Re: [PATCH 3/3] tpm: ibmvtpm: Add support for TPM 2

[Stefan Berger <stefanb@xxxxxxxxxxxxx>]

On 2/13/20 12:53 PM, Nayna wrote:
> On 2/4/20 8:27 AM, Stefan Berger wrote:
> > From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
> >
> > Support TPM 2 in the IBM vTPM driver. The hypervisor tells us what
> > version of TPM is connected through the vio_device_id.
> >
> > In case a TPM 2 is found, we set the TPM_OPS_AUTO_STARTUP flag to
> > have properly initialize the TPM and driver.
> >
> > Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>
> > ---
> >   drivers/char/tpm/tpm_ibmvtpm.c | 8 +++++++-
> >   1 file changed, 7 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/char/tpm/tpm_ibmvtpm.c 
> > b/drivers/char/tpm/tpm_ibmvtpm.c
> > index eee566eddb35..d479d64a65aa 100644
> > --- a/drivers/char/tpm/tpm_ibmvtpm.c
> > +++ b/drivers/char/tpm/tpm_ibmvtpm.c
> > @@ -29,6 +29,7 @@ static const char tpm_ibmvtpm_driver_name[] = 
> > "tpm_ibmvtpm";
> >
> >   static const struct vio_device_id tpm_ibmvtpm_device_table[] = {
> >       { "IBM,vtpm", "IBM,vtpm"},
> > +    { "IBM,vtpm", "IBM,vtpm20"},
> >       { "", "" }
> >   };
> >   MODULE_DEVICE_TABLE(vio, tpm_ibmvtpm_device_table);
> > @@ -443,7 +444,7 @@ static bool tpm_ibmvtpm_req_canceled(struct 
> > tpm_chip *chip, u8 status)
> >       return (status == 0);
> >   }
> >
> > -static const struct tpm_class_ops tpm_ibmvtpm = {
> > +static struct tpm_class_ops tpm_ibmvtpm = {
> >       .recv = tpm_ibmvtpm_recv,
> >       .send = tpm_ibmvtpm_send,
> >       .cancel = tpm_ibmvtpm_cancel,
> > @@ -672,6 +673,11 @@ static int tpm_ibmvtpm_probe(struct vio_dev 
> > *vio_dev,
> >       if (rc)
> >           goto init_irq_cleanup;
> >
> > +    if (!strcmp(id->compat, "IBM,vtpm20")) {
> > +        chip->flags |= TPM_CHIP_FLAG_TPM2;
> > +        tpm_ibmvtpm.flags = TPM_OPS_AUTO_STARTUP;
>
> TPM_OPS_AUTO_STARTUP flag isn't set for vTPM 1.2. What is different in 
> case of vTPM 2.0 ?


I don't want side effects for the TPM 1.2 case here, so I am only 
modifying the flag for the case where the new TPM 2 is being used.  
Here's the code where it shows the effect.

int tpm_auto_startup(struct tpm_chip *chip)
{
    int rc;

    if (!(chip->ops->flags & TPM_OPS_AUTO_STARTUP))
        return 0;

    if (chip->flags & TPM_CHIP_FLAG_TPM2)
        rc = tpm2_auto_startup(chip);
    else
        rc = tpm1_auto_startup(chip);

    return rc;
}

In the TPM 2 case we then get timeouts, do the TPM self test, send 
TPM2_STARTUP if necessary and get attributes of the TPM 2 command from 
the device. All necessary to start it up.


https://elixir.bootlin.com/linux/latest/source/drivers/char/tpm/tpm2-cmd.c#L719

Does this answer your question ?


   Stefan




> Thanks & Regards,
>
>      - Nayna