On Thu, Feb 18, 2021 at 04:24:34PM +, David Howells wrote:
>
> Hi Mickaël, Jarkko,
>
> Can I transfer your acks from:
>
> https://lore.kernel.org/lkml/20210121155513.539519-5-...@digikod.net/
>
> to here?
>
> David
Yes, thanks.
/Jarkko
On Fri, Feb 19, 2021 at 11:13:45AM +0200, Jarkko Sakkinen wrote:
> On Thu, Feb 18, 2021 at 09:29:41PM +0100, Lino Sanfilippo wrote:
> > From: Lino Sanfilippo
> >
> > The following sequence of operations results in a refcount warning:
> >
> > 1. Open device
On Thu, Feb 18, 2021 at 09:29:41PM +0100, Lino Sanfilippo wrote:
> From: Lino Sanfilippo
>
> The following sequence of operations results in a refcount warning:
>
> 1. Open device /dev/tpmrm.
> 2. Remove module tpm_tis_spi.
> 3. Write a TPM command to the file descriptor opened at step 1.
>
> -
On Thu, Feb 18, 2021 at 08:13:57PM +0100, Lino Sanfilippo wrote:
>
> Hi,
>
> On 17.02.21 at 23:18, Jarkko Sakkinen wrote:
>
> >> +
> >
> > /*
> > * Please describe what the heck the function does. No need for full on
> > * kdoc.
> > */
On Wed, Feb 17, 2021 at 09:27:02PM -0400, Jason Gunthorpe wrote:
> On Thu, Feb 18, 2021 at 12:14:11AM +0200, Jarkko Sakkinen wrote:
> > On Tue, Feb 16, 2021 at 04:31:26PM +, David Laight wrote:
> > > ...
> > > > > > + get_device(&chip-&
tpm: add sysfs exports for all banks of PCR registers
ABI: add sysfs description for tpm exports of PCR registers
Jarkko Sakkinen (3):
KEYS: trusted: Fix incorrect handling of tpm_get_random()
KEYS: trusted: Fix migratable=1 failing
KEYS: trusted: Reserve TPM for seal
On Tue, Feb 16, 2021 at 08:53:11PM +0100, Lino Sanfilippo wrote:
> From: Lino Sanfilippo
>
> The following sequence of operations results in a refcount warning:
>
> 1. Open device /dev/tpmrm.
> 2. Remove module tpm_tis_spi.
> 3. Write a TPM command to the file descriptor opened at step 1.
>
> -
On Tue, Feb 16, 2021 at 04:31:26PM +, David Laight wrote:
> ...
> > > > + get_device(&chip->dev);
> > > > + chip->devs.release = tpm_devs_release;
> > > > + chip->devs.devt =
> > > > + MKDEV(MAJOR(tpm_devt), chip->dev_num + TPM_NUM_DEVICES);
> >
> > Isn't this l
On Tue, Feb 16, 2021 at 06:09:50PM +0200, Jarkko Sakkinen wrote:
> On Tue, Feb 16, 2021 at 06:04:42PM +0200, Jarkko Sakkinen wrote:
> > On Tue, Feb 16, 2021 at 08:53:42AM -0400, Jason Gunthorpe wrote:
> > > On Tue, Feb 16, 2021 at 01:31:00AM +0100, Lino Sanfilippo wrote:
> &g
On Tue, Feb 16, 2021 at 06:04:42PM +0200, Jarkko Sakkinen wrote:
> On Tue, Feb 16, 2021 at 08:53:42AM -0400, Jason Gunthorpe wrote:
> > On Tue, Feb 16, 2021 at 01:31:00AM +0100, Lino Sanfilippo wrote:
> > >
> > > +static int tpm_add_tpm2_char_device(struct tpm_chip *
On Tue, Feb 16, 2021 at 08:53:42AM -0400, Jason Gunthorpe wrote:
> On Tue, Feb 16, 2021 at 01:31:00AM +0100, Lino Sanfilippo wrote:
> >
> > +static int tpm_add_tpm2_char_device(struct tpm_chip *chip)
BTW, this naming is crap.
- 2x tpm
- char is useless
-> tpm2_add_device
> > +{
> > + int r
On Tue, Feb 16, 2021 at 11:31:33AM +0800, Tianjia Zhang wrote:
> In this scenario, there is no case where va_page is NULL, and
> the error has been checked. The if-condition statement here is
> redundant, so remove the condition detection.
