LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
* [PATCH] tpm, tpm_tis: fix TPM 2.0 probing
@ 2015-02-04 14:21 Jarkko Sakkinen
  2015-02-08 23:08 ` Peter Hüwe
  0 siblings, 1 reply; 7+ messages in thread
From: Jarkko Sakkinen @ 2015-02-04 14:21 UTC (permalink / raw)
  To: Peter Huewe, Ashley Lai, Marcel Selhorst
  Cc: tpmdd-devel, linux-kernel, josh, christophe.ricard,
	jason.gunthorpe, stefanb, linux-api, trousers-tech,
	Jarkko Sakkinen

If during transmission system error was returned, the logic was to
incorrectly deduce that chip is a TPM 1.x chip. This patch fixes this
issue. Also, this patch changes probing so that message tag is used as the
measure for TPM 2.x, which should be much more stable. A separate function
called tpm2_probe() is encapsulated because it can be used with any
chipset.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 drivers/char/tpm/tpm.h      |  3 ++-
 drivers/char/tpm/tpm2-cmd.c | 40 +++++++++++++++++++++++++++++++++-------
 drivers/char/tpm/tpm_tis.c  | 11 ++++-------
 3 files changed, 39 insertions(+), 15 deletions(-)

diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 7b0727c..a4b0f5e 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -435,4 +435,5 @@ extern int tpm2_startup(struct tpm_chip *chip, u16 startup_type);
 extern int tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type);
 extern unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *, u32);
 extern int tpm2_do_selftest(struct tpm_chip *chip);
-extern int tpm2_gen_interrupt(struct tpm_chip *chip, bool quiet);
+extern int tpm2_gen_interrupt(struct tpm_chip *chip);
+extern int tpm2_probe(struct tpm_chip *chip);
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 1abe650..49cd354 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -598,20 +598,46 @@ EXPORT_SYMBOL_GPL(tpm2_do_selftest);
 /**
  * tpm2_gen_interrupt() - generate an interrupt
  * @chip: TPM chip to use
- * @quiet: surpress the error message
  *
  * 0 is returned when the operation is successful. If a negative number is
  * returned it remarks a POSIX error code. If a positive number is returned
  * it remarks a TPM error.
  */
-int tpm2_gen_interrupt(struct tpm_chip *chip, bool quiet)
+int tpm2_gen_interrupt(struct tpm_chip *chip)
 {
-	const char *desc = NULL;
 	u32 dummy;
 
-	if (!quiet)
-		desc = "attempting to generate an interrupt";
-
-	return tpm2_get_tpm_pt(chip, TPM2_CAP_TPM_PROPERTIES, &dummy, desc);
+	return tpm2_get_tpm_pt(chip, 0x100, &dummy,
+			       "attempting to generate an interrupt");
 }
 EXPORT_SYMBOL_GPL(tpm2_gen_interrupt);
+
+/**
+ * tpm2_probe() - probe TPM 2.0
+ * @chip: TPM chip to use
+ *
+ * Send idempotent TPM 2.0 command and see whether TPM 2.0 chip replied based on
+ * the reply tag.
+ */
+int tpm2_probe(struct tpm_chip *chip)
+{
+	struct tpm2_cmd cmd;
+	int rc;
+
+	cmd.header.in = tpm2_get_tpm_pt_header;
+	cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES);
+	cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(0x100);
+	cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1);
+
+	rc = tpm_transmit(chip, (const char *) &cmd, sizeof(cmd));
+	if (rc <  0)
+		return rc;
+	else if (rc < TPM_HEADER_SIZE)
+		return -EFAULT;
+
+	if (be16_to_cpu(cmd.header.out.tag) == TPM2_ST_NO_SESSIONS)
+		chip->flags |= TPM_CHIP_FLAG_TPM2;
+
+	return 0;
+}
+EXPORT_SYMBOL_GPL(tpm2_probe);
diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c
index 6725bef..ee6e0bd 100644
--- a/drivers/char/tpm/tpm_tis.c
+++ b/drivers/char/tpm/tpm_tis.c
@@ -639,12 +639,9 @@ static int tpm_tis_init(struct device *dev, acpi_handle acpi_dev_handle,
 		goto out_err;
 	}
 
