ladis has quit [Remote host closed the connection]
torez has quit [Remote host closed the connection]
ladis has joined #u-boot
davlefou has quit [Ping timeout: 240 seconds]
monstr has quit [Remote host closed the connection]
davlefou has joined #u-boot
mmu_man has quit [Ping timeout: 240 seconds]
vagrantc has joined #u-boot
mmu_man has joined #u-boot
mmu_man has quit [Ping timeout: 240 seconds]
___nick___ has joined #u-boot
___nick___ has quit [Client Quit]
<apalos>
sjg1: I dont really follow any of the arguments in the ML
<apalos>
tpm init is faulty right now since you have to call 3 more commands for the device to work
<apalos>
And you *must* call them if you want to use the device
<apalos>
So tpm_init() as is is pretty useless
<apalos>
and noone acounts for the -EBUSY ret code anyway
<apalos>
And on top of that it makes the python testing code crap
<apalos>
So we should really just get rid of tpm_init to begin with
<apalos>
and replace the 'manual' init sequence of 4 u-boot commands with tpm_auto_start
<apalos>
also you seem to have the wrong idea about EFI?
___nick___ has joined #u-boot
<apalos>
EFI just needs the tpm up and running, It can happen as early as possible
<apalos>
In the past you argued (a lot) that the device is 'slow' and we should init it ad-hoc
<apalos>
which we now do, but it doesnt matter how many times you call tpm_auto_start()
<apalos>
It always does the right thing and only inits the device once, and the overhead --if any-- sahould be minmal
<apalos>
but I am trying to keep the changes sort, once we sort out the init mess, I have more patches cleaning up tpm_init() in all code + tests
mmu_man has joined #u-boot
<Tartarus>
apalos, xypron: Not a rush, but, some solution to the EFI guid thing with clang will be merged soon I hope? I've put clang+arm in my HW test loops, so I see the warning a lot now :)
<xypron>
Tartarus: apalos said he would put reviewed-by on your patch. But I have not seen that yet.
<sjg1>
So just add 'tpm autoinit' ?? I'm just lost as to why you want to change 'tpm init' to do something else? How do you handle suspend/resume? This is just not making any sense so I must be missing something
<apalos>
what does suspend resume have to do with tpm init?
frieder has quit [Remote host closed the connection]
mmu_man has quit [Ping timeout: 246 seconds]
<apalos>
and what else do you need to make sense apart from 'tpm init' does nothing?
<apalos>
tpm init gets called into the python tests as well, and expects a ret code of 0
<apalos>
which is not always true, if you call it multiple times you get -EBUSY
<apalos>
iow let me reverse the argument. Can you point me to a single piece of code where tpm_init() is useful ?
mmu_man has joined #u-boot
<sjg1>
When resuming you must not clear the TPM
<sjg1>
Init should "Request access to locality 0 for the caller"
<sjg1>
Really init should be called open. It is confusing to have tpm_init() call tpm_open()
<sjg1>
close should release the locality
<sjg1>
What you are talking about is a TPM operation. I thought you added the autostart to make things work for EFI? So why not add a command? Then people who don't want to put the TPM in this state don't have to.
vagrantc has quit [Ping timeout: 246 seconds]
<sjg1>
As soon as you change what tpm_init() means, it breaks the API, since there is no way to open the TPM without it automatically starting itself. E.g. tests which check that behaviour can't work. It just doesn't make sense
<sjg1>
What problem are you actually solving?
vagrantc has joined #u-boot
mmu_man has quit [Ping timeout: 265 seconds]
hanetzer has quit [Ping timeout: 256 seconds]
<milkylainen>
sjg1: I looked a bit further into packing. It seems the code already does pack? fit_import_data doesn't seem to care about original size?
hanetzer has joined #u-boot
<sjg1>
milkylainen: Isn't that for the FIT itself? I am talking about u-boot.dtb or wherever the public key ends up
<milkylainen>
sjg1: Hmm.
<milkylainen>
sjg1: Isn't this for fit images only? u-boot dtb has extra place for stuff. pubkey gets generated here, but not packed. Ie, it's added the same size as the fit itself during size_inc increases.
redbrain has quit [Read error: Connection reset by peer]
redbrain has joined #u-boot
<apalos>
sjg1: as far as close is concerned, we dont even implement it
<apalos>
youar argument on "resuming" the tpm is completely moot
<apalos>
You cant possibly expect people to resume the TPM on amanual commands right?>
<apalos>
If we ever fix it, we should just automate that
<apalos>
so again, what does tpm_init() currently does, that is of *any* use
<apalos>
the problem I am trying to solve is make the layer look sane to begin with
<apalos>
So unless you expect people to interrupt products and do tpm init && tpm tpm startup ST_STATE
<apalos>
which makes no sense to begin with, I can see why you even want to keep tpm init as is
<apalos>
not to mention that suspend and resume are used on *power management* in an OS
<apalos>
not from a bootloader
<apalos>
and as far as request locality goes you need to do it on every transaction