Hi Ilias, On Thu, 15 Jul 2021 at 00:20, Ilias Apalodimas <ilias.apalodi...@linaro.org> wrote: > > On Wed, Jul 14, 2021 at 08:52:07AM -0600, Simon Glass wrote: > > Hi Ilias, > > > > On Mon, 12 Jul 2021 at 03:28, Ilias Apalodimas > > <ilias.apalodi...@linaro.org> wrote: > > > > > > On Mon, 12 Jul 2021 at 11:40, Masahisa Kojima > > > <masahisa.koj...@linaro.org> wrote: > > > > > > > > Hi Simon, > > > > > > > > On Sun, 11 Jul 2021 at 09:01, Simon Glass <s...@chromium.org> wrote: > > > > > > > > > > Hi Masahisa, > > > > > > > > > > On Wed, 7 Jul 2021 at 20:21, Masahisa Kojima > > > > > <masahisa.koj...@linaro.org> wrote: > > > > > > > > > > > > On Wed, 7 Jul 2021 at 22:47, Heinrich Schuchardt > > > > > > <xypron.g...@gmx.de> wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > On 7/7/21 3:36 PM, Masahisa Kojima wrote: > > > > > > > > This is a preperation to add eventlog support > > > > > > > > described in TCG PC Client PFP spec. > > > > > > > > > > > > > > > > Signed-off-by: Masahisa Kojima <masahisa.koj...@linaro.org> > > > > > > > > --- > > > > > > > > lib/efi_loader/Kconfig | 2 +- > > > > > > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > > > > > > > > > > > diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig > > > > > > > > index b2ab48a048..a87bf3cc98 100644 > > > > > > > > --- a/lib/efi_loader/Kconfig > > > > > > > > +++ b/lib/efi_loader/Kconfig > > > > > > > > @@ -327,7 +327,7 @@ config EFI_TCG2_PROTOCOL > > > > > > > > config EFI_TCG2_PROTOCOL_EVENTLOG_SIZE > > > > > > > > int "EFI_TCG2_PROTOCOL EventLog size" > > > > > > > > depends on EFI_TCG2_PROTOCOL > > > > > > > > - default 4096 > > > > > > > > + default 16384 > > > > > > > > > > > > > > I found this text in EDK II: > > > > > > > > > > > > > > Minimum length(in bytes) of the system preboot TCG event log > > > > > > > area(LAML) > > > > > > > ----------------------------------------------------------------------- > > > > > > > > > > > > > > For PC Client Implementation spec up to and including 1.2 the > > > > > > > minimum > > > > > > > log size is 64KB. (SecurityPkg/SecurityPkg.dec) > > > > > > > > > > > > Thank you for your feedback. > > > > > > I have not checked this. > > > > > > TCG spec also says "The Log Area Minimum Length for the TCG event > > > > > > log > > > > > > MUST be at least 64KB." in ACPI chapter. > > > > > > I will update to set 64KB as default. > > > > > > > > > > > > > > > > Is this the same as the BLOBLISTT_TPM2_TCG_LOG thing? If so, can we > > > > > put this in the bloblist? We want to avoid adding code in EFI which is > > > > > in U-Boot. > > > > > > > > I think bloblist is used for data passing from SPL/TPL to u-boot. > > > > Is your comment saying that the eventlog generated > > > > in u-boot(done in efi_tcg2.c with this patch series) should be appended > > > > into the buffer pointed by BLOBLISTT_TPM2_TCG_LOG blob? > > > > > > > > > > Even in that case the eventlog can't be appended. The TCG eventlog > > > hould be copied into EFI memory, since the kernel expects to find it > > > there. > > > > Typically bloblist is relocated by U-Boot. There are lots of tables > > that must be passed to linux, including ACPI and SMBIOS. With bloblist > > they can all be in one place. > > > The eventlog must be allocated in EFI memory though.
There is really only one memory in U-Boot. I feel that all stuff that EFI passes on to linux should be in a single bloblist. > > > > > > What we could do is copy the contents of that buffer to the eventlog. > > > Depending on what that buffer already has (e.g the starting header of > > > the eventlog), we might need to strip it from the efi_tcg.c code. > > > > I'm not really sure, but the eventlog is not just EFI thing, right? > > The code should be generic. > > It's purely an EFI construct. Specifically the entire spec, and even the log > format for the eventlog are described in > https://trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf For some reason I have seen this in ACPI, or something similar. Perhaps I was getting confused. We need to find ways to implement EFI things with generic code. I'm not 100% sure about this particular thing, but since we already create something similar with ACPI I think we should at least look at doing it in one place. Regards, Simon