-	/* Every TPM 2.x command has a higher ordinal than TPM 1.x commands.
-	 * Therefore, we can use an idempotent TPM 2.x command to probe TPM 2.x.
-	 */
-	rc = tpm2_gen_interrupt(chip, true);
-	if (rc == 0 || rc == TPM2_RC_INITIALIZE)
-		chip->flags |= TPM_CHIP_FLAG_TPM2;
+	rc = tpm2_probe(chip);
+	if (rc)
+		goto out_err;
 
 	vendor = ioread32(chip->vendor.iobase + TPM_DID_VID(0));
 	chip->vendor.manufacturer_id = vendor;
@@ -747,7 +744,7 @@ static int tpm_tis_init(struct device *dev, acpi_handle acpi_dev_handle,
 
 			/* Generate Interrupts */
 			if (chip->flags & TPM_CHIP_FLAG_TPM2)
-				tpm2_gen_interrupt(chip, false);
+				tpm2_gen_interrupt(chip);
 			else
 				tpm_gen_interrupt(chip);
 
-- 
2.1.4


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] tpm, tpm_tis: fix TPM 2.0 probing
  2015-02-04 14:21 [PATCH] tpm, tpm_tis: fix TPM 2.0 probing Jarkko Sakkinen
@ 2015-02-08 23:08 ` Peter Hüwe
  2015-02-09  8:39   ` Jarkko Sakkinen
  0 siblings, 1 reply; 7+ messages in thread
From: Peter Hüwe @ 2015-02-08 23:08 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: Ashley Lai, Marcel Selhorst, tpmdd-devel, linux-kernel, josh,
	christophe.ricard, jason.gunthorpe, stefanb, linux-api,
	trousers-tech

Am Mittwoch, 4. Februar 2015, 15:21:09 schrieb Jarkko Sakkinen:
> If during transmission system error was returned, the logic was to
> incorrectly deduce that chip is a TPM 1.x chip. This patch fixes this
> issue. Also, this patch changes probing so that message tag is used as the
> measure for TPM 2.x, which should be much more stable.
Is it aware that some TPMs may respond with 0x00C1 as TAG for TPM1.2 commands?


> A separate function
> called tpm2_probe() is encapsulated because it can be used with any
> chipset.

> 
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
>  drivers/char/tpm/tpm.h      |  3 ++-
>  drivers/char/tpm/tpm2-cmd.c | 40 +++++++++++++++++++++++++++++++++-------
>  drivers/char/tpm/tpm_tis.c  | 11 ++++-------
>  3 files changed, 39 insertions(+), 15 deletions(-)
> 
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index 7b0727c..a4b0f5e 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -435,4 +435,5 @@ extern int tpm2_startup(struct tpm_chip *chip, u16
> startup_type); extern int tpm2_shutdown(struct tpm_chip *chip, u16
> shutdown_type); extern unsigned long tpm2_calc_ordinal_duration(struct
> tpm_chip *, u32); extern int tpm2_do_selftest(struct tpm_chip *chip);
> -extern int tpm2_gen_interrupt(struct tpm_chip *chip, bool quiet);
> +extern int tpm2_gen_interrupt(struct tpm_chip *chip);
> +extern int tpm2_probe(struct tpm_chip *chip);
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index 1abe650..49cd354 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -598,20 +598,46 @@ EXPORT_SYMBOL_GPL(tpm2_do_selftest);
>  /**
>   * tpm2_gen_interrupt() - generate an interrupt
>   * @chip: TPM chip to use
> - * @quiet: surpress the error message
>   *
>   * 0 is returned when the operation is successful. If a negative number is
>   * returned it remarks a POSIX error code. If a positive number is
> returned * it remarks a TPM error.
>   */
> -int tpm2_gen_interrupt(struct tpm_chip *chip, bool quiet)
> +int tpm2_gen_interrupt(struct tpm_chip *chip)
>  {
> -	const char *desc = NULL;
>  	u32 dummy;
> 
> -	if (!quiet)
> -		desc = "attempting to generate an interrupt";
> -
> -	return tpm2_get_tpm_pt(chip, TPM2_CAP_TPM_PROPERTIES, &dummy, desc);
> +	return tpm2_get_tpm_pt(chip, 0x100, &dummy,
> +			       "attempting to generate an interrupt");
Why the change from TPM2_CAP_TPM_PROPERTIES = 6 to 0x100 and what does 0x100 
stand for?


