From nobody Fri Apr 19 14:01:10 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+91955+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+91955+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=intel.com
ARC-Seal: i=1; a=rsa-sha256; t=1659061587; cv=none;
	d=zohomail.com; s=zohoarc;
	b=FzBC5eWi3QKgCx8MuZyU7hK7qzvxwauO5pI6xjBLdiY1urHERYfyVY8DVZAA7jcwVU4cSF1Xps6hyjDhKP8UQCzmQlkPVn6cMEWfGv/yYnepbJiDFNjSAcU5ixtO0WW9C5PgoEqBpyfUyBiXQUl6Gf9Jve5RAHsYrMaiyMoalTA=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1659061587;
 h=Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Sender:Subject:To;
	bh=WlagB16Wy+lRbONAPMv/qTDsp2hXkXOqTEMu/kkgKjs=;
	b=MVmUIIO2MQqY+6D5rs2tyx3is0AxBoXx9J6S1w6WhuK4/L9cWZY86HaEbceK7nqnU7Rc+HDXLb5NeG9b4eXwDmHXRPdcpavUerVWw3bHRHadRPA6IS6JWVdecf7jbHquQuw6h3R+QKDa5skx3QaoJhGPQswjICQ3XcLKS8Pt1y8=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+91955+1787277+3901457@groups.io;
	dmarc=fail header.from=<qi1.zhang@intel.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1659061587381886.4254661211519;
 Thu, 28 Jul 2022 19:26:27 -0700 (PDT)
Return-Path: <bounce+27952+91955+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id U6QbYY1788612xvdjofDrMx9;
 Thu, 28 Jul 2022 19:26:26 -0700
X-Received: from mga11.intel.com (mga11.intel.com [192.55.52.93])
 by mx.groups.io with SMTP id smtpd.web08.3660.1659061584944152843
 for <devel@edk2.groups.io>;
 Thu, 28 Jul 2022 19:26:25 -0700
X-IronPort-AV: E=McAfee;i="6400,9594,10422"; a="286221923"
X-IronPort-AV: E=Sophos;i="5.93,200,1654585200";
   d="scan'208";a="286221923"
X-Received: from fmsmga005.fm.intel.com ([10.253.24.32])
  by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 28 Jul 2022 19:26:23 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.93,200,1654585200";
   d="scan'208";a="928572692"
X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129])
  by fmsmga005.fm.intel.com with ESMTP; 28 Jul 2022 19:26:22 -0700
From: "Qi Zhang" <qi1.zhang@intel.com>
To: devel@edk2.groups.io
Cc: Qi Zhang <qi1.zhang@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Swapnil Patil <S.Keshavrao.Patil@dell.com>
Subject: [edk2-devel] [PATCH v4] SecurityPkg: Add retry mechanism for tpm
 command
Date: Fri, 29 Jul 2022 10:26:20 +0800
Message-Id: <20220729022620.1786-1-qi1.zhang@intel.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com
X-Gm-Message-State: WzQDErk3elqQ3WbVPNl1hkE3x1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1659061586;
 bh=EMfJdnj10dTKBD7xf09e7mk1TcQBXvwhxIWRrjzXqdE=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=Wpyu8TxTIguw11HBlft9zHAfmCXel/0MoIAprx5iapkEUX5KzRoAufS9NNPm8JMMK0+
 0iWIJKo0TqVupyX83WlMEIf0jNNmqHoTRWDPK7HP37Fkzw4Kr0kDkkhacQO+TvH6Wb/Hn
 XNVje0GTinCFm1rploT6ZZ7+IpS6t3ZdHso=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1659061589094100003
Content-Type: text/plain; charset="utf-8"

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3980

As per TCG PC Client Device Driver Design Principle document,
if tpm commands fails due to timeout condition, then it should
have retry mechanism (3 retry attempts).
Existing implementation of PtpCrbTpmCommand does not have retry
mechanism if it fails with EFI_TIMEOUT.

See TCG PC Client Device Driver Design Principles for TPM 2.0
https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_Device_Dr=
iver_Design_Principles_TPM2p0_v1p1_r4_211104_final.pdf
Vision 1.1, Revision 0.04
Section 7.2.1

