Linux-Integrity Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH 0/2 v2] tpm: add update_durations class op to allow override of chip supplied values
@ 2019-08-28  0:46 Jerry Snitselaar
  2019-08-28  0:46 ` [PATCH 1/2 v2] tpm: provide a way to override the chip returned durations Jerry Snitselaar
  2019-08-28  0:46 ` [PATCH 2/2 v2] tpm_tis: override durations for STM tpm with firmware 1.2.8.28 Jerry Snitselaar
  0 siblings, 2 replies; 9+ messages in thread
From: Jerry Snitselaar @ 2019-08-28  0:46 UTC (permalink / raw)
  To: linux-integrity
  Cc: linux-kernel, Peter Huewe, Jarkko Sakkinen, Jason Gunthorpe

We've run into a case where a customer has an STM TPM 1.2 chip
(version 1.2.8.28) that is getting into an inconsistent state and
they end up getting tpm transmit errors.  In really old tpm code this
wasn't seen because the code that grabbed the duration values from the
chip could fail silently, and would proceed to just use default values
and move forward. More recent code though successfully gets the
duration values from the chip, and using those values this particular
chip version gets into the state seen by the customer.

The idea with this patchset is to provide a facility like the
update_timeouts operation to allow the override of chip supplied
values.

I went back and looked at the original submission thread, and updated
Alexey's patches based on Jarkko's suggestions for v2.



^ permalink raw reply	[flat|nested] 9+ messages in thread

* [PATCH 1/2 v2] tpm: provide a way to override the chip returned durations
  2019-08-28  0:46 [PATCH 0/2 v2] tpm: add update_durations class op to allow override of chip supplied values Jerry Snitselaar
@ 2019-08-28  0:46 ` Jerry Snitselaar
  2019-08-29 13:27   ` Jarkko Sakkinen
  2019-08-28  0:46 ` [PATCH 2/2 v2] tpm_tis: override durations for STM tpm with firmware 1.2.8.28 Jerry Snitselaar
  1 sibling, 1 reply; 9+ messages in thread
From: Jerry Snitselaar @ 2019-08-28  0:46 UTC (permalink / raw)
  To: linux-integrity
  Cc: linux-kernel, Peter Huewe, Jarkko Sakkinen, Jason Gunthorpe,
	Jerry Snitselaar, Alexey Klimov

Patch adds method ->update_durations to override returned
durations in case TPM chip misbehaves for TPM 1.2 drivers.

Cc: Peter Huewe <peterhuewe@gmx.de>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Jason Gunthorpe <jgg@ziepe.ca>
Signed-off-by: Alexey Klimov <aklimov@redhat.com>
Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
---
v2: newline cleanup as requested by Jarkko

 drivers/char/tpm/tpm1-cmd.c | 15 +++++++++++++++
 include/linux/tpm.h         |  2 ++
 2 files changed, 17 insertions(+)

diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index 149e953ca369..ca7158fa6e6c 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -343,6 +343,7 @@ int tpm1_get_timeouts(struct tpm_chip *chip)
 {
 	cap_t cap;
 	unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4];
+	unsigned long durations[3];
 	ssize_t rc;
 
 	rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL,
@@ -427,6 +428,20 @@ int tpm1_get_timeouts(struct tpm_chip *chip)
 		usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long));
 	chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */
 
+	/*
+	 * Provide the ability for vendor overrides of duration values in case
+	 * of misreporting.
+	 */
+	if (chip->ops->update_durations)
+		chip->ops->update_durations(chip, durations);
+
+	if (chip->duration_adjusted) {
+		dev_info(&chip->dev, HW_ERR "Adjusting reported durations.");
+		chip->duration[TPM_SHORT] = durations[0];
+		chip->duration[TPM_MEDIUM] = durations[1];
+		chip->duration[TPM_LONG] = durations[2];
+	}
+
 	/* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above
 	 * value wrong and apparently reports msecs rather than usecs. So we
 	 * fix up the resulting too-small TPM_SHORT value to make things work.
diff --git a/include/linux/tpm.h b/include/linux/tpm.h
index 53c0ea9ec9df..bb1d1ac7081d 100644
--- a/include/linux/tpm.h
+++ b/include/linux/tpm.h
@@ -67,6 +67,8 @@ struct tpm_class_ops {
 	u8 (*status) (struct tpm_chip *chip);
 	void (*update_timeouts)(struct tpm_chip *chip,
 				unsigned long *timeout_cap);
+	void (*update_durations)(struct tpm_chip *chip,
+				 unsigned long *duration_cap);
 	int (*go_idle)(struct tpm_chip *chip);
 	int (*cmd_ready)(struct tpm_chip *chip);
 	int (*request_locality)(struct tpm_chip *chip, int loc);
-- 
2.21.0


