From: Simon Glass <sjg@chromium.org>
To: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: U-Boot Mailing List <u-boot@lists.denx.de>
Subject: Re: [PATCH 7/8] tpm: Implement state command for Cr50
Date: Sun, 14 Aug 2022 17:29:34 -0600 [thread overview]
Message-ID: <CAPnjgZ1P5XouYff7zuaAb51bdFNRKbxCZem49VzVociOn4U2vA@mail.gmail.com> (raw)
In-Reply-To: <Yp8SMJt9WYBk4a3h@hera>
Hi Ilias,
On Tue, 7 Jun 2022 at 02:54, Ilias Apalodimas
<ilias.apalodimas@linaro.org> wrote:
>
> On Mon, Feb 28, 2022 at 05:11:24PM -0700, Simon Glass wrote:
> > Add a vendor-specific TPM2 command for this and implement it for Cr50.
> >
> > Signed-off-by: Simon Glass <sjg@chromium.org>
> > ---
> >
> > drivers/tpm/cr50_i2c.c | 117 +++++++++++++++++++++++++++++++++++++++++
> > include/tpm-v2.h | 54 +++++++++++++++++++
> > lib/tpm-v2.c | 24 +++++++++
> > 3 files changed, 195 insertions(+)
> >
> > diff --git a/drivers/tpm/cr50_i2c.c b/drivers/tpm/cr50_i2c.c
> > index f8c3087894..dabf617be0 100644
> > --- a/drivers/tpm/cr50_i2c.c
> > +++ b/drivers/tpm/cr50_i2c.c
> > @@ -13,11 +13,13 @@
> > #include <irq.h>
> > #include <log.h>
> > #include <spl.h>
> > +#include <tpm-common.h>
> > #include <tpm-v2.h>
> > #include <acpi/acpigen.h>
> > #include <acpi/acpi_device.h>
> > #include <asm/gpio.h>
> > #include <asm/io.h>
> > +#include <asm/unaligned.h>
> > #include <linux/delay.h>
> > #include <dm/acpi.h>
> >
> > @@ -54,6 +56,41 @@ struct cr50_priv {
> > bool use_irq;
> > };
> >
> > +/*
> > + * The below structure represents the body of the response to the 'report tpm
> > + * state' vendor command.
> > + *
> > + * It is transferred over the wire, so it needs to be serialized/deserialized,
> > + * and it is likely to change, so its contents must be versioned.
> > + */
> > +#define TPM_STATE_VERSION 1
> > +struct tpm_vendor_state {
> > + u32 version;
> > + /*
> > + * The following three fields are set by the TPM in case of an assert.
> > + * There is no other processing than setting the source code line
> > + * number, error code and the first 4 characters of the function name.
> > + *
> > + * We don't expect this happening, but it is included in the report
> > + * just in case.
> > + */
> > + u32 fail_line; /* s_failLIne */
> > + u32 fail_code; /* s_failCode */
> > + char func_name[4]; /* s_failFunction, limited to 4 chars */
> > +
> > + /*
> > + * The following two fields are the current time filtered value of the
> > + * 'failed tries' TPM counter, and the maximum allowed value of the
> > + * counter.
> > + *
> > + * failed_tries == max_tries is the definition of the TPM lockout
> > + * condition.
