Re: [PATCH v11 00/16] Remove nested TPM operations

From: Stefan Berger <stefanb@linux.ibm.com>
To: Alexander Steffen <Alexander.Steffen@infineon.com>,
	Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
	linux-integrity@vger.kernel.org
Cc: linux-kernel@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	Peter Huewe <PeterHuewe@gmx.de>, Jason Gunthorpe <jgg@ziepe.ca>,
	Tomas Winkler <tomas.winkler@intel.com>,
	Tadeusz Struk <tadeusz.struk@intel.com>,
	Stefan Berger <stefanb@linux.vnet.ibm.com>,
	Nayna Jain <nayna@linux.ibm.com>
Subject: Re: [PATCH v11 00/16] Remove nested TPM operations
Date: Thu, 7 Feb 2019 16:14:53 -0500	[thread overview]
Message-ID: <677450b6-e8a6-b397-8406-4a32a916e65b@linux.ibm.com> (raw)
In-Reply-To: <3d6fdcc1-8221-2137-fc82-596377cc2fdc@infineon.com>

On 2/7/19 1:41 PM, Alexander Steffen wrote:
> On 06.02.2019 13:06, Jarkko Sakkinen wrote:
>> On Wed, Feb 06, 2019 at 12:47:07AM +0200, Jarkko Sakkinen wrote:
>>> Make the changes necessary to detach TPM space code and TPM activation
>>> code out of the tpm_transmit() flow because of both of these can cause
>>> nested tpm_transmit() calls. The nesteds calls make the whole flow hard
>>> to maintain, and thus, it is better to just fix things now before this
>>> turns into a bigger mess.
>>>
>>> v11:
>>> * Drop the patch that tries to flush TPM space on system. Not a proper
>>>    fallback + out of scope for this patch set.
>>>
>>> v10:
>>> * Use void pointers to avoid unnecessary casts in functions paramaters
>>>    where it makes sense.
>>>
>>> v9:
>>> * Fixed again tpm_try_get_ops().
>>> * Added missing reviewed-by's.
>>>
>>> v8:
>>> * Re-add the check for ret < 0 after calling tpm_try_transmit() that
>>>    was dropped by mistake while moving code.
>>> * Fix error fallback for tpm_try_get_ops() when tpm_chip_start()
>>>    fails.
>>>
>>> v7:
>>> *  Reorganize series so that more trivial and self-contained changes 
>>> are
>>>     in the head.
>>>
>>> v6:
>>> * When tpm_validate_commmand() was moved to tpm2-space.c, the struct 
>>> for
>>>    the TPM header was incorrectly declared as struct tpm_input_header.
>>> * Fix return value in tpm_validate_command().
>>>
>>> v5:
>>> * Add the missing rev's from Stefan Berger.
>>>
>>> v4:
>>> * Return 0 from pcrs_show() when tpm1_pcr_read() fails.
>>> * Fix error handling flow in tpm_try_transmit().
>>> * Replace struct tpm_input_header and struct tpm_output_header with
>>>    struct tpm_header.
>>>
>>> v3:
>>> * Encapsulate power gating code to tpm_chip_start() and 
>>> tpm_chip_stop().
>>> * Move TPM power gating code and locking to tpm_try_get_ops() and
>>>    tpm_put_ops().
>>> * Call power gating code directly in tpm_chip_register() and
>>>    tpm2_del_space().
>>>
>>> v2:
>>> * Print tpm2_commit_space() error inside tpm2_commit_space()
>>> * Error code was not printed when recv() callback failed. It is
>>>    fixed in this version.
>>> * Added a patch that removes @space from tpm_transmit().
>>> * Fixed a regression in earlier series. Forgot to amend the change
>>>    from the staging area that renames NESTED to UNLOCKED in 
>>> tpm2-space.c.
>>>
>>> Jarkko Sakkinen (16):
>>>    tpm: use tpm_buf in tpm_transmit_cmd() as the IO parameter
>>>    tpm: fix invalid return value in pubek_show()
>>>    tpm: return 0 from pcrs_show() when tpm1_pcr_read() fails
>>>    tpm: print tpm2_commit_space() error inside tpm2_commit_space()
>>>    tpm: declare struct tpm_header
>>>    tpm: access command header through struct in tpm_try_transmit()
>>>    tpm: encapsulate tpm_dev_transmit()
>>>    tpm: clean up tpm_try_transmit() error handling flow
>>>    tpm: move tpm_validate_commmand() to tpm2-space.c
>>>    tpm: move TPM space code out of tpm_transmit()
>>>    tpm: remove @space from tpm_transmit()
>>>    tpm: use tpm_try_get_ops() in tpm-sysfs.c.
>>>    tpm: remove TPM_TRANSMIT_UNLOCKED flag
>>>    tpm: introduce tpm_chip_start() and tpm_chip_stop()
>>>    tpm: take TPM chip power gating out of tpm_transmit()
>>>    tpm: remove @flags from tpm_transmit()
>>>
>>>   drivers/char/tpm/tpm-chip.c       | 109 ++++++++++++
>>>   drivers/char/tpm/tpm-dev-common.c |  44 ++++-
>>>   drivers/char/tpm/tpm-interface.c  | 264 
>>> ++++++------------------------
>>>   drivers/char/tpm/tpm-sysfs.c      | 138 ++++++++++------
>>>   drivers/char/tpm/tpm.h            |  64 +++-----
>>>   drivers/char/tpm/tpm1-cmd.c       |  28 +---
>>>   drivers/char/tpm/tpm2-cmd.c       |  72 +++-----
>>>   drivers/char/tpm/tpm2-space.c     |  91 +++++++---
>>>   drivers/char/tpm/tpm_i2c_atmel.c  |   5 +-
>>>   drivers/char/tpm/tpm_vtpm_proxy.c |  12 +-
>>>   drivers/char/tpm/xen-tpmfront.c   |   2 +-
>>>   11 files changed, 408 insertions(+), 421 deletions(-)
>>>
>>> -- 
>>> 2.19.1
>>>
>>
>> Applied to master and next.
>
> Something in this series seems to break basic TPM communication for me.
>
> For TPM2.0s the probe command fails, causing them to be misdetected as 
> TPM1.2s:
>
> ---
> tpm tpm0: tpm_try_transmit: tpm_send: error -5
> tpm_tis MSFT0101:00: 1.2 TPM (device-id 0x1A, rev-id 22)
> tpm tpm0: A TPM error (30) occurred attempting to determine the timeouts
> ---
> tpm tpm0: tpm_try_transmit: tpm_send: error -5
> tpm_tis_spi spi0.1: 1.2 TPM (device-id 0x1B, rev-id 22)
> tpm tpm0: A TPM error (30) occurred attempting to determine the timeouts
> ---
>
> And for something that actually is a TPM1.2 it fails in a similar way:
>
> ---
> tpm_i2c_infineon 1-0020: 1.2 TPM (device-id 0x1A)
> tpm tpm0: A TPM error (-14) occurred attempting to determine the timeouts
> ---
> tpm tpm0: tpm_try_transmit: tpm_send: error -5
> tpm_tis_spi spi0.1: 1.2 TPM (device-id 0x1B, rev-id 16)
> tpm tpm0: A TPM error (-14) occurred attempting to determine the timeouts
> tpm_tis_spi: probe of spi0.1 failed with error -14
> ---
>
> I see this problem across my entire range of TPM devices and test 
> platforms. Any idea what could be wrong here?

Can you bisect the series ?

    Stefan

>
>
> Alexander
>