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Tested-by: Swapnil Patil <S.Keshavrao.Patil@dell.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@Intel.com>
---
 .../Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c       | 108 +++++++++++-------
 1 file changed, 69 insertions(+), 39 deletions(-)

diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c b/SecurityPkg/=
Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
index 1d99beaa10..840265292a 100644
--- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
+++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
@@ -33,6 +33,12 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 //
 #define TPMCMDBUFLENGTH  0x500
=20
+//
+// Max retry count according to Spec TCG PC Client Device Driver Design Pr=
inciples
+// for TPM2.0, Version 1.1, Revision 0.04, Section 7.2.1
+//
+#define RETRY_CNT_MAX  3
+
 /**
   Check whether TPM PTP register exist.
=20
@@ -153,6 +159,7 @@ PtpCrbTpmCommand (
   UINT32      TpmOutSize;
   UINT16      Data16;
   UINT32      Data32;
+  UINT8       RetryCnt;
=20
   DEBUG_CODE_BEGIN ();
   UINTN  DebugSize;
@@ -179,53 +186,76 @@ PtpCrbTpmCommand (
   DEBUG_CODE_END ();
   TpmOutSize =3D 0;
=20
-  //
-  // STEP 0:
-  // if CapCRbIdelByPass =3D=3D 0, enforce Idle state before sending comma=
nd
-  //
-  if ((GetCachedIdleByPass () =3D=3D 0) && ((MmioRead32 ((UINTN)&CrbReg->C=
rbControlStatus) & PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE) =3D=3D 0)) {
+  RetryCnt =3D 0;
+  while (TRUE) {
+    //
+    // STEP 0:
+    // if CapCRbIdelByPass =3D=3D 0, enforce Idle state before sending com=
mand
+    //
+    if ((GetCachedIdleByPass () =3D=3D 0) && ((MmioRead32 ((UINTN)&CrbReg-=
>CrbControlStatus) & PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE) =3D=3D 0)) {
+      Status =3D PtpCrbWaitRegisterBits (
+                 &CrbReg->CrbControlStatus,
+                 PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE,
+                 0,
+                 PTP_TIMEOUT_C
+                 );
+      if (EFI_ERROR (Status)) {
+        RetryCnt++;
+        if (RetryCnt < RETRY_CNT_MAX) {
+          MmioWrite32 ((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_=
AREA_REQUEST_GO_IDLE);
+          continue;
+        } else {
+          //
+          // Try to goIdle to recover TPM
+          //
+          Status =3D EFI_DEVICE_ERROR;
+          goto GoIdle_Exit;
+        }
+      }
+    }
+
+    //
+    // STEP 1:
+    // Ready is any time the TPM is ready to receive a command, following =
a write
+    // of 1 by software to Request.cmdReady, as indicated by the Status fi=
eld
+    // being cleared to 0.
+    //
+    MmioWrite32 ((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AREA_R=
EQUEST_COMMAND_READY);
     Status =3D PtpCrbWaitRegisterBits (
-               &CrbReg->CrbControlStatus,
-               PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE,
+               &CrbReg->CrbControlRequest,
                0,
+               PTP_CRB_CONTROL_AREA_REQUEST_COMMAND_READY,
                PTP_TIMEOUT_C
                );
     if (EFI_ERROR (Status)) {
-      //
-      // Try to goIdle to recover TPM
-      //
-      Status =3D EFI_DEVICE_ERROR;
-      goto GoIdle_Exit;
+      RetryCnt++;
+      if (RetryCnt < RETRY_CNT_MAX) {
+        MmioWrite32 ((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AR=
EA_REQUEST_GO_IDLE);
+        continue;
+      } else {
+        Status =3D EFI_DEVICE_ERROR;
+        goto GoIdle_Exit;
+      }
     }
-  }
=20
-  //
-  // STEP 1:
-  // Ready is any time the TPM is ready to receive a command, following a =
write
-  // of 1 by software to Request.cmdReady, as indicated by the Status field
-  // being cleared to 0.
-  //
-  MmioWrite32 ((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AREA_REQ=
UEST_COMMAND_READY);
-  Status =3D PtpCrbWaitRegisterBits (
-             &CrbReg->CrbControlRequest,
-             0,
-             PTP_CRB_CONTROL_AREA_REQUEST_COMMAND_READY,
-             PTP_TIMEOUT_C
-             );
-  if (EFI_ERROR (Status)) {
-    Status =3D EFI_DEVICE_ERROR;
-    goto GoIdle_Exit;
-  }
+    Status =3D PtpCrbWaitRegisterBits (
+               &CrbReg->CrbControlStatus,
+               0,
+               PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE,
+               PTP_TIMEOUT_C
+               );
+    if (EFI_ERROR (Status)) {
+      RetryCnt++;
+      if (RetryCnt < RETRY_CNT_MAX) {
+        MmioWrite32 ((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AR=
EA_REQUEST_GO_IDLE);
+        continue;
+      } else {
+        Status =3D EFI_DEVICE_ERROR;
+        goto GoIdle_Exit;
+      }
+    }
=20
-  Status =3D PtpCrbWaitRegisterBits (
-             &CrbReg->CrbControlStatus,
-             0,
-             PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE,
-             PTP_TIMEOUT_C
-             );
-  if (EFI_ERROR (Status)) {
-    Status =3D EFI_DEVICE_ERROR;
-    goto GoIdle_Exit;
+    break;
   }
=20
   //
--=20
2.26.2.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#91955): https://edk2.groups.io/g/devel/message/91955
Mute This Topic: https://groups.io/mt/92683623/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-