Hi Dan, On Mon, 2019-03-18 at 17:30 -0700, Dan Williams wrote:
Sorry for the late reply. > On Mon, Mar 18, 2019 at 5:24 PM James Bottomley <[email protected]> wrote: > > > > On Mon, 2019-03-18 at 16:45 -0700, Dan Williams wrote: > > > Rather than fail initialization of the trusted.ko module, arrange for > > > the module to load, but rely on trusted_instantiate() to fail > > > trusted-key operations. > > > > What actual problem is this fixing? To me it would seem like an > > enhancement to make the trusted module fail at load time if there's no > > TPM rather than waiting until first use to find out it can never work. > > Is there some piece of user code that depends on the successful > > insertion of trusted.ko? > > The module dependency chain relies on it. If that can be broken that > would also be an acceptable fix. > > I found this through the following dependency chain: libnvdimm.ko -> > encrypted_keys.ko -> trusted.ko. > > "key_type_trusted" is the symbol that encrypted_keys needs regardless > of whether the tpm is present. Commit 982e617a313b ("encrypted-keys: remove trusted-keys dependency") removed the dependency on trusted keys. masterkey_trusted.c should only be included if "CONFIG_TRUSTED_KEYS" is enabled. Is CONFIG_TRUSTED_KEYS enabled? Mimi _______________________________________________ Linux-nvdimm mailing list [email protected] https://lists.01.org/mailman/listinfo/linux-nvdimm
