diff options
| author | Jiandi An <anjiandi@codeaurora.org> | 2018-03-06 23:26:26 -0600 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2018-05-30 07:49:10 +0200 |
| commit | edf3bf9ee26ae9655a2b43a251e96e84bc0b0676 (patch) | |
| tree | 4de288278e643cb706916880e7098c0ce098fd02 /security | |
| parent | d1dbe5dbfd7a8b82a3c67bbaf0632d6618c840b2 (diff) | |
| download | linux-stable-edf3bf9ee26ae9655a2b43a251e96e84bc0b0676.tar.gz linux-stable-edf3bf9ee26ae9655a2b43a251e96e84bc0b0676.tar.bz2 linux-stable-edf3bf9ee26ae9655a2b43a251e96e84bc0b0676.zip | |
ima: Fix Kconfig to select TPM 2.0 CRB interface
[ Upstream commit fac37c628fd5d68fd7298d9b57ae8601ee1b4723 ]
TPM_CRB driver provides TPM CRB 2.0 support. If it is built as a
module, the TPM chip is registered after IMA init. tpm_pcr_read() in
IMA fails and displays the following message even though eventually
there is a TPM chip on the system.
ima: No TPM chip found, activating TPM-bypass! (rc=-19)
Fix IMA Kconfig to select TPM_CRB so TPM_CRB driver is built in the kernel
and initializes before IMA.
Signed-off-by: Jiandi An <anjiandi@codeaurora.org>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/integrity/ima/Kconfig | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig index df303346029b..648a0461f8ed 100644 --- a/security/integrity/ima/Kconfig +++ b/security/integrity/ima/Kconfig @@ -10,6 +10,7 @@ config IMA select CRYPTO_HASH_INFO select TCG_TPM if HAS_IOMEM && !UML select TCG_TIS if TCG_TPM && X86 + select TCG_CRB if TCG_TPM && ACPI select TCG_IBMVTPM if TCG_TPM && PPC_PSERIES help The Trusted Computing Group(TCG) runtime Integrity |