>
> Signed-off-by: Tianjia Zhang
>
On Tue, Feb 16, 2021 at 01:31:00AM +0100, Lino Sanfilippo wrote:
> From: Lino Sanfilippo
>
> The following sequence of operations results in a refcount warning:
>
> 1. Open device /dev/tpmrm
Add '.' to end.
> 2. Remove module tpm_tis_spi
Add '.' to end.
> 3. Write a TPM command to the file d
On Mon, Feb 15, 2021 at 06:37:00PM +0530, Sumit Garg wrote:
> On Fri, 12 Feb 2021 at 05:04, Jarkko Sakkinen wrote:
> >
> > On Mon, Jan 25, 2021 at 02:47:38PM +0530, Sumit Garg wrote:
> > > Hi Jarkko,
> > >
> > > On Fri, 22 Jan 2021 at 23:42, Jarkko Sakki
On Fri, Feb 12, 2021 at 12:06:00PM +0100, Lukasz Majczak wrote:
> There are missing calls to tpm_request_locality() before the calls to
> the tpm_get_timeouts() and tpm_tis_probe_irq_single() - both functions
> internally send commands to the tpm using tpm_tis_send_data()
> which in turn, at the ve
On Thu, Feb 11, 2021 at 02:54:35PM -0500, Nayna Jain wrote:
> The kernel currently only loads the kernel module signing key onto
> the builtin trusted keyring. To support IMA, load the module signing
> key selectively either onto builtin or ima keyring based on MODULE_SIG
On Thu, Feb 11, 2021 at 02:54:32PM -0500, Nayna Jain wrote:
> Loading a key on the IMA trusted keyring requires the key be signed
> by an existing key on the builtin or secondary trusted keyring.
> Creating a Certificate Signing Request (CSR) allows the certificate
> to be self-signed or signed by
On Thu, Feb 11, 2021 at 02:54:31PM -0500, Nayna Jain wrote:
> The "mrproper" target is still looking for build time generated keys
> in the old path instead of certs/ directory.
> This patch fixes the path as well removes the names of the files which
> are no longer generated.
"Fix the path..."
>
On Thu, Feb 11, 2021 at 11:34:21AM +0100, Ahmad Fatoum wrote:
> Hello Jarkko,
>
> On 10.02.21 18:00, Jarkko Sakkinen wrote:
> > On Tue, Nov 03, 2020 at 09:31:43PM +0530, Sumit Garg wrote:
> >> + case Opt_new:
> >> + key_len = payload->key_le
On Mon, Feb 08, 2021 at 05:09:21PM -0700, Shuah Khan wrote:
> On 2/2/21 3:02 PM, Jarkko Sakkinen wrote:
> > On Mon, Feb 01, 2021 at 09:26:49PM +0800, Tianjia Zhang wrote:
> > > Simplify the sgx code implemntation by using library function
> > > getauxval() instead of a
On Thu, Feb 11, 2021 at 02:04:12PM +0800, Tianjia Zhang wrote:
> Hi,
>
> Sorry for the late reply.
>
> On 1/28/21 1:40 AM, Jarkko Sakkinen wrote:
> > I could bet some money that this does not bring any significant
> > performance gain.
> >
>
> Yes, this
as
>* the requested ENCLU function.
> */
> cmp $0, %eax
> --
> 2.30.0
>
>
Acked-by: Jarkko Sakkinen
/Jarkko
On Tue, Feb 09, 2021 at 01:14:06PM +, David Howells wrote:
>
> Hi Eric, Mickaël,
>
> Do we have a consensus on this? From what's written here, I don't think I can
> ask Linus to pull the merge of your two branches. I feel that I probably need
> to push Eric's first as that fixes a CVE if I
h, which
> make sense because the descriptions are already viewable;
> * forbids key update (blacklist and asymmetric ones);
> * restricts kernel rights on the blacklist keyring to align with the
> root user rights.
>
> See help in tools/certs/print-cert-tbs-hash.sh .