> > + */
> > + u32 failed_tries; /* gp.failedTries */
> > + u32 max_tries; /* gp.maxTries */
> > + /* The below fields are present in version 2 and above */
> > +};
> > +
> > /* Wait for interrupt to indicate TPM is ready */
> > static int cr50_i2c_wait_tpm_ready(struct udevice *dev)
> > {
> > @@ -573,6 +610,85 @@ static int cr50_i2c_get_desc(struct udevice *dev, char *buf, int size)
> > return len;
> > }
> >
> > +static int stringify_state(char *buf, int len, char *str, size_t max_size)
> > +{
> > + struct tpm_vendor_state state;
> > + size_t text_size = 0;
> > +
> > + state.version = get_unaligned_be32(buf +
> > + offsetof(struct tpm_vendor_state, version));
> > + state.fail_line = get_unaligned_be32(buf +
> > + offsetof(struct tpm_vendor_state, fail_line));
> > + state.fail_code = get_unaligned_be32(buf +
> > + offsetof(struct tpm_vendor_state, fail_code));
> > + memcpy(state.func_name,
> > + buf + offsetof(struct tpm_vendor_state, func_name),
> > + sizeof(state.func_name));
> > + state.failed_tries = get_unaligned_be32(buf +
> > + offsetof(struct tpm_vendor_state, failed_tries));
> > + state.max_tries = get_unaligned_be32(buf +
> > + offsetof(struct tpm_vendor_state, max_tries));
> > +
> > + text_size += snprintf(str + text_size, max_size - text_size,
> > + "v=%d", state.version);
> > + if (text_size >= max_size)
> > + return -ENOSPC;
> > +
> > + if (state.version > TPM_STATE_VERSION)
> > + text_size += snprintf(str + text_size,
> > + max_size - text_size,
> > + " not fully supported\n");
> > + if (text_size >= max_size)
> > + return -ENOSPC;
> > +
> > + if (state.version == 0)
> > + return -EINVAL; /* This should never happen */
> > +
> > + text_size += snprintf(str + text_size,
> > + max_size - text_size,
> > + " failed_tries=%d max_tries=%d\n",
> > + state.failed_tries, state.max_tries);
> > + if (text_size >= max_size)
> > + return -ENOSPC;
> > +
> > + if (state.fail_line) {
> > + /* make sure function name is zero terminated. */
> > + char func_name[sizeof(state.func_name) + 1];
> > +
> > + memcpy(func_name, state.func_name, sizeof(state.func_name));
> > + func_name[sizeof(state.func_name)] = '\0';
> > +
> > + text_size += snprintf(str + text_size,
> > + max_size - text_size,
> > + "tpm failed: f %s line %d code %d",
> > + func_name,
> > + state.fail_line,
> > + state.fail_code);
> > + if (text_size >= max_size)
> > + return -ENOSPC;
> > + }
> > +
> > + return 0;
> > +}
>
> Is this error state described in the TCG TIS specs ? If so we should plug
> this into the generic TPM API and the driver should only define
> cr50_i2c_report_state() etc
No, this is not in the spec. It is one of the many extensions supported by Cr50.
>
> > +
> > +static int cr50_i2c_report_state(struct udevice *dev, char *str, int str_max)
> > +{
> > + char buf[50];
> > + int buf_size = sizeof(buf);
> > + int ret;
> > +
> > + ret = tpm2_cr50_report_state(dev, buf, &buf_size);
> > + if (ret)
> > + return ret;
> > +
> > + /* TPM responded as expected */
> > + ret = stringify_state(buf, buf_size, str, str_max);
> > + if (ret)
> > + return ret;
> > +
> > + return 0;
> > +}
> > +
>
> [...]
>
> Thanks
> /Ilias
Regards,
Simon
next prev parent reply other threads:[~2022-08-14 23:30 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-01 0:11 [PATCH 0/8] tpm: Various minor fixes and enhancements Simon Glass
2022-03-01 0:11 ` [PATCH 1/8] tpm: Export the TPM-version functions Simon Glass
2022-06-07 8:28 ` Ilias Apalodimas
2022-03-01 0:11 ` [PATCH 2/8] tpm: Require a digest source when extending the PCR Simon Glass
2022-06-07 8:42 ` Ilias Apalodimas
2022-08-14 23:29 ` Simon Glass
2022-03-01 0:11 ` [PATCH 3/8] tpm: Correct the permissions command in TPMv1 Simon Glass
2022-06-07 8:44 ` Ilias Apalodimas
2022-08-14 23:29 ` Simon Glass
2022-03-01 0:11 ` [PATCH 4/8] tpm: Correct the define-space command in TPMv2 Simon Glass
2022-06-07 8:46 ` Ilias Apalodimas
2022-08-14 23:29 ` Simon Glass
2022-03-01 0:11 ` [PATCH 5/8] tpm: sandbox: Allow init of TPM in a different phase Simon Glass
2022-06-07 8:48 ` Ilias Apalodimas
2022-03-01 0:11 ` [PATCH 6/8] tpm: Allow reporting the internal state Simon Glass
2022-03-01 0:11 ` [PATCH 7/8] tpm: Implement state command for Cr50 Simon Glass
2022-06-07 8:54 ` Ilias Apalodimas
2022-08-14 23:29 ` Simon Glass [this message]
2022-03-01 0:11 ` [PATCH 8/8] tpm: Allow commiting non-volatile data Simon Glass
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAPnjgZ1P5XouYff7zuaAb51bdFNRKbxCZem49VzVociOn4U2vA@mail.gmail.com \
--to=sjg@chromium.org \
--cc=ilias.apalodimas@linaro.org \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.