Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp1586131ybl; Mon, 2 Dec 2019 05:36:17 -0800 (PST) X-Google-Smtp-Source: APXvYqzpMXA3ecLD6nhIYWsNbwmGIdRfCZUKejKVn9T04ev1qvJ7HozrmAUJx1cEMXZuNzW4MrHf X-Received: by 2002:a05:6402:1609:: with SMTP id f9mr64229639edv.37.1575293776986; Mon, 02 Dec 2019 05:36:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1575293776; cv=none; d=google.com; s=arc-20160816; b=L5VxGVNVp9lUoXQHWmGncIIg4l1g6/B0u8AQ/yiJOFEiIkRN8TI99ECXeuKeg67FDk yiKn2DlGb5ibn9Yi4naNmF/hWVv3bUlsK/oUUnLoZ4acbHXJ6bg3d2bfmRAP/9kwz/b/ +QNI5BpudiebcSoDaJHAknczhI9HxwGPTO/BzvyeT/WLbdsBnsvb1Q4h1ufikpATPLzr cjITLsUGiHkJjQayNBPo36FdRJ2y+Jnqwds9GYIQ+ybQGxOUfTYHpNsvxdBf6QwC2It+ PfCCFr0lM5g6yQYYZstNPTXu4+X0CCj2DoGCis/I6uu0DdawVtjINCtysNJ2m6X5F0Ml d3ZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=ou3dkJYnyzfKsUzTFND9oAf8pr3NNFTftLrrezWaR/I=; b=QSehkEckoyszagc9tNg/z0nJAG8m6Muci9J11B2qH+Fp/Ke1QM3ATcTNkoqGN0yPsD 6S2mSdNwhbjM5epbZOMdfh64vU0fbBG8Jjkuaa+HL+gADcMF2QqLDM8G0Ank7vpfEpaW bnf6raGs7BpVX8X3Un7Ff6pvVwmjyfwt3n+fFG3M1ns26VTHnHu0tmBXkdPwWL+uFgSI au3C7xPC7XadDIgiljwHqCaFR5Is7tmrGce0Voj9BNGICvokjSExpltGzPojN5SxmzEi hkhwVXXAPnPqWsRXyPAMxRzAveNsyrw/Nkurccl/OQNv0nvYGWn63DP7Wa+tqgWvFyl7 Fn5Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x5si4427463ejv.274.2019.12.02.05.35.50; Mon, 02 Dec 2019 05:36:16 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727598AbfLBNet (ORCPT + 99 others); Mon, 2 Dec 2019 08:34:49 -0500 Received: from 212.199.177.27.static.012.net.il ([212.199.177.27]:45896 "EHLO herzl.nuvoton.co.il" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1727451AbfLBNer (ORCPT ); Mon, 2 Dec 2019 08:34:47 -0500 Received: from taln60.nuvoton.co.il (ntil-fw [212.199.177.25]) by herzl.nuvoton.co.il (8.13.8/8.13.8) with ESMTP id xB2DYI7C015795; Mon, 2 Dec 2019 15:34:18 +0200 Received: by taln60.nuvoton.co.il (Postfix, from userid 10140) id B50316032A; Mon, 2 Dec 2019 15:34:18 +0200 (IST) From: amirmizi6@gmail.com To: Eyal.Cohen@nuvoton.com, jarkko.sakkinen@linux.intel.com, oshrialkoby85@gmail.com, alexander.steffen@infineon.com, robh+dt@kernel.org, mark.rutland@arm.com, peterhuewe@gmx.de, jgg@ziepe.ca, arnd@arndb.de, gregkh@linuxfoundation.org Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, oshri.alkoby@nuvoton.com, tmaimon77@gmail.com, gcwilson@us.ibm.com, kgoldman@us.ibm.com, ayna@linux.vnet.ibm.com, Dan.Morav@nuvoton.com, oren.tanami@nuvoton.com, shmulik.hager@nuvoton.com, amir.mizinski@nuvoton.com, Amir Mizinski Subject: [PATCH v2 2/5] char: tpm: Add check_data handle to tpm_tis_phy_ops in order to check data integrity Date: Mon, 2 Dec 2019 15:33:29 +0200 Message-Id: <20191202133332.178110-3-amirmizi6@gmail.com> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20191202133332.178110-1-amirmizi6@gmail.com> References: <20191202133332.178110-1-amirmizi6@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Amir Mizinski In order to compute the crc over the data sent in lower layer (I2C for instance), tpm_tis_check_data() calls an operation (if available) to check data integrity. If data integrity cannot be verified, a retry attempt to save the sent/recieved data is implemented. The current steps are done when sending a command: 1. Host writes to TPM_STS.commandReady. 2. Host writes command. 3. Host checks that TPM received data is valid. 4. If data is currupted go to step 1. When receiving data: 1. Host checks that TPM_STS.dataAvail is set. 2. Host saves recieved data. 3. Host checks that received data is correct. 