From patchwork Thu Aug 26 11:19:03 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: amirmizi6@gmail.com X-Patchwork-Id: 503013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.7 required=3.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4581FC4320E for ; Thu, 26 Aug 2021 12:19:14 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2B1FE60F45 for ; Thu, 26 Aug 2021 12:19:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242560AbhHZMT7 (ORCPT ); Thu, 26 Aug 2021 08:19:59 -0400 Received: from 212.199.177.27.static.012.net.il ([212.199.177.27]:41648 "EHLO herzl.nuvoton.co.il" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S242586AbhHZMT7 (ORCPT ); Thu, 26 Aug 2021 08:19:59 -0400 Received: from taln60.nuvoton.co.il (ntil-fw [212.199.177.25]) by herzl.nuvoton.co.il (8.13.8/8.13.8) with ESMTP id 17QBJVYG025244; Thu, 26 Aug 2021 14:19:31 +0300 Received: by taln60.nuvoton.co.il (Postfix, from userid 10140) id 662E963A1D; Thu, 26 Aug 2021 14:19:41 +0300 (IDT) From: amirmizi6@gmail.com To: Eyal.Cohen@nuvoton.com, jarkko.sakkinen@linux.intel.com, oshrialkoby85@gmail.com, alexander.steffen@infineon.com, robh+dt@kernel.org, mark.rutland@arm.com, peterhuewe@gmx.de, jgg@ziepe.ca, arnd@arndb.de, gregkh@linuxfoundation.org, benoit.houyere@st.com, eajames@linux.ibm.com, joel@jms.id.au Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, oshri.alkoby@nuvoton.com, tmaimon77@gmail.com, gcwilson@us.ibm.com, kgoldman@us.ibm.com, Dan.Morav@nuvoton.com, oren.tanami@nuvoton.com, shmulik.hager@nuvoton.com, amir.mizinski@nuvoton.com, Amir Mizinski Subject: [PATCH v13 2/7] tpm: tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception Date: Thu, 26 Aug 2021 14:19:03 +0300 Message-Id: <20210826111908.117278-3-amirmizi6@gmail.com> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20210826111908.117278-1-amirmizi6@gmail.com> References: <20210826111908.117278-1-amirmizi6@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: devicetree@vger.kernel.org From: Amir Mizinski Detected the following incorrect implementation of the send command: polling on the TPM_STS.stsValid field followed by checking the TPM_STS.expect field only once. Since TPM_STS.stsValid represents the TPM_STS.expect validity, both fields should be polled at the same time. This fix modifies the signature of 'wait_for_tpm_stat()', adding an additional "mask_result" parameter to its call and renaming it to 'tpm_tis_wait_for_stat()' for better alignment with other naming. 'tpm_tis_wait_for_stat()' is now polling the TPM_STS with a mask and waits for the value in mask_result. The fix adds the ability to check if certain TPM_STS bits have been cleared. This change is also aligned to verifying the CRC on I2C TPM. The CRC verification should be done after the TPM_STS.expect field is cleared (TPM received all expected command bytes and set the calculated CRC value in the register). In addition, the send command was changed to comply with TCG_DesignPrinciples_TPM2p0Driver_vp24_pubrev.pdf as follows: - send all command bytes in one loop - remove special handling of the last byte Suggested-by: Benoit Houyere Signed-off-by: Amir Mizinski Reviewed-by: Jarkko Sakkinen --- drivers/char/tpm/tpm_tis_core.c | 70 +++++++++++++++-------------------------- 1 file changed, 26 insertions(+), 44 deletions(-) diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c index 69579ef..b34e59b 100644 --- a/drivers/char/tpm/tpm_tis_core.c +++ b/drivers/char/tpm/tpm_tis_core.c @@ -44,9 +44,9 @@ static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask, return false; } -static int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, - unsigned long timeout, wait_queue_head_t *queue, - bool check_cancel) +static int tpm_tis_wait_for_stat(struct tpm_chip *chip, u8 mask, u8 stat, + unsigned long timeout, + wait_queue_head_t *queue, bool check_cancel) { unsigned long stop; long rc; @@ -55,7 +55,7 @@ static int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, /* check current status */ status = chip->ops->status(chip); - if ((status & mask) == mask) + if ((status & mask) == stat) return 0; stop = jiffies + timeout; @@ -83,7 +83,7 @@ static int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, usleep_range(TPM_TIMEOUT_USECS_MIN, TPM_TIMEOUT_USECS_MAX); status = chip->ops->status(chip); - if ((status & mask) == mask) + if ((status & mask) == stat) return 0; } while (time_before(jiffies, stop)); } @@ -259,10 +259,11 @@ static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count) int size = 0, burstcnt, rc; while (size < count) { - rc = wait_for_tpm_stat(chip, - TPM_STS_DATA_AVAIL | TPM_STS_VALID, - chip->timeout_c, - &priv->read_queue, true); + rc = tpm_tis_wait_for_stat(chip, + TPM_STS_DATA_AVAIL | TPM_STS_VALID, + TPM_STS_DATA_AVAIL | TPM_STS_VALID, + chip->timeout_c, &priv->read_queue, + true); if (rc < 0) return rc; burstcnt = get_burstcount(chip); @@ -315,8 +316,9 @@ static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count) goto out; } - if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c, - &priv->int_queue, false) < 0) { + if (tpm_tis_wait_for_stat(chip, TPM_STS_VALID, TPM_STS_VALID, + chip->timeout_c, &priv->int_queue, + false) < 0) { size = -ETIME; goto out; } @@ -342,61 +344,40 @@ static int tpm_tis_send_data(struct tpm_chip *chip, const u8 *buf, size_t len) struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); int rc, status, burstcnt; size_t count = 0; - bool itpm = priv->flags & TPM_TIS_ITPM_WORKAROUND; status = tpm_tis_status(chip); if ((status & TPM_STS_COMMAND_READY) == 0) { tpm_tis_ready(chip); - if (wait_for_tpm_stat - (chip, TPM_STS_COMMAND_READY, chip->timeout_b, - &priv->int_queue, false) < 0) { + if (tpm_tis_wait_for_stat(chip, TPM_STS_COMMAND_READY, + TPM_STS_COMMAND_READY, + chip->timeout_b, &priv->int_queue, + false) < 0) { rc = -ETIME; goto out_err; } } - while (count < len - 1) { + while (count < len) { burstcnt = get_burstcount(chip); if (burstcnt < 0) { dev_err(&chip->dev, "Unable to read burstcount\n"); rc = burstcnt; goto out_err; } - burstcnt = min_t(int, burstcnt, len - count - 1); + burstcnt = min_t(int, burstcnt, len - count); rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality), burstcnt, buf + count); if (rc < 0) goto out_err; count += burstcnt; - - if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c, - &priv->int_queue, false) < 0) { - rc = -ETIME; - goto out_err; - } - status = tpm_tis_status(chip); - if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) { - rc = -EIO; - goto out_err; - } } - - /* write last byte */ - rc = tpm_tis_write8(priv, TPM_DATA_FIFO(priv->locality), buf[count]); - if (rc < 0) - goto out_err; - - if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c, - &priv->int_queue, false) < 0) { + if (tpm_tis_wait_for_stat(chip, TPM_STS_VALID | TPM_STS_DATA_EXPECT, + TPM_STS_VALID, chip->timeout_a, + &priv->int_queue, false) < 0) { rc = -ETIME; goto out_err; } - status = tpm_tis_status(chip); - if (!itpm && (status & TPM_STS_DATA_EXPECT) != 0) { - rc = -EIO; - goto out_err; - } return 