From: Stefano Garzarella <sgarzare@redhat.com>
This driver does not support interrupts, and receiving the response is
synchronous with sending the command.
Enable synchronous send() with TPM_CHIP_FLAG_SYNC, which implies that
->send() already fills the provided buffer with a response, and ->recv()
is not implemented.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
---
v5:
- changed order and parameter names to match tpm_try_transmit() [Jarkko]
v4:
- added Sumit's R-b
- reworked commit description [Jarkko]
v2:
- set TPM_CHIP_FLAG_SYNC and support it in the new send()
- removed Jens' T-b
v1:
- added Jens' T-b
---
drivers/char/tpm/tpm_ftpm_tee.h | 4 ---
drivers/char/tpm/tpm_ftpm_tee.c | 64 ++++++++++-----------------------
2 files changed, 19 insertions(+), 49 deletions(-)
diff --git a/drivers/char/tpm/tpm_ftpm_tee.h b/drivers/char/tpm/tpm_ftpm_tee.h
index e39903b7ea07..8d5c3f0d2879 100644
--- a/drivers/char/tpm/tpm_ftpm_tee.h
+++ b/drivers/char/tpm/tpm_ftpm_tee.h
@@ -22,16 +22,12 @@
* struct ftpm_tee_private - fTPM's private data
* @chip: struct tpm_chip instance registered with tpm framework.
* @session: fTPM TA session identifier.
- * @resp_len: cached response buffer length.
- * @resp_buf: cached response buffer.
* @ctx: TEE context handler.
* @shm: Memory pool shared with fTPM TA in TEE.
*/
struct ftpm_tee_private {
struct tpm_chip *chip;
u32 session;
- size_t resp_len;
- u8 resp_buf[MAX_RESPONSE_SIZE];
struct tee_context *ctx;
struct tee_shm *shm;
};
diff --git a/drivers/char/tpm/tpm_ftpm_tee.c b/drivers/char/tpm/tpm_ftpm_tee.c
index dbad83bf798e..4e63c30aeaf1 100644
--- a/drivers/char/tpm/tpm_ftpm_tee.c
+++ b/drivers/char/tpm/tpm_ftpm_tee.c
@@ -31,47 +31,19 @@ static const uuid_t ftpm_ta_uuid =
0x82, 0xCB, 0x34, 0x3F, 0xB7, 0xF3, 0x78, 0x96);
/**
- * ftpm_tee_tpm_op_recv() - retrieve fTPM response.
- * @chip: the tpm_chip description as specified in driver/char/tpm/tpm.h.
- * @buf: the buffer to store data.
- * @count: the number of bytes to read.
- *
- * Return:
- * In case of success the number of bytes received.
- * On failure, -errno.
- */
-static int ftpm_tee_tpm_op_recv(struct tpm_chip *chip, u8 *buf, size_t count)
-{
- struct ftpm_tee_private *pvt_data = dev_get_drvdata(chip->dev.parent);
- size_t len;
-
- len = pvt_data->resp_len;
- if (count < len) {
- dev_err(&chip->dev,
- "%s: Invalid size in recv: count=%zd, resp_len=%zd\n",
- __func__, count, len);
- return -EIO;
- }
-
- memcpy(buf, pvt_data->resp_buf, len);
- pvt_data->resp_len = 0;
-
- return len;
-}
-
-/**
- * ftpm_tee_tpm_op_send() - send TPM commands through the TEE shared memory.
+ * ftpm_tee_tpm_op_send() - send TPM commands through the TEE shared memory
+ * and retrieve the response.
* @chip: the tpm_chip description as specified in driver/char/tpm/tpm.h
- * @buf: the buffer to send.
+ * @buf: the buffer to send and to store the response.
* @bufsiz: the size of the buffer.
- * @len: the number of bytes to send.
+ * @cmd_len: the number of bytes to send.
*
* Return:
- * In case of success, returns 0.
+ * In case of success, returns the number of bytes received.
