From 70657e373f759e0d5d83b7ff4bca13ef5248be2b Mon Sep 17 00:00:00 2001
From: Tim Crawford <tcrawford@system76.com>
Date: Mon, 6 Nov 2023 09:12:51 -0700
Subject: [PATCH] security/tpm/tspi: Do TPM Restart if TPM Resume fails

The Infineon SLB 9672 on newer Clevo machines regularly fails TPM Resume
on S3 with the error `TPM_RC_VALUE`.

Per TPM2 spec, handle the failure by performing a TPM Restart.

> The startup behavior defined by this specification is different than
> TPM 1.2 with respect to Startup(STATE). A TPM 1.2 device will enter
> Failure Mode if no state is available when the TPM receives
> Startup(STATE). This is not the case in this specification. It is up
> to the CRTM to take corrective action if it the TPM returns
> TPM_RC_VALUE in response to Startup(STATE).

Fixes the following error from being repeatedly logged in Linux:

> kernel: tpm tpm0: A TPM error (256) occurred attempting get random

Ref: Trusted Platform Module Library, Part 1: Architecture, rev 1.59
Change-Id: I3388007d4448c93bd0dda591c8ca7d1a8dc5306b
Signed-off-by: Tim Crawford <tcrawford@system76.com>
---
 src/security/tpm/tspi/tspi.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c
index 80f33d59c6..46a995ddfc 100644
--- a/src/security/tpm/tspi/tspi.c
+++ b/src/security/tpm/tspi/tspi.c
@@ -70,6 +70,10 @@ static tpm_result_t tpm_setup_s3_helper(void)
 
 	default:
 		printk(BIOS_ERR, "TPM: Resume failed (%#x).\n", rc);
+		if (CONFIG(TPM2)) {
+			printk(BIOS_WARNING, "TPM: Clearing state\n");
+			rc = tlcl_startup();
+		}
 		break;
 	}