On Mon, Mar 12, 2018 at 01:38:52PM -0400, Stephen Douthit wrote:
I've got a board modded so I can jumper the TPM in
What I found in the no-TPM case was that both tis_probe() and
crb_probe() incorrectly return 1 for device present if all Fs are read.
For tis_probe() that was because rc wasn't updated to 0 if didvid was
0xffffffff. For crb_probe() the last three return statements are
inverted from what they should be, and the first 64bit address check
returned the wrong value. Fixing both probe functions got rid of the
timeout for me when the TPM was disconnected.
It looks like there's a bit in the ACCESS register called Seize that
must always read '0' for the version 1.2/1.3 interfaces. I'd like to
check that instead of didvid in tis_probe to handle the aborted read all
I'd like to add a poll for tpmRegValidSts to crb_probe() similar to
what's in tis_probe() to avoid potential races on real hardware.
There's a Seize bit in TPM_LOC_CTRL_x which always reads 0 that we could
use as a sanity check against the no device all Fs case.
Let me know if that sounds like a better way to catch the no device
case, or if there's is some other check that would be better.
Thanks for looking at this. It is common on x86 for invalid memory
accesses to return 0xff. I don't know enough about the TPM hardware
to make a judgement call on the best way to test for presence. I'd
like to hear what Stefan's thoughts are on this.