summaryrefslogtreecommitdiff
path: root/src/security
diff options
context:
space:
mode:
authorJoel Kitching <kitching@google.com>2018-10-12 15:52:00 +0800
committerPhilipp Deppenwiese <zaolin.daisuki@gmail.com>2018-10-24 09:05:23 +0000
commitc5d0a2ea1fff572d6a61b4c6cb8b3661833f904f (patch)
treef45e5d8a20ca00b5d3c2dcf30218d5f779b452cb /src/security
parent3487095304dbbbf66de86f8bce0e40b7acb3ea27 (diff)
downloadcoreboot-c5d0a2ea1fff572d6a61b4c6cb8b3661833f904f.tar.xz
tpm2/tlcl_send_startup: should pass on TPM_E_INVALID_POSTINIT
Change TSS layer tlcl_send_startup() to expose TPM_RC_INITIALIZE, which gets mapped to TPM_E_INVALID_POSTINIT. The return value is exposed to TSPI layer tpm_setup(), and dealt with as follows: - Regular startup: TPM_E_INVALID_POSTINIT should count as failure. - S3 resume: TPM_E_INVALID_POSTINIT can be assumed to mean that TPM maintains power during S3, and is already initialized. Also, correct an error where |response| could be erroneously accessed when it is set to NULL. BUG=b:114018226 TEST=compile coreboot Change-Id: Ib0c3750386ae04279401c1dc318c5019d39f5ecf Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/29063 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Diffstat (limited to 'src/security')
-rw-r--r--src/security/tpm/tss/tcg-2.0/tss.c18
1 files changed, 15 insertions, 3 deletions
diff --git a/src/security/tpm/tss/tcg-2.0/tss.c b/src/security/tpm/tss/tcg-2.0/tss.c
index e6ec57c811..c67fdfaa49 100644
--- a/src/security/tpm/tss/tcg-2.0/tss.c
+++ b/src/security/tpm/tss/tcg-2.0/tss.c
@@ -61,12 +61,24 @@ static uint32_t tlcl_send_startup(TPM_SU type)
startup.startup_type = type;
response = tpm_process_command(TPM2_Startup, &startup);
- if (response && (response->hdr.tpm_code == 0 ||
- response->hdr.tpm_code == TPM_RC_INITIALIZE)) {
- return TPM_SUCCESS;
+ /* IO error, tpm2_response pointer is empty. */
+ if (response == NULL) {
+ printk(BIOS_ERR, "%s: TPM communication error\n", __func__);
+ return TPM_E_IOERROR;
}
+
printk(BIOS_INFO, "%s: Startup return code is %x\n",
__func__, response->hdr.tpm_code);
+
+ switch (response->hdr.tpm_code) {
+ case TPM_RC_INITIALIZE:
+ /* TPM already initialized. */
+ return TPM_E_INVALID_POSTINIT;
+ case TPM2_RC_SUCCESS:
+ return TPM_SUCCESS;
+ }
+
+ /* Collapse any other errors into TPM_E_IOERROR. */
return TPM_E_IOERROR;
}