Re: [PATCH v6 2/7] tpm: tpm_tis: Add check_data handle to tpm_tis_phy_ops

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello jarkko,
I reconfigure my email client by the instructions you've sent, and
re-responsing as you requested.
please tell me if there are still any issues. thank you.

On 2020-04-08 18:33, Jarkko Sakkinen wrote:
> On Tue, Apr 07, 2020 at 07:20:39PM +0300, amirmizi6@xxxxxxxxx wrote:
>> From: Amir Mizinski <amirmizi6@xxxxxxxxx>
>>
>> In order to validate data integrity we need to compute the crc over the data
>> sent in lower layer (I2C for instance).
>
> s/crc/CRC/
>
>> To do that tpm_tis_check_data() calls a "check_data" operation (if available).
>
> "check_data" does not exist.
>

it is added in this commit to "tpm_tis_phy_ops" struct in
"tpm_tis_core.h", which is inherited in "tpm_tis_i2c.c" on later patch
(7/7).

>> If data integrity check fails, a retry to save the sent/received
>> data is implemented in tpm_tis_send_main()/tpm_tis_recv() functions.
>>
>> Considering this commit, the following steps are done when sending a command:
>>    1. Host writes to TPM_STS.commandReady.
>>    2. Host writes command.
>>    3. Host checks that TPM received data is valid.
>>    4. If data is currupted go to step 1.
>>
>> When receiving data:
>>    1. Host checks that TPM_STS.dataAvail is set.
>>    2. Host saves received data.
>>    3. Host checks that received data is correct.
>>    4. If data is currupted Host writes to TPM_STS.responseRetry and go to
>>       step 1.
>
> These sequences in the commit message look somewhat uselss. Maybe
> just remove them.
>

Their main porpose is to describe how the retry attempt is implemented
in case of currupted data.
should i just describe that with a few words or that's unnecessary?

>>
>> Co-developed-by: Christophe Ricard <christophe-h.ricard@xxxxxx>
>> Signed-off-by: Christophe Ricard <christophe-h.ricard@xxxxxx>
>> Signed-off-by: Amir Mizinski <amirmizi6@xxxxxxxxx>
>> ---
>>  drivers/char/tpm/tpm_tis_core.c | 102 +++++++++++++++++++++++++---------------
>>  drivers/char/tpm/tpm_tis_core.h |   3 ++
>>  2 files changed, 67 insertions(+), 38 deletions(-)
>>
>> diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c
>> index 27c6ca0..6c4f232 100644
>> --- a/drivers/char/tpm/tpm_tis_core.c
>> +++ b/drivers/char/tpm/tpm_tis_core.c
>> @@ -242,6 +242,15 @@ static u8 tpm_tis_status(struct tpm_chip *chip)
>>      return status;
>>  }
>>  
>> +static bool tpm_tis_check_data(struct tpm_chip *chip, const u8 *buf, size_t len)
>
> Not sure if this is the best possible function name, "check" can
> mean almost anything.
>

Ok, i'm changing it to "verify_data_integrity". is that ok?