>  }
>  EXPORT_SYMBOL_GPL(tpm2_gen_interrupt);
> +
> +/**
> + * tpm2_probe() - probe TPM 2.0
> + * @chip: TPM chip to use
> + *
> + * Send idempotent TPM 2.0 command and see whether TPM 2.0 chip replied
> based on + * the reply tag.
> + */
> +int tpm2_probe(struct tpm_chip *chip)
> +{
> +	struct tpm2_cmd cmd;
> +	int rc;
> +
> +	cmd.header.in = tpm2_get_tpm_pt_header;
> +	cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES);
> +	cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(0x100);
> +	cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1);
> +
> +	rc = tpm_transmit(chip, (const char *) &cmd, sizeof(cmd));
> +	if (rc <  0)
> +		return rc;
> +	else if (rc < TPM_HEADER_SIZE)
> +		return -EFAULT;
> +
> +	if (be16_to_cpu(cmd.header.out.tag) == TPM2_ST_NO_SESSIONS)
> +		chip->flags |= TPM_CHIP_FLAG_TPM2;
> +
> +	return 0;
> +}
> +EXPORT_SYMBOL_GPL(tpm2_probe);
> diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c
> index 6725bef..ee6e0bd 100644
> --- a/drivers/char/tpm/tpm_tis.c
> +++ b/drivers/char/tpm/tpm_tis.c
> @@ -639,12 +639,9 @@ static int tpm_tis_init(struct device *dev,
> acpi_handle acpi_dev_handle, goto out_err;
>  	}
> 
> -	/* Every TPM 2.x command has a higher ordinal than TPM 1.x commands.
> -	 * Therefore, we can use an idempotent TPM 2.x command to probe TPM 2.x.
> -	 */
> -	rc = tpm2_gen_interrupt(chip, true);
> -	if (rc == 0 || rc == TPM2_RC_INITIALIZE)
> -		chip->flags |= TPM_CHIP_FLAG_TPM2;
> +	rc = tpm2_probe(chip);
> +	if (rc)
> +		goto out_err;
> 
>  	vendor = ioread32(chip->vendor.iobase + TPM_DID_VID(0));
>  	chip->vendor.manufacturer_id = vendor;
> @@ -747,7 +744,7 @@ static int tpm_tis_init(struct device *dev, acpi_handle
> acpi_dev_handle,
> 
>  			/* Generate Interrupts */
>  			if (chip->flags & TPM_CHIP_FLAG_TPM2)
> -				tpm2_gen_interrupt(chip, false);
> +				tpm2_gen_interrupt(chip);
>  			else
>  				tpm_gen_interrupt(chip);


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] tpm, tpm_tis: fix TPM 2.0 probing
  2015-02-08 23:08 ` Peter Hüwe
@ 2015-02-09  8:39   ` Jarkko Sakkinen
  2015-02-10 12:16     ` Stefan Berger
  0 siblings, 1 reply; 7+ messages in thread
From: Jarkko Sakkinen @ 2015-02-09  8:39 UTC (permalink / raw)
  To: Peter Hüwe
  Cc: Ashley Lai, Marcel Selhorst, tpmdd-devel, linux-kernel, josh,
	christophe.ricard, jason.gunthorpe, stefanb, linux-api,
	trousers-tech

On Mon, Feb 09, 2015 at 12:08:46AM +0100, Peter Hüwe wrote:
> Am Mittwoch, 4. Februar 2015, 15:21:09 schrieb Jarkko Sakkinen:
> > If during transmission system error was returned, the logic was to
> > incorrectly deduce that chip is a TPM 1.x chip. This patch fixes this
> > issue. Also, this patch changes probing so that message tag is used as the
> > measure for TPM 2.x, which should be much more stable.
> Is it aware that some TPMs may respond with 0x00C1 as TAG for TPM1.2 commands?

