From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Sasha Levin <sashal@kernel.org>
Cc: Sumit Garg <sumit.garg@linaro.org>,
peterhuewe@gmx.de,
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
jgg@ziepe.ca, corbet@lwn.net,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
linux-doc@vger.kernel.org, linux-integrity@vger.kernel.org,
Microsoft Linux Kernel List <linux-kernel@microsoft.com>,
Thirupathaiah Annapureddy <thiruan@microsoft.com>,
"Bryan Kelly (CSI)" <bryankel@microsoft.com>,
tee-dev@lists.linaro.org
Subject: Re: [PATCH v4 1/2] fTPM: firmware TPM running in TEE
Date: Fri, 14 Jun 2019 13:34:30 +0300 [thread overview]
Message-ID: <20190614103430.GA6108@apalos> (raw)
In-Reply-To: <20190613171141.GL1513@sasha-vm>
Hi Sasha,
On Thu, Jun 13, 2019 at 01:11:41PM -0400, Sasha Levin wrote:
> On Wed, Jun 05, 2019 at 04:39:36PM +0530, Sumit Garg wrote:
> >On Wed, 5 Jun 2019 at 01:39, Sasha Levin <sashal@kernel.org> wrote:
> >>
> >>On Tue, Jun 04, 2019 at 11:45:52AM +0530, Sumit Garg wrote:
> >>>On Thu, 30 May 2019 at 20:58, Sasha Levin <sashal@kernel.org> wrote:
> >>>> + /* Open context with TEE driver */
> >>>> + pvt_data->ctx = tee_client_open_context(NULL, ftpm_tee_match, NULL,
> >>>> + NULL);
> >>>> + if (IS_ERR(pvt_data->ctx)) {
> >>>> + dev_err(dev, "%s:tee_client_open_context failed\n", __func__);
> >>>
> >>>Is this well tested? I see this misleading error multiple times as
> >>>follows although TEE driver works pretty well.
> >>
> >>Yes, this was all functionally tested.
I did test as well with a DeveloperBox, i can confirm the driver is loading (but
i have no fTPM support on the OP-TEE side for now)
apalos@mule:~>sudo dmesg | grep optee
[sudo] password for apalos:
[ 5.035801] optee: probing for conduit method from DT.
[ 5.041045] optee: revision 3.2 (53bf1c38)
[ 5.041772] optee: initialized driver
apalos@mule:~>sudo dmesg | grep tpm
[ 5.000674] ftpm-tee tpm@0: ftpm_tee_probe:tee_client_open_context failed
[ 5.101655] ftpm-tee tpm@0: ftpm_tee_probe:tee_client_open_session failed,
err=ffff000c
[ 5.109703] ftpm-tee: probe of tpm@0 failed with error -22
The error -22 is nice since the probe eventually failed (no fTPM support in
secure world). Can we slightly change the
'ftpm_tee_probe:tee_client_open_context failed' and indicate this is not a real
error since the probe gets deferred untill Secure world is alive?
By the way there is *real* interest for this functionality. I expect to run it
on a number of Arm boards once i get some free time.
> >Can you share your build instructions and testing approach?
>
> Yes: it looks like you got all the kernel bits, but not the firmware.
> There are instructions for it here: https://github.com/microsoft/ms-tpm-20-ref
>
> Once it's running, you can test it by running your favorite TPM usecases
> through /dev/tpm0.
>
> --
> Thanks,
> Sasha
Thanks
/Ilias
next prev parent reply other threads:[~2019-06-14 10:34 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-30 15:27 [PATCH v4 0/2] fTPM: firmware TPM running in TEE Sasha Levin
2019-05-30 15:27 ` [PATCH v4 1/2] " Sasha Levin
2019-06-04 6:15 ` Sumit Garg
2019-06-04 20:09 ` Sasha Levin
2019-06-05 11:09 ` Sumit Garg
2019-06-13 17:11 ` Sasha Levin
2019-06-14 10:34 ` Ilias Apalodimas [this message]
2019-06-14 10:41 ` Sumit Garg
2019-06-05 14:09 ` Jarkko Sakkinen
2019-05-30 15:27 ` [PATCH v4 2/2] fTPM: add documentation for ftpm driver Sasha Levin
2019-06-18 15:25 ` Randy Dunlap
2019-06-03 20:28 ` [PATCH v4 0/2] fTPM: firmware TPM running in TEE Jarkko Sakkinen
2019-06-03 21:16 ` Sasha Levin
2019-06-05 14:06 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190614103430.GA6108@apalos \
--to=ilias.apalodimas@linaro.org \
--cc=bryankel@microsoft.com \
--cc=corbet@lwn.net \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jgg@ziepe.ca \
--cc=linux-doc@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@microsoft.com \
--cc=linux-kernel@vger.kernel.org \
--cc=peterhuewe@gmx.de \
--cc=sashal@kernel.org \
--cc=sumit.garg@linaro.org \
--cc=tee-dev@lists.linaro.org \
--cc=thiruan@microsoft.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.