From 0f652c887da4775ae1ecec56d8ebe23d0593c6e4 Mon Sep 17 00:00:00 2001 From: Mikhail Novosyolov Date: Wed, 30 Aug 2023 17:00:02 +0300 Subject: [PATCH] Fix TPM regression on some Intel machines --- ...make-vendor-check-required-for-probe.patch | 39 +++++++++++++++++++ kernel.spec | 5 ++- 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 0001-tpm-Don-t-make-vendor-check-required-for-probe.patch diff --git a/0001-tpm-Don-t-make-vendor-check-required-for-probe.patch b/0001-tpm-Don-t-make-vendor-check-required-for-probe.patch new file mode 100644 index 0000000..fa86182 --- /dev/null +++ b/0001-tpm-Don-t-make-vendor-check-required-for-probe.patch @@ -0,0 +1,39 @@ +From 5470ef2eed8958f828d11047d958fd516e9dddc3 Mon Sep 17 00:00:00 2001 +From: Mario Limonciello +Date: Fri, 18 Aug 2023 13:15:16 -0500 +Subject: [PATCH] tpm: Don't make vendor check required for probe + +The vendor check introduced by commit 554b841d4703 ("tpm: Disable RNG for +all AMD fTPMs") doesn't work properly on Intel fTPM. The TPM doesn't reply +at bootup and returns back the command code. + +As this isn't crucial for anything but AMD fTPM and AMD fTPM works, throw +away the error code to let Intel fTPM continue to work. + +Cc: stable@vger.kernel.org +Fixes: 554b841d4703 ("tpm: Disable RNG for all AMD fTPMs") +Reported-by: Todd Brandt +Closes: https://bugzilla.kernel.org/show_bug.cgi?id=217804 +Signed-off-by: Mario Limonciello +Tested-by: Todd Brandt +--- + drivers/char/tpm/tpm_crb.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/drivers/char/tpm/tpm_crb.c b/drivers/char/tpm/tpm_crb.c +index 7f7f3bded453..6e04bd73dc8f 100644 +--- a/drivers/char/tpm/tpm_crb.c ++++ b/drivers/char/tpm/tpm_crb.c +@@ -472,8 +472,7 @@ static int crb_check_flags(struct tpm_chip *chip) + if (ret) + return ret; + +- ret = tpm2_get_tpm_pt(chip, TPM2_PT_MANUFACTURER, &val, NULL); +- if (ret) ++ if (tpm2_get_tpm_pt(chip, TPM2_PT_MANUFACTURER, &val, NULL)) + goto release; + + if (val == 0x414D4400U /* AMD */) +-- +2.40.1 + diff --git a/kernel.spec b/kernel.spec index 439dca6..9fc6520 100644 --- a/kernel.spec +++ b/kernel.spec @@ -35,7 +35,7 @@ %define sublevel 46 # Release number. Increase this before a rebuild. -%define rpmrel 1 +%define rpmrel 2 %define fullrpmrel %{rpmrel} %define rpmtag %{disttag} @@ -349,6 +349,9 @@ Patch201: 0001-altha.patch Patch302: 0001-sign-file-full-functionality-with-modern-LibreSSL.patch # Allow to off modules signature check dynamically Patch306: 0001-ROSA-ima-allow-to-off-modules-signature-check-dynami.patch +# https://bugzilla.kernel.org/show_bug.cgi?id=217804#c52 +# https://bugzilla.rosalinux.ru/show_bug.cgi?id=13480#c7 +Patch307: 0001-tpm-Don-t-make-vendor-check-required-for-probe.patch # Support sound on notebook Aquarius NS685U R11 (https://linux-hardware.org/?probe=339dc3db60) Patch0401: 0401-ASoC-es8316-Use-increased-GPIO-debounce-time.patch