Pull-request to address TPM bypass issue
Bug #2037688 reported by
Brad Figg
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Triaged
|
Medium
|
Unassigned | ||
Noble |
Fix Committed
|
Medium
|
Unassigned | ||
linux-nvidia-6.2 (Ubuntu) |
Fix Committed
|
Undecided
|
Unassigned | ||
Jammy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
NVIDIA: [Config]: Ensure the TPM is available before IMA initializes
Set the following configs:
CONFIG_
CONFIG_
On Grace systems, the IMA driver emits the following log:
ima: No TPM chip found, activating TPM-bypass!
This occurs because the IMA driver initializes before we are able to detect
the TPM. This will always be the case when the drivers required to
communicate with the TPM, spi_tegra210_quad and tpm_tis_spi, are built as
modules.
Having these drivers as built-ins ensures that the TPM is available before
the IMA driver initializes.
Changed in linux-nvidia-6.2 (Ubuntu): | |
status: | New → Fix Committed |
Changed in linux-nvidia-6.2 (Ubuntu Jammy): | |
status: | New → Fix Committed |
no longer affects: | linux (Ubuntu Jammy) |
no longer affects: | linux-nvidia-6.2 (Ubuntu Noble) |
Changed in linux (Ubuntu Noble): | |
importance: | Undecided → Medium |
Changed in linux (Ubuntu): | |
importance: | Undecided → Medium |
status: | New → Triaged |
Changed in linux (Ubuntu Noble): | |
status: | New → In Progress |
status: | In Progress → Fix Committed |
To post a comment you must log in.
This bug is awaiting verification that the linux-nvidia- 6.2/6.2. 0-1011. 11 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification- needed- jammy-linux- nvidia- 6.2' to 'verification- done-jammy- linux-nvidia- 6.2'. If the problem still exists, change the tag 'verification- needed- jammy-linux- nvidia- 6.2' to 'verification- failed- jammy-linux- nvidia- 6.2'.
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.
See https:/ /wiki.ubuntu. com/Testing/ EnableProposed for documentation how to enable and use -proposed. Thank you!