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [PATCH 2/2 v2] tpm_tis: override durations for STM tpm with firmware 1.2.8.28
  2019-08-28  0:46 [PATCH 0/2 v2] tpm: add update_durations class op to allow override of chip supplied values Jerry Snitselaar
  2019-08-28  0:46 ` [PATCH 1/2 v2] tpm: provide a way to override the chip returned durations Jerry Snitselaar
@ 2019-08-28  0:46 ` Jerry Snitselaar
  2019-08-29 14:40   ` Jarkko Sakkinen
  1 sibling, 1 reply; 9+ messages in thread
From: Jerry Snitselaar @ 2019-08-28  0:46 UTC (permalink / raw)
  To: linux-integrity
  Cc: linux-kernel, Peter Huewe, Jarkko Sakkinen, Jason Gunthorpe,
	Jerry Snitselaar, Alexey Klimov

There was revealed a bug in the STM TPM chipset used in Dell R415s.
Bug is observed so far only on chipset firmware 1.2.8.28
(1.2 TPM, device-id 0x0, rev-id 78). After some number of
operations chipset hangs and stays in inconsistent state:

tpm_tis 00:09: Operation Timed out
tpm_tis 00:09: tpm_transmit: tpm_send: error -5

Durations returned by the chip are the same like on other
firmware revisions but apparently with specifically 1.2.8.28 fw
durations should be reset to 2 minutes to enable tpm chip work
properly. No working way of updating firmware was found.

This patch adds implementation of ->update_durations method
that matches only STM devices with specific firmware version.

Cc: Peter Huewe <peterhuewe@gmx.de>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Jason Gunthorpe <jgg@ziepe.ca>
Signed-off-by: Alexey Klimov <aklimov@redhat.com>
Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
---
v2: Make suggested changes from Jarkko
    - change struct field name to durations from durs
    - formatting cleanups
    - turn into void function like update_timeouts and
      use chip->duration_adjusted to track whether adjustment occurred.

 drivers/char/tpm/tpm_tis_core.c | 91 +++++++++++++++++++++++++++++++++
 1 file changed, 91 insertions(+)

diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c
index c3181ea9f271..81b65ec2a41b 100644
--- a/drivers/char/tpm/tpm_tis_core.c
+++ b/drivers/char/tpm/tpm_tis_core.c
@@ -506,6 +506,96 @@ static int tpm_tis_send(struct tpm_chip *chip, u8 *buf, size_t len)
 	return rc;
 }
 