I guess none of the TPM 1.2 command answer with the tag 0x8002?

> > A separate function
> > called tpm2_probe() is encapsulated because it can be used with any
> > chipset.
> 
> > 
> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > ---
> >  drivers/char/tpm/tpm.h      |  3 ++-
> >  drivers/char/tpm/tpm2-cmd.c | 40 +++++++++++++++++++++++++++++++++-------
> >  drivers/char/tpm/tpm_tis.c  | 11 ++++-------
> >  3 files changed, 39 insertions(+), 15 deletions(-)
> > 
> > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> > index 7b0727c..a4b0f5e 100644
> > --- a/drivers/char/tpm/tpm.h
> > +++ b/drivers/char/tpm/tpm.h
> > @@ -435,4 +435,5 @@ extern int tpm2_startup(struct tpm_chip *chip, u16
> > startup_type); extern int tpm2_shutdown(struct tpm_chip *chip, u16
> > shutdown_type); extern unsigned long tpm2_calc_ordinal_duration(struct
> > tpm_chip *, u32); extern int tpm2_do_selftest(struct tpm_chip *chip);
> > -extern int tpm2_gen_interrupt(struct tpm_chip *chip, bool quiet);
> > +extern int tpm2_gen_interrupt(struct tpm_chip *chip);
> > +extern int tpm2_probe(struct tpm_chip *chip);
> > diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> > index 1abe650..49cd354 100644
> > --- a/drivers/char/tpm/tpm2-cmd.c
> > +++ b/drivers/char/tpm/tpm2-cmd.c
> > @@ -598,20 +598,46 @@ EXPORT_SYMBOL_GPL(tpm2_do_selftest);
> >  /**
> >   * tpm2_gen_interrupt() - generate an interrupt
> >   * @chip: TPM chip to use
> > - * @quiet: surpress the error message
> >   *
> >   * 0 is returned when the operation is successful. If a negative number is
> >   * returned it remarks a POSIX error code. If a positive number is
> > returned * it remarks a TPM error.
> >   */
> > -int tpm2_gen_interrupt(struct tpm_chip *chip, bool quiet)
> > +int tpm2_gen_interrupt(struct tpm_chip *chip)
> >  {
> > -	const char *desc = NULL;
> >  	u32 dummy;
> > 
> > -	if (!quiet)
> > -		desc = "attempting to generate an interrupt";
> > -
> > -	return tpm2_get_tpm_pt(chip, TPM2_CAP_TPM_PROPERTIES, &dummy, desc);
> > +	return tpm2_get_tpm_pt(chip, 0x100, &dummy,
> > +			       "attempting to generate an interrupt");
> Why the change from TPM2_CAP_TPM_PROPERTIES = 6 to 0x100 and what does 0x100 
> stand for?

In TPM 2.0 there are two levels: capabilities and properties. Using
capability ID of "TPM properties" property set was a sloppy mistake
although it didn't matter because interrupt is still generate.

The properties in the "TPM properties" property set start with the
index 0x100.

