Re: Regression from efi: call get_event_log before ExitBootServices

From: Jeremy Cline
Date: Thu Mar 08 2018 - 12:26:48 EST

Next message: Greg Kroah-Hartman: "Re: [PATCH 4.15 000/122] 4.15.8-stable review"
Previous message: Linus Torvalds: "Re: [PATCH] vsprintf: Make "null" pointer dereference more robust"
In reply to: Hans de Goede: "Re: Regression from efi: call get_event_log before ExitBootServices"
Next in thread: Hans de Goede: "Re: Regression from efi: call get_event_log before ExitBootServices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 03/08/2018 11:50 AM, Hans de Goede wrote:
> <somehow this part of the thread was missing some email addresses, I've
> added these now>
>
> Hi,
>
> On 07-03-18 12:34, Javier Martinez Canillas wrote:

<snip>

>> Are you also able to read the TPM event logs?
>>
>> $ hexdump /sys/kernel/security/tpm0/binary_bios_measurements
>
> Yes for me that outputs a lot of hex :)

For me, /sys/kernel/security/tmp0 doesn't exist on 4.15.6 or 4.16 with
the patch reverted.

>> The UEFI firmware does some measurements and so does shim. So you should
>> have some event logs. What version of shim are you using? And also would
>> be good to know if it's the same shim version that Jeremy is using.
>
> That is a very good question, I'm using: shim-ia32-13-0.7.x86_64, which is
> the last version for F27 AFAICT.

All my tablet has installed is shim-0.8-10.x86_64, no shim-ia32.

>
> But Jeremy's tablet might very well be not using the shim at all, as
> I manually installed Fedora 25 on the tablet he now has, before Fedora
> supported
> machines with 32 bit EFI. I then later did a "dnf distro-sync" to
> Fedora-27.
>
> Jeremy might also very well still be booting using a grub binary I build
> manually back then, without any shim being involved.
>
> Jeremy what does efibootmgr -v output on your device ?

# efibootmgr -v
BootCurrent: 0003
Timeout: 4 seconds
BootOrder: 0003,0000,0001,2001,2002,2003
Boot0000* Android X64 OS
HD(1,GPT,215e6cf3-e97d-4735-9c4e-7338c8f5a645,0x800,0x32000)/File(\EFI\BOOT\bootx64.efi)RC
Boot0001* Internal EFI Shell
FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(c57ad6b7-0515-40a8-9d21-551652854e37)RCM&".
Boot0003* Fedora
HD(1,GPT,215e6cf3-e97d-4735-9c4e-7338c8f5a645,0x800,0x32000)/File(\EFI\fedora\grubx64.efi)
Boot2001* EFI USB Device RC
Boot2002* EFI DVD/CDROM RC
Boot2003* EFI Network RC
Boot8087* Udm
FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(9a9ab4c1-ee1b-488b-b300-24544a7bd418)

I think you're right about it using the old grub binary. I'm
embarrassingly unfamiliar with both UEFI and grub, but I'm guessing you
set the location of grub.cfg at compile time? When I boot
\EFI\fedora\grubx64.efi, it's pulling the grub.cfg from
\EFI\redhat\grub.cfg.

Regards,
Jeremy

Next message: Greg Kroah-Hartman: "Re: [PATCH 4.15 000/122] 4.15.8-stable review"
Previous message: Linus Torvalds: "Re: [PATCH] vsprintf: Make "null" pointer dereference more robust"
In reply to: Hans de Goede: "Re: Regression from efi: call get_event_log before ExitBootServices"
Next in thread: Hans de Goede: "Re: Regression from efi: call get_event_log before ExitBootServices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]