runcom has quit [Read error: Connection reset by peer]
runcom has joined #u-boot
runcom has quit [Read error: Connection reset by peer]
runcom has joined #u-boot
thopiekar has quit [Ping timeout: 256 seconds]
thopiekar has joined #u-boot
runcom has quit [Client Quit]
runcom has joined #u-boot
runcom has quit [Quit: Konversation terminated!]
runcom has joined #u-boot
hanetzer has quit [Ping timeout: 240 seconds]
hanetzer has joined #u-boot
runcom has quit [Client Quit]
runcom has joined #u-boot
runcom has quit [Quit: Konversation terminated!]
vagrantc has quit [Quit: leaving]
<sjg1>
milkylainen: Basically you can use fdt_pack() to pack it and fdt_open_into() to expand it a bit. I suppose you know that, but thought I would mention it
macromorgan has quit [Read error: Connection reset by peer]
<sjg1>
austriancoder: So you would need to dig into the EFI code to see what is actually going wrong. Unfortunately it still creates a lot of parallel data structures, so it is a bit confusing
<sjg1>
apalos: too
<austriancoder>
sjg1: efi_disk_probe fails with "Adding disk for flash.0 failed (err=-2147483628/0x80000014)"
<sjg1>
apalos: Yes, we don't want the delay of starting the TPM unless it is needed. I thought you solved this with a new command?
<sjg1>
austriancoder: What uclass is your device?
d-s-e has joined #u-boot
<milkylainen>
rfq, fit image handling fix/speedup.
<apalos>
but the init is only running from a command line anyway
<apalos>
and we never run tpm_init without the rest of the startup sequence
<apalos>
so we can just reoplace the tpm_init() with the tpm_auto_start, since there's literally no place we call it alone
<apalos>
I'll send an RFC and you can have a look
guillaume_g has joined #u-boot
runcom has quit [Ping timeout: 248 seconds]
<sjg1>
milkylainen: The only issue I see is that you may contract the FDT to smaller than it was at the start. So I think you should set the initial size as the minimum. i.e. add an fdt_open_into() after the pack, to be used if necessary
<apalos>
and that would allow us to get rid of stuf like this....
<sjg1>
apalos: Any word on the EFI work to integrate better with DM?
<apalos>
But the other 2 patches, fixed the pipeline issues Eddie was havinf
<apalos>
err sorry 3
<xypron>
austriancoder: 0x80000014 = EFI_NOT_FOUND. Is your problem anything that can be reproduced in QEMU or the sandbox?
<sjg1>
apalos: Things need to be deterministic. One option would be to have a flag in each bootflow that indicates whether a TPM is needed. We could set it in the EFI bootflow. Then when booting it, we init the TPM first?
<apalos>
test: account properly for PCR updates , test: use a non system PCR for testing PCR extend, efi_loader: fix EFI_ENTRY point on get_active_pcr_banks
<apalos>
sjg1: for the EFI bootflow,m the tpm is used when the EFI_TCG protocol is installed
<apalos>
and yes the TPM has to be initialized when the protocol gets installed
<apalos>
(becuase it needs to extend at least PC 0&7)
<apalos>
PCR*
<apalos>
but we have a tradeoff regardless. In thery the best security practice is initialize the tpm *really* early and measure stuff before you load them in ram
<apalos>
We do it the other way around now, for speed and the window for attack is smallish, but it's still there
<apalos>
anyway, let me send the 3 TPM related patches so you can have a look
<apalos>
and then I'
<apalos>
i'll ping Eddie to resend his series
<xypron>
austriancoder: ftl_blk_probe in your pastebin does not look like upstream U-Boot.
<sjg1>
apalos: Well, to do it properly you need VPL and VBE :-) EFI is never going to be very secure IMO
<apalos>
I am not following
<apalos>
It's the first stage bootloaders job to init the tpm and measyre
<apalos>
But the handoff protocol willgive us a nice abstraction into passing over the eventlong
<milkylainen>
sjg1: Not sure I follow why that would be a problem? The file is a temp one. it's unmapped and file is closed afterwards. If someone needs more space they'll reopen the file and do whatever they need with it?
<apalos>
Ok let's take a step back
<apalos>
TF-A and any first stage boot loader should:
<apalos>
1. Init the tpm,
<apalos>
2. measure loaded binaries
<apalos>
3. handover the eventlog of what it extended to the next stage boot loader
<apalos>
The Handoff solves 3 for us
<apalos>
TF-A also does (2), but it doesnt extend the PCRs
<apalos>
So what we currently do in u-boot is read pcr 0 if the previous stage bootloader hands over an eventlog
<apalos>
PCR0 *must* be extended (described in the spec)
<apalos>
So if we read PCR0 == 0 we just read and replay the eventlog in the hardware
<apalos>
There's a small window for attack there, but unless first stage bootloader initialize the hardware and *extend* pcrs, what we currently do is our best alternative
<sjg1>
milkylainen: We allow people to add DTC flags when building U-Boot, so they may use the -p flag, or -a. Your code is for the case where there is not enough space
runcom has joined #u-boot
<sjg1>
milkylainen: I don't know of an easy way to open the file and redo the -p / -a stuff
<sjg1>
IMO VPL should star the process, so it can choose which TF-A, SPL, etc. is needed
<milkylainen>
sjg1: Ah. Just out of curiosity, what are the use cases for extending the free space? I thought it was mostly for signing purposes (and stop getting enospc nags).
houze has quit [Quit: ZNC 1.8.2+deb2build5 - https://znc.in]
houze has joined #u-boot
houze has quit [Changing host]
houze has joined #u-boot
<milkylainen>
sjg1: I'll look into it anyway. Tnx for the feedback.
mncheck has quit [Read error: Connection reset by peer]
slobodan has quit [Read error: Connection reset by peer]
goliath has quit [Quit: SIGSEGV]
runcom has joined #u-boot
monstr has quit [Remote host closed the connection]
mncheck has joined #u-boot
runcom has quit [Ping timeout: 256 seconds]
<xypron>
austriancoder: The EFI subsystem creates a device path for each block device. You cannot have two devices with the same device path. Did you add code to generate a device-patch node to represent an ftl_blk device? Would you mind sharing your repo?
guillaume_g has quit [Quit: Konversation terminated!]
<austriancoder>
xypron: I will prep something tomorrow and will ping you