From: Mimi Zohar <zohar@linux.ibm.com>
To: Markku Savela <msa@moth.iki.fi>, linux-integrity@vger.kernel.org
Cc: "Peter Hüwe" <PeterHuewe@gmx.de>
Subject: Re: IMA fails to see TPM chip (rpi3, linaro optee)
Date: Thu, 21 Feb 2019 07:49:18 -0500 [thread overview]
Message-ID: <1550753358.17768.85.camel@linux.ibm.com> (raw)
In-Reply-To: <1651d634-9a88-4511-ac51-a69648db8259@moth.iki.fi>
[ Cc'ing Peter ]
On Thu, 2019-02-21 at 11:08 +0200, Markku Savela wrote:
> On 20/02/2019 10:14, Markku Savela wrote:
> > No hints how to solve? Anybody?
>
> I changed IMA to just ignore the tpm test in hope that TPM would be
> ready by the time IMA needs it -- no such luck, the "tpm2_probe", which
> triggers the manual start just comes too late. I could just force the
> manual startup earlier in boot, if I could figure out a proper place to
> put the function call...
>
>
> [ 4.008322] ima: Allocated hash algorithm: sha1
> [ 4.012820] ima: Error Communicating to TPM chip
> [ 4.017302] ima: Error Communicating to TPM chip
> [ 4.021763] ima: Error Communicating to TPM chip
> [ 4.026004] ima: Error Communicating to TPM chip
> [ 4.030295] ima: Error Communicating to TPM chip
> [ 4.034558] ima: Error Communicating to TPM chip
> [ 4.038766] ima: Error Communicating to TPM chip
> [ 4.042805] ima: Error Communicating to TPM chip
> [ 4.046951] ima: Error Communicating to TPM chip, result: -19
> [ 4.059431] uart-pl011 3f201000.serial: cts_event_workaround enabled
> [ 4.063766] 3f201000.serial: ttyAMA0 at MMIO 0x3f201000 (irq = 72,
> base_baud = 0) is a PL011 rev2
> [ 4.069963] console [ttyS0] disabled
> [ 4.074178] 3f215040.serial: ttyS0 at MMIO 0x0 (irq = 151, base_baud
> = 31250000) is a 16550
> [ 5.282479] console [ttyS0] enabled
> [ 5.293360] Indeed it is in host mode hprt0 = 00021501
> [ 5.308808] tpm2_probe cmd rc=256
> [ 5.322282] tpm_tis_spi spi0.1: 2.0 TPM (device-id 0x1B, rev-id 22)
> [ 5.358842] tpm tpm0: A TPM error (256) occurred continue selftest
> [ 5.378137] tpm tpm0: starting up the TPM manually
>
>
> Earlier in boot there this "spi-bcm2835" notice. Is this the reason the
> probe gets delayed?
>
> [ 3.440240] Loading iSCSI transport class v2.0-870.
> [ 3.442267] spi-bcm2835 3f204000.spi: could not get clk: -517
> [ 3.442804] libphy: Fixed MDIO Bus: probed
> [ 3.443019] usbcore: registered new interface driver lan78xx
> [
>
This problem was previously discussed here -
https://lore.kernel.org/linux-integrity/trinity-3e6c2430-417d-4eef-b06
7-e30d68592b4d-1506716047790@3c-app-gmx-bs69/
Mimi
next prev parent reply other threads:[~2019-02-21 12:49 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-18 9:36 IMA fails to see TPM chip (rpi3, linaro optee) Markku Savela
2019-02-18 10:13 ` Markku Savela
2019-02-20 8:14 ` Markku Savela
2019-02-21 9:08 ` Markku Savela
2019-02-21 12:49 ` Mimi Zohar [this message]
2019-02-21 13:17 ` Markku Savela
2019-02-21 13:23 ` Markku Savela
2019-02-26 8:12 ` Markku Savela
2019-02-26 12:14 ` Mimi Zohar
2019-02-26 12:38 ` Ard Biesheuvel
2019-02-26 14:04 ` Mimi Zohar
2019-02-26 18:09 ` Jarkko Sakkinen
2019-02-26 19:05 ` Mimi Zohar
2019-03-07 17:15 ` James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1550753358.17768.85.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=PeterHuewe@gmx.de \
--cc=linux-integrity@vger.kernel.org \
--cc=msa@moth.iki.fi \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.