>> +{
>> +    struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
>> +
>> +    if (priv->phy_ops->check_data)
>> +        return priv->phy_ops->check_data(priv, buf, len);
>
> New line here before the return statement.
>
>> +    return true;
>> +}
>> +
>>  static void tpm_tis_ready(struct tpm_chip *chip)
>>  {
>>      struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
>> @@ -308,47 +317,59 @@ static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count)
>>  {
>>      struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
>>      int size = 0;
>> -    int status;
>> +    int status, i;
>>      u32 expected;
>> +    bool check_data = false;
>>  
>> -    if (count < TPM_HEADER_SIZE) {
>> -        size = -EIO;
>> -        goto out;
>> -    }
>> +    for (i = 0; i < TPM_RETRY; i++) {
>> +        if (count < TPM_HEADER_SIZE) {
>> +            size = -EIO;
>> +            goto out;
>> +        }
>>  
>> -    size = recv_data(chip, buf, TPM_HEADER_SIZE);
>> -    /* read first 10 bytes, including tag, paramsize, and result */
>> -    if (size < TPM_HEADER_SIZE) {
>> -        dev_err(&chip->dev, "Unable to read header\n");
>> -        goto out;
>> -    }
>> +        size = recv_data(chip, buf, TPM_HEADER_SIZE);
>> +        /* read first 10 bytes, including tag, paramsize, and result */
>> +        if (size < TPM_HEADER_SIZE) {
>> +            dev_err(&chip->dev, "Unable to read header\n");
>> +            goto out;
>> +        }
>>  
>> -    expected = be32_to_cpu(*(__be32 *) (buf + 2));
>> -    if (expected > count || expected < TPM_HEADER_SIZE) {
>> -        size = -EIO;
>> -        goto out;
>> -    }
>> +        expected = be32_to_cpu(*(__be32 *) (buf + 2));
>> +        if (expected > count || expected < TPM_HEADER_SIZE) {
>> +            size = -EIO;
>> +            goto out;
>> +        }
>>  
>> -    size += recv_data(chip, &buf[TPM_HEADER_SIZE],
>> -              expected - TPM_HEADER_SIZE);
>> -    if (size < expected) {
>> -        dev_err(&chip->dev, "Unable to read remainder of result\n");
>> -        size = -ETIME;
>> -        goto out;
>> -    }
>> +        size += recv_data(chip, &buf[TPM_HEADER_SIZE],
>> +                  expected - TPM_HEADER_SIZE);
>> +        if (size < expected) {
>> +            dev_err(&chip->dev, "Unable to read remainder of result\n");
>> +            size = -ETIME;
>> +            goto out;
>> +        }
>>  
>> -    if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
>> -                &priv->int_queue, false) < 0) {
>> -        size = -ETIME;
>> -        goto out;
>> +        if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
>> +                      &priv->int_queue, false) < 0) {
>> +            size = -ETIME;
>> +            goto out;
>> +        }
>> +
>> +        status = tpm_tis_status(chip);
>> +        if (status & TPM_STS_DATA_AVAIL) {    /* retry? */
>> +            dev_err(&chip->dev, "Error left over data\n");
>> +            size = -EIO;
>> +            goto out;
>> +        }
>> +
>> +        check_data = tpm_tis_check_data(chip, buf, size);
>> +        if (!check_data)
>> +            tpm_tis_write8(priv, TPM_STS(priv->locality),
>> +                       TPM_STS_RESPONSE_RETRY);
>> +        else
>> +            break;
>>      }
>> -    status = tpm_tis_status(chip);
>> -    if (status & TPM_STS_DATA_AVAIL) {    /* retry? */
>> -        dev_err(&chip->dev, "Error left over data\n");
>> +    if (!check_data)
>>          size = -EIO;
>> -        goto out;
>> -    }
>> -
>>  out:
>>      tpm_tis_ready(chip);
>>      return size;
>> @@ -453,14 +474,19 @@ static void disable_interrupts(struct tpm_chip *chip)
>>  static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len)
>>  {
>>      struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
>> -    int rc;
>> +    int rc, i;
>>      u32 ordinal;
>>      unsigned long dur;
>> +    bool data_valid = false;
>>  
>> -    rc = tpm_tis_send_data(chip, buf, len);
>> -    if (rc < 0)
>> -        return rc;
>> -
>> +    for (i = 0; i < TPM_RETRY && !data_valid; i++) {
>> +        rc = tpm_tis_send_data(chip, buf, len);
>> +        if (rc < 0)
>> +            return rc;
>> +        data_valid = tpm_tis_check_data(chip, buf, len);
>> +    }
>> +    if (!data_valid)
>> +        return -EIO;
>>      /* go and do it */
>>      rc = tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_GO);
>>      if (rc < 0)
>> diff --git a/drivers/char/tpm/tpm_tis_core.h b/drivers/char/tpm/tpm_tis_core.h
>> index d06c65b..486c2e9 100644
>> --- a/drivers/char/tpm/tpm_tis_core.h
>> +++ b/drivers/char/tpm/tpm_tis_core.h
>> @@ -34,6 +34,7 @@ enum tis_status {
>>      TPM_STS_GO = 0x20,
>>      TPM_STS_DATA_AVAIL = 0x10,
>>      TPM_STS_DATA_EXPECT = 0x08,
>> +    TPM_STS_RESPONSE_RETRY = 0x02,
>>  };
>>  
>>  enum tis_int_flags {
>> @@ -106,6 +107,8 @@ struct tpm_tis_phy_ops {
>>      int (*read16)(struct tpm_tis_data *data, u32 addr, u16 *result);
>>      int (*read32)(struct tpm_tis_data *data, u32 addr, u32 *result);
>>      int (*write32)(struct tpm_tis_data *data, u32 addr, u32 src);
>> +    bool (*check_data)(struct tpm_tis_data *data, const u8 *buf,
>> +               size_t len);
>
> Aren't you validating the contents of the buf?
>
> /Jarkko

i do.
when sending, the data is written to the buff in "tpm_tis_send_data(chip,buf, len)".
and validated in "data_valid = tpm_tis_check_data(chip, buf, len)".
data is not sent until TPM_STS_GO is set.

when receiving, the data in the buffer is verified after recv_data, and
writing to TPM_STS_RESPONSE_RETRY in case it fails to recive it again.


Thank you
Amir Mizinski




[Index of Archives]     [Device Tree Compilter]     [Device Tree Spec]     [Linux Driver Backports]     [Video for Linux]     [Linux USB Devel]     [Linux PCI Devel]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [XFree86]     [Yosemite Backpacking]


  Powered by Linux