+struct tis_vendor_durations_override {
+	u32 did_vid;
+	struct tpm_version_t tpm_version;
+	unsigned long durations[3];
+};
+
+static const struct  tis_vendor_durations_override vendor_dur_overrides[] = {
+	/* STMicroelectronics 0x104a */
+	{ 0x0000104a,
+	  { 1, 2, 8, 28 },
+	  { (2 * 60 * HZ), (2 * 60 * HZ), (2 * 60 * HZ) } },
+};
+
+static void tpm_tis_update_durations(struct tpm_chip *chip,
+				     unsigned long *duration_cap)
+{
+	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
+	u32 did_vid;
+	int i, rc;
+	cap_t cap;
+
+	chip->duration_adjusted = false;
+
+	if (chip->ops->clk_enable != NULL)
+		chip->ops->clk_enable(chip, true);
+
+	rc = tpm_tis_read32(priv, TPM_DID_VID(0), &did_vid);
+	if (rc < 0) {
+		dev_warn(&chip->dev, "%s: failed to read did_vid. %d\n",
+			 __func__, rc);
+		goto out;
+	}
+
+	for (i = 0; i != ARRAY_SIZE(vendor_dur_overrides); i++) {
+		if (vendor_dur_overrides[i].did_vid != did_vid)
+			continue;
+
+		/* Try to get a TPM version 1.2 TPM_CAP_VERSION_INFO */
+		rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_2, &cap,
+				 "attempting to determine the 1.2 version",
+				 sizeof(cap.tpm_version_1_2));
+		if (!rc) {
+			if ((cap.tpm_version_1_2.Major ==
+			     vendor_dur_overrides[i].tpm_version.Major) &&
+			    (cap.tpm_version_1_2.Minor ==
+			     vendor_dur_overrides[i].tpm_version.Minor) &&
+			    (cap.tpm_version_1_2.revMajor ==
+			     vendor_dur_overrides[i].tpm_version.revMajor) &&
+			    (cap.tpm_version_1_2.revMinor ==
+			     vendor_dur_overrides[i].tpm_version.revMinor)) {
+
+				memcpy(duration_cap,
+				       vendor_dur_overrides[i].durations,
+				       sizeof(vendor_dur_overrides[i].durations));
+
+				chip->duration_adjusted = true;
+				goto out;
+			}
+		} else {
+			rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_1, &cap,
+					 "attempting to determine the 1.1 version",
+					 sizeof(cap.tpm_version));
+
+			if (rc)
+				goto out;
+
+			if ((cap.tpm_version.Major ==
+			     vendor_dur_overrides[i].tpm_version.Major) &&
+			    (cap.tpm_version.Minor ==
+			     vendor_dur_overrides[i].tpm_version.Minor) &&
+			    (cap.tpm_version.revMajor ==
+			     vendor_dur_overrides[i].tpm_version.revMajor) &&
+			    (cap.tpm_version.revMinor ==
+			     vendor_dur_overrides[i].tpm_version.revMinor)) {
+
+				memcpy(duration_cap,
+				       vendor_dur_overrides[i].durations,
+				       sizeof(vendor_dur_overrides[i].durations));
+
+				chip->duration_adjusted = true;
+				goto out;
+			}
+		}
+	}
+
+out:
+	if (chip->ops->clk_enable != NULL)
+		chip->ops->clk_enable(chip, false);
+}
+
 struct tis_vendor_timeout_override {
 	u32 did_vid;
 	unsigned long timeout_us[4];
@@ -842,6 +932,7 @@ static const struct tpm_class_ops tpm_tis = {
 	.send = tpm_tis_send,
 	.cancel = tpm_tis_ready,
 	.update_timeouts = tpm_tis_update_timeouts,
+	.update_durations = tpm_tis_update_durations,
 	.req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
 	.req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
 	.req_canceled = tpm_tis_req_canceled,
-- 
2.21.0


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH 1/2 v2] tpm: provide a way to override the chip returned durations
  2019-08-28  0:46 ` [PATCH 1/2 v2] tpm: provide a way to override the chip returned durations Jerry Snitselaar
@ 2019-08-29 13:27   ` Jarkko Sakkinen
  0 siblings, 0 replies; 9+ messages in thread
From: Jarkko Sakkinen @ 2019-08-29 13:27 UTC (permalink / raw)
  To: Jerry Snitselaar
  Cc: linux-integrity, linux-kernel, Peter Huewe, Jason Gunthorpe,
	Alexey Klimov

On Tue, Aug 27, 2019 at 05:46:20PM -0700, Jerry Snitselaar wrote:
> Patch adds method ->update_durations to override returned
> durations in case TPM chip misbehaves for TPM 1.2 drivers.
> 
> Cc: Peter Huewe <peterhuewe@gmx.de>
> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> Cc: Jason Gunthorpe <jgg@ziepe.ca>
> Signed-off-by: Alexey Klimov <aklimov@redhat.com>
> Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>

Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH 2/2 v2] tpm_tis: override durations for STM tpm with firmware 1.2.8.28
  2019-08-28  0:46 ` [PATCH 2/2 v2] tpm_tis: override durations for STM tpm with firmware 1.2.8.28 Jerry Snitselaar
@ 2019-08-29 14:40   ` Jarkko Sakkinen
  2019-08-29 14:41     ` Jarkko Sakkinen
  2019-08-29 20:25     ` Jerry Snitselaar
  0 siblings, 2 replies; 9+ messages in thread
From: Jarkko Sakkinen @ 2019-08-29 14:40 UTC (permalink / raw)
  To: Jerry Snitselaar
  Cc: linux-integrity, linux-kernel, Peter Huewe, Jason Gunthorpe,
	Alexey Klimov

