From: Jarkko Sakkinen <jarkko@kernel.org>
To: amirmizi6@gmail.com
Cc: Eyal.Cohen@nuvoton.com, peterhuewe@gmx.de, jgg@ziepe.ca,
linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org,
Dan.Morav@nuvoton.com, oren.tanami@nuvoton.com,
shmulik.hager@nuvoton.com, amir.mizinski@nuvoton.com
Subject: Re: [PATCH v4] tpm2: add longer timeout for verify signature command
Date: Wed, 26 May 2021 07:50:40 +0300 [thread overview]
Message-ID: <YK3ToDAiIUQ5whAN@kernel.org> (raw)
In-Reply-To: <20210525111325.158790-2-amirmizi6@gmail.com>
On Tue, May 25, 2021 at 02:13:25PM +0300, amirmizi6@gmail.com wrote:
> From: Amir Mizinski <amirmizi6@gmail.com>
>
> While running a TPM2_CC_VERIFY_SIGNATURE operation with RSA 3072-bit
> keys the TPM driver fails with the following error:
>
> "kernel: [ 2416.187522] tpm tpm0: Operation Timed out"
>
> Since the TPM PC Client specification does not specify a number for
> verify signature operation timeout, and the duration of
> TPM2_CC_VERIFY_SIGNATURE with RSA 3072-bit keys exceeds the current timeout
> of TPM_LONG (2 seconds), it is preferable to pick the longest timeout
> possible.
>
> Therefore, set the duration for TPM2_CC_VERIFY_SIGNATUE to TPM_LONG_LONG
> (5 minutes).
>
> Link: https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification/
> Signed-off-by: Amir Mizinski <amirmizi6@gmail.com>
> ---
Thank you.
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@iki.fi>
/Jarkko
next prev parent reply other threads:[~2021-05-26 4:50 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-25 11:13 [PATCH v4] add longer timeout for verify signature command amirmizi6
2021-05-25 11:13 ` [PATCH v4] tpm2: " amirmizi6
2021-05-26 4:50 ` Jarkko Sakkinen [this message]
2021-05-26 4:56 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YK3ToDAiIUQ5whAN@kernel.org \
--to=jarkko@kernel.org \
--cc=Dan.Morav@nuvoton.com \
--cc=Eyal.Cohen@nuvoton.com \
--cc=amir.mizinski@nuvoton.com \
--cc=amirmizi6@gmail.com \
--cc=jgg@ziepe.ca \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=oren.tanami@nuvoton.com \
--cc=peterhuewe@gmx.de \
--cc=shmulik.hager@nuvoton.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.