0; @@ -451,9 +432,10 @@ static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len) ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); dur = tpm_calc_ordinal_duration(chip, ordinal); - if (wait_for_tpm_stat - (chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID, dur, - &priv->read_queue, false) < 0) { + if (tpm_tis_wait_for_stat(chip, + TPM_STS_DATA_AVAIL | TPM_STS_VALID, + TPM_STS_DATA_AVAIL | TPM_STS_VALID, + dur, &priv->read_queue, false) < 0) { rc = -ETIME; goto out_err; } From patchwork Thu Aug 26 11:19:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: amirmizi6@gmail.com X-Patchwork-Id: 503014 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.7 required=3.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C7189C4320A for ; Thu, 26 Aug 2021 12:19:06 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AB433610CB for ; Thu, 26 Aug 2021 12:19:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242482AbhHZMTv (ORCPT ); Thu, 26 Aug 2021 08:19:51 -0400 Received: from 212.199.177.27.static.012.net.il ([212.199.177.27]:41648 "EHLO herzl.nuvoton.co.il" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S242508AbhHZMTs (ORCPT ); Thu, 26 Aug 2021 08:19:48 -0400 Received: from taln60.nuvoton.co.il (ntil-fw [212.199.177.25]) by herzl.nuvoton.co.il (8.13.8/8.13.8) with ESMTP id 17QBJXJv025247; Thu, 26 Aug 2021 14:19:33 +0300 Received: by taln60.nuvoton.co.il (Postfix, from userid 10140) id BFFEE63A1E; Thu, 26 Aug 2021 14:19:42 +0300 (IDT) From: amirmizi6@gmail.com To: Eyal.Cohen@nuvoton.com, jarkko.sakkinen@linux.intel.com, oshrialkoby85@gmail.com, alexander.steffen@infineon.com, robh+dt@kernel.org, mark.rutland@arm.com, peterhuewe@gmx.de, jgg@ziepe.ca, arnd@arndb.de, gregkh@linuxfoundation.org, benoit.houyere@st.com, eajames@linux.ibm.com, joel@jms.id.au Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, oshri.alkoby@nuvoton.com, tmaimon77@gmail.com, gcwilson@us.ibm.com, kgoldman@us.ibm.com, Dan.Morav@nuvoton.com, oren.tanami@nuvoton.com, shmulik.hager@nuvoton.com, amir.mizinski@nuvoton.com, Amir Mizinski Subject: [PATCH v13 3/7] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()" Date: Thu, 26 Aug 2021 14:19:04 +0300 Message-Id: <20210826111908.117278-4-amirmizi6@gmail.com> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20210826111908.117278-1-amirmizi6@gmail.com> References: <20210826111908.117278-1-amirmizi6@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: devicetree@vger.kernel.org From: Amir Mizinski Using this function while reading/writing data resulted in an aborted operation. After investigating the issue according to the TCG TPM Profile (PTP) Specifications, I found that "request to cancel" should occur only if TPM_STS.commandReady bit is lit. Note that i couldn't find a case where the present condition (in the linux kernel) is valid, so I'm removing the case for "TPM_VID_WINBOND" since we have no need for it. Also, the default comparison is wrong. Only cmdReady bit needs to be compared instead of the full lower status register byte. Fixes: 1f866057291f (tpm: Fix cancellation of TPM commands (polling mode)) Signed-off-by: Amir Mizinski --- drivers/char/tpm/tpm_tis_core.