Re: [Ibmtpm20tss-users] [openssl-tpm2-engine] tpm sessions

Jerry Snitselaar <jsnitsel@...>

On Tue, Mar 19, 2019 at 10:43 AM Doug Fraser <doug.fraser@...> wrote:


Was there anything outside of drivers/char/tpm tree?

I diffed that whole tree 4.14 vs 4.18 and got a small number of diffs.


These five files...

diff --unified --recursive --minimal a/linux/drivers/char/tpm/Kconfig b/linux/drivers/char/tpm/Kconfig
diff --unified --recursive --minimal a/linux/drivers/char/tpm/tpm_crb.c b/linux/drivers/char/tpm/tpm_crb.c
diff --unified --recursive --minimal a/linux/drivers/char/tpm/tpm_i2c_nuvoton.c b/linux/drivers/char/tpm/tpm_i2c_nuvoton.c
diff --unified --recursive --minimal a/linux/drivers/char/tpm/tpm-interface.c b/linux/drivers/char/tpm/tpm-interface.c
diff --unified --recursive --minimal a/linux/drivers/char/tpm/xen-tpmfront.c b/linux/drivers/char/tpm/xen-tpmfront.c

With what looks to be the relevant changes in tpm-interface.c, with about a dozen lines spread across five sections of code.
I somehow got it in my mind reading this earlier that you were using
the tis driver. My apologies on that, ignore the 4.18 suggestion then.
So you are using
tpm_i2c_nuvoton and the crb driver?

diff --unified --recursive --minimal a/linux/drivers/char/tpm/tpm-interface.c b/linux/drivers/char/tpm/tpm-interface.c
--- a/linux/drivers/char/tpm/tpm-interface.c 2019-02-25 12:55:59.000000000 -0500
+++ b/linux/drivers/char/tpm/tpm-interface.c 2019-03-19 09:36:57.601582514 -0400
@@ -479,13 +479,15 @@

if (need_locality) {
rc = tpm_request_locality(chip, flags);
- if (rc < 0)
- goto out_no_locality;
+ if (rc < 0) {
+ need_locality = false;
+ goto out_locality;
+ }

rc = tpm_cmd_ready(chip, flags);
if (rc)
- goto out;
+ goto out_locality;

rc = tpm2_prepare_space(chip, space, ordinal, buf);
if (rc)
@@ -549,14 +551,13 @@
dev_err(&chip->dev, "tpm2_commit_space: error %d\n", rc);

- rc = tpm_go_idle(chip, flags);
- if (rc)
- goto out;
+ /* may fail but do not override previous error value in rc */
+ tpm_go_idle(chip, flags);

if (need_locality)
tpm_relinquish_locality(chip, flags);

if (chip->ops->clk_enable != NULL)
chip->ops->clk_enable(chip, false);

@@ -611,12 +612,13 @@
rc = be32_to_cpu(header->return_code);
if (rc != TPM2_RC_RETRY)
- delay_msec *= 2;
if (delay_msec > TPM2_DURATION_LONG) {
dev_err(&chip->dev, "TPM is in retry loop\n");
+ delay_msec *= 2;
memcpy(buf, save, save_size);
return ret;
@@ -652,7 +654,8 @@
return len;

err = be32_to_cpu(header->return_code);
- if (err != 0 && desc)
+ if (err != 0 && err != TPM_ERR_DISABLED && err != TPM_ERR_DEACTIVATED
+ && desc)
dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err,
if (err)

-----Original Message-----
From: Jerry Snitselaar <jsnitsel@...>
Sent: Tuesday, March 19, 2019 1:31 PM
To: Doug Fraser <doug.fraser@...>
Cc: James Bottomley <James.Bottomley@...>;; Kenneth Goldman <kgoldman@...>; Ibmtpm20tss-users@...
Subject: Re: [Ibmtpm20tss-users] [openssl-tpm2-engine] tpm sessions

On Tue Mar 19 19, Doug Fraser wrote:

We are on 4.14.77

I will look at cherry picking the tpm from 4.18
I'll take a stab at backporting the commit to 4.14 this afternoon. There are some minor differences back then, but it shouldn't too bad. Since it sounds like you are building the kernel, I can also send along a debugging patch that will spit out the values in the access and status registers when the status expect data check fails.


We are currently on Alpine 3.8 hoping to move to 3.9 (for other reasons) and also looking to move to 4.19 kernel.
This is going to take some time, but now I have a greater incentive to push on that.

Thank you all for your help in this.


Join to automatically receive all group messages.