From: Tyler Hicks <tyhicks@canonical.com>
To: Mimi Zohar <zohar@linux.ibm.com>
Cc: Roberto Sassu <roberto.sassu@huawei.com>,
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
Michal Suchanek <msuchanek@suse.de>,
linux-integrity@vger.kernel.org, Peter Huewe <peterhuewe@gmx.de>,
Jason Gunthorpe <jgg@ziepe.ca>, Arnd Bergmann <arnd@arndb.de>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
James Bottomley <jejb@linux.ibm.com>,
David Howells <dhowells@redhat.com>,
Tomas Winkler <tomas.winkler@intel.com>,
Armijn Hemel <armijn@tjaldur.nl>,
Stefan Berger <stefanb@linux.vnet.ibm.com>,
Jerry Snitselaar <jsnitsel@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org, keyrings@vger.kernel.org
Subject: Re: [PATCH] Revert "tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()"
Date: Thu, 04 Jul 2019 19:58:58 +0000 [thread overview]
Message-ID: <20190704195857.GB6105@elm> (raw)
In-Reply-To: <1562255201.6165.143.camel@linux.ibm.com>
Hey Mimi!
On 2019-07-04 11:46:41, Mimi Zohar wrote:
> Hi Jarkko,
>
> On Thu, 2019-07-04 at 07:48 -0400, Mimi Zohar wrote:
> > On Thu, 2019-07-04 at 13:28 +0200, Roberto Sassu wrote:
> > > On 7/4/2019 12:03 PM, Jarkko Sakkinen wrote:
> > > > On Mon, 2019-07-01 at 15:15 +0200, Michal Suchanek wrote:
> > > >> This reverts commit 0b6cf6b97b7ef1fa3c7fefab0cac897a1c4a3400 to avoid
> > > >> following crash:
> > > >
> > > > Thank you. I think this the right choice for the moment. I fixed
> > > > a trivial checkpatch.pl error and added the mandatory tags. Can
> > > > you check quickly v2 (just posted)?
> > > >
> > > > I already made it available in my master and next.
> > >
> > > Could you please wait few days? I would prefer to fix this issue instead
> > > of reverting the whole patch.
> >
> > Nayna posted a patch late yesterday titled "tpm: fixes uninitialized
> > allocated banks for IBM vtpm driver", which addresses this bug.
>
> Now with my review, and with Sachin Sant's and Michal Suchánek
> testing, instead of reverting this patch could you pick up Nayna's
> patch instead?
It looks to me like the revert would also fix a bug that is keeping the
eCryptfs module from loading when the TPM is in an "inactive" state:
https://bugzilla.kernel.org/show_bug.cgi?id 3953
I just noticed that it was recently discussed here, too:
https://lore.kernel.org/linux-integrity/1562244125.6165.95.camel@linux.ibm.com/T/#t
I believe that the revert would fix it because the call to
init_digests()/tpm_get_random() would no longer be in the path of
loading ecryptfs.ko (which depends on encrypted-keys.ko, which depends
on trusted.ko).
If the revert isn't used, we'll need a different fix for bug 203953. It
should be an easy fix but I don't want it to be forgotten.
Tyler
>
> thanks!
>
> Mimi
>
WARNING: multiple messages have this Message-ID (diff)
From: Tyler Hicks <tyhicks@canonical.com>
To: Mimi Zohar <zohar@linux.ibm.com>
Cc: Roberto Sassu <roberto.sassu@huawei.com>,
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
Michal Suchanek <msuchanek@suse.de>,
linux-integrity@vger.kernel.org, Peter Huewe <peterhuewe@gmx.de>,
Jason Gunthorpe <jgg@ziepe.ca>, Arnd Bergmann <arnd@arndb.de>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
James Bottomley <jejb@linux.ibm.com>,
David Howells <dhowells@redhat.com>,
Tomas Winkler <tomas.winkler@intel.com>,
Armijn Hemel <armijn@tjaldur.nl>,
Stefan Berger <stefanb@linux.vnet.ibm.com>,
Jerry Snitselaar <jsnitsel@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org, keyrings@vger.kernel.org
Subject: Re: [PATCH] Revert "tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()"
Date: Thu, 4 Jul 2019 14:58:58 -0500 [thread overview]
Message-ID: <20190704195857.GB6105@elm> (raw)
In-Reply-To: <1562255201.6165.143.camel@linux.ibm.com>
Hey Mimi!