> >  }
> >  EXPORT_SYMBOL_GPL(tpm2_gen_interrupt);
> > +
> > +/**
> > + * tpm2_probe() - probe TPM 2.0
> > + * @chip: TPM chip to use
> > + *
> > + * Send idempotent TPM 2.0 command and see whether TPM 2.0 chip replied
> > based on + * the reply tag.
> > + */
> > +int tpm2_probe(struct tpm_chip *chip)
> > +{
> > +	struct tpm2_cmd cmd;
> > +	int rc;
> > +
> > +	cmd.header.in = tpm2_get_tpm_pt_header;
> > +	cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES);
> > +	cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(0x100);
> > +	cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1);
> > +
> > +	rc = tpm_transmit(chip, (const char *) &cmd, sizeof(cmd));
> > +	if (rc <  0)
> > +		return rc;
> > +	else if (rc < TPM_HEADER_SIZE)
> > +		return -EFAULT;
> > +
> > +	if (be16_to_cpu(cmd.header.out.tag) == TPM2_ST_NO_SESSIONS)
> > +		chip->flags |= TPM_CHIP_FLAG_TPM2;
> > +
> > +	return 0;
> > +}
> > +EXPORT_SYMBOL_GPL(tpm2_probe);
> > diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c
> > index 6725bef..ee6e0bd 100644
> > --- a/drivers/char/tpm/tpm_tis.c
> > +++ b/drivers/char/tpm/tpm_tis.c
> > @@ -639,12 +639,9 @@ static int tpm_tis_init(struct device *dev,
> > acpi_handle acpi_dev_handle, goto out_err;
> >  	}
> > 
> > -	/* Every TPM 2.x command has a higher ordinal than TPM 1.x commands.
> > -	 * Therefore, we can use an idempotent TPM 2.x command to probe TPM 2.x.
> > -	 */
> > -	rc = tpm2_gen_interrupt(chip, true);
> > -	if (rc == 0 || rc == TPM2_RC_INITIALIZE)
> > -		chip->flags |= TPM_CHIP_FLAG_TPM2;
> > +	rc = tpm2_probe(chip);
> > +	if (rc)
> > +		goto out_err;
> > 
> >  	vendor = ioread32(chip->vendor.iobase + TPM_DID_VID(0));
> >  	chip->vendor.manufacturer_id = vendor;
> > @@ -747,7 +744,7 @@ static int tpm_tis_init(struct device *dev, acpi_handle
> > acpi_dev_handle,
> > 
> >  			/* Generate Interrupts */
> >  			if (chip->flags & TPM_CHIP_FLAG_TPM2)
> > -				tpm2_gen_interrupt(chip, false);
> > +				tpm2_gen_interrupt(chip);
> >  			else
> >  				tpm_gen_interrupt(chip);

/Jarkko

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] tpm, tpm_tis: fix TPM 2.0 probing
  2015-02-09  8:39   ` Jarkko Sakkinen
@ 2015-02-10 12:16     ` Stefan Berger
  2015-02-10 12:50       ` Jarkko Sakkinen
  0 siblings, 1 reply; 7+ messages in thread
From: Stefan Berger @ 2015-02-10 12:16 UTC (permalink / raw)
  To: Jarkko Sakkinen, Peter Hüwe
  Cc: Ashley Lai, Marcel Selhorst, tpmdd-devel, linux-kernel, josh,
	christophe.ricard, jason.gunthorpe, linux-api, trousers-tech

On 02/09/2015 03:39 AM, Jarkko Sakkinen wrote:
> On Mon, Feb 09, 2015 at 12:08:46AM +0100, Peter Hüwe wrote:
>> Am Mittwoch, 4. Februar 2015, 15:21:09 schrieb Jarkko Sakkinen:
>>> If during transmission system error was returned, the logic was to
>>> incorrectly deduce that chip is a TPM 1.x chip. This patch fixes this
>>> issue. Also, this patch changes probing so that message tag is used as the
>>> measure for TPM 2.x, which should be much more stable.
>> Is it aware that some TPMs may respond with 0x00C1 as TAG for TPM1.2 commands?
> I guess none of the TPM 1.2 command answer with the tag 0x8002?


FYI: pdf page 26 , section 6.1 explains the predictable return value for 
a TPM1.2 command seen by a TPM2

http://www.trustedcomputinggroup.org/files/static_page_files/8C68ADA8-1A4B-B294-D0FC06D3773F7DAA/TPM%20Rev%202.0%20Part%203%20-%20Commands%2001.16-code.pdf

Following this:

Sending a TPM1.2 command to a TPM2 should return a TPM1.2 header (tag = 
0xc4) and error code (TPM_BADTAG = 0x1e)

Sending a TPM 2 command to a TPM 2 will give a TPM 2 tag in the header.
Sending a TPM 2 command to a TPM 1.2 will give a TPM 1.2 tag in the 
header and an error code.


