[SeaBIOS] [RFC PATCH v1 5/9] tpm: Implement tpm2_set_timeouts

Kevin O'Connor kevin at koconnor.net
Thu Jan 21 23:42:44 CET 2016 

On Fri, Jan 15, 2016 at 02:44:35PM -0500, Stefan Berger wrote:
> From: Stefan Berger <stefanb at linux.vnet.ibm.com>
> 
> The TIS timeouts for TPM 2 are different than for TPM 1.2.
> Also the timeouts indicating a failed TPM 2 command are different.
> Further, the  command durations and timeouts cannot be read from the device.
> 
> We take the command timeout values for short, medium, and long running
> commands from table 15 of the following specification:
> 
> TCG PC Client Platform TPM Profile (PTP) Specification
> 
> http://www.trustedcomputinggroup.org/resources/pc_client_platform_tpm_profile_ptp_specification
> 
> The values should work for all physical TPMs.
> 
> The tricky thing with virtualized environments is that the values
> may need to be longer for a system where a vTPM cannot get sufficient
> cycles. So a future patch _may_ need to multiply those values here
> with some factor.
> 
> Signed-off-by: Stefan Berger <stefanb at linux.vnet.ibm.com>
> ---
>  src/hw/tpm_drivers.h | 17 +++++++++++++++++
>  src/tcgbios.c        | 20 ++++++++++++++++++++
>  2 files changed, 37 insertions(+)
> 
> diff --git a/src/hw/tpm_drivers.h b/src/hw/tpm_drivers.h
> index 665c534..36d6ab9 100644
> --- a/src/hw/tpm_drivers.h
> +++ b/src/hw/tpm_drivers.h
> @@ -66,6 +66,14 @@ TPMVersion tpmhw_get_tpm_version(void);
>  #define TIS_DEFAULT_TIMEOUT_C           750000 /* us */
>  #define TIS_DEFAULT_TIMEOUT_D           750000 /* us */
>  
> +/*
> + * Default TIS 2 timeouts given in TPM Profile (TPT) Spec
> + */
> +#define TIS2_DEFAULT_TIMEOUT_A          750000 /* us */
> +#define TIS2_DEFAULT_TIMEOUT_B         2000000 /* us */
> +#define TIS2_DEFAULT_TIMEOUT_C          200000 /* us */
> +#define TIS2_DEFAULT_TIMEOUT_D           30000 /* us */
> +
>  enum tisTimeoutType {
>      TIS_TIMEOUT_TYPE_A = 0,
>      TIS_TIMEOUT_TYPE_B,
> @@ -81,4 +89,13 @@ enum tisTimeoutType {
>  #define TPM_DEFAULT_DURATION_MEDIUM    20000000 /* us */
>  #define TPM_DEFAULT_DURATION_LONG      60000000 /* us */
>  
> +/*
> + * TPM 2 command durations; we set them to the timeout values
> + * given in TPM Profile (PTP) Speicfication; exceeding those
> + * timeout values indicates a faulty TPM.
> + */
> +#define TPM2_DEFAULT_DURATION_SHORT       750000 /* us */
> +#define TPM2_DEFAULT_DURATION_MEDIUM     2000000 /* us */
> +#define TPM2_DEFAULT_DURATION_LONG       2000000 /* us */
> +
>  #endif /* TPM_DRIVERS_H */
> diff --git a/src/tcgbios.c b/src/tcgbios.c
> index 0d6cfdb..7b6409c 100644
> --- a/src/tcgbios.c
> +++ b/src/tcgbios.c
> @@ -322,6 +322,24 @@ tpm12_determine_timeouts(void)
>      return 0;
>  }
>  
> +static void
> +tpm2_set_timeouts(void)
> +{
> +    u32 durations[3] = {
> +        TPM2_DEFAULT_DURATION_SHORT,
> +        TPM2_DEFAULT_DURATION_MEDIUM,
> +        TPM2_DEFAULT_DURATION_LONG,
> +    };
> +    u32 timeouts[4] = {
> +        TIS2_DEFAULT_TIMEOUT_A,
> +        TIS2_DEFAULT_TIMEOUT_B,
> +        TIS2_DEFAULT_TIMEOUT_C,
> +        TIS2_DEFAULT_TIMEOUT_D,
> +    };
> +
> +    tpmhw_set_timeouts(timeouts, durations);
> +}
> +
>  static int
>  tpm12_extend(u32 pcrindex, const u8 *digest)
>  {
> @@ -557,6 +575,8 @@ err_exit:
>  static int
>  tpm2_startup(void)
>  {
> +    tpm2_set_timeouts();
> +

How about just do this in tpmhw_probe() and not bother with calling
tpmhw_set_timeouts in tcgbios.c (for tpm2).

-Kevin

More information about the SeaBIOS mailing list