Re: [PATCH] tpm: Detach page allocation from tpm_buf

From: Mimi Zohar
Date: Thu Oct 03 2019 - 11:24:49 EST

Next message: Greg KH: "Re: Patch "perf ftrace: Use CAP_SYS_ADMIN instead of euid==0" has been added to the 5.3-stable tree"
Previous message: Masahiro Yamada: "Re: nsdeps not working on modules in 5.4-rc1"
In reply to: Jarkko Sakkinen: "Re: [PATCH] tpm: Detach page allocation from tpm_buf"
Next in thread: Jarkko Sakkinen: "Re: [PATCH] tpm: Detach page allocation from tpm_buf"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2019-10-03 at 14:33 +0300, Jarkko Sakkinen wrote:

> > > Will this delay the TPM initialization, causing IMA to go into "TPM
> > > bypass mode"?
> >
> > Of course it will delay the init.
> >
> > As I've stated before the real fix for the bypass issue would be
> > to make TPM as part of the core but this has not received much
> > appeal. I think I've sent patch for this once.

IMA initialization is way later than the TPM. ÂIMA is on the
late_initcall(), while the TPM is on the subsys_initcall(). ÂI'm not
sure moving the TPM to core would make a difference. ÂThere must be a
way of deferring IMA until after the TPM has been initialized. ÂAny
suggestions would be much appreciated.

(The TPM on the Pi still has a dependency on clock.)Â

> It has been like that people reject a fix to a race condition and
> then I get complains on adding minor latency to the init because
> of the existing race. It is ridicilous, really.

I agree, but adding any latency will cause a regression.

Mimi

Next message: Greg KH: "Re: Patch "perf ftrace: Use CAP_SYS_ADMIN instead of euid==0" has been added to the 5.3-stable tree"
Previous message: Masahiro Yamada: "Re: nsdeps not working on modules in 5.4-rc1"
In reply to: Jarkko Sakkinen: "Re: [PATCH] tpm: Detach page allocation from tpm_buf"
Next in thread: Jarkko Sakkinen: "Re: [PATCH] tpm: Detach page allocation from tpm_buf"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]