On Tue Dec 3, 2024 at 12:15 AM EET, Stefan Berger wrote: > > > On 11/29/24 9:44 PM, Jarkko Sakkinen wrote: > > On Tue Nov 26, 2024 at 1:42 PM EET, Christian Heusel wrote: > >> On 24/10/25 05:47PM, Jarkko Sakkinen wrote: > >>> Yeah, this is on the list. > >>> > >>> See: https://bugzilla.kernel.org/show_bug.cgi?id=219383#c5 > >>> > >>> I had a fix for the AMD boot-time issue already over a month ago > >>> but unfortunately took time to get enough feedback. > >>> > >>> BR, Jarkko > >> > >> I'm not sure if this is supposed to be fixed, but AFAIK we hoped that > >> the patchset that was mentioned in bugzilla also helped this issue. > >> > >> The reporter said that the bug is still present in 6.12.1, so this might > >> need further poking 🤔 > > > > I'd suggest a workaround for the time being. > > > > In 6.12 we added this for (heavy) IMA use: > > > > tpm.disable_pcr_integrity= [HW,TPM] > > Do not protect PCR registers from unintended physical > > access, or interposers in the bus by the means of > > having an integrity protected session wrapped around > > TPM2_PCR_Extend command. Consider this in a situation > > where TPM is heavily utilized by IMA, thus protection > > causing a major performance hit, and the space where > > machines are deployed is by other means guarded. > > > > Similarly it might make sense to have "tpm.disable_random_integrity" > > that disables the feature introduced by the failing commit. > > > > I am wondering what could be the not-so-obvious root cause for this? > Could it be due to a (TPM or RNG-related) lock? I guess the audio > popping could occur if an application cannot meet timing requirements > when it runs into some sort of blocking lock... The problem is that we don't know yet but we do know that it previously worked. Or more importantly: that is the hypothesis. So it would be in all cases useful to create such patch for A/B testing at minimum. BR, Jarkko
