Re: [PATCH] tpm: Limit TCG_TPM2_HMAC to known good drivers

From: Jarkko Sakkinen
Date: Wed Jul 03 2024 - 13:24:39 EST


On Wed Jul 3, 2024 at 4:02 AM EEST, Jarkko Sakkinen wrote:
> On Wed Jul 3, 2024 at 3:30 AM EEST, Jarkko Sakkinen wrote:
> > + depends on TCG_CRB || TCG_TIS_CORE
>
> Needs to be "depends on !TCG_IBMVTPM":
>
> https://lore.kernel.org/linux-integrity/D2FHWYEXITS4.1GNXEB8V6KJM7@xxxxxxxxxx/

This ended up such a mess to fix with any fast path so I made a
proper fix for the core issue in the hmac authentication patch
set:

https://lore.kernel.org/linux-integrity/20240703170815.1494625-1-jarkko@xxxxxxxxxx/

The problem is that tpm_crb and tpm_tis_core are the *only*
drivers, which call tpm_chip_bootstrap() so it is better not to
take any possible risks with this. I'm still aiming to get these
fixes into 6.10.

BR, Jarkko