Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp3122537pxb;
        Tue, 21 Sep 2021 15:15:38 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJw9PLUK6/XsbGEmCJ1jRndc+9TwvuGkwtMd9rEDu+k/o3kMxT/DP4k3brDFwGze4/OF8Wsk
X-Received: by 2002:a17:906:3746:: with SMTP id e6mr37914300ejc.57.1632262537946;
        Tue, 21 Sep 2021 15:15:37 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1632262537; cv=none;
        d=google.com; s=arc-20160816;
        b=miDklOKAr5kkedEjV9Ep8b66wUF4k6qTckXDnPtBxJhkS0ePNPIe4mGEviRHsadDZQ
         lOiJxuV4lTFQiRRxiqp2OYY2vNYamc65Be4yI77Zq8irtMACGmn/CHzHQHLmF1Ah8nzG
         uVlLG44SKxK3kiNFJdl1z77RTcRmOlQqZLdm9gMvntyPR0rmJZ4Kr0SSrzUCZ9y/Y60U
         vWShK304BW+kIyaUOcS2ZB5tT6uTDUjOxhNTIeKXZKNRZXvu9mvTu5CiHlOdLeBLVL5s
         buiyp/YZapjuDraKqYtBEfi7u0eOO2u+aDWhVYAs7Xq6tVYcvnYfoLx/qcN578kBMLwx
         Kn2w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=MPOk+ItmfKbDr1bNf2eYtdqMz6WnnyKk+eftnOFs3Hc=;
        b=FmZNFxWyq/Fjee41FJkLRn5UKHfWJRHOCswmLlKnq8J0P17+F+dnkiu2fxIVOGCMsE
         EFLqshY/I5qJtnpCyMK32a3/l9vUC0B6mZna2BFF2yiGjJocFpTchM22K9lj0Z+kUw+V
         qVmZPfw0lN0Qx8n3a2kwc71MVjIyYEbmGG4tlrP7ixp5Z9t0FkRbP1yMs8tWAnmJVVuc
         mt6rfkrii8SM8inF5WKnonIIH++akrXIV2KufpFBKldgVa9IMXp7ld1gPgdKbx4dq/qI
         h1QBtQdNRFbYXPCafbc1alKuHrUORJcleymgzR5K1bNILy4AClVEHqOFi2UeE1U5x4Qz
         o1SA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linderud.pw header.s=linderud header.b=DvbI4uZ2;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linderud.pw
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id kx11si280608ejc.554.2021.09.21.15.15.14;
        Tue, 21 Sep 2021 15:15:37 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linderud.pw header.s=linderud header.b=DvbI4uZ2;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linderud.pw
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232387AbhIUT3z (ORCPT <rfc822;lkmlmol@gmail.com> + 99 others);
        Tue, 21 Sep 2021 15:29:55 -0400
Received: from linderud.dev ([163.172.10.146]:36962 "EHLO linderud.pw"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S231304AbhIUT3z (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 21 Sep 2021 15:29:55 -0400
Received: from linderud.pw (localhost [127.0.0.1])
        by linderud.pw (Postfix) with ESMTP id 5A9B7C032A;
        Tue, 21 Sep 2021 21:27:53 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.4.5-pre1 (2020-06-20) on velox
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=ham
        autolearn_force=no version=3.4.5-pre1
Received: from localhost (host-37-191-241-102.lynet.no [37.191.241.102])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
         key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256)
        (No client certificate requested)
        (Authenticated sender: morten)
        by linderud.pw (Postfix) with ESMTPSA id 1206BC001C;
        Tue, 21 Sep 2021 21:27:53 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linderud.pw;
        s=linderud; t=1632252473;
        bh=0GqyYMQkXphc8kPn1Om1uqRbo2dbuCAEQIAmDaGZnPc=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To;
        b=DvbI4uZ2GGwJM7jz99iiU/H9cQ7deSnqx7286T7FmIUK+8MtyVjM23cFUFPQfJIhC
         VLuUX74csW/y7nnK/9thz70X5jJYYQDjVx+ewsTi50i7bUCcQaWWl/d+NUMqreGcA9
         Ex5jhtJoPzVBCap1zEXVcjFyCYKPuYii5mBUe12Ftsrax1V1gsrjMYxLoS1LGwI4fb
