From: Matthew Garrett <email@example.com> To: "Safford, David (GE Global Research, US)" <firstname.lastname@example.org> Cc: Jason Gunthorpe <email@example.com>, "firstname.lastname@example.org" <email@example.com>, "firstname.lastname@example.org" <email@example.com>, "Wiseman, Monty (GE Global Research, US)" <firstname.lastname@example.org> Subject: Re: [PATCH] tpm_crb - workaround broken ACPI tables Date: Fri, 12 Jul 2019 11:24:13 -0700 Message-ID: <CACdnJutmhRyGjiumXbzai1fTNqcYMRthzTfMsiQgzKFtu3+teA@mail.gmail.com> (raw) In-Reply-To: <BCA04D5D9A3B764C9B7405BBA4D4A3C035EF7E2A@ALPMBAPA12.e2k.ad.ge.com> On Fri, Jul 12, 2019 at 5:42 AM Safford, David (GE Global Research, US) <email@example.com> wrote: > Thanks - that was very helpful. > All of my misbehaving systems are AMD - mostly Ryzen and Threadripper towers, > of various motherboard OEMs. One system is a 3rd gen Ryzen laptop (Asus FX505dy). I suspect the issue comes from AMD's reference code rather than multiple vendors all having made the same mistake. Unfortunate. > But the laptop shows a new layout: > [ 2.069539] tpm_crb MSFT0101:00: can't request region for resource > [mem 0xbd11f000-0xbd122fff] > [ 2.069543] tpm_crb: probe of MSFT0101:00 failed with error -16 > [ 2.177663] ima: No TPM chip found, activating TPM-bypass! > > bbc64000-bd14afff : Reserved > bd11f000-bd11ffff : MSFT0101:00 > bd123000-bd123fff : MSFT0101:00 > bd14b000-bd179fff : ACPI Tables > bd17a000-bd328fff : ACPI Non-volatile Storage Hmm, that's interesting. Is this a UEFI or BIOS system? Can you provide the e820 data from dmesg? > Have you looked at the sequencing during suspend/restore? > If ACPI is the last to save, and first to restore, the TPM's use may > still be safe. I'll try to run some tests along those lines, and look > at the nvs driver. The NVS stuff was largely implemented by attempting to identify what Windows was doing and duplicating that, so it's kind of dangerous to rely on its ordering - there's a risk it might end up changing suddenly in order to mimic Windows' behaviour more closely.
next prev parent reply index Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-07-11 12:29 Safford, David (GE Global Research, US) 2019-07-11 14:10 ` Jarkko Sakkinen 2019-07-11 14:58 ` Jason Gunthorpe 2019-07-11 16:44 ` Safford, David (GE Global Research, US) 2019-07-11 18:50 ` Jason Gunthorpe 2019-07-11 19:31 ` Safford, David (GE Global Research, US) 2019-07-11 20:33 ` Matthew Garrett 2019-07-12 12:41 ` Safford, David (GE Global Research, US) 2019-07-12 15:06 ` Jason Gunthorpe 2019-07-12 15:48 ` Jarkko Sakkinen 2019-07-12 18:24 ` Matthew Garrett [this message] 2019-07-12 19:05 ` Safford, David (GE Global Research, US) 2019-07-12 20:36 ` Matthew Garrett 2019-07-14 19:28 ` Safford, David (GE Global Research, US) 2019-07-14 23:48 ` Matthew Garrett 2019-07-15 19:44 ` Matthew Garrett 2019-07-11 19:16 ` Jarkko Sakkinen
Reply instructions: You may reply publically to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=CACdnJutmhRyGjiumXbzai1fTNqcYMRthzTfMsiQgzKFtu3+teA@mail.gmail.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
Linux-Integrity Archive on lore.kernel.org Archives are clonable: git clone --mirror https://lore.kernel.org/linux-integrity/0 linux-integrity/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 linux-integrity linux-integrity/ https://lore.kernel.org/linux-integrity \ firstname.lastname@example.org email@example.com public-inbox-index linux-integrity Newsgroup available over NNTP: nntp://nntp.lore.kernel.org/org.kernel.vger.linux-integrity AGPL code for this site: git clone https://public-inbox.org/ public-inbox