>
>
On Tue, Feb 09, 2021 at 09:36:53AM -0400, Jason Gunthorpe wrote:
> On Tue, Feb 09, 2021 at 12:52:17PM +0100, Lino Sanfilippo wrote:
> > > @@ -640,8 +643,10 @@ void tpm_chip_unregister(struct tpm_chip *chip)
> > > if (IS_ENABLED(CONFIG_HW_RANDOM_TPM))
> > > hwrng_unregister(&chip->hwrng)
On Tue, Feb 09, 2021 at 12:52:17PM +0100, Lino Sanfilippo wrote:
> Hi Jason,
>
> On 05.02.21 18:25, Jason Gunthorpe wrote:
> > On Fri, Feb 05, 2021 at 08:48:11AM -0800, James Bottomley wrote:
> >>> Thanks for pointing this out. I'd strongly support Jason's proposal:
> >>>
> >>> https://lore.kernel
", name,
> len);
> | ~~^ ~~~
>
> Fixes: 8382c668ce4f ("x86/vdso: Add support for exception fixup in vDSO
> functions")
> Signed-off-by: Randy Dunlap
> Cc: Sean Christopherson
> Cc: Ja
On Tue, Feb 09, 2021 at 05:13:39PM -0500, Stefan Berger wrote:
> When IMA is taking measurements during compilation for example and a
> user presses ctrl-c to abort the compilation, lots of these types of
> messages will appear in the kernel log:
>
> [ 7406.275163] tpm tpm0: tpm_transmit: tpm_recv
On Fri, Feb 12, 2021 at 01:34:31AM +0200, Jarkko Sakkinen wrote:
> On Mon, Jan 25, 2021 at 02:47:38PM +0530, Sumit Garg wrote:
> > Hi Jarkko,
> >
> > On Fri, 22 Jan 2021 at 23:42, Jarkko Sakkinen wrote:
> > >
> > > On Thu, Jan 21, 2021 at 0
On Mon, Jan 25, 2021 at 02:47:38PM +0530, Sumit Garg wrote:
> Hi Jarkko,
>
> On Fri, 22 Jan 2021 at 23:42, Jarkko Sakkinen wrote:
> >
> > On Thu, Jan 21, 2021 at 05:23:45PM +0100, Jerome Forissier wrote:
> > >
> > >
> > > On 1/21/21 4:24 PM, Jarkko
On Tue, Nov 03, 2020 at 09:31:43PM +0530, Sumit Garg wrote:
> + case Opt_new:
> + key_len = payload->key_len;
> + ret = static_call(trusted_key_get_random)(payload->key,
> + key_len);
> + if (ret != key_le
The following commit has been merged into the x86/urgent branch of tip:
Commit-ID: 2ade0d60939bcd54197c133b03b460fe62a4ec47
Gitweb:
https://git.kernel.org/tip/2ade0d60939bcd54197c133b03b460fe62a4ec47
Author:Jarkko Sakkinen
AuthorDate:Mon, 08 Feb 2021 00:14:01 +02:00
On Fri, Feb 05, 2021 at 09:20:22PM +0100, Dirk Gouders wrote:
> tpm_tis does not consider -EPROBE_DEFER in tpm_tis_plat_probe().
> Instead, without notification it falls back to polling mode if
> platform_get_irq_optional() returns a negative value.
>
> This could lead to different behavior depend
On Fri, Feb 05, 2021 at 08:25:35AM +, David Howells wrote:
> Jarkko Sakkinen wrote:
>
> > > + * init_ns_common - Initialise the common part of a namespace
> >
> > Nit: init_ns_common()
>
> Interesting. The majority of code doesn't put the brackets
On Fri, Feb 05, 2021 at 02:42:05PM +0800, wanghongzhe wrote:
> when i reach TPM_RETRY, the cs cannot change back to 'high'.
> So the TPM chips thinks this communication is not over.
> And next times communication cannot be effective because
> the communications mixed up with the last time.
>
> Si
is ensures that 'encl' outlives
'encl_mm'.
Fixes: 1728ab54b4be ("x86/sgx: Add a page reclaimer")
Cc: Dave Hansen
Signed-off-by: Jarkko Sakkinen
---
v8:
- Slight adjustments on call sites suggested by Dave, to make things
more clear and obvious. Otherwise, semantica
On Sun, Feb 07, 2021 at 11:29:49PM +0200, Jarkko Sakkinen wrote:
> On Fri, Feb 05, 2021 at 11:36:57AM -0800, Dave Hansen wrote:
> > On 2/5/21 10:28 AM, Jarkko Sakkinen wrote:
> > > This has been shown in tests:
> > >
> > > [ +0.08] WARNING: CPU: 3 PI
On Fri, Feb 05, 2021 at 11:36:57AM -0800, Dave Hansen wrote:
> On 2/5/21 10:28 AM, Jarkko Sakkinen wrote:
> > This has been shown in tests:
> >
> > [ +0.08] WARNING: CPU: 3 PID: 7620 at kernel/rcu/srcutree.c:374
> > cleanup_srcu_struct+0xed/0x100
> >
>
c(PAGE_SIZE, ...)
