From 7e5b28bf86f9ea39414ca5b1f30a148c1f1d36bf Mon Sep 17 00:00:00 2001 From: Tim Crawford Date: Fri, 31 May 2024 12:16:10 -0600 Subject: [PATCH] security/tpm/tspi: Do TPM Restart if TPM Resume fails The Infineon SLB 9672 on newer Clevo machines regularly fails TPM Resume on S3 with the error `TPM_RC_VALUE`. Per TPM2 spec, handle the failure by performing a TPM Restart. > The startup behavior defined by this specification is different than > TPM 1.2 with respect to Startup(STATE). A TPM 1.2 device will enter > Failure Mode if no state is available when the TPM receives > Startup(STATE). This is not the case in this specification. It is up > to the CRTM to take corrective action if it the TPM returns > TPM_RC_VALUE in response to Startup(STATE). Fixes the following error from being repeatedly logged in Linux: > kernel: tpm tpm0: A TPM error (256) occurred attempting get random Ref: Trusted Platform Module Library, Part 1: Architecture, rev 1.59 Change-Id: I3388007d4448c93bd0dda591c8ca7d1a8dc5306b Signed-off-by: Tim Crawford --- src/security/tpm/tspi/tspi.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c index 56b8fa8ede..b69273e5f2 100644 --- a/src/security/tpm/tspi/tspi.c +++ b/src/security/tpm/tspi/tspi.c @@ -73,6 +73,14 @@ static tpm_result_t tpm_setup_s3_helper(void) default: printk(BIOS_ERR, "TPM: Resume failed (%#x).\n", rc); + if (CONFIG(TPM2)) { + /* + * TODO: Record EV_SEPARATOR event to indicate to host + * that an error has occurred. + */ + printk(BIOS_WARNING, "TPM: Performing restart\n"); + rc = tlcl_startup(); + } break; }