Received: by 10.223.185.116 with SMTP id b49csp4951637wrg;
        Wed, 7 Mar 2018 04:02:10 -0800 (PST)
X-Google-Smtp-Source: AG47ELuW1IIkg06l8TVEeZTuk82WT2gnr13RG7f4oWUhByxc6WstQNQJYxqWyDyiHKzs1ashMlxb
X-Received: by 2002:a17:902:51e9:: with SMTP id y96-v6mr20246291plh.344.1520424130457;
        Wed, 07 Mar 2018 04:02:10 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1520424130; cv=none;
        d=google.com; s=arc-20160816;
        b=lRPSjNMABUf3FK1yc7bd1//EU4mth5yTfsgLyvxVjTl0aPZmzREPNW+QaRRYrSy1/X
         djqTEHYQJ79jZjG3iJdPNlckNi48lcS97pskNGhIlR8fPn5i8BzYB9NRm2hBSePoue2M
         NndbfnpQqtzvUHjGQY+CJQiYPIL3hRDnHyj7HVsA2F3ZYVsY3PQyc6H7BPsmn27O/Uy7
         J3xneG6r8xCnlTettZqk9AN6dH/iPxYYrI+HwaTbn4neXCQl/07CnOaIq3J6K8KpjUzJ
         Xhb4dhSajP4LesvlxDstccBvHpyLgJkCVRDBarJeWTvUX62QGnQu/9DdP5NNJFbg6lU7
         NoUw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:arc-authentication-results;
        bh=mcOrQxnMQiORgYHLEFZlV3v8TUdmXWbDL6vZG+9dNiA=;
        b=Yl1WGwczliEwRcdCsncOnzb0j619lHXuWxgFbHUnUHXVD+jFihpRecP7Q0ytI/tmEX
         0yDDanz+hxqfQM7PWTSut6s3zIDlO2UMJ4haZx3jWS48yb8VSCvicgfLl+UgZtNBhvcR
         xb1Va/m1J3K8Xc8uresbKt32SGagTm/urx96x7AVVdOI+NjNWlOzLx8SbbKOoLepXiwn
         8cxk6orrIplEalk7UfqVkOOW3KJGJyTigiQvFCkmq9xH8ipPXALu0zWU465xsKHtu2qf
         Luk+Va5lyjdtxm43VtCY0vSTqVXtyb63Gh/pg6xZJ351mKu6NbrNlqzWhAfaOxuVQy6q
         HwBA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id f1si10960381pgr.761.2018.03.07.04.01.55;
        Wed, 07 Mar 2018 04:02:10 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1754429AbeCGMAw (ORCPT
        <rfc822;paul.schmitz.hallo.parkuhr@gmail.com> + 99 others);
        Wed, 7 Mar 2018 07:00:52 -0500
Received: from mail-wr0-f169.google.com ([209.85.128.169]:42107 "EHLO
        mail-wr0-f169.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1754353AbeCGMAt (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 7 Mar 2018 07:00:49 -0500
Received: by mail-wr0-f169.google.com with SMTP id k9so1882613wre.9
        for <linux-kernel@vger.kernel.org>; Wed, 07 Mar 2018 04:00:48 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=mcOrQxnMQiORgYHLEFZlV3v8TUdmXWbDL6vZG+9dNiA=;
        b=emhIr6Rz0PlD88BL/0pk/yYGJeE0/0WTaTZ0Ys8ZG68JgEahje+AfpjolxTrYaEVa3
         EDM0ShZFv5P75VfKYQmDtWmEboK3KhBv0NVEd3bcrY+p1rQqfzfaveBkMi0K8D3auR6z
         ZMofPjYWYK1I5TT2rylootMKE4HovC0z/lrplwjjTSSQcR3eCCTmBjcNA7g9eVSBJypR
         tVUSh9NoVWvmpKN0m2YP9f1fBkl5xCrD54cr8jyIM2Wuh8fxyAxZ+BN1ld9uUBA22MZp
         gTr/2WBrtDIudSKSq46mELo335au00dp6Uxz4JSob61STbxZXkC9s8o2vIQ3nhMCq7Xu
         isGQ==
X-Gm-Message-State: APf1xPAJtc6Qm94NcGApY2NOlYWCNeX3ulGAPZBm9X3MM9m2Ccdz5bku
        EQUXVHQ0E4qjqv2EjCpjvTTJELn4ET4=
X-Received: by 10.223.160.147 with SMTP id m19mr20343836wrm.32.1520424047707;
        Wed, 07 Mar 2018 04:00:47 -0800 (PST)
Received: from [192.168.1.13] ([90.77.100.34])
        by smtp.gmail.com with ESMTPSA id b136sm13008211wme.34.2018.03.07.04.00.46
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 07 Mar 2018 04:00:47 -0800 (PST)
Subject: Re: Regression from efi: call get_event_log before ExitBootServices
To:     Hans de Goede <hdegoede@redhat.com>,
        Thiebaud Weksteen <tweek@google.com>, jeremy@jcline.org
Cc:     Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        linux-efi@vger.kernel.org, linux-integrity@vger.kernel.org,
        tpmdd-devel@lists.sourceforge.net, linux-kernel@vger.kernel.org
References: <01000161fc0b4755-df0621f4-ab5d-479a-b425-adf98427a308-000000@email.amazonses.com>
 <CA+zpnLdSyuyKjJEH3Oowmha2mF0B-j5b4A7CLuXXY7RH47SiFQ@mail.gmail.com>
 <185d1c06-c379-ee7d-496b-2f4e49f8c9a3@redhat.com>
From:   Javier Martinez Canillas <javierm@redhat.com>
Message-ID: <ec9d004b-4bd1-896f-b132-9fd84cac47eb@redhat.com>
Date:   Wed, 7 Mar 2018 13:00:46 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <185d1c06-c379-ee7d-496b-2f4e49f8c9a3@redhat.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi Hans,