* On failure, -errno
*/
static int ftpm_tee_tpm_op_send(struct tpm_chip *chip, u8 *buf, size_t bufsiz,
- size_t len)
+ size_t cmd_len)
{
struct ftpm_tee_private *pvt_data = dev_get_drvdata(chip->dev.parent);
size_t resp_len;
@@ -82,16 +54,15 @@ static int ftpm_tee_tpm_op_send(struct tpm_chip *chip, u8 *buf, size_t bufsiz,
struct tee_param command_params[4];
struct tee_shm *shm = pvt_data->shm;
- if (len > MAX_COMMAND_SIZE) {
+ if (cmd_len > MAX_COMMAND_SIZE) {
dev_err(&chip->dev,
"%s: len=%zd exceeds MAX_COMMAND_SIZE supported by fTPM TA\n",
- __func__, len);
+ __func__, cmd_len);
return -EIO;
}
memset(&transceive_args, 0, sizeof(transceive_args));
memset(command_params, 0, sizeof(command_params));
- pvt_data->resp_len = 0;
/* Invoke FTPM_OPTEE_TA_SUBMIT_COMMAND function of fTPM TA */
transceive_args = (struct tee_ioctl_invoke_arg) {
@@ -105,7 +76,7 @@ static int ftpm_tee_tpm_op_send(struct tpm_chip *chip, u8 *buf, size_t bufsiz,
.attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT,
.u.memref = {
.shm = shm,
- .size = len,
+ .size = cmd_len,
.shm_offs = 0,
},
};
@@ -117,7 +88,7 @@ static int ftpm_tee_tpm_op_send(struct tpm_chip *chip, u8 *buf, size_t bufsiz,
return PTR_ERR(temp_buf);
}
memset(temp_buf, 0, (MAX_COMMAND_SIZE + MAX_RESPONSE_SIZE));
- memcpy(temp_buf, buf, len);
+ memcpy(temp_buf, buf, cmd_len);
command_params[1] = (struct tee_param) {
.attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT,
@@ -158,17 +129,20 @@ static int ftpm_tee_tpm_op_send(struct tpm_chip *chip, u8 *buf, size_t bufsiz,
__func__, resp_len);
return -EIO;
}
+ if (resp_len > bufsiz) {
+ dev_err(&chip->dev,
+ "%s: resp_len=%zd exceeds bufsiz=%zd\n",
+ __func__, resp_len, bufsiz);
+ return -EIO;
+ }
- /* sanity checks look good, cache the response */
- memcpy(pvt_data->resp_buf, temp_buf, resp_len);
- pvt_data->resp_len = resp_len;
+ memcpy(buf, temp_buf, resp_len);
- return 0;
+ return resp_len;
}
static const struct tpm_class_ops ftpm_tee_tpm_ops = {
.flags = TPM_OPS_AUTO_STARTUP,
- .recv = ftpm_tee_tpm_op_recv,
.send = ftpm_tee_tpm_op_send,
};
@@ -253,7 +227,7 @@ static int ftpm_tee_probe(struct device *dev)
}
pvt_data->chip = chip;
- pvt_data->chip->flags |= TPM_CHIP_FLAG_TPM2;
+ pvt_data->chip->flags |= TPM_CHIP_FLAG_TPM2 | TPM_CHIP_FLAG_SYNC;
/* Create a character device for the fTPM */
rc = tpm_chip_register(pvt_data->chip);
--
2.49.0
在 2025/5/14 下午9:46, Stefano Garzarella 写道:
> From: Stefano Garzarella <sgarzare@redhat.com>
>
> This driver does not support interrupts, and receiving the response is
> synchronous with sending the command.
>
> Enable synchronous send() with TPM_CHIP_FLAG_SYNC, which implies that
> ->send() already fills the provided buffer with a response, and ->recv()
> is not implemented.
