Attention is currently required from: Christian Walter, Paul Menzel, Tim Crawford.
Hello Christian Walter, build bot (Jenkins),
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/75878?usp=email
to look at the new patch set (#5).
The following approvals got outdated and were removed: Verified+1 by build bot (Jenkins)
Change subject: security/tpm/tspi: Do TPM Restart if TPM Resume fails ......................................................................
security/tpm/tspi: Do TPM Restart if TPM Resume fails
The Infineon SLB 9672 on newer Clevo machines regularly fails TPM Resume on S3 with the error `TPM_RC_VALUE`.
Per TPM2 spec, handle the failure by performing a TPM Restart.
The startup behavior defined by this specification is different than TPM 1.2 with respect to Startup(STATE). A TPM 1.2 device will enter Failure Mode if no state is available when the TPM receives Startup(STATE). This is not the case in this specification. It is up to the CRTM to take corrective action if it the TPM returns TPM_RC_VALUE in response to Startup(STATE).
Fixes the following error from being repeatedly logged in Linux:
kernel: tpm tpm0: A TPM error (256) occurred attempting get random
Ref: Trusted Platform Module Library, Part 1: Architecture, rev 1.59 Change-Id: I3388007d4448c93bd0dda591c8ca7d1a8dc5306b Signed-off-by: Tim Crawford tcrawford@system76.com --- M src/security/tpm/tspi/tspi.c 1 file changed, 8 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/78/75878/5