    Stefan


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] tpm, tpm_tis: fix TPM 2.0 probing
  2015-02-10 12:16     ` Stefan Berger
@ 2015-02-10 12:50       ` Jarkko Sakkinen
  2015-02-11 18:47         ` Stefan Berger
  0 siblings, 1 reply; 7+ messages in thread
From: Jarkko Sakkinen @ 2015-02-10 12:50 UTC (permalink / raw)
  To: Stefan Berger
  Cc: Peter Hüwe, Ashley Lai, Marcel Selhorst, tpmdd-devel,
	linux-kernel, josh, christophe.ricard, jason.gunthorpe,
	linux-api, trousers-tech

On Tue, Feb 10, 2015 at 07:16:32AM -0500, Stefan Berger wrote:
> On 02/09/2015 03:39 AM, Jarkko Sakkinen wrote:
> >On Mon, Feb 09, 2015 at 12:08:46AM +0100, Peter Hüwe wrote:
> >>Am Mittwoch, 4. Februar 2015, 15:21:09 schrieb Jarkko Sakkinen:
> >>>If during transmission system error was returned, the logic was to
> >>>incorrectly deduce that chip is a TPM 1.x chip. This patch fixes this
> >>>issue. Also, this patch changes probing so that message tag is used as the
> >>>measure for TPM 2.x, which should be much more stable.
> >>Is it aware that some TPMs may respond with 0x00C1 as TAG for TPM1.2 commands?
> >I guess none of the TPM 1.2 command answer with the tag 0x8002?
> 
> 
> FYI: pdf page 26 , section 6.1 explains the predictable return value for a
> TPM1.2 command seen by a TPM2
> 
> http://www.trustedcomputinggroup.org/files/static_page_files/8C68ADA8-1A4B-B294-D0FC06D3773F7DAA/TPM%20Rev%202.0%20Part%203%20-%20Commands%2001.16-code.pdf
> 
> Following this:
> 
> Sending a TPM1.2 command to a TPM2 should return a TPM1.2 header (tag =
> 0xc4) and error code (TPM_BADTAG = 0x1e)
> 
> Sending a TPM 2 command to a TPM 2 will give a TPM 2 tag in the header.
> Sending a TPM 2 command to a TPM 1.2 will give a TPM 1.2 tag in the header
> and an error code.

Thank you for the information. Do you think that for some reason
tpm2_probe() shoould instead check that value is not this error
instead of checking that tag is 0x80002?

>    Stefan

/Jarkko

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] tpm, tpm_tis: fix TPM 2.0 probing
  2015-02-10 12:50       ` Jarkko Sakkinen
@ 2015-02-11 18:47         ` Stefan Berger
  2015-02-12  5:25           ` Jarkko Sakkinen
  0 siblings, 1 reply; 7+ messages in thread
From: Stefan Berger @ 2015-02-11 18:47 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: Peter Hüwe, Ashley Lai, Marcel Selhorst, tpmdd-devel,
	linux-kernel, josh, christophe.ricard, jason.gunthorpe,
	linux-api, trousers-tech

On 02/10/2015 07:50 AM, Jarkko Sakkinen wrote:
> On Tue, Feb 10, 2015 at 07:16:32AM -0500, Stefan Berger wrote:
>> On 02/09/2015 03:39 AM, Jarkko Sakkinen wrote:
>>> On Mon, Feb 09, 2015 at 12:08:46AM +0100, Peter Hüwe wrote:
>>>> Am Mittwoch, 4. Februar 2015, 15:21:09 schrieb Jarkko Sakkinen:
>>>>> If during transmission system error was returned, the logic was to
>>>>> incorrectly deduce that chip is a TPM 1.x chip. This patch fixes this
>>>>> issue. Also, this patch changes probing so that message tag is used as the
>>>>> measure for TPM 2.x, which should be much more stable.
>>>> Is it aware that some TPMs may respond with 0x00C1 as TAG for TPM1.2 commands?
>>> I guess none of the TPM 1.2 command answer with the tag 0x8002?
>>
>> FYI: pdf page 26 , section 6.1 explains the predictable return value for a
>> TPM1.2 command seen by a TPM2
>>
>> http://www.trustedcomputinggroup.org/files/static_page_files/8C68ADA8-1A4B-B294-D0FC06D3773F7DAA/TPM%20Rev%202.0%20Part%203%20-%20Commands%2001.16-code.pdf
>>
>> Following this:
>>
>> Sending a TPM1.2 command to a TPM2 should return a TPM1.2 header (tag =
>> 0xc4) and error code (TPM_BADTAG = 0x1e)
>>
>> Sending a TPM 2 command to a TPM 2 will give a TPM 2 tag in the header.
>> Sending a TPM 2 command to a TPM 1.2 will give a TPM 1.2 tag in the header
>> and an error code.
> Thank you for the information. Do you think that for some reason
> tpm2_probe() shoould instead check that value is not this error
> instead of checking that tag is 0x80002?