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c index b34e59b..4145758 100644 --- a/drivers/char/tpm/tpm_tis_core.c +++ b/drivers/char/tpm/tpm_tis_core.c @@ -650,13 +650,11 @@ static bool tpm_tis_req_canceled(struct tpm_chip *chip, u8 status) struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); switch (priv->manufacturer_id) { - case TPM_VID_WINBOND: - return ((status == TPM_STS_VALID) || - (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY))); case TPM_VID_STM: return (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY)); default: - return (status == TPM_STS_COMMAND_READY); + return ((status & TPM_STS_COMMAND_READY) == + TPM_STS_COMMAND_READY); } } From patchwork Thu Aug 26 11:19:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: amirmizi6@gmail.com X-Patchwork-Id: 503015 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.7 required=3.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 66C75C4320E for ; Thu, 26 Aug 2021 12:18:24 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 462A66109E for ; Thu, 26 Aug 2021 12:18:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242529AbhHZMTK (ORCPT ); Thu, 26 Aug 2021 08:19:10 -0400 Received: from 212.199.177.27.static.012.net.il ([212.199.177.27]:41642 "EHLO herzl.nuvoton.co.il" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S242404AbhHZMTK (ORCPT ); Thu, 26 Aug 2021 08:19:10 -0400 X-Greylist: delayed 3347 seconds by postgrey-1.27 at vger.kernel.org; Thu, 26 Aug 2021 08:19:09 EDT Received: from taln60.nuvoton.co.il (ntil-fw [212.199.177.25]) by herzl.nuvoton.co.il (8.13.8/8.13.8) with ESMTP id 17QBJY8M025250; Thu, 26 Aug 2021 14:19:34 +0300 Received: by taln60.nuvoton.co.il (Postfix, from userid 10140) id F075963A1C; Thu, 26 Aug 2021 14:19:43 +0300 (IDT) From: amirmizi6@gmail.com To: Eyal.Cohen@nuvoton.com, jarkko.sakkinen@linux.intel.com, oshrialkoby85@gmail.com, alexander.steffen@infineon.com, robh+dt@kernel.org, mark.rutland@arm.com, peterhuewe@gmx.de, jgg@ziepe.ca, arnd@arndb.de, gregkh@linuxfoundation.org, benoit.houyere@st.com, eajames@linux.ibm.com, joel@jms.id.au Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, oshri.alkoby@nuvoton.com, tmaimon77@gmail.com, gcwilson@us.ibm.com, kgoldman@us.ibm.com, Dan.Morav@nuvoton.com, oren.tanami@nuvoton.com, shmulik.hager@nuvoton.com, amir.mizinski@nuvoton.com, Amir Mizinski Subject: [PATCH v13 4/7] tpm: Handle an exception for TPM Firmware Update mode. Date: Thu, 26 Aug 2021 14:19:05 +0300 Message-Id: <20210826111908.117278-5-amirmizi6@gmail.com> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20210826111908.117278-1-amirmizi6@gmail.com> References: <20210826111908.117278-1-amirmizi6@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: devicetree@vger.kernel.org From: Amir Mizinski An extra precaution for TPM Firmware Update Mode. For example if TPM power was cut while in Firmware update, platform should ignore "selftest" failure and skip TPM initialization sequence. Suggested-by: Benoit Houyere Signed-off-by: Amir Mizinski --- drivers/char/tpm/tpm2-cmd.c | 4 ++++ include/linux/tpm.h | 1 + 2 files changed, 5 insertions(+) diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index a25815a..c2b541d 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -729,6 +729,10 @@ int tpm2_auto_startup(struct tpm_chip *chip) goto out; rc = tpm2_do_selftest(chip); + + if (rc == TPM2_RC_UPGRADE || rc == TPM2_RC_COMMAND_CODE) + return 0; + if (rc && rc != TPM2_RC_INITIALIZE) goto out; diff --git a/include/linux/tpm.h b/include/linux/tpm.h index aa11fe3..c5bf934 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -207,6 +207,7 @@ enum tpm2_return_codes { TPM2_RC_INITIALIZE = 0x0100, /* RC_VER1 */ TPM2_RC_FAILURE = 0x0101, TPM2_RC_DISABLED = 0x0120, + TPM2_RC_UPGRADE = 0x012D, TPM2_RC_COMMAND_CODE = 0x0143, TPM2_RC_TESTING = 0x090A, /* RC_WARN */ TPM2_RC_REFERENCE_H0 = 0x0910,