security/tpm/tspi: Do TPM Restart if TPM Resume fails

The Infineon SLB 9672 on newer Clevo machines regularly fails TPM Resume on S3 with the error `TPM_RC_VALUE`. Per TPM2 spec, handle the failure by performing a TPM Restart. > The startup behavior defined by this specification is different than > TPM 1.2 with respect to Startup(STATE). A TPM 1.2 device will enter > Failure Mode if no state is available when the TPM receives > Startup(STATE). This is not the case in this specification. It is up > to the CRTM to take corrective action if it the TPM returns > TPM_RC_VALUE in response to Startup(STATE). Fixes the following error from being repeatedly logged in Linux: > kernel: tpm tpm0: A TPM error (256) occurred attempting get random Ref: Trusted Platform Module Library, Part 1: Architecture, rev 1.59 Change-Id: I3388007d4448c93bd0dda591c8ca7d1a8dc5306b Signed-off-by: Tim Crawford <tcrawford@system76.com>
2024-05-31 12:16:10 -06:00 · 2024-05-31 12:16:10 -06:00 · 277c9abeb7
commit 277c9abeb7
parent 403030c9e3
1 changed files with 8 additions and 0 deletions
--- a/src/security/tpm/tspi/tspi.c
+++ b/src/security/tpm/tspi/tspi.c
@ -73,6 +73,14 @@ static tpm_result_t tpm_setup_s3_helper(void)

 	default:
 		printk(BIOS_ERR, "TPM: Resume failed (%#x).\n", rc);
+		if (CONFIG(TPM2)) {
+			/*
+			 * TODO: Record EV_SEPARATOR event to indicate to host
+			 * that an error has occurred.
+			 */
+			printk(BIOS_WARNING, "TPM: Performing restart\n");
+			rc = tlcl_startup();
+		}
 		break;
 	}