From patchwork Mon Jun 5 17:59:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Steffen X-Patchwork-Id: 13267832 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1CD3BC7EE25 for ; Mon, 5 Jun 2023 18:00:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232772AbjFESAO (ORCPT ); Mon, 5 Jun 2023 14:00:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60872 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229873AbjFESAL (ORCPT ); Mon, 5 Jun 2023 14:00:11 -0400 Received: from smtp2.infineon.com (smtp2.infineon.com [IPv6:2a00:18f0:1e00:4::4]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 66602D3; Mon, 5 Jun 2023 11:00:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=infineon.com; i=@infineon.com; q=dns/txt; s=IFXMAIL; t=1685988010; x=1717524010; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=unN7GipSX//PB49ZOaB1Vh0lCsSkaIGKdO4Lzy+O6v0=; b=STzSKAPqj5lHk2fwDHS8N+VvYAUrgzmw1F7345Lpe6AcscqXRZlACb/X SKvVkhVTH78GQjxbvD35EUhj0MeWtztak7VUhdGg0DJxujd7ga80pXVbF GL4Q+2nGFWJfAZbRBYMXqVM7lneVw7Oj90hcajcYY3715ls/gFHEIwCcz g=; X-IronPort-AV: E=McAfee;i="6600,9927,10732"; a="40773232" X-IronPort-AV: E=Sophos;i="6.00,218,1681164000"; d="scan'208";a="40773232" Received: from unknown (HELO MUCSE803.infineon.com) ([172.23.29.29]) by smtp2.infineon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Jun 2023 20:00:08 +0200 Received: from KLUSE818.infineon.com (172.28.156.171) by MUCSE803.infineon.com (172.23.29.29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.42; Mon, 5 Jun 2023 20:00:08 +0200 Received: from ISCNPC0VBFBX.infineon.com (10.161.6.196) by KLUSE818.infineon.com (172.28.156.171) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.42; Mon, 5 Jun 2023 20:00:08 +0200 From: Alexander Steffen To: , , CC: Alexander Steffen Subject: [PATCH v2 1/4] tpm_tis: Explicitly check for error code Date: Mon, 5 Jun 2023 19:59:56 +0200 Message-ID: <20230605175959.2131-2-Alexander.Steffen@infineon.com> X-Mailer: git-send-email 2.28.0.windows.1 In-Reply-To: <20230605175959.2131-1-Alexander.Steffen@infineon.com> References: <20230605175959.2131-1-Alexander.Steffen@infineon.com> MIME-Version: 1.0 X-Originating-IP: [10.161.6.196] X-ClientProxiedBy: MUCSE804.infineon.com (172.23.29.30) To KLUSE818.infineon.com (172.28.156.171) Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org recv_data either returns the number of received bytes, or a negative value representing an error code. Adding the return value directly to the total number of received bytes therefore looks a little weird, since it might add a negative error code to a sum of bytes. The following check for size < expected usually makes the function return ETIME in that case, so it does not cause too many problems in practice. But to make the code look cleaner and because the caller might still be interested in the original error code, explicitly check for the presence of an error code and pass that through. Signed-off-by: Alexander Steffen --- drivers/char/tpm/tpm_tis_core.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c index 558144fa707a..aaaa136044ae 100644 --- a/drivers/char/tpm/tpm_tis_core.c +++ b/drivers/char/tpm/tpm_tis_core.c @@ -363,8 +363,13 @@ static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count) goto out; } - size += recv_data(chip, &buf[TPM_HEADER_SIZE], - expected - TPM_HEADER_SIZE); + rc = recv_data(chip, &buf[TPM_HEADER_SIZE], + expected - TPM_HEADER_SIZE); + if (rc < 0) { + size = rc; + goto out; + } + size += rc; if (size < expected) { dev_err(&chip->dev, "Unable to read remainder of result\n"); size = -ETIME; From patchwork Mon Jun 5 17:59:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Steffen X-Patchwork-Id: 13267834 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 15FE3C7EE23 for ; Mon, 5 Jun 2023 18:00:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232934AbjFESAP (ORCPT ); Mon, 5 Jun 2023 14:00:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60884 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231165AbjFESAM (ORCPT ); Mon, 5 Jun 2023 14:00:12 -0400 Received: from smtp11.infineon.com (smtp11.infineon.com [IPv6:2a00:18f0:1e00:4::5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EC864F1; Mon, 5 Jun 2023 11:00:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=infineon.com; i=@infineon.com; q=dns/txt; s=IFXMAIL; t=1685988011; x=1717524011; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=89MCpdG+JGXZTxJwkWPn/J+rl3u69O0nt8q8tvWyKNM=; b=nFQPneGteeYZdHM9WhK5PtnP5+kZPzwN56kRiYfX2VPlYvJFoRaMGQbS gl8ae5xwM4mdCLrulJEbOAQx0YEvdyi7mEJPgasRgaO8VvpsMBqsFB9Tx DEo9rELqEdS60rqlpEqxbzSZFIyvmQviag/ENB1L5w0QibbdP7YHqxU7v c=; X-IronPort-AV: E=McAfee;i="6600,9927,10732"; a="17446835" X-IronPort-AV: E=Sophos;i="6.00,218,1681164000"; d="scan'208";a="17446835" Received: from unknown (HELO MUCSE822.infineon.com) ([172.23.29.53]) by smtp11.infineon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Jun 2023 20:00:09 +0200 Received: from KLUSE818.infineon.com (172.28.156.171) by MUCSE822.infineon.com (172.23.29.53) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.42; Mon, 5 Jun 2023 20:00:09 +0200 Received: from ISCNPC0VBFBX.infineon.com (10.161.6.196) by KLUSE818.infineon.com (172.28.156.171) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.42; Mon, 5 Jun 2023 20:00:08 +0200 From: Alexander Steffen To: , , CC: Alexander Steffen Subject: [PATCH v2 2/4] tpm_tis: Move CRC check to generic send routine Date: Mon, 5 Jun 2023 19:59:57 +0200 Message-ID: <20230605175959.2131-3-Alexander.Steffen@infineon.com> X-Mailer: git-send-email 2.28.0.windows.1 In-Reply-To: <20230605175959.2131-1-Alexander.Steffen@infineon.com> References: <20230605175959.2131-1-Alexander.Steffen@infineon.com> MIME-Version: 1.0 X-Originating-IP: [10.161.6.196] X-ClientProxiedBy: MUCSE804.infineon.com (172.23.29.30) To KLUSE818.infineon.com (172.28.156.171) Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org The CRC functionality is initialized before tpm_tis_core, so it can be used on all code paths within the module. Therefore, move the CRC check to the generic send routine, that also contains all other checks for successful command transmission, so that all those checks are in one place. Also, this ensures that tpm_tis_ready is called when a CRC failure is detected, to clear the invalid data from the TPM, which did not happen previously. Signed-off-by: Alexander Steffen Reviewed-by: Jarkko Sakkinen --- drivers/char/tpm/tpm_tis_core.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c index aaaa136044ae..5ddaf24518be 100644 --- a/drivers/char/tpm/tpm_tis_core.c +++ b/drivers/char/tpm/tpm_tis_core.c @@ -466,6 +466,12 @@ static int tpm_tis_send_data(struct tpm_chip *chip, const u8 *buf, size_t len) goto out_err; } + rc = tpm_tis_verify_crc(priv, len, buf); + if (rc < 0) { + dev_err(&chip->dev, "CRC mismatch for command.\n"); + goto out_err; + } + return 0; out_err: @@ -510,12 +516,6 @@ static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len) if (rc < 0) return rc; - rc = tpm_tis_verify_crc(priv, len, buf); - if (rc < 0) { - dev_err(&chip->dev, "CRC mismatch for command.\n"); - return rc; - } - /* go and do it */ rc = tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_GO); if (rc < 0) From patchwork Mon Jun 5 17:59:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Steffen X-Patchwork-Id: 13267835 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 76B36C7EE32 for ; Mon, 5 Jun 2023 18:00:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233171AbjFESAR (ORCPT ); Mon, 5 Jun 2023 14:00:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60888 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231550AbjFESAN (ORCPT ); Mon, 5 Jun 2023 14:00:13 -0400 Received: from smtp14.infineon.com (smtp14.infineon.com [IPv6:2a00:18f0:1e00:4::6]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B2478F4; Mon, 5 Jun 2023 11:00:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=infineon.com; i=@infineon.com; q=dns/txt; s=IFXMAIL; t=1685988012; x=1717524012; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=hFaUtOwj7HlaUrYMRdzAtkuiOEy12Jko8agUx6FjxuM=; b=Kh7b07vrMVWbo3Ke+QyxpIODxw32fxvDzaHbUkNCDkvAgj0AyInaLGXE nvieU1jMBlYeOLv7gpVoC55VW5Gxso4MdPLgCH3kniJygdsGVIGInI2Q3 1fwr9c+r3xldgXMt3l4wGZu7+Ly/rmUqknJORJo1WYSP1FHs28GIgMLBN o=; X-IronPort-AV: E=McAfee;i="6600,9927,10732"; a="15904205" X-IronPort-AV: E=Sophos;i="6.00,218,1681164000"; d="scan'208";a="15904205" Received: from unknown (HELO MUCSE819.infineon.com) ([172.23.29.45]) by smtp14.infineon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Jun 2023 20:00:10 +0200 Received: from KLUSE818.infineon.com (172.28.156.171) by MUCSE819.infineon.com (172.23.29.45) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.42; Mon, 5 Jun 2023 20:00:09 +0200 Received: from ISCNPC0VBFBX.infineon.com (10.161.6.196) by KLUSE818.infineon.com (172.28.156.171) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.42; Mon, 5 Jun 2023 20:00:08 +0200 From: Alexander Steffen To: , , CC: Alexander Steffen Subject: [PATCH v2 3/4] tpm_tis: Use responseRetry to recover from data transfer errors Date: Mon, 5 Jun 2023 19:59:58 +0200 Message-ID: <20230605175959.2131-4-Alexander.Steffen@infineon.com> X-Mailer: git-send-email 2.28.0.windows.1 In-Reply-To: <20230605175959.2131-1-Alexander.Steffen@infineon.com> References: <20230605175959.2131-1-Alexander.Steffen@infineon.com> MIME-Version: 1.0 X-Originating-IP: [10.161.6.196] X-ClientProxiedBy: MUCSE804.infineon.com (172.23.29.30) To KLUSE818.infineon.com (172.28.156.171) Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org TPM responses may become damaged during transmission, for example due to bit flips on the wire. Instead of aborting when detecting such issues, the responseRetry functionality can be used to make the TPM retransmit its response and receive it again without errors. Signed-off-by: Alexander Steffen --- drivers/char/tpm/tpm_tis_core.c | 40 ++++++++++++++++++++++++++------- drivers/char/tpm/tpm_tis_core.h | 1 + 2 files changed, 33 insertions(+), 8 deletions(-) diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c index 5ddaf24518be..a08768e55803 100644 --- a/drivers/char/tpm/tpm_tis_core.c +++ b/drivers/char/tpm/tpm_tis_core.c @@ -345,11 +345,6 @@ static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count) u32 expected; int rc; - if (count < TPM_HEADER_SIZE) { - size = -EIO; - goto out; - } - size = recv_data(chip, buf, TPM_HEADER_SIZE); /* read first 10 bytes, including tag, paramsize, and result */ if (size < TPM_HEADER_SIZE) { @@ -382,7 +377,7 @@ static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count) goto out; } status = tpm_tis_status(chip); - if (status & TPM_STS_DATA_AVAIL) { /* retry? */ + if (status & TPM_STS_DATA_AVAIL) { dev_err(&chip->dev, "Error left over data\n"); size = -EIO; goto out; @@ -396,10 +391,39 @@ static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count) } out: - tpm_tis_ready(chip); return size; } +static int tpm_tis_recv_with_retries(struct tpm_chip *chip, u8 *buf, size_t count) +{ + struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); + unsigned int try; + int rc = 0; + + if (count < TPM_HEADER_SIZE) { + rc = -EIO; + goto out; + } + + for (try = 0; try < TPM_RETRY; try++) { + rc = tpm_tis_recv(chip, buf, count); + + if (rc == -EIO) { + /* Data transfer errors, indicated by EIO, can be + * recovered by rereading the response. + */ + tpm_tis_write8(priv, TPM_STS(priv->locality), + TPM_STS_RESPONSE_RETRY); + } else { + break; + } + } + +out: + tpm_tis_ready(chip); + return rc; +} + /* * If interrupts are used (signaled by an irq set in the vendor structure) * tpm.c can skip polling for the data to be available as the interrupt is @@ -986,7 +1010,7 @@ static void tpm_tis_clkrun_enable(struct tpm_chip *chip, bool value) static const struct tpm_class_ops tpm_tis = { .flags = TPM_OPS_AUTO_STARTUP, .status = tpm_tis_status, - .recv = tpm_tis_recv, + .recv = tpm_tis_recv_with_retries, .send = tpm_tis_send, .cancel = tpm_tis_ready, .update_timeouts = tpm_tis_update_timeouts, diff --git a/drivers/char/tpm/tpm_tis_core.h b/drivers/char/tpm/tpm_tis_core.h index e978f457fd4d..8458cd4a84ec 100644 --- a/drivers/char/tpm/tpm_tis_core.h +++ b/drivers/char/tpm/tpm_tis_core.h @@ -34,6 +34,7 @@ enum tis_status { TPM_STS_GO = 0x20, TPM_STS_DATA_AVAIL = 0x10, TPM_STS_DATA_EXPECT = 0x08, + TPM_STS_RESPONSE_RETRY = 0x02, TPM_STS_READ_ZERO = 0x23, /* bits that must be zero on read */ }; From patchwork Mon Jun 5 17:59:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Steffen X-Patchwork-Id: 13267833 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C34A9C7EE2F for ; Mon, 5 Jun 2023 18:00:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229837AbjFESAQ (ORCPT ); Mon, 5 Jun 2023 14:00:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60890 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231319AbjFESAN (ORCPT ); Mon, 5 Jun 2023 14:00:13 -0400 Received: from smtp14.infineon.com (smtp14.infineon.com [IPv6:2a00:18f0:1e00:4::6]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CC423F9; Mon, 5 Jun 2023 11:00:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=infineon.com; i=@infineon.com; q=dns/txt; s=IFXMAIL; t=1685988012; x=1717524012; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=xcXJAmG61qBDUJlBGCtCv2jhORoDcv/wLfQldALvPrI=; b=nMXCo8CXy5I5EEaDpABG2A/Tw4t09po6IunzbAQrO+9jGwe5DVIPmHCP LlYHDPZ7K50ojyVKyCF5YCQyejLSTjUjKwhIaH7N5FlOVT5CfOFul9y1Y yaRMdD5Z7iTmBgzQ2CuQtZR5fgcw5TSBk+4w05eQe2P+HvYrE7MTTnq1L A=; X-IronPort-AV: E=McAfee;i="6600,9927,10732"; a="15904206" X-IronPort-AV: E=Sophos;i="6.00,218,1681164000"; d="scan'208";a="15904206" Received: from unknown (HELO MUCSE814.infineon.com) ([172.23.29.40]) by smtp14.infineon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Jun 2023 20:00:10 +0200 Received: from KLUSE818.infineon.com (172.28.156.171) by MUCSE814.infineon.com (172.23.29.40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.42; Mon, 5 Jun 2023 20:00:09 +0200 Received: from ISCNPC0VBFBX.infineon.com (10.161.6.196) by KLUSE818.infineon.com (172.28.156.171) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.42; Mon, 5 Jun 2023 20:00:09 +0200 From: Alexander Steffen To: , , CC: Alexander Steffen Subject: [PATCH v2 4/4] tpm_tis: Resend command to recover from data transfer errors Date: Mon, 5 Jun 2023 19:59:59 +0200 Message-ID: <20230605175959.2131-5-Alexander.Steffen@infineon.com> X-Mailer: git-send-email 2.28.0.windows.1 In-Reply-To: <20230605175959.2131-1-Alexander.Steffen@infineon.com> References: <20230605175959.2131-1-Alexander.Steffen@infineon.com> MIME-Version: 1.0 X-Originating-IP: [10.161.6.196] X-ClientProxiedBy: MUCSE804.infineon.com (172.23.29.30) To KLUSE818.infineon.com (172.28.156.171) Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org Similar to the transmission of TPM responses, also the transmission of TPM commands may become corrupted. Instead of aborting when detecting such issues, try resending the command again. Signed-off-by: Alexander Steffen --- drivers/char/tpm/tpm_tis_core.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c index a08768e55803..47073cc79b51 100644 --- a/drivers/char/tpm/tpm_tis_core.c +++ b/drivers/char/tpm/tpm_tis_core.c @@ -535,10 +535,18 @@ static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len) int rc; u32 ordinal; unsigned long dur; + unsigned int try; - rc = tpm_tis_send_data(chip, buf, len); - if (rc < 0) - return rc; + for (try = 0; try < TPM_RETRY; try++) { + rc = tpm_tis_send_data(chip, buf, len); + if (rc >= 0) { + /* Data transfer done successfully */ + break; + } else if (rc != -EIO) { + /* Data transfer failed, not recoverable */ + return rc; + } + } /* go and do it */ rc = tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_GO);