On Tue, Aug 27, 2019 at 05:46:21PM -0700, Jerry Snitselaar wrote:
> There was revealed a bug in the STM TPM chipset used in Dell R415s.
> Bug is observed so far only on chipset firmware 1.2.8.28
> (1.2 TPM, device-id 0x0, rev-id 78). After some number of
> operations chipset hangs and stays in inconsistent state:
> 
> tpm_tis 00:09: Operation Timed out
> tpm_tis 00:09: tpm_transmit: tpm_send: error -5
> 
> Durations returned by the chip are the same like on other
> firmware revisions but apparently with specifically 1.2.8.28 fw
> durations should be reset to 2 minutes to enable tpm chip work
> properly. No working way of updating firmware was found.
> 
> This patch adds implementation of ->update_durations method
> that matches only STM devices with specific firmware version.
> 
> Cc: Peter Huewe <peterhuewe@gmx.de>
> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> Cc: Jason Gunthorpe <jgg@ziepe.ca>
> Signed-off-by: Alexey Klimov <aklimov@redhat.com>
> Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
> ---
> v2: Make suggested changes from Jarkko
>     - change struct field name to durations from durs
>     - formatting cleanups
>     - turn into void function like update_timeouts and
>       use chip->duration_adjusted to track whether adjustment occurred.

The code repetition looks horrible so I wrote a patch that should help:

https://patchwork.kernel.org/patch/11121475/

Read the remar that prepends the diffstat.

/Jarkko

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH 2/2 v2] tpm_tis: override durations for STM tpm with firmware 1.2.8.28
  2019-08-29 14:40   ` Jarkko Sakkinen
@ 2019-08-29 14:41     ` Jarkko Sakkinen
  2019-08-29 18:04       ` Jerry Snitselaar
  2019-08-29 20:25     ` Jerry Snitselaar
  1 sibling, 1 reply; 9+ messages in thread
From: Jarkko Sakkinen @ 2019-08-29 14:41 UTC (permalink / raw)
  To: Jerry Snitselaar
  Cc: linux-integrity, linux-kernel, Peter Huewe, Jason Gunthorpe,
	Alexey Klimov

On Thu, Aug 29, 2019 at 05:40:40PM +0300, Jarkko Sakkinen wrote:
> On Tue, Aug 27, 2019 at 05:46:21PM -0700, Jerry Snitselaar wrote:
> > There was revealed a bug in the STM TPM chipset used in Dell R415s.
> > Bug is observed so far only on chipset firmware 1.2.8.28
> > (1.2 TPM, device-id 0x0, rev-id 78). After some number of
> > operations chipset hangs and stays in inconsistent state:
> > 
> > tpm_tis 00:09: Operation Timed out
> > tpm_tis 00:09: tpm_transmit: tpm_send: error -5
> > 
> > Durations returned by the chip are the same like on other
> > firmware revisions but apparently with specifically 1.2.8.28 fw
> > durations should be reset to 2 minutes to enable tpm chip work
> > properly. No working way of updating firmware was found.
> > 
> > This patch adds implementation of ->update_durations method
> > that matches only STM devices with specific firmware version.
> > 
> > Cc: Peter Huewe <peterhuewe@gmx.de>
> > Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > Cc: Jason Gunthorpe <jgg@ziepe.ca>
> > Signed-off-by: Alexey Klimov <aklimov@redhat.com>
> > Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
> > ---
> > v2: Make suggested changes from Jarkko
> >     - change struct field name to durations from durs
> >     - formatting cleanups
> >     - turn into void function like update_timeouts and
> >       use chip->duration_adjusted to track whether adjustment occurred.
> 
> The code repetition looks horrible so I wrote a patch that should help:
> 
> https://patchwork.kernel.org/patch/11121475/
> 
> Read the remar that prepends the diffstat.

Forgot from that remark that I did not have TPM 1.x available at hand
(WFH today) so please also review and test it.

