On Tue, Jun 04, 2019 at 12:35:11PM -0700, Matthew Garrett wrote: > After the first call to GetEventLog() on UEFI systems using the TCG2 > crypto agile log format, any further log events (other than those > triggered by ExitBootServices()) will be logged in both the main log and > also in the Final Events Log. While the kernel only calls GetEventLog() > immediately before ExitBootServices(), we can't control whether earlier > parts of the boot process have done so. This will result in log entries > that exist in both logs, and so the current approach of simply appending > the Final Event Log to the main log will result in events being > duplicated. Sounds flakky how UEFI firmaware works. Wonder why the ignition of the final events log is bound to the invokation of GetEventLog() in the first place. > We can avoid this problem by looking at the size of the Final Event Log > just before we call ExitBootServices() and exporting this to the main > kernel. The kernel can then skip over all events that occured before > ExitBootServices() and only append events that were not also logged to > the main log. > > Signed-off-by: Matthew Garrett <mjg59@xxxxxxxxxx> > Reported-by: Joe Richey <joerichey@xxxxxxxxxx> > Suggested-by: Joe Richey <joerichey@xxxxxxxxxx> Rename final_events_early_size as final_events_preboot_size because it is a bit more descriptive name. Other than that looks good to me. /Jarkko
