[PATCH] efi: tpm: Avoid READ_ONCE() for accessing the event log
Ard Biesheuvel
ardb at kernel.org
Mon Jan 9 09:50:56 PST 2023
On Mon, 9 Jan 2023 at 18:48, Nathan Chancellor <nathan at kernel.org> wrote:
>
> On Mon, Jan 09, 2023 at 10:59:48AM +0100, Ard Biesheuvel wrote:
> > Nathan reports that recent kernels built with LTO will crash when doing
> > EFI boot using Fedora's GRUB and SHIM. The culprit turns out to be a
> > misaligned load from the TPM event log, which is annotated with
> > READ_ONCE(), and under LTO, this gets translated into a LDAR instruction
> > which does not tolerate misaligned accesses.
> >
> > Interestingly, this does not happen when booting the same kernel
> > straight from the UEFI shell, and so the fact that the event log may
> > appear misaligned in memory may be caused by a bug in GRUB or SHIM.
> >
> > However, using READ_ONCE() to access firmware tables is slightly unusual
> > in any case, and here, we only need to ensure that 'event' is not
> > dereferenced again after it gets unmapped, so a compiler barrier should
> > be sufficient, and works around the reported issue.
> >
> > Cc: <stable at vger.kernel.org>
> > Cc: Peter Jones <pjones at redhat.com>
> > Cc: Jarkko Sakkinen <jarkko at kernel.org>
> > Cc: Matthew Garrett <mjg59 at srcf.ucam.org>
> > Reported-by: Nathan Chancellor <nathan at kernel.org>
> > Link: https://github.com/ClangBuiltLinux/linux/issues/1782
> > Signed-off-by: Ard Biesheuvel <ardb at kernel.org>
>
> Based on the thread, I tested this patch without barrier() and my
> machine boots up just fine now with an LTO kernel. Thanks a lot for the
> analysis and fix!
>
> Tested-by: Nathan Chancellor <nathan at kernel.org>
>
Thanks. I've queued this up as a EFI fix.
More information about the linux-arm-kernel
mailing list