Following your path, you are checking for TPM2_ST_NO_SESSION (0x8001), 
which looks correct to me. A TPM1.2 would never send this tag back.

     Stefan


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] tpm, tpm_tis: fix TPM 2.0 probing
  2015-02-11 18:47         ` Stefan Berger
@ 2015-02-12  5:25           ` Jarkko Sakkinen
  0 siblings, 0 replies; 7+ messages in thread
From: Jarkko Sakkinen @ 2015-02-12  5:25 UTC (permalink / raw)
  To: Stefan Berger
  Cc: Peter Hüwe, Ashley Lai, Marcel Selhorst, tpmdd-devel,
	linux-kernel, josh, christophe.ricard, jason.gunthorpe,
	linux-api, trousers-tech

On Wed, Feb 11, 2015 at 01:47:01PM -0500, Stefan Berger wrote:
> On 02/10/2015 07:50 AM, Jarkko Sakkinen wrote:
> >On Tue, Feb 10, 2015 at 07:16:32AM -0500, Stefan Berger wrote:
> >>On 02/09/2015 03:39 AM, Jarkko Sakkinen wrote:
> >>>On Mon, Feb 09, 2015 at 12:08:46AM +0100, Peter Hüwe wrote:
> >>>>Am Mittwoch, 4. Februar 2015, 15:21:09 schrieb Jarkko Sakkinen:
> >>>>>If during transmission system error was returned, the logic was to
> >>>>>incorrectly deduce that chip is a TPM 1.x chip. This patch fixes this
> >>>>>issue. Also, this patch changes probing so that message tag is used as the
> >>>>>measure for TPM 2.x, which should be much more stable.
> >>>>Is it aware that some TPMs may respond with 0x00C1 as TAG for TPM1.2 commands?
> >>>I guess none of the TPM 1.2 command answer with the tag 0x8002?
> >>
> >>FYI: pdf page 26 , section 6.1 explains the predictable return value for a
> >>TPM1.2 command seen by a TPM2
> >>
> >>http://www.trustedcomputinggroup.org/files/static_page_files/8C68ADA8-1A4B-B294-D0FC06D3773F7DAA/TPM%20Rev%202.0%20Part%203%20-%20Commands%2001.16-code.pdf
> >>
> >>Following this:
> >>
> >>Sending a TPM1.2 command to a TPM2 should return a TPM1.2 header (tag =
> >>0xc4) and error code (TPM_BADTAG = 0x1e)
> >>
> >>Sending a TPM 2 command to a TPM 2 will give a TPM 2 tag in the header.
> >>Sending a TPM 2 command to a TPM 1.2 will give a TPM 1.2 tag in the header
> >>and an error code.
> >Thank you for the information. Do you think that for some reason
> >tpm2_probe() shoould instead check that value is not this error
> >instead of checking that tag is 0x80002?
> 
> Following your path, you are checking for TPM2_ST_NO_SESSION (0x8001), which
> looks correct to me. A TPM1.2 would never send this tag back.

OK, perfect :)

>     Stefan

/Jarkko

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2015-02-12  5:26 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-02-04 14:21 [PATCH] tpm, tpm_tis: fix TPM 2.0 probing Jarkko Sakkinen
2015-02-08 23:08 ` Peter Hüwe
2015-02-09  8:39   ` Jarkko Sakkinen
2015-02-10 12:16     ` Stefan Berger
2015-02-10 12:50       ` Jarkko Sakkinen
2015-02-11 18:47         ` Stefan Berger
2015-02-12  5:25           ` Jarkko Sakkinen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).