CINXE.COM
LKML: "Jarkko Sakkinen": Re: TPM/EFI issue [Was: Linux 6.12]
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>LKML: "Jarkko Sakkinen": Re: TPM/EFI issue [Was: Linux 6.12]</title><link href="/css/message.css" rel="stylesheet" type="text/css" /><link href="/css/wrap.css" rel="alternate stylesheet" type="text/css" title="wrap" /><link href="/css/nowrap.css" rel="stylesheet" type="text/css" title="nowrap" /><link href="/favicon.ico" rel="shortcut icon" /><script src="/js/simple-calendar.js" type="text/javascript"></script><script src="/js/styleswitcher.js" type="text/javascript"></script><link rel="alternate" type="application/rss+xml" title="lkml.org : last 100 messages" href="/rss.php" /><link rel="alternate" type="application/rss+xml" title="lkml.org : last messages by "Jarkko Sakkinen"" href="/groupie.php?aid=" /><!--Matomo--><script> var _paq = window._paq = window._paq || []; /* tracker methods like "setCustomDimension" should be called before "trackPageView" */ _paq.push(["setDoNotTrack", true]); _paq.push(["disableCookies"]); _paq.push(['trackPageView']); _paq.push(['enableLinkTracking']); (function() { var u="//m.lkml.org/"; _paq.push(['setTrackerUrl', u+'matomo.php']); _paq.push(['setSiteId', '1']); var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); })(); </script><!--End Matomo Code--></head><body onload="es.jasper.simpleCalendar.init();" itemscope="itemscope" itemtype="http://schema.org/BlogPosting"><table border="0" cellpadding="0" cellspacing="0"><tr><td width="180" align="center"><a href="/"><img style="border:0;width:135px;height:32px" src="/images/toprowlk.gif" alt="lkml.org" /></a></td><td width="32">聽</td><td class="nb"><div><a class="nb" href="/lkml"> [lkml]</a> 聽 <a class="nb" href="/lkml/2024"> [2024]</a> 聽 <a class="nb" href="/lkml/2024/12"> [Dec]</a> 聽 <a class="nb" href="/lkml/2024/12/7"> [7]</a> 聽 <a class="nb" href="/lkml/last100"> [last100]</a> 聽 <a href="/rss.php"><img src="/images/rss-or.gif" border="0" alt="RSS Feed" /></a></div><div>Views: <a href="#" class="nowrap" onclick="setActiveStyleSheet('wrap');return false;">[wrap]</a><a href="#" class="wrap" onclick="setActiveStyleSheet('nowrap');return false;">[no wrap]</a> 聽 <a class="nb" href="/lkml/mheaders/2024/12/7/198" onclick="this.href='/lkml/headers'+'/2024/12/7/198';">[headers]</a>聽 <a href="/lkml/bounce/2024/12/7/198">[forward]</a>聽 </div></td><td width="32">聽</td></tr><tr><td valign="top"><div class="es-jasper-simpleCalendar" baseurl="/lkml/"></div><div class="threadlist">Messages in this thread</div><ul class="threadlist"><li class="root"><a href="/lkml/2024/11/17/326">First message in thread</a></li><li><a href="/lkml/2024/11/30/109">"Jarkko Sakkinen"</a><ul><li><a href="/lkml/2024/11/30/110">"Jarkko Sakkinen"</a></li><li><a href="/lkml/2024/12/2/210">Jiri Slaby</a><ul><li class="origin"><a href="/lkml/2024/12/9/236">"Jarkko Sakkinen"</a><ul><li><a href="/lkml/2024/12/9/236">Jiri Slaby</a></li><li><a href="/lkml/2024/12/9/951">"Jarkko Sakkinen"</a><ul><li><a href="/lkml/2024/12/10/313">Jiri Slaby</a></li></ul></li></ul></li></ul></li></ul></li></ul></td><td width="32" rowspan="2" class="c" valign="top"><img src="/images/icornerl.gif" width="32" height="32" alt="/" /></td><td class="c" rowspan="2" valign="top" style="padding-top: 1em"><table><tr><td><table><tr><td class="lp">Date</td><td class="rp" itemprop="datePublished">Sat, 07 Dec 2024 14:16:53 +0200</td></tr><tr><td class="lp">Subject</td><td class="rp" itemprop="name">Re: TPM/EFI issue [Was: Linux 6.12]</td></tr><tr><td class="lp">From</td><td class="rp" itemprop="author">"Jarkko Sakkinen" <></td></tr></table></td><td></td></tr></table><pre itemprop="articleBody">On Mon Dec 2, 2024 at 9:52 AM EET, Jiri Slaby wrote:<br />> On 30. 11. 