Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp11149166imu;
        Mon, 31 Dec 2018 14:21:03 -0800 (PST)
X-Google-Smtp-Source: AFSGD/Uk3Lh0NQhYhAAuBUcMiOl+NIz/XjqUK5/pyZsIPO19lvqnEVpDyYrje3lipsYh/EQsrZ9J
X-Received: by 2002:a62:5486:: with SMTP id i128mr38579653pfb.215.1546294863240;
        Mon, 31 Dec 2018 14:21:03 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1546294863; cv=none;
        d=google.com; s=arc-20160816;
        b=RE9l3ZzUezKGchfKyZIlLa4axKfhWmJvfhwpqHf1FSpGefVjBHHN/EJ7gfPykFH06G
         XfGDYODciTpOvAbNu8v4BbPwLzJ+ry1wSZNubIcopAE1qGpJVDAVQDFisWrY3QYdyzEk
         dthGQJRwSEON8mqUrg5dTh50uJsfpa4iuMOk2J6xCkps8U+E8wJKdNyoUopr7kUYFaAh
         5x90i2Cj+KrwfJTJ/zaabUX2ax9WMfbPA5lSADQhN2Vh6Q+omyZAXxsq8H52i5zj3H/a
         IIKdEvjrYDjzYG87kG+mgOnRmmasBi/98UOiS8n6yoknQ79mEVVjkEUooaz3YJ6/GbuV
         +rmA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:content-transfer-encoding
         :mime-version:references:in-reply-to:date:to:from:subject;
        bh=Ffbqn4N5IbhIO8UFATgQ+CW9q1p6YOtSGsZ9/42q7LE=;
        b=ZE2uXAdqINmmgN6FTRJvwhUC+7aVTasM/IPoYu6LXGGewjKLTpphhhG1GnYsczpqmt
         LZcE3+dZMe6PbsqNuaEh8mTrwe6PeTvCCeysSrKrTkkfep/ivRYp6rvFIDp8SXzHq+ex
         andbp+f1a059jPp8/VvN9mx2bWu1R+23IWz5s4w+D5urf/ppcSXGsgO3VBucfSg1aiNm
         2iLbTPXBXCO3boOSFgDnyumTe3hgcZQp2rBrHQX42VUjdLfTAlxR2vTR0BNA5Ko7Znzt
         LUBNTgIieZosRv4vGsTrk//j4mvdHK+HrxDgHAEh+Dv8rDBJ20GID/XAQHH60YJ3ETIV
         rRog==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id u24si6969257pgj.489.2018.12.31.14.20.48;
        Mon, 31 Dec 2018 14:21:03 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728060AbeLaVSB (ORCPT <rfc822;dacohen@gmail.com> + 99 others);
        Mon, 31 Dec 2018 16:18:01 -0500
Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:48538 "EHLO
        mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1727801AbeLaVSA (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 31 Dec 2018 16:18:00 -0500
Received: from pps.filterd (m0098393.ppops.net [127.0.0.1])
        by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id wBVLDPUX045765
        for <linux-kernel@vger.kernel.org>; Mon, 31 Dec 2018 16:18:00 -0500
Received: from e06smtp03.uk.ibm.com (e06smtp03.uk.ibm.com [195.75.94.99])
        by mx0a-001b2d01.pphosted.com with ESMTP id 2pqku3prtt-1
        (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT)
        for <linux-kernel@vger.kernel.org>; Mon, 31 Dec 2018 16:18:00 -0500
Received: from localhost
        by e06smtp03.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted
        for <linux-kernel@vger.kernel.org> from <zohar@linux.ibm.com>;
        Mon, 31 Dec 2018 21:17:57 -0000
Received: from b06cxnps3075.portsmouth.uk.ibm.com (9.149.109.195)
        by e06smtp03.uk.ibm.com (192.168.101.133) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted;
        (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256)
        Mon, 31 Dec 2018 21:17:53 -0000
Received: from d06av22.portsmouth.uk.ibm.com (d06av22.portsmouth.uk.ibm.com [9.149.105.58])
        by b06cxnps3075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id wBVLHqBR55640138
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL);
        Mon, 31 Dec 2018 21:17:52 GMT
Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1])
        by IMSVA (Postfix) with ESMTP id 4D3E34C040;
        Mon, 31 Dec 2018 21:17:52 +0000 (GMT)
Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1])
        by IMSVA (Postfix) with ESMTP id 84E274C046;
        Mon, 31 Dec 2018 21:17:50 +0000 (GMT)
Received: from localhost.localdomain (unknown [9.80.106.78])
        by d06av22.portsmouth.uk.ibm.com (Postfix) with ESMTP;
        Mon, 31 Dec 2018 21:17:50 +0000 (GMT)
Subject: Re: tpm_tis TPM2.0 not detected on cold boot
From:   Mimi Zohar <zohar@linux.ibm.com>
To:     Michael =?ISO-8859-1?Q?Niew=F6hner?= <linux@mniewoehner.de>,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        James Bottomley <James.Bottomley@HansenPartnership.com>,
        peterhuewe@gmx.de, jgg@ziepe.ca, arnd@arndb.de,
        linux-integrity@vger.kernel.org,
        linux-kernel <linux-kernel@vger.kernel.org>,
        Nayna Jain <nayna@linux.ibm.com>,
        Ken Goldman <kgold@linux.ibm.com>
Date:   Mon, 31 Dec 2018 16:17:39 -0500
In-Reply-To: <912668ea1d74f526f78f03f562fdaf17fc06f62c.camel@mniewoehner.de>
References: <ef7e773b01a5e6153b84628f74fc67092a2f9b0e.camel@gmail.com>
         <1f281756bb1f041e55be8dd090670a1a7b1d1c94.camel@mniewoehner.de>
         <1545519232.3940.115.camel@linux.ibm.com>
         <e7ec38d7cade9aa76384aa2781eab307d2cd5a7b.camel@mniewoehner.de>
         <b75fd04643daf5aab5a1fc115e8fbfca9a381f8d.camel@mniewoehner.de>
         <1546140837.4069.81.camel@linux.ibm.com>
         <912668ea1d74f526f78f03f562fdaf17fc06f62c.camel@mniewoehner.de>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) 
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-TM-AS-GCONF: 00
x-cbid: 18123121-0012-0000-0000-000002DFE678
X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused
x-cbparentid: 18123121-0013-0000-0000-000021169ECC
Message-Id: <1546291059.4069.158.camel@linux.ibm.com>
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-12-31_10:,,
 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501
 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0
 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0
 mlxlogscore=807 adultscore=0 classifier=spam adjust=0 reason=mlx
 scancount=1 engine=8.0.1-1810050000 definitions=main-1812310182
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sun, 2018-12-30 at 14:22 +0100, Michael Niewöhner wrote:

> > difference is that on a cold boot, the TPM takes longer to initialize.
> 
> Well, as I said. Waiting for 10, 20 or even 60 seconds in the boot manager does
> not solve the problem. So the problem is NOT that the TPM takes longer to
> initialize. Even adding a delay of 20 seconds before TPM init does not solve
> that while that should be more than enough time.

The purpose of commenting out the TPM2 selftest was to minimize the
TPM initialization delay, so that the TPM is ready before IMA.  After
James' patch that wasn't needed anymore.

Looking back at this thread, I see you're using systemd-boot, not
grub2.  When you commented out the systemd-boot timeout, IMA found the
TPM.  The question is why isn't the TPM ready with the timeout before
IMA (like above)?  Has systemd-boot done the selftest?

Mimi