On 2019-07-04 11:46:41, Mimi Zohar wrote:
> Hi Jarkko,
>
> On Thu, 2019-07-04 at 07:48 -0400, Mimi Zohar wrote:
> > On Thu, 2019-07-04 at 13:28 +0200, Roberto Sassu wrote:
> > > On 7/4/2019 12:03 PM, Jarkko Sakkinen wrote:
> > > > On Mon, 2019-07-01 at 15:15 +0200, Michal Suchanek wrote:
> > > >> This reverts commit 0b6cf6b97b7ef1fa3c7fefab0cac897a1c4a3400 to avoid
> > > >> following crash:
> > > >
> > > > Thank you. I think this the right choice for the moment. I fixed
> > > > a trivial checkpatch.pl error and added the mandatory tags. Can
> > > > you check quickly v2 (just posted)?
> > > >
> > > > I already made it available in my master and next.
> > >
> > > Could you please wait few days? I would prefer to fix this issue instead
> > > of reverting the whole patch.
> >
> > Nayna posted a patch late yesterday titled "tpm: fixes uninitialized
> > allocated banks for IBM vtpm driver", which addresses this bug.
>
> Now with my review, and with Sachin Sant's and Michal Suchánek
> testing, instead of reverting this patch could you pick up Nayna's
> patch instead?
It looks to me like the revert would also fix a bug that is keeping the
eCryptfs module from loading when the TPM is in an "inactive" state:
https://bugzilla.kernel.org/show_bug.cgi?id=203953
I just noticed that it was recently discussed here, too:
https://lore.kernel.org/linux-integrity/1562244125.6165.95.camel@linux.ibm.com/T/#t
I believe that the revert would fix it because the call to
init_digests()/tpm_get_random() would no longer be in the path of
loading ecryptfs.ko (which depends on encrypted-keys.ko, which depends
on trusted.ko).
If the revert isn't used, we'll need a different fix for bug 203953. It
should be an easy fix but I don't want it to be forgotten.
Tyler
>
> thanks!
>
> Mimi
>
next prev parent reply other threads:[~2019-07-04 19:58 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-01 13:15 [PATCH] Revert "tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()" Michal Suchanek
2019-07-01 13:15 ` Michal Suchanek
2019-07-01 13:21 ` Michal Suchánek
2019-07-04 10:03 ` Jarkko Sakkinen
2019-07-04 10:03 ` Jarkko Sakkinen
2019-07-04 11:28 ` Roberto Sassu
2019-07-04 11:28 ` Roberto Sassu
2019-07-04 11:48 ` Mimi Zohar
2019-07-04 11:48 ` Mimi Zohar
2019-07-04 15:46 ` Mimi Zohar
2019-07-04 15:46 ` Mimi Zohar
2019-07-04 19:58 ` Tyler Hicks [this message]
2019-07-04 19:58 ` Tyler Hicks
2019-07-05 15:20 ` Nayna
2019-07-05 15:20 ` Nayna
2019-07-05 11:16 ` Jarkko Sakkinen
2019-07-05 11:16 ` Jarkko Sakkinen
2019-07-05 11:03 ` Jarkko Sakkinen
2019-07-05 11:03 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190704195857.GB6105@elm \
--to=tyhicks@canonical.com \
--cc=armijn@tjaldur.nl \
--cc=arnd@arndb.de \
--cc=dhowells@redhat.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jejb@linux.ibm.com \
--cc=jgg@ziepe.ca \
--cc=jmorris@namei.org \
--cc=jsnitsel@redhat.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=msuchanek@suse.de \
--cc=peterhuewe@gmx.de \
--cc=roberto.sassu@huawei.com \
--cc=serge@hallyn.com \
--cc=stefanb@linux.vnet.ibm.com \
--cc=tglx@linutronix.de \
--cc=tomas.winkler@intel.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.