>
> Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
> Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
> ---
> v5:
> - changed order and parameter names to match tpm_try_transmit() [Jarkko]
> v4:
> - added Sumit's R-b
> - reworked commit description [Jarkko]
> v2:
> - set TPM_CHIP_FLAG_SYNC and support it in the new send()
> - removed Jens' T-b
> v1:
> - added Jens' T-b
> ---
> drivers/char/tpm/tpm_ftpm_tee.h | 4 ---
> drivers/char/tpm/tpm_ftpm_tee.c | 64 ++++++++++-----------------------
> 2 files changed, 19 insertions(+), 49 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm_ftpm_tee.h b/drivers/char/tpm/tpm_ftpm_tee.h
> index e39903b7ea07..8d5c3f0d2879 100644
> --- a/drivers/char/tpm/tpm_ftpm_tee.h
> +++ b/drivers/char/tpm/tpm_ftpm_tee.h
> @@ -22,16 +22,12 @@
> * struct ftpm_tee_private - fTPM's private data
> * @chip: struct tpm_chip instance registered with tpm framework.
> * @session: fTPM TA session identifier.
> - * @resp_len: cached response buffer length.
> - * @resp_buf: cached response buffer.
> * @ctx: TEE context handler.
> * @shm: Memory pool shared with fTPM TA in TEE.
> */
> struct ftpm_tee_private {
> struct tpm_chip *chip;
> u32 session;
> - size_t resp_len;
> - u8 resp_buf[MAX_RESPONSE_SIZE];
> struct tee_context *ctx;
> struct tee_shm *shm;
> };
> diff --git a/drivers/char/tpm/tpm_ftpm_tee.c b/drivers/char/tpm/tpm_ftpm_tee.c
> index dbad83bf798e..4e63c30aeaf1 100644
> --- a/drivers/char/tpm/tpm_ftpm_tee.c
> +++ b/drivers/char/tpm/tpm_ftpm_tee.c
> @@ -31,47 +31,19 @@ static const uuid_t ftpm_ta_uuid =
> 0x82, 0xCB, 0x34, 0x3F, 0xB7, 0xF3, 0x78, 0x96);
>
> /**
> - * ftpm_tee_tpm_op_recv() - retrieve fTPM response.
> - * @chip: the tpm_chip description as specified in driver/char/tpm/tpm.h.
> - * @buf: the buffer to store data.
> - * @count: the number of bytes to read.
> - *
> - * Return:
> - * In case of success the number of bytes received.
> - * On failure, -errno.
> - */
> -static int ftpm_tee_tpm_op_recv(struct tpm_chip *chip, u8 *buf, size_t count)
> -{
> - struct ftpm_tee_private *pvt_data = dev_get_drvdata(chip->dev.parent);
> - size_t len;
> -
> - len = pvt_data->resp_len;
> - if (count < len) {
> - dev_err(&chip->dev,
> - "%s: Invalid size in recv: count=%zd, resp_len=%zd\n",
> - __func__, count, len);
> - return -EIO;
> - }
> -
> - memcpy(buf, pvt_data->resp_buf, len);
> - pvt_data->resp_len = 0;
> -
> - return len;
> -}
> -
> -/**
> - * ftpm_tee_tpm_op_send() - send TPM commands through the TEE shared memory.
> + * ftpm_tee_tpm_op_send() - send TPM commands through the TEE shared memory
> + * and retrieve the response.
> * @chip: the tpm_chip description as specified in driver/char/tpm/tpm.h
> - * @buf: the buffer to send.
> + * @buf: the buffer to send and to store the response.
> * @bufsiz: the size of the buffer.
> - * @len: the number of bytes to send.
> + * @cmd_len: the number of bytes to send.
> *
> * Return:
> - * In case of success, returns 0.
> + * In case of success, returns the number of bytes received.
