Ubuntu
linux package

Enable iTPM support for lucid

Bug #490487 reported by Andrew Pollock
24
This bug affects 3 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Wishlist
Andy Whitcroft

Bug Description

[Summary below distilled from: https://wiki.ubuntu.com/iTPMSupport and
https://blueprints.edge.launchpad.net/ubuntu/+spec/itpm-support]

Contemporary Lenovo and Dell laptops include a newer TPM chip (iTPM
which is not well supported by Linux.

  http://en.wikipedia.org/wiki/Trusted_Platform_Module

The fundamental problem is that iTPM doesn't set the TPM_STS_DATA_EXPECT
status bit when sending it a burst of data and the current kernel module
considers that a failure. And there is a secondary problem that the
Thinkpads have the chip in an ACPI configuration that, while standard,
eludes the kernel's autoprobing. Enterprise customers already relying on
the TPM chip cannot move to newer laptops with the new iTPM chip because
it is not supported by Linux.

David Smith (~dds) has done a lot of work in this area. There are two
kernel patches involved. The first has been merged into the mm tree. The
second is being reworked.

  1: http://marc.info/?l=linux-kernel&m=125381794406624&w=2
  2: http://marc.info/?l=tpmdd-devel&m=125264268716691&w=2

Need to track these and see if they have hit the 2.6.32 tree.

See original description
Andrew Pollock (apollock)
affects: linux-meta (Ubuntu) → linux (Ubuntu)
Andy Whitcroft (apw)
Changed in linux (Ubuntu):
importance: Undecided → Wishlist
Andy Whitcroft (apw)
description: updated
description: updated
Revision history for this message
Andy Whitcroft (apw) wrote :

This appears to be the latest set of this out there patches 5 & 6 seem to be the current incarnations of the patches requested, note that 5 remains NAKd:

  http://patchwork.kernel.org/patch/33369/ [1/6] tpm_tis: various cleanups
  http://patchwork.kernel.org/patch/33368/ [2/6] tpm_tis: add MODULE_DEVICE_TABLE to enable autoload
  http://patchwork.kernel.org/patch/33371/ [3/6] tpm_tis: set timeouts before calling request_locality
  http://patchwork.kernel.org/patch/33370/ [4/6] tpm_tis: print complete vendor information
  http://patchwork.kernel.org/patch/33372/ [5/6] tpm_tis: convert from pnp_driver to acpi_driver
  http://patchwork.kernel.org/patch/33373/ [6/6] tpm_tis: add workarounds for iTPM

Andy Whitcroft (apw)
Changed in linux (Ubuntu):
status: New → Triaged
Andy Whitcroft (apw)
tags: added: lucid
tags: removed: kernel-lucid
Andrew Pollock (apollock)
description: updated
Revision history for this message
Andy Whitcroft (apw) wrote :

This appears finally to have been reworked to an opt-in module parameter under the commit below (from the security-testing tree):

  commit 3507d612366a4e81226295f646410130a1f62a5c
  Author: Rajiv Andrade <email address hidden>
  Date: Thu Sep 10 17:09:35 2009 -0300

    tpm_tis: TPM_STS_DATA_EXPECT workaround

summary: - Please ensure the iTPM is supported by Lucid's kernel
+ Enable iTPM support for lucid
Andy Whitcroft (apw)
Changed in linux (Ubuntu):
assignee: nobody → Andy Whitcroft (apw)
status: Triaged → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.32-14.19

---------------
linux (2.6.32-14.19) lucid; urgency=low

  [ Andy Whitcroft ]

  * ensure we build the source package contents when enabled
    - LP: #522308
  * [Config] enable CONFIG_X86_MCE_XEON75XX
  * SAUCE: AppArmor -- add linux/kref.h for struct kref
  * [Config] enable CONFIG_HID_ORTEK
  * enable udeb generation for arm versatile flavour
    - LP: #522515

  [ John Johansen ]

  * ubuntu: AppArmor -- update to mainline 2010-02-18
    - LP: #439560, #496110, #507069

  [ Johnathon Harris ]

  * SAUCE: HID: add support for Ortek WKB-2000
    - LP: #405390

  [ Upstream Kernel Changes ]

  * tpm_tis: TPM_STS_DATA_EXPECT workaround
    - LP: #490487
  * x86, mce: Xeon75xx specific interface to get corrected memory error
    information
  * x86, mce: Rename cpu_specific_poll to mce_cpu_specific_poll
  * x86, mce: Make xeon75xx memory driver dependent on PCI
  * drm/edid: Unify detailed block parsing between base and extension
    blocks
    - LP: #500999
  * (pre-stable) eCryptfs: Add getattr function
    - LP: #390833
 -- Andy Whitcroft <email address hidden> Thu, 18 Feb 2010 19:22:02 +0000

Changed in linux (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Brad Figg (brad-figg) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-lucid' to 'verification-done-lucid'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-lucid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Related blueprints

Remote bug watches

Bug watches keep track of this bug in other bug trackers.