SHA256
1
0
forked from pool/grub2

Accepting request 997708 from home:michael-chang:bsc:1202374

- Fix tpm error stop tumbleweed from booting (bsc#1202374)
  * 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch
- Patch Removed
  * 0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch

OBS-URL: https://build.opensuse.org/request/show/997708
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=418
This commit is contained in:
Michael Chang 2022-08-18 09:42:06 +00:00 committed by Git OBS Bridge
parent 14793c1f96
commit 761268d847
4 changed files with 38 additions and 83 deletions

View File

@ -1,82 +0,0 @@
From 8c9f7cefdf9d03cae65773ef35e103fc346ee17f Mon Sep 17 00:00:00 2001
From: Michael Chang <mchang@suse.com>
Date: Tue, 3 May 2022 12:38:34 +0800
Subject: [PATCH] tpm: Log EFI_VOLUME_FULL and continue
Appending entries to tpm event log would fail if it is full and in this
case EFI_VOLUME_FULL is returned. Since the measurement itself is
successful but only the event is not logged, the booting shouldn't be
forced to stop and instead grub should log the error and continue.
All errors other than EFI_VOLUME_FULL remains to stop grub from booting
so the failure can be examined. In case of unknown tpm error, the return
code from efi firmware is also displayed for reference.
Signed-off-by: Michael Chang <mchang@suse.com>
---
grub-core/commands/efi/tpm.c | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)
diff --git a/grub-core/commands/efi/tpm.c b/grub-core/commands/efi/tpm.c
index a97d85368a..98fd5892b0 100644
--- a/grub-core/commands/efi/tpm.c
+++ b/grub-core/commands/efi/tpm.c
@@ -144,8 +144,10 @@ grub_efi_log_event_status (grub_efi_status_t status)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small"));
case GRUB_EFI_NOT_FOUND:
return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable"));
+ case GRUB_EFI_VOLUME_FULL:
+ return grub_error (GRUB_ERR_OUT_OF_RANGE, N_("TPM event log is full"));
default:
- return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error"));
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error: %" PRIuGRUB_SIZE), status);
}
}
@@ -159,6 +161,7 @@ grub_tpm1_log_event (grub_efi_handle_t tpm_handle, unsigned char *buf,
grub_efi_tpm_protocol_t *tpm;
grub_efi_physical_address_t lastevent;
grub_uint32_t algorithm;
+ grub_err_t err;
grub_uint32_t eventnum = 0;
tpm = grub_efi_open_protocol (tpm_handle, &tpm_guid,
@@ -182,7 +185,12 @@ grub_tpm1_log_event (grub_efi_handle_t tpm_handle, unsigned char *buf,
algorithm, event, &eventnum, &lastevent);
grub_free (event);
- return grub_efi_log_event_status (status);
+ err = grub_efi_log_event_status (status);
+ /* Log EFI_VOLUME_FULL and continue */
+ if (err == GRUB_ERR_OUT_OF_RANGE)
+ grub_print_error ();
+
+ return err;
}
static grub_err_t
@@ -193,6 +201,7 @@ grub_tpm2_log_event (grub_efi_handle_t tpm_handle, unsigned char *buf,
EFI_TCG2_EVENT *event;
grub_efi_status_t status;
grub_efi_tpm2_protocol_t *tpm;
+ grub_err_t err;
tpm = grub_efi_open_protocol (tpm_handle, &tpm2_guid,
GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL);
@@ -218,7 +227,12 @@ grub_tpm2_log_event (grub_efi_handle_t tpm_handle, unsigned char *buf,
(grub_uint64_t) size, event);
grub_free (event);
- return grub_efi_log_event_status (status);
+ err = grub_efi_log_event_status (status);
+ /* Log EFI_VOLUME_FULL and continue */
+ if (err == GRUB_ERR_OUT_OF_RANGE)
+ grub_print_error ();
+
+ return err;
}
grub_err_t
--
2.34.1

View File

@ -0,0 +1,29 @@
From 2cecb472ffba4dbc534f4ce3346a453762371c52 Mon Sep 17 00:00:00 2001
From: Mathieu Trudel-Lapierre <mathieu.tl@gmail.com>
Date: Fri, 25 Oct 2019 10:27:54 -0400
Subject: [PATCH] tpm: Pass unknown error as non-fatal, but debug print the
error we got
Signed-off-by: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com>
Patch-Name: ubuntu-tpm-unknown-error-non-fatal.patch
---
grub-core/commands/efi/tpm.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/grub-core/commands/efi/tpm.c b/grub-core/commands/efi/tpm.c
index a97d85368..1e399a964 100644
--- a/grub-core/commands/efi/tpm.c
+++ b/grub-core/commands/efi/tpm.c
@@ -145,7 +145,8 @@ grub_efi_log_event_status (grub_efi_status_t status)
case GRUB_EFI_NOT_FOUND:
return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable"));
default:
- return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error"));
+ grub_dprintf("tpm", "Unknown TPM error: %" PRIdGRUB_SSIZE, status);
+ return 0;
}
}
--
2.31.1

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Thu Aug 18 02:47:28 UTC 2022 - Michael Chang <mchang@suse.com>
- Fix tpm error stop tumbleweed from booting (bsc#1202374)
* 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch
- Patch Removed
* 0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Jun 8 03:25:26 UTC 2022 - Michael Chang <mchang@suse.com> Wed Jun 8 03:25:26 UTC 2022 - Michael Chang <mchang@suse.com>

View File

@ -315,6 +315,7 @@ Patch789: 0001-Workaround-volatile-efi-boot-variable.patch
Patch790: 0001-30_uefi-firmware-fix-printf-format-with-null-byte.patch Patch790: 0001-30_uefi-firmware-fix-printf-format-with-null-byte.patch
Patch791: 0001-i386-pc-build-btrfs-zstd-support-into-separate-modul.patch Patch791: 0001-i386-pc-build-btrfs-zstd-support-into-separate-modul.patch
Patch792: 0001-templates-Follow-the-path-of-usr-merged-kernel-confi.patch Patch792: 0001-templates-Follow-the-path-of-usr-merged-kernel-confi.patch
Patch793: 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch
Patch794: 0001-Filter-out-POSIX-locale-for-translation.patch Patch794: 0001-Filter-out-POSIX-locale-for-translation.patch
Patch795: 0001-ieee1275-implement-FCP-methods-for-WWPN-and-LUNs.patch Patch795: 0001-ieee1275-implement-FCP-methods-for-WWPN-and-LUNs.patch
Patch796: 0001-disk-diskfilter-Use-nodes-in-logical-volume-s-segmen.patch Patch796: 0001-disk-diskfilter-Use-nodes-in-logical-volume-s-segmen.patch
@ -422,7 +423,6 @@ Patch897: 0013-cryptodisk-Support-key-protectors.patch
Patch898: 0014-util-grub-protect-Add-new-tool.patch Patch898: 0014-util-grub-protect-Add-new-tool.patch
Patch899: fix-tpm2-build.patch Patch899: fix-tpm2-build.patch
Patch900: 0001-crytodisk-fix-cryptodisk-module-looking-up.patch Patch900: 0001-crytodisk-fix-cryptodisk-module-looking-up.patch
Patch901: 0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch
Requires: gettext-runtime Requires: gettext-runtime
%if 0%{?suse_version} >= 1140 %if 0%{?suse_version} >= 1140