Philipp Deppenwiese has submitted this change and it was merged. ( https://review.coreboot.org/29063 )
Change subject: tpm2/tlcl_send_startup: should pass on TPM_E_INVALID_POSTINIT ......................................................................
tpm2/tlcl_send_startup: should pass on TPM_E_INVALID_POSTINIT
Change TSS layer tlcl_send_startup() to expose TPM_RC_INITIALIZE, which gets mapped to TPM_E_INVALID_POSTINIT. The return value is exposed to TSPI layer tpm_setup(), and dealt with as follows:
- Regular startup: TPM_E_INVALID_POSTINIT should count as failure. - S3 resume: TPM_E_INVALID_POSTINIT can be assumed to mean that TPM maintains power during S3, and is already initialized.
Also, correct an error where |response| could be erroneously accessed when it is set to NULL.
BUG=b:114018226 TEST=compile coreboot
Change-Id: Ib0c3750386ae04279401c1dc318c5019d39f5ecf Signed-off-by: Joel Kitching kitching@google.com Reviewed-on: https://review.coreboot.org/29063 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Paul Menzel paulepanter@users.sourceforge.net Reviewed-by: Julius Werner jwerner@chromium.org Reviewed-by: Philipp Deppenwiese zaolin.daisuki@gmail.com --- M src/security/tpm/tss/tcg-2.0/tss.c 1 file changed, 15 insertions(+), 3 deletions(-)
Approvals: build bot (Jenkins): Verified Paul Menzel: Looks good to me, but someone else must approve Philipp Deppenwiese: Looks good to me, approved Julius Werner: Looks good to me, approved
diff --git a/src/security/tpm/tss/tcg-2.0/tss.c b/src/security/tpm/tss/tcg-2.0/tss.c index e6ec57c..c67fdfa 100644 --- a/src/security/tpm/tss/tcg-2.0/tss.c +++ b/src/security/tpm/tss/tcg-2.0/tss.c @@ -61,12 +61,24 @@ startup.startup_type = type; response = tpm_process_command(TPM2_Startup, &startup);
- if (response && (response->hdr.tpm_code == 0 || - response->hdr.tpm_code == TPM_RC_INITIALIZE)) { - return TPM_SUCCESS; + /* IO error, tpm2_response pointer is empty. */ + if (response == NULL) { + printk(BIOS_ERR, "%s: TPM communication error\n", __func__); + return TPM_E_IOERROR; } + printk(BIOS_INFO, "%s: Startup return code is %x\n", __func__, response->hdr.tpm_code); + + switch (response->hdr.tpm_code) { + case TPM_RC_INITIALIZE: + /* TPM already initialized. */ + return TPM_E_INVALID_POSTINIT; + case TPM2_RC_SUCCESS: + return TPM_SUCCESS; + } + + /* Collapse any other errors into TPM_E_IOERROR. */ return TPM_E_IOERROR; }