> to get a page aligned kernel address to use.
>
> In addition add a comment to document the alignment requirements so that
> others like myself don't attempt to 'fix' this again.
>
> Cc: Dave Hansen
> Cc: Sean Christopherson
> Cc: Jethro Beekman
> Signed-off-by: Ira Weiny
Reviewed-by: Jarkko Sakkinen
/Jarkko
On Fri, Feb 05, 2021 at 08:43:24AM +0100, Daniel Vetter wrote:
> On Fri, Feb 5, 2021 at 3:26 AM Jarkko Sakkinen wrote:
> >
> > On Thu, Feb 04, 2021 at 07:45:19PM +0100, Daniel Vetter wrote:
> > > References:
> > > https://lore.kernel.org/dri-devel/20201127164131
The following commit has been merged into the x86/sgx branch of tip:
Commit-ID: 848477782bfa2b6aec738045246abd6cd104006c
Gitweb:
https://git.kernel.org/tip/848477782bfa2b6aec738045246abd6cd104006c
Author:Jarkko Sakkinen
AuthorDate:Fri, 05 Feb 2021 17:15:44 +02:00
laimer")
Cc: Dave Hansen
Reported-by: Haitao Huang
Signed-off-by: Jarkko Sakkinen
---
v7:
- Same as v6 but v6 was missing cc to Dave. Thus, also the
MAINTAINERS update.
v6:
- Maintain refcount for each encl->mm_list entry.
v5:
- To make sure that the instance does not get deleted use kref
Add Dave as reviewer for INTEL SGX patches.
Cc: Borislav Petkov
Acked-by: Dave Hansen
Signed-off-by: Jarkko Sakkinen
---
MAINTAINERS | 1 +
1 file changed, 1 insertion(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index 5b66de2097d6..41b78e20bd1f 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
Add Dave as reviewer for INTEL SGX patches.
Cc: Borislav Petkov
Acked-by: Dave Hansen
Signed-off-by: Jarkko Sakkinen
---
MAINTAINERS | 1 +
1 file changed, 1 insertion(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index 5b66de2097d6..41b78e20bd1f 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
laimer")
Cc: Dave Hansen
Signed-off-by: Jarkko Sakkinen
---
v7:
- No changes from v6. Resend of
https://patchwork.kernel.org/project/intel-sgx/patch/20210204143845.39697-1-jar...@kernel.org/
v6:
- Maintain refcount for each encl->mm_list entry.
v5:
- To make sure that the instance
On Thu, Feb 04, 2021 at 05:47:39PM +, David Howells wrote:
> Add a ns tag struct that consists of just a refcount. It's address can be
> used to compare namespaces without the need to pin a namespace. Just the
> tag needs pinning.
>
> Signed-off-by: David Howells
> ---
>
> fs/namespace.c
ound iteration v40. I have
no idea why I did not. Even backtraced years old email threads from lore.
Probably just forgot to remove it.
So, yeah, I fully agree removing it.
Reviewed-by: Jarkko Sakkinen
> Jason stumbled over this as a new user of follow_pfn, and I'm trying
> to ge
On Thu, Feb 04, 2021 at 07:45:19PM +0100, Daniel Vetter wrote:
> References:
> https://lore.kernel.org/dri-devel/20201127164131.2244124-1-daniel.vet...@ffwll.ch/
What is the difference between this and "Link:" anyway?
/Jarkko
On Thu, Feb 04, 2021 at 04:34:11PM -0800, James Bottomley wrote:
> On Fri, 2021-02-05 at 00:50 +0100, Lino Sanfilippo wrote:
> > From: Lino Sanfilippo
> >
> > In tpm2_del_space() chip->ops is used for flushing the sessions.
> > However
> > this function may be called after tpm_chip_unregister() w
keborn
Thanks.
