Re: [PATCH v5 3/3] efi: Add tee-based EFI variable driver

From: Ilias Apalodimas
Date: Fri Jun 09 2023 - 02:35:27 EST

Next message: Cong Yang: "[PATCH v5 0/2] Add ili9882t bindings and timing"
Previous message: Namhyung Kim: "Re: [PATCH v3 0/4] Bring back vmlinux.h generation"
In reply to: Jan Kiszka: "Re: [PATCH v5 3/3] efi: Add tee-based EFI variable driver"
Next in thread: Jan Kiszka: "Re: [PATCH v5 3/3] efi: Add tee-based EFI variable driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Jan,

[...]

> > --- a/drivers/firmware/efi/vars.c
> > +++ b/drivers/firmware/efi/vars.c
> > @@ -123,7 +123,7 @@ EXPORT_SYMBOL_GPL(efivars_unregister);
> >
> > bool efivar_supports_writes(void)
> > {
> > - return __efivars && __efivars->ops->set_variable;
> > + return __efivars && __efivars->ops->set_variable != set_variable_int;
> > }
> > EXPORT_SYMBOL_GPL(efivar_supports_writes);
> >
> > diff --git a/fs/efivarfs/super.c b/fs/efivarfs/super.c
> > index e028fafa04f3..e40b5c4c5106 100644
> > --- a/fs/efivarfs/super.c
> > +++ b/fs/efivarfs/super.c
> > @@ -242,9 +242,6 @@ static int efivarfs_fill_super(struct super_block
> > *sb, struct fs_context *fc)
> > sb->s_d_op = &efivarfs_d_ops;
> > sb->s_time_gran = 1;
> >
> > - if (!efivar_supports_writes())
> > - sb->s_flags |= SB_RDONLY;
> > -
> > inode = efivarfs_get_inode(sb, NULL, S_IFDIR | 0755, 0, true);
> > if (!inode)
> > return -ENOMEM;
> > diff --git a/include/linux/efi.h b/include/linux/efi.h
> > index 58d1c271d3b0..ec0ac6ef50a3 100644
> > --- a/include/linux/efi.h
> > +++ b/include/linux/efi.h
> > @@ -1084,6 +1084,10 @@ int efivars_register(struct efivars *efivars,
> > const struct efivar_operations *ops);
> > int efivars_unregister(struct efivars *efivars);
> >
> > +efi_status_t set_variable_int(efi_char16_t *name, efi_guid_t *vendor,
> > + u32 attributes, unsigned long data_size,
> > + void *data);
> > +
> > void efivars_generic_ops_register(void);
> > void efivars_generic_ops_unregister(void);
> >
> > Thanks
> > /Ilias
>
> As just written in my other reply: The root cause is the dependency on
> tee-supplicant daemon. That needs to be resolved, and then also r/w
> mounting will just work.

That's partially true. If we solve the dependency your problem will
go away only if everything gets compiled as built in. But if you have
them as modules there's still a chance you mount the efivarfs before
installing all the modules. In that case, you'll end up with the same
problem no?

That's why I think this patch (or a variation of it) is useful. It
solves the kernel panic you are seeing if you remount the efivarfs as
RW and It unifies the way the kernel responds to userspace no matter
what the firmware does with its setvariableRT service.

Thanks
/Ilias
>
> Jan
>
> --
> Siemens AG, Technology
> Competence Center Embedded Linux
>

Next message: Cong Yang: "[PATCH v5 0/2] Add ili9882t bindings and timing"
Previous message: Namhyung Kim: "Re: [PATCH v3 0/4] Bring back vmlinux.h generation"
In reply to: Jan Kiszka: "Re: [PATCH v5 3/3] efi: Add tee-based EFI variable driver"
Next in thread: Jan Kiszka: "Re: [PATCH v5 3/3] efi: Add tee-based EFI variable driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]