On 03/07/2018 12:16 PM, Hans de Goede wrote:
> Hi,
> 
> On 07-03-18 09:41, Thiebaud Weksteen wrote:
>> Hi,
>>
>> Thanks for testing and sending this report! This patch relies heavily on
>> the functions exposed by the firmware. My first guess would be that some of
>> these may not be implemented correctly by the manufacturer.
>>
>> Could you share more information on this specific device?
> 
> I've the same device as Jeremy, but I just tried a 4.16-rc3 kernel
> and I'm not seeing this problem, BIOS settings all default (I loaded
> the BIOS defaults to make sure).
> 
>> Do you have any link to the manufacturer website (I found [1] but it is
>> based on an ARM CPU)?
>> Do you have the option to update your firmware? Is a copy of the firmware
>> available from the manufacturer?
> 
> This is a really cheap Windows tablet which was given away for free in
> the Netherlands with some home-schooling language courses, or something
> similar.
> 
> Both mine and Jeremy tablets come from a website in the Netherlands
> where people can buy/sell used goods.
> 
> Most relevant for this discussion I guess is that this device is
> based on a Bay Trail Z3735G SoC, on which according to the internets:
> https://embedded.communities.intel.com/thread/7868
> 
> The TPM 2.0 it contains is implemented as part of the TXE firmware.
> 
> Since I cannot reproduce I'm thinking that maybe Jeremy actually has
> some log messages in the TPM log, where as mine is empty.  Is there a
> way to make sure some messages are in there?
>

The UEFI firmware does some measurements and so does shim. So you should
have some event logs. What version of shim are you using? And also would
be good to know if it's the same shim version that Jeremy is using.

> Regards,
> 
> Hans
> 

Best regards,
-- 
Javier Martinez Canillas
Software Engineer - Desktop Hardware Enablement
Red Hat