         DwQ9vqYHFS+0hvooYH27qXWVdpygiKlDFd9OW4cH/bUQ5IsYOLcmOj4a3Gatl4TMDf
         BUz8FL7WdrmWC+dQy4AGnClrgt+vs4Zb9IdhDB0quKRNHgUMWgKM8oE3JxgHToKt2z
         +BNXsJ9CS5lZzfuOqTBJFtd/n6zsUNtM3KaSHJn2kdObH3d1UT60w5jF+l75GrU/Lz
         MXEnJUDY3obRCu6KvFN98tyb2Kz4ESK7gOGOYDSud/B40ODadNyewsRSO9QUc0oEAr
         NSrZavWfHRSmFqBJTNoyoWV9LQtYAcYC5ZKD+8vCCje4Z+i8lUsp0LC4eeLeEZZNrJ
         ydTnV07iGnzNarryzXc6ewkrzMyfWNzmIONSfE3revI1nBG97WGg/hrG4cOcBMIP4v
         ZZB4TigNxKYYsNJ4n9f4F8EOjJDgU+yMb2/1ekmtg45yYOr/c4RblPfebeoIC+FOXa
         dZDsAzLNX2y3zbNKrUZzV1KM=
Date:   Tue, 21 Sep 2021 21:27:51 +0200
From:   Morten Linderud <morten@linderud.pw>
To:     Jarkko Sakkinen <jarkko@kernel.org>
Cc:     Peter Huewe <peterhuewe@gmx.de>, Jason Gunthorpe <jgg@ziepe.ca>,
        Stefan Berger <stefanb@linux.ibm.com>,
        linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org,
        Oleksandr Natalenko <oleksandr@natalenko.name>
Subject: Re: [PATCH] tpm/eventlog: Don't abort tpm_read_log on faulty ACPI
 config
Message-ID: <20210921192751.3ukruxkzukzfw5xl@anathema>
References: <20210920203447.4124005-1-morten@linderud.pw>
 <896a0773cac953ae2f35ba08af65a598aa71942d.camel@kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <896a0773cac953ae2f35ba08af65a598aa71942d.camel@kernel.org>
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Sep 21, 2021 at 09:58:11PM +0300, Jarkko Sakkinen wrote:
> On Mon, 2021-09-20 at 22:34 +0200, Morten Linderud wrote:
> > Some vendors report faulty values in the acpi TPM2 table. This causes
> 
> Nit: ACPI (not acpi)
> 
> > the function to abort with EIO and essentially short circuits the
> > tpm_read_log function as we never even attempt to read the EFI
> > configuration table for a log.
> 
> Nit: tpm_read_log()
> 
> > This changes the condition to only look for a positive return value,
> > else hands over the eventlog discovery to the EFI configuration table
> 
> "hands over" -> "fallback"
> 
> > which should hopefully work better.
> 
> Please write in imperative form, e.g. "Change...", or perhaps in this
> case "Look...". 
> 
> Hopes are somewhat irrelevant, in the context of a commit message.
> 
> > It's unclear to me if there is a better solution to this then just
> > failing. However, I do not see any clear reason why we can't properly
> > fallback to the EFI configuration table.
> 
> Neither hopes nor doubts help us :-)
> 
> Because the commit message did not discuss any of the code changes
> that were done it is very hard to say much anything of this yet.

Thanks for the review! First kernel patch so all feedback is welcome :)

The code change is essentially just relaxing the return value for the ACPI log
lookup. I'm not quite sure what is missing from the commit message in that
regard? Is the second paragraph insufficient?

> There's also one corner case that was not discussed in the commit
> message.
> 
> The historical reason for not using TPM2 file is that old TPM2's
> did not have that feature. You have to ensure that legacy hardware
> does not break.

This should only relax the cases where an error which is not ENODEV is returned.
Legacy hardware that return ENODEV because the table doesn't exist, or is
missing the log start and length, should be unaffected by this change.

> /Jarkko

Cheers!

-- 
Morten Linderud
PGP: 9C02FF419FECBE16