Linux-Integrity Archive on lore.kernel.org
 help / color / Atom feed
From: Stefan Berger <stefanb@linux.ibm.com>
To: Jason Gunthorpe <jgg@ziepe.ca>
Cc: Nayna <nayna@linux.vnet.ibm.com>,
	Stefan Berger <stefanb@linux.vnet.ibm.com>,
	linux-integrity@vger.kernel.org, aik@ozlabs.ru,
	david@gibson.dropbear.id.au, linux-kernel@vger.kernel.org,
	gcwilson@linux.ibm.com
Subject: Re: [PATCH 3/3] tpm: ibmvtpm: Add support for TPM 2
Date: Thu, 13 Feb 2020 14:04:12 -0500
Message-ID: <b424faea-33a7-8e5a-caac-f322fad68118@linux.ibm.com> (raw)
In-Reply-To: <20200213183508.GL31668@ziepe.ca>

On 2/13/20 1:35 PM, Jason Gunthorpe wrote:
> On Thu, Feb 13, 2020 at 01:20:12PM -0500, Stefan Berger wrote:
>
>> I don't want side effects for the TPM 1.2 case here, so I am only modifying
>> the flag for the case where the new TPM 2 is being used.  Here's the code
>> where it shows the effect.
> I'm surprised this driver is using AUTO_STARTUP, it was intended for
> embedded cases where their is no firmware to boot the TPM.


The TIS is also using it on any device.

static const struct tpm_class_ops tpm_tis = {
     .flags = TPM_OPS_AUTO_STARTUP,
     .status = tpm_tis_status,

https://elixir.bootlin.com/linux/latest/source/drivers/char/tpm/tpm_tis_core.c#L917


>
> Chips using AUTO_STARTUP are basically useless for PCRs/etc.
>
> I'd expect somthing called vtpm to have been started and PCRs working
> before Linux is started??

Yes, there's supposed to be firmware.

I only see one caller to tpm2_get_cc_attrs_tbl(chip), which is necessary 
to call. This caller happens to be in tpm2_auto_startup.


    Stefan


>
> Jason



  reply index

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-02-04 13:27 [PATCH 0/3] Enable vTPM 2.0 for the IBM vTPM driver Stefan Berger
2020-02-04 13:27 ` [PATCH 1/3] tpm: of: Handle IBM,vtpm20 case when getting log parameters Stefan Berger
2020-02-13 17:46   ` Nayna
2020-02-13 19:16     ` Stefan Berger
2020-02-04 13:27 ` [PATCH 2/3] tpm: ibmvtpm: Wait for buffer to be set before proceeding Stefan Berger
2020-02-13 17:53   ` Nayna
2020-02-13 18:11     ` Stefan Berger
2020-02-04 13:27 ` [PATCH 3/3] tpm: ibmvtpm: Add support for TPM 2 Stefan Berger
2020-02-13 17:53   ` Nayna
2020-02-13 18:20     ` Stefan Berger
2020-02-13 18:35       ` Jason Gunthorpe
2020-02-13 19:04         ` Stefan Berger [this message]
2020-02-13 19:11           ` Jason Gunthorpe
2020-02-13 19:15             ` Stefan Berger
2020-02-13 19:39               ` Jason Gunthorpe
2020-02-13 19:45                 ` Stefan Berger
2020-02-13 19:50                   ` Jason Gunthorpe

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=b424faea-33a7-8e5a-caac-f322fad68118@linux.ibm.com \
    --to=stefanb@linux.ibm.com \
    --cc=aik@ozlabs.ru \
    --cc=david@gibson.dropbear.id.au \
    --cc=gcwilson@linux.ibm.com \
    --cc=jgg@ziepe.ca \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=nayna@linux.vnet.ibm.com \
    --cc=stefanb@linux.vnet.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Integrity Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-integrity/0 linux-integrity/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-integrity linux-integrity/ https://lore.kernel.org/linux-integrity \
		linux-integrity@vger.kernel.org
	public-inbox-index linux-integrity

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-integrity


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git