Reviewed-by: Jarkko Sakkinen
/Jarkko
> ---
> drivers/char/tpm/tpm_ppi.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/char/tpm/tpm_ppi.c b/drivers/char/tpm/tpm_ppi.c
> index b2dab941cb7f..40018a73b3cb 100644
> --- a/driver
t; 9 files changed, 694 insertions(+), 11 deletions(-)
> > create mode 100644 crypto/ecdsa.c
> > create mode 100644 crypto/ecdsasignature.asn1
Acked-by: Jarkko Sakkinen
Great, ECDSA has been lacking for a way too long. Just wanted to
acknowledge support for this, I just now also skimmed the change
from patchwrok (way too quickly for reviewed-by but well enough
for ack).
/Jarkko
the function is not intended
> to be used outside of this translation unit
> int load_certificate_list(const u8 cert_list[],
> ^
> static
> 1 warning generated.
>
> Fix the warning by including the header file.
>
> Signed-off-by: Eric Snowberg
> Reported-by: ke
ot;x86/sgx: Add a page reclaimer")
Reported-by: Haitao Huang
Signed-off-by: Jarkko Sakkinen
---
v6:
- Maintain refcount for each encl->mm_list entry.
v5:
- To make sure that the instance does not get deleted use kref_get()
kref_put(). This also removes the need for additional
synchron
On Mon, Jan 25, 2021 at 02:47:38PM +0530, Sumit Garg wrote:
> The main reason to guide you towards the OP-TEE build system is that
> you will be able to build all the firmwares (TF-A, OP-TEE, edk2 etc.)
> from source. If you don't need to rebuild those then I have prepared a
> flash firmware binary
On Wed, Feb 03, 2021 at 02:43:44PM +0100, Lukasz Majczak wrote:
> Hi Jarkko, Dirk,
>
> Jarkko,
> Thank you for your points - I will try to fix all you have mentioned.
> I think it would be good to clarify a few things, before going with
> the next version. Regarding use tpm_chip_start/stop() aroun
On Wed, Feb 03, 2021 at 07:46:48AM -0800, Dave Hansen wrote:
> On 1/30/21 11:20 AM, Jarkko Sakkinen wrote:
> ...
> > Example scenario would such that all removals "side-channel" through
> > the notifier callback. Then mmu_notifier_unregister() gets called
> > e
On Wed, Feb 03, 2021 at 03:06:30PM +0100, Lino Sanfilippo wrote:
> Hi,
>
>
> On 03.02.21 02:09, Jarkko Sakkinen wrote:
> > On Tue, Feb 02, 2021 at 11:09:01PM +0100, Lino Sanfilippo wrote:
> >> From: Lino Sanfilippo
> >>
> >> The following sequenc
On Tue, Feb 02, 2021 at 11:09:02PM +0100, Lino Sanfilippo wrote:
> From: Lino Sanfilippo
>
> Provide a function tpm_chip_free() as a counterpart to tpm_chip_alloc().
> The function hides the internals of freeing a struct tpm_chip instance
> by putting the device references which are part of this
On Tue, Feb 02, 2021 at 11:09:03PM +0100, Lino Sanfilippo wrote:
> From: Lino Sanfilippo
>
> In tpm2_del_space() the sessions are flushed by means of the tpm_chip
> operations. However the concerning operations pointer my already be NULL at
On Tue, Feb 02, 2021 at 11:09:01PM +0100, Lino Sanfilippo wrote:
> From: Lino Sanfilippo
>
> The following sequence of operations
>
> 1. open device /dev/tpmrm
> 2. remove the registered tpm chip driver
What is "tpm chip driver"? Please just refer to the exact thing
(e.g. tpm_tis_spi is the one
On Wed, Feb 03, 2021 at 02:05:17AM +0200, Jarkko Sakkinen wrote:
> On Tue, Feb 02, 2021 at 11:49:11PM +0200, Jarkko Sakkinen wrote:
> > On Tue, Feb 02, 2021 at 04:51:39PM +0100, Lukasz Majczak wrote:
> > > There are missing calls to tpm_request_locality before the
On Tue, Feb 02, 2021 at 11:49:11PM +0200, Jarkko Sakkinen wrote:
> On Tue, Feb 02, 2021 at 04:51:39PM +0100, Lukasz Majczak wrote:
> > There are missing calls to tpm_request_locality before the calls to
> > the tpm_get_timeouts() and tpm_tis_probe_irq_single() - both functions
>
On Tue, Feb 02, 2021 at 11:47:19AM -0800, ira.we...@intel.com wrote:
> From: Ira Weiny
>
> kmap is inefficient and we are trying to reduce the usage in the kernel.