/Jrakko

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH 2/2 v2] tpm_tis: override durations for STM tpm with firmware 1.2.8.28
  2019-08-29 14:41     ` Jarkko Sakkinen
@ 2019-08-29 18:04       ` Jerry Snitselaar
  0 siblings, 0 replies; 9+ messages in thread
From: Jerry Snitselaar @ 2019-08-29 18:04 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: linux-integrity, linux-kernel, Peter Huewe, Jason Gunthorpe,
	Alexey Klimov

On Thu Aug 29 19, Jarkko Sakkinen wrote:
>On Thu, Aug 29, 2019 at 05:40:40PM +0300, Jarkko Sakkinen wrote:
>> On Tue, Aug 27, 2019 at 05:46:21PM -0700, Jerry Snitselaar wrote:
>> > There was revealed a bug in the STM TPM chipset used in Dell R415s.
>> > Bug is observed so far only on chipset firmware 1.2.8.28
>> > (1.2 TPM, device-id 0x0, rev-id 78). After some number of
>> > operations chipset hangs and stays in inconsistent state:
>> >
>> > tpm_tis 00:09: Operation Timed out
>> > tpm_tis 00:09: tpm_transmit: tpm_send: error -5
>> >
>> > Durations returned by the chip are the same like on other
>> > firmware revisions but apparently with specifically 1.2.8.28 fw
>> > durations should be reset to 2 minutes to enable tpm chip work
>> > properly. No working way of updating firmware was found.
>> >
>> > This patch adds implementation of ->update_durations method
>> > that matches only STM devices with specific firmware version.
>> >
>> > Cc: Peter Huewe <peterhuewe@gmx.de>
>> > Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>> > Cc: Jason Gunthorpe <jgg@ziepe.ca>
>> > Signed-off-by: Alexey Klimov <aklimov@redhat.com>
>> > Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
>> > ---
>> > v2: Make suggested changes from Jarkko
>> >     - change struct field name to durations from durs
>> >     - formatting cleanups
>> >     - turn into void function like update_timeouts and
>> >       use chip->duration_adjusted to track whether adjustment occurred.
>>
>> The code repetition looks horrible so I wrote a patch that should help:
>>
>> https://patchwork.kernel.org/patch/11121475/
>>
>> Read the remar that prepends the diffstat.
>
>Forgot from that remark that I did not have TPM 1.x available at hand
>(WFH today) so please also review and test it.
>
>/Jrakko

I will test it this morning, and once that is done I'll submit a v3 that
cleans up the version comparison in the update_durations function.

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH 2/2 v2] tpm_tis: override durations for STM tpm with firmware 1.2.8.28
  2019-08-29 14:40   ` Jarkko Sakkinen
  2019-08-29 14:41     ` Jarkko Sakkinen
@ 2019-08-29 20:25     ` Jerry Snitselaar
  2019-08-29 22:23       ` Jarkko Sakkinen
  1 sibling, 1 reply; 9+ messages in thread
From: Jerry Snitselaar @ 2019-08-29 20:25 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: linux-integrity, linux-kernel, Peter Huewe, Jason Gunthorpe,
	Alexey Klimov

On Thu Aug 29 19, Jarkko Sakkinen wrote:
>On Tue, Aug 27, 2019 at 05:46:21PM -0700, Jerry Snitselaar wrote:
>> There was revealed a bug in the STM TPM chipset used in Dell R415s.
>> Bug is observed so far only on chipset firmware 1.2.8.28
>> (1.2 TPM, device-id 0x0, rev-id 78). After some number of
>> operations chipset hangs and stays in inconsistent state:
>>
>> tpm_tis 00:09: Operation Timed out
>> tpm_tis 00:09: tpm_transmit: tpm_send: error -5
>>
>> Durations returned by the chip are the same like on other
>> firmware revisions but apparently with specifically 1.2.8.28 fw
>> durations should be reset to 2 minutes to enable tpm chip work
>> properly. No working way of updating firmware was found.
>>
>> This patch adds implementation of ->update_durations method
>> that matches only STM devices with specific firmware version.
>>
>> Cc: Peter Huewe <peterhuewe@gmx.de>
>> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>> Cc: Jason Gunthorpe <jgg@ziepe.ca>
>> Signed-off-by: Alexey Klimov <aklimov@redhat.com>
>> Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
>> ---
>> v2: Make suggested changes from Jarkko
>>     - change struct field name to durations from durs
>>     - formatting cleanups
>>     - turn into void function like update_timeouts and
>>       use chip->duration_adjusted to track whether adjustment occurred.
>
>The code repetition looks horrible so I wrote a patch that should help:
>
>https://patchwork.kernel.org/patch/11121475/
>
>Read the remar that prepends the diffstat.
>
>/Jarkko

LGTM, and testing it on a 1.2 tpm system here worked fine. You can add my
Reviewed-by and Tested-by.

