linux-integrity.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Jerry Snitselaar <jsnitsel@redhat.com>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org,
	Alexey Klimov <aklimov@redhat.com>,
	Peter Huewe <peterhuewe@gmx.de>, Jason Gunthorpe <jgg@ziepe.ca>
Subject: Re: [PATCH v4 0/4] tpm: add update_durations class op to allow override of chip supplied values
Date: Thu, 3 Oct 2019 09:55:51 -0700	[thread overview]
Message-ID: <20191003165551.whfzgmhpm5r6ejpw@cantor> (raw)
In-Reply-To: <20191002203533.GA17766@linux.intel.com>

On Wed Oct 02 19, Jarkko Sakkinen wrote:
>On Mon, Sep 02, 2019 at 07:27:32AM -0700, Jerry Snitselaar wrote:
>> We've run into a case where a customer has an STM TPM 1.2 chip
>> (version 1.2.8.28), that is getting into an inconsistent state and
>> they end up getting tpm transmit errors.  In really old tpm code this
>> wasn't seen because the code that grabbed the duration values from the
>> chip could fail silently, and would proceed to just use default values
>> and move forward. More recent code though successfully gets the
>> duration values from the chip, and using those values this particular
>> chip version gets into the state seen by the customer.
>>
>> The idea with this patchset is to provide a facility like the
>> update_timeouts operation to allow the override of chip supplied
>> values.
>>
>> changes from v3:
>>     * Assign value to version when tpm1_getcap is successful for TPM 1.1 device
>>       not when it fails.
>>
>> changes from v2:
>>     * Added patch 1/3
>>     * Rework tpm_tis_update_durations to make use of new version structs
>>       and pull tpm1_getcap calls out of loop.
>>
>> changes from v1:
>>     * Remove unneeded newline
>>     * Formatting cleanups
>>     * Change tpm_tis_update_durations to be a void function, and
>>       use chip->duration_adjusted to track whether adjustment was
>>       made.
>>
>> Jarkko Sakkinen (1):
>>       tpm: Remove duplicate code from caps_show() in tpm-sysfs.c
>>
>> Jerry Snitselaar (2):
>>       tpm: provide a way to override the chip returned durations
>>       tpm_tis: override durations for STM tpm with firmware 1.2.8.28
>>
>>
>
>I applied to my master branch.
>
>Probably hard to get wide testing given the "niche" case when the
>issue happens. Should be sufficient that the commonc case still
>works.
>
>/Jarkko

Yeah, it is a pain. The people with the problem systems tested an
earlier version of Alexey's patches. I have a system with a different
rev STM device, so I did some testing with a modified patch that keyed
off that revision, but it will be hard to get it wide exposure.

  reply	other threads:[~2019-10-03 16:56 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-02 14:27 [PATCH v4 0/4] tpm: add update_durations class op to allow override of chip supplied values Jerry Snitselaar
2019-09-02 14:27 ` [PATCH v4 1/3] tpm: Remove duplicate code from caps_show() in tpm-sysfs.c Jerry Snitselaar
2019-09-02 14:27 ` [PATCH v4 2/3] tpm: provide a way to override the chip returned durations Jerry Snitselaar
2019-09-03 15:53   ` Jarkko Sakkinen
2019-09-02 14:27 ` [PATCH v4 3/3] tpm_tis: override durations for STM tpm with firmware 1.2.8.28 Jerry Snitselaar
2019-09-03 15:54   ` Jarkko Sakkinen
2019-09-28 17:45 ` [PATCH v4 0/4] tpm: add update_durations class op to allow override of chip supplied values Jerry Snitselaar
2019-10-01 20:53   ` Jarkko Sakkinen
2019-10-02 20:35 ` Jarkko Sakkinen
2019-10-03 16:55   ` Jerry Snitselaar [this message]
2019-10-03 18:35     ` Jarkko Sakkinen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191003165551.whfzgmhpm5r6ejpw@cantor \
    --to=jsnitsel@redhat.com \
    --cc=aklimov@redhat.com \
    --cc=jarkko.sakkinen@linux.intel.com \
    --cc=jgg@ziepe.ca \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=peterhuewe@gmx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).