> There is no readily apparent reason why initp_page needs to be allocated
> and kmap'ed() but sigstruct needs to be page aligned and
On Tue, Feb 02, 2021 at 10:55:36AM -0800, Dave Hansen wrote:
> On 2/1/21 5:37 PM, ira.we...@intel.com wrote:
> > kmap is inefficient and we are trying to reduce the usage in the kernel.
> > There is no readily apparent reason why the initp_page page needs to be
> > allocated and kmap'ed() but sigst
On Tue, Feb 02, 2021 at 08:29:50AM -0800, Guenter Roeck wrote:
> On Tue, Feb 02, 2021 at 04:51:39PM +0100, Lukasz Majczak wrote:
> > There are missing calls to tpm_request_locality before the calls to
> > the tpm_get_timeouts() and tpm_tis_probe_irq_single() - both functions
> > internally send com
> /* The extra page goes to SECS. */
> encl_size = secs->size + PAGE_SIZE;
> --
> 2.19.1.3.ge56e4f7
>
>
Acked-by: Jarkko Sakkinen
/Jarkko
On Mon, Feb 01, 2021 at 09:26:49PM +0800, Tianjia Zhang wrote:
> Simplify the sgx code implemntation by using library function
> getauxval() instead of a custom function to get the base address
> of vDSO.
>
> Signed-off-by: Tianjia Zhang
Reviewed-by: Jarkko Sakkinen
This need
On Mon, Feb 01, 2021 at 09:26:50PM +0800, Tianjia Zhang wrote:
> The spin lock of sgx_epc_section only locks the page_list. The
> EREMOVE operation and init_laundry_list is not necessary in the
> protection range of the spin lock. This patch reduces the lock
> range of the spin lock in the function
On Mon, Feb 01, 2021 at 09:26:52PM +0800, Tianjia Zhang wrote:
> In the function sgx_create_enclave(), the direct assignment
> operation of attributes_mask determines that the ioctl PROVISION
> operation must be executed after the ioctl CREATE operation,
> which will limit the flexibility of sgx de
On Mon, Feb 01, 2021 at 09:26:51PM +0800, Tianjia Zhang wrote:
> 'section->free_cnt' represents the free page in sgx_epc_section,
> which is assigned once after initialization. In fact, just after the
> initialization is completed, the pages are in the init_laundry_list
> list and cannot be allocat
On Tue, Feb 02, 2021 at 08:57:24PM +0100, Lukasz Majczak wrote:
> There are missing calls to tpm_request_locality before the calls to
> the tpm_get_timeouts() and tpm_tis_probe_irq_single() - both functions
> internally send commands to the tpm. As the current
> approach might work for tpm2, it fai
On Tue, Feb 02, 2021 at 04:51:39PM +0100, Lukasz Majczak wrote:
> There are missing calls to tpm_request_locality before the calls to
> the tpm_get_timeouts() and tpm_tis_probe_irq_single() - both functions
> internally send commands to the tpm. As the current
> approach might work for tpm2, it fai
On Mon, Feb 01, 2021 at 08:48:12AM +, Christoph Hellwig wrote:
> On Fri, Jan 29, 2021 at 09:37:30AM -0800, Sean Christopherson wrote:
> > On Thu, Jan 28, 2021, ira.we...@intel.com wrote:
> > > From: Ira Weiny
> > >
> > > There is no reason to alloc a page and kmap it to store this temporary
>
On Sun, Jan 31, 2021 at 10:43:05AM +0100, Dirk Gouders wrote:
> Jarkko Sakkinen writes:
>
> > On Thu, 2021-01-28 at 14:07 +0100, Lukasz Majczak wrote:
> >> There is a missing call to tpm_request_locality before the call to
> >> the tpm_get_timeouts() and tpm_
On Sat, Jan 30, 2021 at 04:41:13PM -0800, James Bottomley wrote:
> On Sat, 2021-01-30 at 15:49 -0800, Guenter Roeck wrote:
> > On 1/29/21 2:59 PM, Jarkko Sakkinen wrote:
> > > On Tue, Jan 26, 2021 at 04:46:07PM +0100, Łukasz Majczak wrote:
> > > > Hi Jarkko, Guenter
