From 761268d8474a09bb193f96a93a87d75552edb84f51005a6f4abc4be820a878fa Mon Sep 17 00:00:00 2001 From: Michael Chang Date: Thu, 18 Aug 2022 09:42:06 +0000 Subject: [PATCH] Accepting request 997708 from home:michael-chang:bsc:1202374 - Fix tpm error stop tumbleweed from booting (bsc#1202374) * 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch - Patch Removed * 0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch OBS-URL: https://build.opensuse.org/request/show/997708 OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=418 --- ...tpm-Log-EFI_VOLUME_FULL-and-continue.patch | 82 ------------------- ...-error-as-non-fatal-but-debug-print-.patch | 29 +++++++ grub2.changes | 8 ++ grub2.spec | 2 +- 4 files changed, 38 insertions(+), 83 deletions(-) delete mode 100644 0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch create mode 100644 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch diff --git a/0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch b/0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch deleted file mode 100644 index 7ac030c..0000000 --- a/0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch +++ /dev/null @@ -1,82 +0,0 @@ -From 8c9f7cefdf9d03cae65773ef35e103fc346ee17f Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Tue, 3 May 2022 12:38:34 +0800 -Subject: [PATCH] tpm: Log EFI_VOLUME_FULL and continue - -Appending entries to tpm event log would fail if it is full and in this -case EFI_VOLUME_FULL is returned. Since the measurement itself is -successful but only the event is not logged, the booting shouldn't be -forced to stop and instead grub should log the error and continue. - -All errors other than EFI_VOLUME_FULL remains to stop grub from booting -so the failure can be examined. In case of unknown tpm error, the return -code from efi firmware is also displayed for reference. - -Signed-off-by: Michael Chang ---- - grub-core/commands/efi/tpm.c | 20 +++++++++++++++++--- - 1 file changed, 17 insertions(+), 3 deletions(-) - -diff --git a/grub-core/commands/efi/tpm.c b/grub-core/commands/efi/tpm.c -index a97d85368a..98fd5892b0 100644 ---- a/grub-core/commands/efi/tpm.c -+++ b/grub-core/commands/efi/tpm.c -@@ -144,8 +144,10 @@ grub_efi_log_event_status (grub_efi_status_t status) - return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small")); - case GRUB_EFI_NOT_FOUND: - return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable")); -+ case GRUB_EFI_VOLUME_FULL: -+ return grub_error (GRUB_ERR_OUT_OF_RANGE, N_("TPM event log is full")); - default: -- return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error")); -+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error: %" PRIuGRUB_SIZE), status); - } - } - -@@ -159,6 +161,7 @@ grub_tpm1_log_event (grub_efi_handle_t tpm_handle, unsigned char *buf, - grub_efi_tpm_protocol_t *tpm; - grub_efi_physical_address_t lastevent; - grub_uint32_t algorithm; -+ grub_err_t err; - grub_uint32_t eventnum = 0; - - tpm = grub_efi_open_protocol (tpm_handle, &tpm_guid, -@@ -182,7 +185,12 @@ grub_tpm1_log_event (grub_efi_handle_t tpm_handle, unsigned char *buf, - algorithm, event, &eventnum, &lastevent); - grub_free (event); - -- return grub_efi_log_event_status (status); -+ err = grub_efi_log_event_status (status); -+ /* Log EFI_VOLUME_FULL and continue */ -+ if (err == GRUB_ERR_OUT_OF_RANGE) -+ grub_print_error (); -+ -+ return err; - } - - static grub_err_t -@@ -193,6 +201,7 @@ grub_tpm2_log_event (grub_efi_handle_t tpm_handle, unsigned char *buf, - EFI_TCG2_EVENT *event; - grub_efi_status_t status; - grub_efi_tpm2_protocol_t *tpm; -+ grub_err_t err; - - tpm = grub_efi_open_protocol (tpm_handle, &tpm2_guid, - GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); -@@ -218,7 +227,12 @@ grub_tpm2_log_event (grub_efi_handle_t tpm_handle, unsigned char *buf, - (grub_uint64_t) size, event); - grub_free (event); - -- return grub_efi_log_event_status (status); -+ err = grub_efi_log_event_status (status); -+ /* Log EFI_VOLUME_FULL and continue */ -+ if (err == GRUB_ERR_OUT_OF_RANGE) -+ grub_print_error (); -+ -+ return err; - } - - grub_err_t --- -2.34.1 - diff --git a/0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch b/0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch new file mode 100644 index 0000000..b37dfb4 --- /dev/null +++ b/0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch @@ -0,0 +1,29 @@ +From 2cecb472ffba4dbc534f4ce3346a453762371c52 Mon Sep 17 00:00:00 2001 +From: Mathieu Trudel-Lapierre +Date: Fri, 25 Oct 2019 10:27:54 -0400 +Subject: [PATCH] tpm: Pass unknown error as non-fatal, but debug print the + error we got + +Signed-off-by: Mathieu Trudel-Lapierre +Patch-Name: ubuntu-tpm-unknown-error-non-fatal.patch +--- + grub-core/commands/efi/tpm.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/grub-core/commands/efi/tpm.c b/grub-core/commands/efi/tpm.c +index a97d85368..1e399a964 100644 +--- a/grub-core/commands/efi/tpm.c ++++ b/grub-core/commands/efi/tpm.c +@@ -145,7 +145,8 @@ grub_efi_log_event_status (grub_efi_status_t status) + case GRUB_EFI_NOT_FOUND: + return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable")); + default: +- return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error")); ++ grub_dprintf("tpm", "Unknown TPM error: %" PRIdGRUB_SSIZE, status); ++ return 0; + } + } + +-- +2.31.1 + diff --git a/grub2.changes b/grub2.changes index 09d3f17..f07f217 100644 --- a/grub2.changes +++ b/grub2.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Thu Aug 18 02:47:28 UTC 2022 - Michael Chang + +- Fix tpm error stop tumbleweed from booting (bsc#1202374) + * 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch +- Patch Removed + * 0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch + ------------------------------------------------------------------- Wed Jun 8 03:25:26 UTC 2022 - Michael Chang diff --git a/grub2.spec b/grub2.spec index bde1da4..80f4f19 100644 --- a/grub2.spec +++ b/grub2.spec @@ -315,6 +315,7 @@ Patch789: 0001-Workaround-volatile-efi-boot-variable.patch Patch790: 0001-30_uefi-firmware-fix-printf-format-with-null-byte.patch Patch791: 0001-i386-pc-build-btrfs-zstd-support-into-separate-modul.patch Patch792: 0001-templates-Follow-the-path-of-usr-merged-kernel-confi.patch +Patch793: 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch Patch794: 0001-Filter-out-POSIX-locale-for-translation.patch Patch795: 0001-ieee1275-implement-FCP-methods-for-WWPN-and-LUNs.patch Patch796: 0001-disk-diskfilter-Use-nodes-in-logical-volume-s-segmen.patch @@ -422,7 +423,6 @@ Patch897: 0013-cryptodisk-Support-key-protectors.patch Patch898: 0014-util-grub-protect-Add-new-tool.patch Patch899: fix-tpm2-build.patch Patch900: 0001-crytodisk-fix-cryptodisk-module-looking-up.patch -Patch901: 0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch Requires: gettext-runtime %if 0%{?suse_version} >= 1140