The efi/tpm code has a number of small signed/unsigned bugs and inaccuracies are prone to cause further bugs in a difficult to debug manner. For example, there is a signed/unsigned mismatch in efi/tpm.c that leads to a memblock_reserve on a range with an effectively negative length. Additionally, there are silently ignored error conditions that are better explicitly reported. Finally, there exists some bad interaction between tpm and kexec that causes the log version and the log size to become corrupted. The log size cannot be reasonably sanity checked, as the value is a u32 and there is no defined max-size per the spec - however the version can at least be sanity checked. This reports the error and avoids calling memblock_reserve with clearly corrupted arguments. Signed-off-by: Gregory Price <gourry@xxxxxxxxxx> Gregory Price (6): tpm: fix signed/unsigned bug when checking event logs tpm: do not ignore memblock_reserve return value libstub,tpm: provide indication of failure when getting event log tpm: sanity check the log version before using it tpm: fix unsigned/signed mismatch errors related to __calc_tpm2_event_size libstub,tpm: do not ignore failure case when reading final event log drivers/firmware/efi/libstub/tpm.c | 14 ++++++++---- drivers/firmware/efi/tpm.c | 34 +++++++++++++++++++++--------- include/linux/tpm_eventlog.h | 2 +- 3 files changed, 35 insertions(+), 15 deletions(-) -- 2.43.0