46rP2xRMdqkdDG7qJgoNsi6yGZxQaXj aU8g== X-Gm-Message-State: APjAAAWpGgpmcgCXtpcKIEg75EdL7pjh3jxNvSHhpXVG24Dv2skkfMZD hezsIG/V97yNGVFAr1WbspcOtiBfGfRKWpb9f1vvlA== X-Google-Smtp-Source: APXvYqwrNJFsd5Ezw4ZaFEPU/r7zZ4SKNLVE1WTRINE8K7foX3ow2e4EGMGfbGf0SXKgkqqpmznTS0V0FljbkM8yyeWxKA== X-Received: by 2002:a67:e295:: with SMTP id g21mr8830432vsf.24.1554242168324; Tue, 02 Apr 2019 14:56:08 -0700 (PDT) Date: Tue, 2 Apr 2019 14:55:56 -0700 In-Reply-To: <20190402215556.257406-1-matthewgarrett@google.com> Message-Id: <20190402215556.257406-3-matthewgarrett@google.com> Mime-Version: 1.0 References: <20190402215556.257406-1-matthewgarrett@google.com> X-Mailer: git-send-email 2.21.0.392.gf8f6787159e-goog Subject: [PATCH 2/2] tpm: Fix builds on platforms that lack early_memremap() From: Matthew Garrett To: linux-integrity@vger.kernel.org Cc: peterhuewe@gmx.de, jarkko.sakkinen@linux.intel.com, jgg@ziepe.ca, roberto.sassu@huawei.com, linux-efi@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, tweek@google.com, Matthew Garrett , Matthew Garrett Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP On EFI systems, __calc_tpm2_event_size() needs to be able to map tables at early boot time in order to extract information from them. Unfortunately this interacts badly with other architectures that don't provide the early_memremap() interface but which may still have other mechanisms for obtaining crypto-agile logs. Abstract this away so we can avoid the need for two implementations while still avoiding breakage on architectures that don't require remapping of the table. Signed-off-by: Matthew Garrett Reviewed-by: Jarkko Sakkinen --- drivers/firmware/efi/tpm.c | 3 +++ include/linux/tpm_eventlog.h | 32 ++++++++++++++++++++------------ 2 files changed, 23 insertions(+), 12 deletions(-) diff --git a/drivers/firmware/efi/tpm.c b/drivers/firmware/efi/tpm.c index f2a13cbb8688..fe48150f06d1 100644 --- a/drivers/firmware/efi/tpm.c +++ b/drivers/firmware/efi/tpm.c @@ -4,6 +4,9 @@ * Thiebaud Weksteen */ +#define TPM_MEMREMAP(start, size) early_memremap(start, size) +#define TPM_MEMUNMAP(start, size) early_memunmap(start, size) + #include #include #include diff --git a/include/linux/tpm_eventlog.h b/include/linux/tpm_eventlog.h index d889e12047d9..0ca27bc053af 100644 --- a/include/linux/tpm_eventlog.h +++ b/include/linux/tpm_eventlog.h @@ -128,6 +128,14 @@ struct tcg_algorithm_info { struct tcg_algorithm_size digest_sizes[]; }; +#ifndef TPM_MEMREMAP +#define TPM_MEMREMAP(start, size) NULL +#endif + +#ifndef TPM_MEMUNMAP +#define TPM_MEMUNMAP(start, size) do{} while(0) +#endif + /** * __calc_tpm2_event_size - calculate the size of a TPM2 event log entry * @event: Pointer to the event whose size should be calculated @@ -171,8 +179,8 @@ static inline int __calc_tpm2_event_size(struct tcg_pcr_event2_head *event, /* Map the event header */ if (do_mapping) { mapping_size = marker - marker_start; - mapping = early_memremap((unsigned long)marker_start, - mapping_size); + mapping = TPM_MEMREMAP((unsigned long)marker_start, + mapping_size); if (!mapping) { size = 0; goto out; @@ -192,10 +200,10 @@ static inline int __calc_tpm2_event_size(struct tcg_pcr_event2_head *event, /* Map the digest's algorithm identifier */ if (do_mapping) { - early_memunmap(mapping, mapping_size); + TPM_MEMUNMAP(mapping, mapping_size); mapping_size = marker - marker_start + halg_size; - mapping = early_memremap((unsigned long)marker_start, - mapping_size); + mapping = TPM_MEMREMAP((unsigned long)marker_start, + mapping_size); if (!mapping) { size = 0; goto out; @@ -212,10 +220,10 @@ static inline int __calc_tpm2_event_size(struct tcg_pcr_event2_head *event, /* Map the digest content itself */ if (do_mapping) { - early_memunmap(mapping, mapping_size); + TPM_MEMUNMAP(mapping, mapping_size); mapping_size = marker - marker_start; - mapping = early_memremap((unsigned long)marker_start, - mapping_size); + mapping = TPM_MEMREMAP((unsigned long)marker_start, + mapping_size); if (!mapping) { size = 0; goto out; @@ -238,10 +246,10 @@ static inline int __calc_tpm2_event_size(struct tcg_pcr_event2_head *event, * we don't need to map it */ if (do_mapping) { - early_memunmap(marker_start, mapping_size); + TPM_MEMUNMAP(marker_start, mapping_size); mapping_size += sizeof(event_field->event_size); - mapping = early_memremap((unsigned long)marker_start, - mapping_size); + mapping = TPM_MEMREMAP((unsigned long)marker_start, + mapping_size); if (!mapping) { size = 0; goto out; @@ -256,7 +264,7 @@ static inline int __calc_tpm2_event_size(struct tcg_pcr_event2_head *event, size = 0; out: if (do_mapping) - early_memunmap(mapping, mapping_size); + TPM_MEMUNMAP(mapping, mapping_size); return size; }