On Sat, Jan 30, 2021 at 03:49:09PM -0800, Guenter Roeck wrote:
> On 1/29/21 2:59 PM, Jarkko Sakkinen wrote:
> > On Tue, Jan 26, 2021 at 04:46:07PM +0100, Łukasz Majczak wrote:
> >> Hi Jarkko, Guenter
> >>
> >> Yes, here are the logs when failure occurs -
&
On Sat, Jan 30, 2021 at 10:44:24AM -0800, Linus Torvalds wrote:
> On Sat, Jan 30, 2021 at 9:15 AM Jarkko Sakkinen wrote:
> >
> > This was meant for 5.12 but the timing was *way* too early. I'll take this
> > one back. Just to unambiguity reasons I'll use tpmdd-n
On Sat, Jan 30, 2021 at 09:57:40PM -0500, Stefan Berger wrote:
> On 1/30/21 4:26 PM, Jarkko Sakkinen wrote:
> > On Wed, 2021-01-27 at 07:33 -0500, Stefan Berger wrote:
> > > From: Stefan Berger
> > >
> > > Detect whether a key is an sm2 type of key by its OID
On Sat, Jan 30, 2021 at 09:33:47AM -0800, James Bottomley wrote:
> On Sat, 2021-01-30 at 19:15 +0200, Jarkko Sakkinen wrote:
> > On Thu, Jan 28, 2021 at 07:38:21PM -0800, Linus Torvalds wrote:
> > > On Thu, Jan 28, 2021 at 4:54 PM Jarkko Sakkinen
> > > wrote:
> >
On Wed, 2021-01-27 at 07:33 -0500, Stefan Berger wrote:
> From: Stefan Berger
>
> Detect whether a key is an sm2 type of key by its OID in the parameters
> array rather than assuming that everything under OID_id_ecPublicKey
> is sm2, which is not the case.
>
> Signed-off-by: Stefan Berger
> ---
On Fri, 2021-01-29 at 13:57 -0500, Stefan Berger wrote:
> On 1/29/21 12:35 PM, Jarkko Sakkinen wrote:
> > On Mon, Jan 25, 2021 at 08:47:53PM -0500, Stefan Berger wrote:
> > > From: Stefan Berger
> > >
> > > Return error code -ETIMEDOUT rather than '0
On Sat, 2021-01-30 at 22:40 +0200, Jarkko Sakkinen wrote:
> On Thu, 2021-01-28 at 14:07 +0100, Lukasz Majczak wrote:
> > There is a missing call to tpm_request_locality before the call to
> > the tpm_get_timeouts() and tpm_tis_probe_irq_single(). As the current
> > approach mi
On Thu, 2021-01-28 at 20:17 +0100, Mickaël Salaün wrote:
> This fifth patch series is a rebase on David Howells's keys-misc branch.
> The fix patches are already in this branch and then removed from this
> series, other patches are unchanged.
>
> The goal of these patches is to add a new configura
On Thu, 2021-01-28 at 14:07 +0100, Lukasz Majczak wrote:
> There is a missing call to tpm_request_locality before the call to
> the tpm_get_timeouts() and tpm_tis_probe_irq_single(). As the current
> approach might work for tpm2, it fails for tpm1.x - in that case
> call to tpm_get_timeouts() or tp
erge window due to conflicts?
>
> Ideally, can you base your branch on my keys-misc branch?
David, please pull :-)
If possible add to all:
Tested-by: Jarkko Sakkinen
Reviewed-by: Jarkko Sakkinen
Was a chaotic week. My test environment was broken until Wed because
of issues with BuildRoot
On Sat, 2021-01-30 at 21:20 +0200, Jarkko Sakkinen wrote:
> On Thu, 2021-01-28 at 08:33 -0800, Dave Hansen wrote:
> > On 1/28/21 4:58 AM, Jarkko Sakkinen wrote:
> > > The most trivial example of a race condition can be demonstrated by this
> > > sequence where mm_l
On Thu, 2021-01-28 at 08:33 -0800, Dave Hansen wrote:
> On 1/28/21 4:58 AM, Jarkko Sakkinen wrote:
> > The most trivial example of a race condition can be demonstrated by this
> > sequence where mm_list contains just one entry:
> >
> > CPU A
On Thu, 2021-01-28 at 18:31 +0100, Ahmad Fatoum wrote:
> Hello,
>
> I've been looking into how a migration to using trusted/encrypted keys
> would look like (particularly with dm-crypt).
