From: Stefan Berger stefanb@linux.vnet.ibm.com
The TIS timeouts for TPM 2 are different than for TPM 1.2. Also the timeouts indicating a failed TPM 2 command are different. Further, the command durations and timeouts cannot be read from the device.
We take the command timeout values for short, medium, and long running commands from table 15 of the following specification:
TCG PC Client Platform TPM Profile (PTP) Specification
http://www.trustedcomputinggroup.org/resources/pc_client_platform_tpm_profil...
The values should work for all physical TPMs.
The tricky thing with virtualized environments is that the values may need to be longer for a system where a vTPM cannot get sufficient cycles. So a future patch _may_ need to multiply those values here with some factor.
Signed-off-by: Stefan Berger stefanb@linux.vnet.ibm.com --- src/hw/tpm_drivers.h | 17 +++++++++++++++++ src/tcgbios.c | 20 ++++++++++++++++++++ 2 files changed, 37 insertions(+)
diff --git a/src/hw/tpm_drivers.h b/src/hw/tpm_drivers.h index 52c7a15..56fd9e8 100644 --- a/src/hw/tpm_drivers.h +++ b/src/hw/tpm_drivers.h @@ -66,6 +66,14 @@ void tpmhw_set_timeouts(u32 timeouts[4], u32 durations[3]); #define TIS_DEFAULT_TIMEOUT_C 750000 /* us */ #define TIS_DEFAULT_TIMEOUT_D 750000 /* us */
+/* + * Default TIS 2 timeouts given in TPM Profile (TPT) Spec + */ +#define TIS2_DEFAULT_TIMEOUT_A 750000 /* us */ +#define TIS2_DEFAULT_TIMEOUT_B 2000000 /* us */ +#define TIS2_DEFAULT_TIMEOUT_C 200000 /* us */ +#define TIS2_DEFAULT_TIMEOUT_D 30000 /* us */ + enum tisTimeoutType { TIS_TIMEOUT_TYPE_A = 0, TIS_TIMEOUT_TYPE_B, @@ -81,4 +89,13 @@ enum tisTimeoutType { #define TPM_DEFAULT_DURATION_MEDIUM 20000000 /* us */ #define TPM_DEFAULT_DURATION_LONG 60000000 /* us */
+/* + * TPM 2 command durations; we set them to the timeout values + * given in TPM Profile (PTP) Specification; exceeding those + * timeout values indicates a faulty TPM. + */ +#define TPM2_DEFAULT_DURATION_SHORT 750000 /* us */ +#define TPM2_DEFAULT_DURATION_MEDIUM 2000000 /* us */ +#define TPM2_DEFAULT_DURATION_LONG 2000000 /* us */ + #endif /* TPM_DRIVERS_H */ diff --git a/src/tcgbios.c b/src/tcgbios.c index 0b40a8f..463b7bb 100644 --- a/src/tcgbios.c +++ b/src/tcgbios.c @@ -322,6 +322,24 @@ tpm12_determine_timeouts(void) return 0; }
+static void +tpm20_set_timeouts(void) +{ + u32 durations[3] = { + TPM2_DEFAULT_DURATION_SHORT, + TPM2_DEFAULT_DURATION_MEDIUM, + TPM2_DEFAULT_DURATION_LONG, + }; + u32 timeouts[4] = { + TIS2_DEFAULT_TIMEOUT_A, + TIS2_DEFAULT_TIMEOUT_B, + TIS2_DEFAULT_TIMEOUT_C, + TIS2_DEFAULT_TIMEOUT_D, + }; + + tpmhw_set_timeouts(timeouts, durations); +} + static int tpm12_extend(u32 pcrindex, const u8 *digest) { @@ -557,6 +575,8 @@ err_exit: static int tpm20_startup(void) { + tpm20_set_timeouts(); + int ret = tpm_build_and_send_cmd(0, TPM2_CC_Startup, Startup_SU_CLEAR, sizeof(Startup_SU_CLEAR),