I have reworked this 2/2 patch to make use of these new structs and
pull the tpm1_getcap calls out of the for loop. So I will submit a v3
to go on top of your patch.

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH 2/2 v2] tpm_tis: override durations for STM tpm with firmware 1.2.8.28
  2019-08-29 20:25     ` Jerry Snitselaar
@ 2019-08-29 22:23       ` Jarkko Sakkinen
  0 siblings, 0 replies; 9+ messages in thread
From: Jarkko Sakkinen @ 2019-08-29 22:23 UTC (permalink / raw)
  To: linux-integrity, linux-kernel, Peter Huewe, Jason Gunthorpe,
	Alexey Klimov

On Thu, Aug 29, 2019 at 01:25:27PM -0700, Jerry Snitselaar wrote:
> On Thu Aug 29 19, Jarkko Sakkinen wrote:
> > On Tue, Aug 27, 2019 at 05:46:21PM -0700, Jerry Snitselaar wrote:
> > > There was revealed a bug in the STM TPM chipset used in Dell R415s.
> > > Bug is observed so far only on chipset firmware 1.2.8.28
> > > (1.2 TPM, device-id 0x0, rev-id 78). After some number of
> > > operations chipset hangs and stays in inconsistent state:
> > > 
> > > tpm_tis 00:09: Operation Timed out
> > > tpm_tis 00:09: tpm_transmit: tpm_send: error -5
> > > 
> > > Durations returned by the chip are the same like on other
> > > firmware revisions but apparently with specifically 1.2.8.28 fw
> > > durations should be reset to 2 minutes to enable tpm chip work
> > > properly. No working way of updating firmware was found.
> > > 
> > > This patch adds implementation of ->update_durations method
> > > that matches only STM devices with specific firmware version.
> > > 
> > > Cc: Peter Huewe <peterhuewe@gmx.de>
> > > Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > Cc: Jason Gunthorpe <jgg@ziepe.ca>
> > > Signed-off-by: Alexey Klimov <aklimov@redhat.com>
> > > Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
> > > ---
> > > v2: Make suggested changes from Jarkko
> > >     - change struct field name to durations from durs
> > >     - formatting cleanups
> > >     - turn into void function like update_timeouts and
> > >       use chip->duration_adjusted to track whether adjustment occurred.
> > 
> > The code repetition looks horrible so I wrote a patch that should help:
> > 
> > https://patchwork.kernel.org/patch/11121475/
> > 
> > Read the remar that prepends the diffstat.
> > 
> > /Jarkko
> 
> LGTM, and testing it on a 1.2 tpm system here worked fine. You can add my
> Reviewed-by and Tested-by.
> 
> I have reworked this 2/2 patch to make use of these new structs and
> pull the tpm1_getcap calls out of the for loop. So I will submit a v3
> to go on top of your patch.

Add my patch to the patch set with the tags.

/Jarkko

^ permalink raw reply	[flat|nested] 9+ messages in thread

end of thread, back to index

Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-08-28  0:46 [PATCH 0/2 v2] tpm: add update_durations class op to allow override of chip supplied values Jerry Snitselaar
2019-08-28  0:46 ` [PATCH 1/2 v2] tpm: provide a way to override the chip returned durations Jerry Snitselaar
2019-08-29 13:27   ` Jarkko Sakkinen
2019-08-28  0:46 ` [PATCH 2/2 v2] tpm_tis: override durations for STM tpm with firmware 1.2.8.28 Jerry Snitselaar
2019-08-29 14:40   ` Jarkko Sakkinen
2019-08-29 14:41     ` Jarkko Sakkinen
2019-08-29 18:04       ` Jerry Snitselaar
2019-08-29 20:25     ` Jerry Snitselaar
2019-08-29 22:23       ` Jarkko Sakkinen

Linux-Integrity Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-integrity/0 linux-integrity/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-integrity linux-integrity/ https://lore.kernel.org/linux-integrity \
		linux-integrity@vger.kernel.org linux-integrity@archiver.kernel.org
	public-inbox-index linux-integrity


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-integrity


AGPL code for this site: git clone https://public-inbox.org/ public-inbox