>
> Currently, it seems the the only way is to re-encrypt the partitions
> because trusted/encrypted keys alwa
On Thu, Jan 28, 2021 at 07:38:21PM -0800, Linus Torvalds wrote:
> On Thu, Jan 28, 2021 at 4:54 PM Jarkko Sakkinen wrote:
> >
> > This contains bug fixes for tpm_tis driver, which had a racy wait for
> > hardware state change to be ready to send a command to the TPM chip. Th
On Sun, Jan 24, 2021 at 02:29:07PM +0800, Tianjia Zhang wrote:
> In this scenario, there is no case where va_page is NULL, and
> the error has been checked. The if condition statement here is
> redundant, so remove the condition detection.
>
> Signed-off-by: Tianjia Zhang
> ---
> arch/x86/kernel
On Sun, Jan 24, 2021 at 02:29:06PM +0800, Tianjia Zhang wrote:
> In the function sgx_create_enclave(), the direct assignment
> operation of attributes_mask determines that the ioctl PROVISION
> operation must be executed after the ioctl CREATE operation,
> which will limit the flexibility of sgx de
On Sun, Jan 24, 2021 at 02:29:04PM +0800, Tianjia Zhang wrote:
> The spin lock of sgx_epc_section only locks the page_list. The
> EREMOVE operation and init_laundry_list is not necessary in the
> protection range of the spin lock. This patch reduces the lock
> range of the spin lock in the function
On Wed, Jan 27, 2021 at 08:41:29AM -0700, Eric Snowberg wrote:
>
> > On Jan 27, 2021, at 7:03 AM, Mimi Zohar wrote:
> >
> > [Cc'ing linux-integrity]
> >
> > On Wed, 2021-01-27 at 11:46 +0000, David Howells wrote:
> >> Jarkko Sakkinen wrote:
&g
On Wed, Jan 27, 2021 at 09:03:59AM -0500, Mimi Zohar wrote:
> [Cc'ing linux-integrity]
>
> On Wed, 2021-01-27 at 11:46 +, David Howells wrote:
> > Jarkko Sakkinen wrote:
> >
> > > > I suppose a user space tool could be created. But wouldn’t what is
&
On Tue, Jan 26, 2021 at 04:46:07PM +0100, Łukasz Majczak wrote:
> Hi Jarkko, Guenter
>
> Yes, here are the logs when failure occurs -
> https://gist.github.com/semihalf-majczak-lukasz/1575461f585f1e7fb1e9366b8eceaab9
> Look for a phrase "TPM returned invalid status"
>
> Guenter - good suggestion
On Sat, Jan 30, 2021 at 12:59:09AM +0200, Jarkko Sakkinen wrote:
> On Tue, Jan 26, 2021 at 04:46:07PM +0100, Łukasz Majczak wrote:
> > Hi Jarkko, Guenter
> >
> > Yes, here are the logs when failure occurs -
> > https://gist.github.com/semihalf-majczak-lukasz/15754
On Mon, Jan 25, 2021 at 09:18:46AM -0800, Guenter Roeck wrote:
> Hi Lukasz,
>
> On Sat, Jan 23, 2021 at 02:42:47AM +0100, Lukasz Majczak wrote:
> > There is a missing call to start_tpm_chip before the call to
> > the tpm_get_timeouts() and tpm_tis_probe_irq_single(). As the current
> > approach ma
ore
> proceeding")
> Reported-by: Hulk Robot
> Signed-off-by: Wang Hai
> Signed-off-by: Stefan Berger
> ---
Reviewed-by: Jarkko Sakkinen
Thanks! Should I add
Cc: sta...@vger.kernel.org to this?
/Jarkko
> drivers/char/tpm/tpm_ibmvtpm.c | 1 +
> 1 file changed, 1 in
Hi,
This contains bug fixes for tpm_tis driver, which had a racy wait for
hardware state change to be ready to send a command to the TPM chip. The
bug has existed already since 2006, but has only made itself known in
recent past.
There's also couple of new features:
1. Cr50 I2C driver.
2. Sysfs
nce to the enclave in
sgx_mmu_notifier_release().
Cc: sta...@vger.kernel.org
Fixes: 1728ab54b4be ("x86/sgx: Add a page reclaimer")
Suggested-by: Sean Christopherson
Reported-by: Haitao Huang
Signed-off-by: Jarkko Sakkinen
---
v5:
- To make sure that the instance does not get dele
401 - 500 of 2089 matches
Mail list logo