From patchwork Thu Oct 21 12:05:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Amir Mizinski X-Patchwork-Id: 12574859 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 29497C433FE for ; Thu, 21 Oct 2021 12:18:45 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0DB5161220 for ; Thu, 21 Oct 2021 12:18:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231629AbhJUMU7 (ORCPT ); Thu, 21 Oct 2021 08:20:59 -0400 Received: from 212.199.177.27.static.012.net.il ([212.199.177.27]:45859 "EHLO herzl.nuvoton.co.il" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S231510AbhJUMU5 (ORCPT ); Thu, 21 Oct 2021 08:20:57 -0400 X-Greylist: delayed 549 seconds by postgrey-1.27 at vger.kernel.org; Thu, 21 Oct 2021 08:20:34 EDT Received: from taln60.nuvoton.co.il (ntil-fw [212.199.177.25]) by herzl.nuvoton.co.il (8.13.8/8.13.8) with ESMTP id 19LC7ag4003263; Thu, 21 Oct 2021 15:07:36 +0300 Received: by taln60.nuvoton.co.il (Postfix, from userid 10140) id 6689B63A1D; Thu, 21 Oct 2021 15:07:47 +0300 (IDT) From: amirmizi6@gmail.com To: Eyal.Cohen@nuvoton.com, jarkko@kernel.org, oshrialkoby85@gmail.com, alexander.steffen@infineon.com, robh+dt@kernel.org, mark.rutland@arm.com, peterhuewe@gmx.de, jgg@ziepe.ca, arnd@arndb.de, gregkh@linuxfoundation.org, benoit.houyere@st.com, eajames@linux.ibm.com, joel@jms.id.au Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, oshri.alkoby@nuvoton.com, tmaimon77@gmail.com, gcwilson@us.ibm.com, kgoldman@us.ibm.com, Dan.Morav@nuvoton.com, oren.tanami@nuvoton.com, shmulik.hager@nuvoton.com, amir.mizinski@nuvoton.com, Amir Mizinski Subject: [PATCH v16 4/6] tpm: tpm_tis: verify TPM_STS register is valid after locality request Date: Thu, 21 Oct 2021 15:05:55 +0300 Message-Id: <20211021120557.69234-5-amirmizi6@gmail.com> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20211021120557.69234-1-amirmizi6@gmail.com> References: <20211021120557.69234-1-amirmizi6@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org From: Amir Mizinski This issue could occur when the TPM does not update TPM_STS register after a locality request (TPM_STS Initial value = 0xFF) and a TPM_STS register read occurs in the tpm_tis_status(chip) function call. When a call to tpm_tis_send_data() function is made after a request_locality() call, the condition ("if ((status & TPM_STS_COMMAND_READY) == 0)") is checked. At this moment if the status value is 0xFF, then it is considered, wrongly, in “ready” state (by checking only one bit). However, at this moment the TPM is, in fact, in "Idle" state and remains in "Idle" state because "tpm_tis_ready(chip);" was not executed. Waiting for the condition TPM_STS.tpmGo == 0, will ensure that the TPM status register has the correct value. Suggested-by: Benoit Houyere Signed-off-by: Amir Mizinski --- drivers/char/tpm/tpm_tis_core.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c index 3e60072..7525cf0 100644 --- a/drivers/char/tpm/tpm_tis_core.c +++ b/drivers/char/tpm/tpm_tis_core.c @@ -177,8 +177,14 @@ static int request_locality(struct tpm_chip *chip, int l) } else { /* wait for burstcount */ do { - if (check_locality(chip, l)) + if (check_locality(chip, l)) { + if (wait_for_tpm_stat(chip, TPM_STS_GO, 0, + chip->timeout_c, + &priv->int_queue, + false) < 0) + return -ETIME; return l; + } tpm_msleep(TPM_TIMEOUT); } while (time_before(jiffies, stop)); }