24, 3:49, Jarkko Sakkinen wrote:<br />> > On Wed Nov 27, 2024 at 8:46 AM EET, Jiri Slaby wrote:<br />> >> Cc TPM + EFI guys.<br />> >><br />> >> On 17. 11. 24, 23:26, Linus Torvalds wrote:<br />> >>> But before the merge window opens, please give this a quick test to<br />> >>> make sure we didn't mess anything up. The shortlog below gives you the<br />> >>> summary for the last week, and nothing really jumps out at me. A<br />> >>> number of last-minute reverts, and some random fairly small fixes<br />> >>> fairly spread out in the tree.<br />> >><br />> >> Hi,<br />> >><br />> >> there is a subtle bug in 6.12 wrt TPM (in TPM, EFI, or perhaps in<br />> >> something else):<br />> >> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1233752">https://bugzilla.suse.com/show_bug.cgi?id=1233752</a><br />> >><br />> >> Our testing (openQA) fails with 6.12:<br />> >> <a href="https://openqa.opensuse.org/tests/4657304#step/trup_smoke/26">https://openqa.opensuse.org/tests/4657304#step/trup_smoke/26</a><br />> >><br />> >> The last good is with 6.11.7:<br />> >> <a href="https://openqa.opensuse.org/tests/4648526">https://openqa.opensuse.org/tests/4648526</a><br />> >><br />> >> In sum:<br />> >> TPM is supposed to provide a key for decrypting the root partitition,<br />> >> but fails for some reason.<br />> >><br />> >> It's extremely hard (so far) to reproduce outside of openQA (esp. when<br />> >> trying custom kernels).<br />><br />> Mark "X".<br />><br />> >> Most of the 6.12 TPM stuff already ended in (good) 6.11.7. I tried to<br />> >> revert:<br />> >> 423893fcbe7e tpm: Disable TPM on tpm2_create_primary() failure<br />> >> from 6.12 but that still fails.<br />> >><br />> >> We are debugging this further, this is just so you know.<br />> >><br />> >> Or maybe you have some immediate ideas?<br />> > <br />> > Nothing immediate but I've had to tweak quite a lot of TPM bus<br />> > integrity protection feature so it is a possibility that I've<br />> > made a mistake in a point or another.<br />> > <br />> > Can you bisect the issue possibly?<br />><br />> No, see mark "X" :).<br />><br />> But follow the downstream bug for progress:<br />> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1233752">https://bugzilla.suse.com/show_bug.cgi?id=1233752</a><br /><br />Just came back from company retrite from BCN.<br /><br />I can follow this but cannot comment because I've never been<br />able to get a bugzilla account working for any of SUSE infra<br />:-)<br /><br />I was actually surprised that I'm able to view the bug at<br />all... Bookmarked it and this thread from lore and revisit<br />like in the middle of the week (my calendar is filled with<br />meetings Mon/Tue).<br /><br />BR, Jarkko<br /><br /></pre></td><td width="32" rowspan="2" class="c" valign="top"><img src="/images/icornerr.gif" width="32" height="32" alt="\" /></td></tr><tr><td align="right" valign="bottom"> 聽 </td></tr><tr><td align="right" valign="bottom">聽</td><td class="c" valign="bottom" style="padding-bottom: 0px"><img src="/images/bcornerl.gif" width="32" height="32" alt="\" /></td><td class="c">聽</td><td class="c" valign="bottom" style="padding-bottom: 0px"><img src="/images/bcornerr.gif" width="32" height="32" alt="/" /></td></tr><tr><td align="right" valign="top" colspan="2"> 聽 </td><td class="lm">Last update: 2024-12-07 13:17 聽聽 [from the cache]<br />漏2003-2020 <a href="http://blog.jasper.es/"><span itemprop="editor">Jasper Spaans</span></a>|hosted at <a href="https://www.digitalocean.com/?refcode=9a8e99d24cf9">Digital Ocean</a> and my Meterkast|<a href="http://blog.jasper.es/categories.html#lkml-ref">Read the blog</a></td><td>聽</td></tr></table><script language="javascript" src="/js/styleswitcher.js" type="text/javascript"></script></body></html>