On Sat Dec 7, 2024 at 2:16 PM EET, Jarkko Sakkinen wrote: > On Mon Dec 2, 2024 at 9:52 AM EET, Jiri Slaby wrote: > > On 30. 11. 24, 3:49, Jarkko Sakkinen wrote: > > > On Wed Nov 27, 2024 at 8:46 AM EET, Jiri Slaby wrote: > > >> Cc TPM + EFI guys. > > >> > > >> On 17. 11. 24, 23:26, Linus Torvalds wrote: > > >>> But before the merge window opens, please give this a quick test to > > >>> make sure we didn't mess anything up. The shortlog below gives you the > > >>> summary for the last week, and nothing really jumps out at me. A > > >>> number of last-minute reverts, and some random fairly small fixes > > >>> fairly spread out in the tree. > > >> > > >> Hi, > > >> > > >> there is a subtle bug in 6.12 wrt TPM (in TPM, EFI, or perhaps in > > >> something else): > > >> https://bugzilla.suse.com/show_bug.cgi?id=1233752 > > >> > > >> Our testing (openQA) fails with 6.12: > > >> https://openqa.opensuse.org/tests/4657304#step/trup_smoke/26 > > >> > > >> The last good is with 6.11.7: > > >> https://openqa.opensuse.org/tests/4648526 > > >> > > >> In sum: > > >> TPM is supposed to provide a key for decrypting the root partitition, > > >> but fails for some reason. > > >> > > >> It's extremely hard (so far) to reproduce outside of openQA (esp. when > > >> trying custom kernels). > > > > Mark "X". > > > > >> Most of the 6.12 TPM stuff already ended in (good) 6.11.7. I tried to > > >> revert: > > >> 423893fcbe7e tpm: Disable TPM on tpm2_create_primary() failure > > >> from 6.12 but that still fails. > > >> > > >> We are debugging this further, this is just so you know. > > >> > > >> Or maybe you have some immediate ideas? > > > > > > Nothing immediate but I've had to tweak quite a lot of TPM bus > > > integrity protection feature so it is a possibility that I've > > > made a mistake in a point or another. > > > > > > Can you bisect the issue possibly? > > > > No, see mark "X" :). > > > > But follow the downstream bug for progress: > > https://bugzilla.suse.com/show_bug.cgi?id=1233752 > > Just came back from company retrite from BCN. > > I can follow this but cannot comment because I've never been > able to get a bugzilla account working for any of SUSE infra > :-) > > I was actually surprised that I'm able to view the bug at > all... Bookmarked it and this thread from lore and revisit > like in the middle of the week (my calendar is filled with > meetings Mon/Tue). Hmm... OK, so no action from my side I guess (sorry if I ignored something did not read every single comment)? BR, Jarkko