> * On failure, -errno
> */
> static int ftpm_tee_tpm_op_send(struct tpm_chip *chip, u8 *buf, size_t bufsiz,
> - size_t len)
> + size_t cmd_len)
> {
> struct ftpm_tee_private *pvt_data = dev_get_drvdata(chip->dev.parent);
> size_t resp_len;
> @@ -82,16 +54,15 @@ static int ftpm_tee_tpm_op_send(struct tpm_chip *chip, u8 *buf, size_t bufsiz,
> struct tee_param command_params[4];
> struct tee_shm *shm = pvt_data->shm;
>
> - if (len > MAX_COMMAND_SIZE) {
> + if (cmd_len > MAX_COMMAND_SIZE) {
> dev_err(&chip->dev,
> "%s: len=%zd exceeds MAX_COMMAND_SIZE supported by fTPM TA\n",
> - __func__, len);
> + __func__, cmd_len);
> return -EIO;
> }
>
> memset(&transceive_args, 0, sizeof(transceive_args));
> memset(command_params, 0, sizeof(command_params));
> - pvt_data->resp_len = 0;
>
> /* Invoke FTPM_OPTEE_TA_SUBMIT_COMMAND function of fTPM TA */
> transceive_args = (struct tee_ioctl_invoke_arg) {
> @@ -105,7 +76,7 @@ static int ftpm_tee_tpm_op_send(struct tpm_chip *chip, u8 *buf, size_t bufsiz,
> .attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT,
> .u.memref = {
> .shm = shm,
> - .size = len,
> + .size = cmd_len,
> .shm_offs = 0,
> },
> };
> @@ -117,7 +88,7 @@ static int ftpm_tee_tpm_op_send(struct tpm_chip *chip, u8 *buf, size_t bufsiz,
> return PTR_ERR(temp_buf);
> }
> memset(temp_buf, 0, (MAX_COMMAND_SIZE + MAX_RESPONSE_SIZE));
> - memcpy(temp_buf, buf, len);
> + memcpy(temp_buf, buf, cmd_len);
>
> command_params[1] = (struct tee_param) {
> .attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT,
> @@ -158,17 +129,20 @@ static int ftpm_tee_tpm_op_send(struct tpm_chip *chip, u8 *buf, size_t bufsiz,
> __func__, resp_len);
> return -EIO;
> }
> + if (resp_len > bufsiz) {
> + dev_err(&chip->dev,
> + "%s: resp_len=%zd exceeds bufsiz=%zd\n",
> + __func__, resp_len, bufsiz);
> + return -EIO;
> + }
>
> - /* sanity checks look good, cache the response */
> - memcpy(pvt_data->resp_buf, temp_buf, resp_len);
> - pvt_data->resp_len = resp_len;
> + memcpy(buf, temp_buf, resp_len);
We are confusing the callback name. Prototype of the send function
should be:
diff --git a/include/linux/tpm.h b/include/linux/tpm.h
index 6c3125300..063126711 100644
--- a/include/linux/tpm.h
+++ b/include/linux/tpm.h
@@ -87,7 +87,7 @@ struct tpm_class_ops {
const u8 req_complete_val;
bool (*req_canceled)(struct tpm_chip *chip, u8 status);
int (*recv) (struct tpm_chip *chip, u8 *buf, size_t len);
- int (*send) (struct tpm_chip *chip, u8 *buf, size_t len);
+ int (*send) (struct tpm_chip *chip, const u8 *buf, size_t len);
void (*cancel) (struct tpm_chip *chip);
u8 (*status) (struct tpm_chip *chip);
void (*update_timeouts)(struct tpm_chip *chip,
But if Jarkko insist not use a send_recv callback, everything is fine.
BR, Qunqin
>
> - return 0;
> + return resp_len;
> }
>
> static const struct tpm_class_ops ftpm_tee_tpm_ops = {
> .flags = TPM_OPS_AUTO_STARTUP,
> - .recv = ftpm_tee_tpm_op_recv,
> .send = ftpm_tee_tpm_op_send,
> };
>
> @@ -253,7 +227,7 @@ static int ftpm_tee_probe(struct device *dev)
> }
>
> pvt_data->chip = chip;
> - pvt_data->chip->flags |= TPM_CHIP_FLAG_TPM2;
> + pvt_data->chip->flags |= TPM_CHIP_FLAG_TPM2 | TPM_CHIP_FLAG_SYNC;
>
> /* Create a character device for the fTPM */
> rc = tpm_chip_register(pvt_data->chip);
© 2016 - 2026 Red Hat, Inc.