Re: [PATCH] tpm: Limit TCG_TPM2_HMAC to known good drivers
From: Jarkko Sakkinen
Date: Wed Jul 03 2024 - 13:24:39 EST
On Wed Jul 3, 2024 at 4:02 AM EEST, Jarkko Sakkinen wrote:
> On Wed Jul 3, 2024 at 3:30 AM EEST, Jarkko Sakkinen wrote:
> > + depends on TCG_CRB || TCG_TIS_CORE
>
> Needs to be "depends on !TCG_IBMVTPM":
>
> https://lore.kernel.org/linux-integrity/D2FHWYEXITS4.1GNXEB8V6KJM7@xxxxxxxxxx/
This ended up such a mess to fix with any fast path so I made a
proper fix for the core issue in the hmac authentication patch
set:
https://lore.kernel.org/linux-integrity/20240703170815.1494625-1-jarkko@xxxxxxxxxx/
The problem is that tpm_crb and tpm_tis_core are the *only*
drivers, which call tpm_chip_bootstrap() so it is better not to
take any possible risks with this. I'm still aiming to get these
fixes into 6.10.
BR, Jarkko