From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: Jason Gunthorpe <jgg@ziepe.ca>
Cc: Paul Menzel <pmenzel@molgen.mpg.de>,
linux-integrity <linux-integrity@vger.kernel.org>
Subject: Re: TPM selftest failure in 4.15
Date: Thu, 01 Feb 2018 19:46:04 +0100 [thread overview]
Message-ID: <1517510764.3145.38.camel@HansenPartnership.com> (raw)
In-Reply-To: <20180201174053.GQ17053@ziepe.ca>
On Thu, 2018-02-01 at 10:40 -0700, Jason Gunthorpe wrote:
> On Thu, Feb 01, 2018 at 03:24:08PM +0000, James Bottomley wrote:
>
> >
> > OK, I investigated but now my TPM has returned to normal (as in it
> > passes the selftest immediately). There's clearly something that
> > makes it return TPM_RC_TESTING to every self test probe for seconds
> > at a time, but I don't know what it is. Sending a different
> > command seems to cause the problem to clear (Managed to reproduce
> > once with the patch to verify), so this is my proposed fix. It's
> > clearly nonsensical to detach the driver because the self test
> > still returns TPM_RC_TESTING, so convert that return to a
> > TPM_RC_SUCCESS on timeout. It prints a warning message so we'll
> > see it in the logs if it causes problems. Given that this seems to
> > be some type of internal TPM issue, I don't believe changing the
> > timings would work.
>
> But if a selftest returns TPM2_RC_TESTING I would expect the next
> command to also fail with a testing in progress code? At least by the
> spec..
No, the spec says only that the command may fail with TPM_RC_TESTING
*if* the system it requires is under test.
I have no idea what's up with my TPM. The selftests usually complete
in under 1ms and return TPM_RC_SUCCESS. However occasionally the self
test can return TPM_RC_TESTING for seconds.
I've already booted with the patch and verified it doesn't induce any
failures for me. Either the long running test is in a completely
unconnected subsystem or invoking a different command forces the TPM to
clear the testing state.
> The point of invoking selftest is to get to a state where future TPM
> commands will succeed, so returning immediately on RC_TESTING seems
> wrong?
Well it's definitely less wrong than the converse of actually detaching
the TPM driver because a self test is apparently still in progress. If
you depend on the TPM for a critical function, your entire system is
hosed at that point.
I honestly don't think we should be waiting for the self test at all.
We should kick it off and treat any TPM_RC_TESTING error as -EAGAIN.
We're already under fire for slow boot sequences and adding 2s just to
wait for the TPM to self test adds to that for no real value.
James
next prev parent reply other threads:[~2018-02-01 18:46 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-01 12:16 TPM selftest failure in 4.15 James Bottomley
2018-02-01 12:21 ` Paul Menzel
2018-02-01 12:42 ` James Bottomley
2018-02-01 15:24 ` James Bottomley
2018-02-01 17:40 ` Jason Gunthorpe
2018-02-01 18:46 ` James Bottomley [this message]
2018-02-01 18:59 ` Jason Gunthorpe
2018-02-01 20:00 ` James Bottomley
2018-02-01 20:35 ` Jason Gunthorpe
2018-02-01 21:06 ` James Bottomley
2018-02-08 13:10 ` Jarkko Sakkinen
2018-02-08 17:02 ` James Bottomley
2018-02-09 10:02 ` Jarkko Sakkinen
2018-02-09 10:30 ` Nayna Jain
2018-02-15 12:00 ` Jarkko Sakkinen
2018-02-09 11:47 ` Alexander Steffen
2018-02-15 12:12 ` Jarkko Sakkinen
2018-02-15 15:13 ` Mimi Zohar
2018-02-16 18:30 ` Alexander Steffen
2018-02-19 9:15 ` Nayna Jain
2018-02-19 22:26 ` Jason Gunthorpe
2018-02-16 18:27 ` Alexander Steffen
2018-02-20 13:05 ` Jarkko Sakkinen
2018-02-09 12:26 ` Mimi Zohar
2018-02-09 16:23 ` James Bottomley
2018-02-09 21:23 ` Mimi Zohar
2018-04-08 18:27 ` Ken Goldman
2018-02-09 16:18 ` James Bottomley
2018-02-08 17:27 ` Ken Goldman
2018-02-01 19:16 ` TPM selftest failure in 4.15 (Dell XPS 13, Nuvoton 6xx) Paul Menzel
2018-02-01 19:17 ` Paul Menzel
2018-02-01 20:12 ` Mario.Limonciello
2018-02-01 21:06 ` Mario.Limonciello
2018-02-01 22:22 ` Jason Gunthorpe
2018-02-02 5:46 ` James Bottomley
2018-02-02 5:46 ` James Bottomley
2018-02-08 16:53 ` Ken Goldman
2018-02-08 13:18 ` Jarkko Sakkinen
2018-02-08 13:05 ` TPM selftest failure in 4.15 Jarkko Sakkinen
2018-02-08 13:03 ` Jarkko Sakkinen
2018-02-08 12:49 ` Jarkko Sakkinen
2018-02-08 18:45 ` Ken Goldman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1517510764.3145.38.camel@HansenPartnership.com \
--to=james.bottomley@hansenpartnership.com \
--cc=jgg@ziepe.ca \
--cc=linux-integrity@vger.kernel.org \
--cc=pmenzel@molgen.mpg.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox