<p>Joel Kitching has uploaded this change for <strong>review</strong>.</p><p><a href="https://review.coreboot.org/29063">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">tpm2/tlcl_send_startup: should pass on TPM_E_INVALID_POSTINIT<br><br>In src/security/tpm/tspi/tspi.c:tpm_setup(), different S3 resume cases<br>are handled.  One of those is when TPM returns TPM_E_INVALID_POSTINIT,<br>in which case we can assume that TPM maintains power during S3 and is<br>already initialized.  However, this value can never reach tpm_setup()<br>since it gets collapsed into TPM_E_IOERROR by tlcl_send_startup().<br><br>Change tpm_setup() to pass this error value through.<br><br>Also, correct an error where |response| could be erroneously accessed<br>when it is set to NULL.<br><br>BUG=b:114018226<br>TEST=compile coreboot<br><br>Change-Id: Ib0c3750386ae04279401c1dc318c5019d39f5ecf<br>---<br>M src/security/tpm/tss/tcg-2.0/tss.c<br>1 file changed, 15 insertions(+), 2 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://review.coreboot.org:29418/coreboot refs/changes/63/29063/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/src/security/tpm/tss/tcg-2.0/tss.c b/src/security/tpm/tss/tcg-2.0/tss.c</span><br><span>index e6ec57c..6be8dd4 100644</span><br><span>--- a/src/security/tpm/tss/tcg-2.0/tss.c</span><br><span>+++ b/src/security/tpm/tss/tcg-2.0/tss.c</span><br><span>@@ -61,12 +61,25 @@</span><br><span>  startup.startup_type = type;</span><br><span>         response = tpm_process_command(TPM2_Startup, &startup);</span><br><span> </span><br><span style="color: hsl(0, 100%, 40%);">- if (response && (response->hdr.tpm_code == 0 ||</span><br><span style="color: hsl(0, 100%, 40%);">-                       response->hdr.tpm_code == TPM_RC_INITIALIZE)) {</span><br><span style="color: hsl(120, 100%, 40%);">+   /* Some IO error, tpm2_response pointer is empty. */</span><br><span style="color: hsl(120, 100%, 40%);">+  if (response == NULL) {</span><br><span style="color: hsl(120, 100%, 40%);">+               printk(BIOS_ERR, "%s: TPM communication error\n", __func__);</span><br><span style="color: hsl(120, 100%, 40%);">+                return TPM_E_IOERROR;</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+   /* Expected TPM return code. */</span><br><span style="color: hsl(120, 100%, 40%);">+       if (response->hdr.tpm_code == 0 ||</span><br><span style="color: hsl(120, 100%, 40%);">+     response->hdr.tpm_code == TPM_RC_INITIALIZE) {</span><br><span>                return TPM_SUCCESS;</span><br><span>  }</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+   /* Unexpected TPM return code. */</span><br><span>    printk(BIOS_INFO, "%s: Startup return code is %x\n",</span><br><span>              __func__, response->hdr.tpm_code);</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+        if (response->hdr.tpm_code == TPM_E_INVALID_POST_INST)</span><br><span style="color: hsl(120, 100%, 40%);">+             return response->hdr.tpm_code;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span>  return TPM_E_IOERROR;</span><br><span> }</span><br><span> </span><br><span></span><br></pre><p>To view, visit <a href="https://review.coreboot.org/29063">change 29063</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://review.coreboot.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://review.coreboot.org/29063"/><meta itemprop="name" content="View Change"/></div></div>

<div style="display:none"> Gerrit-Project: coreboot </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>
<div style="display:none"> Gerrit-Change-Id: Ib0c3750386ae04279401c1dc318c5019d39f5ecf </div>
<div style="display:none"> Gerrit-Change-Number: 29063 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Joel Kitching <kitching@google.com> </div>