Don't make shim abort when TPM log event fails (RHBZ #2002265)

On Dell hardware booted in UEFI with option TPM 1.2 "On without Pre-Boot Measurements", it appears that `tpm_log_event()` fails with Unsupported, which causes Shim to abort due to believing it couldn't set up the MokListRT, MokListXRT and SbatLevelRT variables. This patch ignore the error when trying to write to the TPM and sets the TPM as 'defective' to not try to write to it anymore. Signed-off-by: Renaud Métrich <rmetrich@redhat.com>
rhboot · Sep 13, 2021 · 11740ea · 11740ea
1 parent 2699836
commit 11740ea
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/tpm.c b/tpm.c
@@ -10,6 +10,7 @@ typedef struct {
 
 UINTN measuredcount = 0;
 VARIABLE_RECORD *measureddata = NULL;
+static BOOLEAN tpm_defective = FALSE;
 
 static BOOLEAN tpm_present(efi_tpm_protocol_t *tpm)
 {
@@ -18,6 +19,9 @@ static BOOLEAN tpm_present(efi_tpm_protocol_t *tpm)
 	UINT32 flags;
 	EFI_PHYSICAL_ADDRESS eventlog, lastevent;
 
+	if (tpm_defective)
+		return FALSE;
+
 	caps.Size = (UINT8)sizeof(caps);
 	efi_status = tpm->status_check(tpm, &caps, &flags,
 				       &eventlog, &lastevent);
@@ -192,6 +196,12 @@ static EFI_STATUS tpm_log_event_raw(EFI_PHYSICAL_ADDRESS buf, UINTN size,
 				(UINT64)size, TPM_ALG_SHA, event, &eventnum,
 				&lastevent);
 		}
+		if (efi_status == EFI_UNSUPPORTED) {
+			perror(L"Could not write TPM event: %r. Considering "
+			       "the TPM as defective.\n", efi_status);
+			tpm_defective = TRUE;
+			efi_status = EFI_SUCCESS;
+		}
 		FreePool(event);
 		return efi_status;
 	}