WORKAROUND: firmware: efi: libstub: delete LoaderTpm2ActivePcrBanks

[QuinAsura]

On Glymur, enabling QSEECOM exposes EFI boot variables to userspace, including LoaderTpm2ActivePcrBanks written by systemd-boot. Systemd reads this variable to detect TPM2 availability and activates tpm2.target, which waits for /dev/tpm0. Since the TPM firmware (SPSS) is non-functional on Glymur linux, /dev/tpm0 is never created and systemd stalls for the full 90-second device timeout, causing kernel CI failures.

The boot team identified that no other SoC will have this variable set and we can safely delete it. So delete LoaderTpm2ActivePcrBanks early in the EFI stub before systemd can read it, preventing tpm2.target activation.

[qlijarvis]

PR #1336 — validate-patch

PR: #1336

Verdict	Issues	Detailed Report
✅	0	Full report

Final Summary

1. Lore link present: No — WORKAROUND: prefix; vendor-specific patch not intended for upstream submission

2. Lore link matches PR commits: N/A — no lore link to compare against; this is an original vendor workaround

3. Upstream patch status: Not upstream — vendor-specific workaround for Qualcomm Glymur platform TPM firmware limitation; deletes legitimate systemd-boot variable to mask CI timeout issue; upstream would expect proper TPM driver fix or platform configuration

4. PR present in qcom-next: Not checked — WORKAROUND: vendor-only commit for Qualcomm kernel CI environment

Verdict: ✅ — click to expand

🔍 Patch Validation

PR: #1336 - WORKAROUND: firmware: efi: libstub: delete LoaderTpm2ActivePcrBanks
Upstream commit: N/A (vendor-specific workaround)
Verdict: ✅ PASS

Commit Message

Check	Status	Note
Subject matches upstream	N/A	Vendor-only WORKAROUND patch, not posted upstream
Body preserves rationale	✅	Clear explanation of Glymur-specific TPM/QSEECOM issue and CI impact
Fixes tag present/correct	N/A	Not fixing an upstream regression; workaround for platform limitation
Authorship preserved	✅	Author: Sibi Sankar sibi.sankar@oss.qualcomm.com, proper Signed-off-by
Backport note (if applicable)	N/A	Original vendor patch, not a backport

Diff

File	Status	Notes
drivers/firmware/efi/libstub/efi-stub.c	✅	Clean implementation: adds systemd GUID macro, delete function with proper error handling, and call in efi_stub_common()

Commit Message Quality Assessment

Strengths:

• WORKAROUND prefix clearly signals temporary/vendor-specific nature
• Problem statement is precise: QSEECOM exposes EFI variables → systemd reads LoaderTpm2ActivePcrBanks → activates tpm2.target → waits for /dev/tpm0
• Root cause identified: TPM firmware (SPSS) non-functional on Glymur
• Impact quantified: 90-second timeout causing kernel CI failures
• Solution justified: delete variable early to prevent systemd activation
• Subsystem prefix correct: firmware: efi: libstub

Code Quality:

• Follows kernel coding style conventions
• Proper EFI GUID definition using EFI_GUID() macro
• Defensive programming: checks EFI_NOT_FOUND before attempting delete
• Informative logging with efi_info/efi_err
• Function placed logically in efi_stub_common() before display setup

Verdict

Merge as-is. This is a well-documented vendor workaround for a Qualcomm platform-specific issue. The WORKAROUND prefix correctly signals it's not intended for upstream. The commit message clearly explains the problem, root cause, and solution. The code is clean, follows kernel conventions, and includes proper error handling.

Final Summary

1. Lore link present: No — WORKAROUND: prefix; vendor-specific patch not intended for upstream submission

2. Lore link matches PR commits: N/A — no lore link to compare against; this is an original vendor workaround

3. Upstream patch status: Not upstream — vendor-specific workaround for Qualcomm Glymur platform TPM firmware limitation; deletes legitimate systemd-boot variable to mask CI timeout issue; upstream would expect proper TPM driver fix or platform configuration

4. PR present in qcom-next: Not checked — WORKAROUND: vendor-only commit for Qualcomm kernel CI environment

[qlijarvis]

PR #1336 — checker-log-analyzer

PR: #1336
Checker run: https://github.com/qualcomm-linux/kernel-config/actions/runs/27206301541

Checker	Result	Summary
Checker	Result	Summary
checkpatch	✅	No style issues detected
dt-binding-check	⏭️	Skipped - no DT binding changes
dtb-check	⏭️	Skipped - no devicetree changes
sparse-check	✅	Build completed successfully
check-uapi-headers	✅	No UAPI header changes
check-patch-compliance	❌	Subject prefix violation
tag-check	N/A	Not applicable for topic branches
qcom-next-check	N/A	Not applicable for topic branches

Detailed report: Full report

Checker analysis — click to expand

🤖 CI Checker Analysis (checker-log-analyzer)

PR: #1336 - WORKAROUND: firmware: efi: libstub: delete LoaderTpm2ActivePcrBanks
Source: https://github.com/qualcomm-linux/kernel-config/actions/runs/27206301541

Checker	Result	Summary
checkpatch	✅	No style issues detected
dt-binding-check	⏭️	Skipped - no DT binding changes
dtb-check	⏭️	Skipped - no devicetree changes
sparse-check	✅	Build completed successfully
check-uapi-headers	✅	No UAPI header changes
check-patch-compliance	❌	Subject prefix violation
tag-check	N/A	Not applicable for topic branches
qcom-next-check	N/A	Not applicable for topic branches

---

❌ check-patch-compliance

Root cause: Commit subject starts with WORKAROUND: which is not a recognized prefix for Qualcomm Linux kernel commits.

Failure details:

Checking commit: WORKAROUND: firmware: efi: libstub: delete LoaderTpm2ActivePcrBanks
Commit summary does not start with a required prefix
##[error]Process completed with exit code 1.

Fix: Update the commit subject to use one of the accepted prefixes:

1. Option 1 (Recommended): Use subsystem-style prefix since this is a local workaround:

   firmware: efi: libstub: delete LoaderTpm2ActivePcrBanks
   

   Then add WORKAROUND: as a tag in the commit message body or keep it in the description.

2. Option 2: If this is intended for upstream submission, use:

   FROMLIST: firmware: efi: libstub: delete LoaderTpm2ActivePcrBanks
   

3. Option 3: If this is a backport of an upstream fix:

   UPSTREAM: firmware: efi: libstub: delete LoaderTpm2ActivePcrBanks
   

Reproduce locally:

# Clone kernel-checkers repo
git clone https://github.com/qualcomm-linux/kernel-checkers.git

# Run check-patch-compliance on your commit
cd kernel-checkers
bash check-patch-compliance.sh --kernel-src /path/to/kernel --base <base-sha> --head <head-sha>

---

Verdict

1 blocker to fix: The commit subject must use an accepted prefix (firmware: efi: libstub: recommended for local workarounds, or FROMLIST:/UPSTREAM: if upstream-bound). All other checkers passed successfully.