Public bug reported:
NVIDIA: [Config]: Ensure the TPM is available before IMA initializes
Set the following configs:
CONFIG_SPI_TEGRA210_QUAD=y
CONFIG_TCG_TIS_SPI=y
On Grace systems, the IMA driver emits the following log:
ima: No TPM chip found, activating TPM-bypass!
This occurs because the IMA driver initializes before we are able to detect
the TPM. This will always be the case when the drivers required to
communicate with the TPM, spi_tegra210_quad and tpm_tis_spi, are built as
modules.
Having these drivers as built-ins ensures that the TPM is available before
the IMA driver initializes.
** Affects: linux-nvidia-6.2 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-nvidia-6.2 in Ubuntu.
https://bugs.launchpad.net/bugs/2037688
Title:
Pull-request to address TPM bypass issue
Status in linux-nvidia-6.2 package in Ubuntu:
New
Bug description:
NVIDIA: [Config]: Ensure the TPM is available before IMA
initializes
Set the following configs:
CONFIG_SPI_TEGRA210_QUAD=y
CONFIG_TCG_TIS_SPI=y
On Grace systems, the IMA driver emits the following log:
ima: No TPM chip found, activating TPM-bypass!
This occurs because the IMA driver initializes before we are able to
detect
the TPM. This will always be the case when the drivers required to
communicate with the TPM, spi_tegra210_quad and tpm_tis_spi, are built as
modules.
Having these drivers as built-ins ensures that the TPM is available before
the IMA driver initializes.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-nvidia-6.2/+bug/2037688/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