4. If data is currupted Host writes to TPM_STS.responseRetry and go to step 1. This commit is based on previous work by Christophe Richard. Signed-off-by: Amir Mizinski --- drivers/char/tpm/tpm_tis_core.c | 101 +++++++++++++++++++++++++--------------- drivers/char/tpm/tpm_tis_core.h | 3 ++ 2 files changed, 66 insertions(+), 38 deletions(-) diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c index c3181ea..43784fd 100644 --- a/drivers/char/tpm/tpm_tis_core.c +++ b/drivers/char/tpm/tpm_tis_core.c @@ -242,6 +242,15 @@ static u8 tpm_tis_status(struct tpm_chip *chip) return status; } +static bool tpm_tis_check_data(struct tpm_chip *chip, const u8 *buf, size_t len) +{ + struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); + + if (priv->phy_ops->check_data) + return priv->phy_ops->check_data(priv, buf, len); + return true; +} + static void tpm_tis_ready(struct tpm_chip *chip) { struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); @@ -308,47 +317,58 @@ static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count) { struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); int size = 0; - int status; + int status, i; u32 expected; + bool check_data = false; - if (count < TPM_HEADER_SIZE) { - size = -EIO; - goto out; - } + for (i = 0; i < TPM_RETRY; i++) { + if (count < TPM_HEADER_SIZE) { + size = -EIO; + goto out; + } - size = recv_data(chip, buf, TPM_HEADER_SIZE); - /* read first 10 bytes, including tag, paramsize, and result */ - if (size < TPM_HEADER_SIZE) { - dev_err(&chip->dev, "Unable to read header\n"); - goto out; - } + size = recv_data(chip, buf, TPM_HEADER_SIZE); + /* read first 10 bytes, including tag, paramsize, and result */ + if (size < TPM_HEADER_SIZE) { + dev_err(&chip->dev, "Unable to read header\n"); + goto out; + } - expected = be32_to_cpu(*(__be32 *) (buf + 2)); - if (expected > count || expected < TPM_HEADER_SIZE) { - size = -EIO; - goto out; - } + expected = be32_to_cpu(*(__be32 *) (buf + 2)); + if (expected > count || expected < TPM_HEADER_SIZE) { + size = -EIO; + goto out; + } - size += recv_data(chip, &buf[TPM_HEADER_SIZE], - expected - TPM_HEADER_SIZE); - if (size < expected) { - dev_err(&chip->dev, "Unable to read remainder of result\n"); - size = -ETIME; - goto out; - } + size += recv_data(chip, &buf[TPM_HEADER_SIZE], + expected - TPM_HEADER_SIZE); + if (size < expected) { + dev_err(&chip->dev, "Unable to read remainder of result\n"); + size = -ETIME; + goto out; + } - if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c, - &priv->int_queue, false) < 0) { - size = -ETIME; - goto out; + if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c, + &priv->int_queue, false) < 0) { + size = -ETIME; + goto out; + } + + status = tpm_tis_status(chip); + if (status & TPM_STS_DATA_AVAIL) { /* retry? */ + dev_err(&chip->dev, "Error left over data\n"); + size = -EIO; + goto out; + } + + check_data = tpm_tis_check_data(chip, buf, size); + if (!check_data) + tpm_tis_write8(priv, TPM_STS(priv->locality), + TPM_STS_RESPONSE_RETRY); + else break; } - status = tpm_tis_status(chip); - if (status & TPM_STS_DATA_AVAIL) { /* retry? */ - dev_err(&chip->dev, "Error left over data\n"); + if (!check_data) size = -EIO; - goto out; - } - out: tpm_tis_ready(chip); return size; @@ -453,14 +473,19 @@ static void disable_interrupts(struct tpm_chip *chip) static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len) { struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); - int rc; + int rc, i; u32 ordinal; unsigned long dur; + bool data_valid = false; - rc = tpm_tis_send_data(chip, buf, len); - if (rc < 0) - return rc; - + for (i = 0; i < TPM_RETRY && !data_valid; i++) { + rc = tpm_tis_send_data(chip, buf, len); + if (rc < 0) + return rc; + data_valid = tpm_tis_check_data(chip, buf, len); + } + if (!data_valid) + return -EIO; /* go and do it */ rc = tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_GO); if (rc < 0) diff --git a/drivers/char/tpm/tpm_tis_core.h b/drivers/char/tpm/tpm_tis_core.h index d06c65b..486c2e9 100644 --- a/drivers/char/tpm/tpm_tis_core.h +++ b/drivers/char/tpm/tpm_tis_core.h @@ -34,6 +34,7 @@ enum tis_status { TPM_STS_GO = 0x20, TPM_STS_DATA_AVAIL = 0x10, TPM_STS_DATA_EXPECT = 0x08, + TPM_STS_RESPONSE_RETRY = 0x02, }; enum tis_int_flags { @@ -106,6 +107,8 @@ struct tpm_tis_phy_ops { int (*read16)(struct tpm_tis_data *data, u32 addr, u16 *result); int (*read32)(struct tpm_tis_data *data, u32 addr, u32 *result); int (*write32)(struct tpm_tis_data *data, u32 addr, u32 src); + bool (*check_data)(struct tpm_tis_data *data, const u8 *buf, + size_t len); }; static inline int tpm_tis_read_bytes(struct tpm_tis_data *data, u32 addr, -- 2.7.4