tpm: Implement tpm20_set_timeouts

The TIS timeouts for TPM 2 are different than for TPM 1.2.
Also the timeouts indicating a failed TPM 2 command are different.
Further, the  command durations and timeouts cannot be read from the device.

We take the command timeout values for short, medium, and long running
commands from table 15 of the following specification:

TCG PC Client Platform TPM Profile (PTP) Specification

http://www.trustedcomputinggroup.org/resources/pc_client_platform_tpm_profile_ptp_specification

The values should work for all physical TPMs.

The tricky thing with virtualized environments is that the values
may need to be longer for a system where a vTPM cannot get sufficient
cycles. So a future patch _may_ need to multiply those values here
with some factor.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>

diff --git a/src/hw/tpm_drivers.h b/src/hw/tpm_drivers.h
index 52c7a158630cdf5ce959b2b40a09d313502bdbd8..56fd9e8183d0e08bd00e20e3022b511f848f3ced 100644 (file)
--- a/src/hw/tpm_drivers.h
+++ b/src/hw/tpm_drivers.h
@@ -66,6 +66,14 @@ void tpmhw_set_timeouts(u32 timeouts[4], u32 durations[3]);
 #define TIS_DEFAULT_TIMEOUT_C           750000 /* us */
 #define TIS_DEFAULT_TIMEOUT_D           750000 /* us */
 
+/*
+ * Default TIS 2 timeouts given in TPM Profile (TPT) Spec
+ */
+#define TIS2_DEFAULT_TIMEOUT_A          750000 /* us */
+#define TIS2_DEFAULT_TIMEOUT_B         2000000 /* us */
+#define TIS2_DEFAULT_TIMEOUT_C          200000 /* us */
+#define TIS2_DEFAULT_TIMEOUT_D           30000 /* us */
+
 enum tisTimeoutType {
     TIS_TIMEOUT_TYPE_A = 0,
     TIS_TIMEOUT_TYPE_B,
@@ -81,4 +89,13 @@ enum tisTimeoutType {
 #define TPM_DEFAULT_DURATION_MEDIUM    20000000 /* us */
 #define TPM_DEFAULT_DURATION_LONG      60000000 /* us */
 
+/*
+ * TPM 2 command durations; we set them to the timeout values
+ * given in TPM Profile (PTP) Specification; exceeding those
+ * timeout values indicates a faulty TPM.
+ */
+#define TPM2_DEFAULT_DURATION_SHORT       750000 /* us */
+#define TPM2_DEFAULT_DURATION_MEDIUM     2000000 /* us */
+#define TPM2_DEFAULT_DURATION_LONG       2000000 /* us */
+
 #endif /* TPM_DRIVERS_H */

diff --git a/src/tcgbios.c b/src/tcgbios.c
index 0b40a8fde051aa557b565aff6eec5f93f2d6a1bd..463b7bbbda48677e0dce8fdd7020d6f0112f21d9 100644 (file)
--- a/src/tcgbios.c
+++ b/src/tcgbios.c
@@ -322,6 +322,24 @@ tpm12_determine_timeouts(void)
     return 0;
 }
 
+static void
+tpm20_set_timeouts(void)
+{
+    u32 durations[3] = {
+        TPM2_DEFAULT_DURATION_SHORT,
+        TPM2_DEFAULT_DURATION_MEDIUM,
+        TPM2_DEFAULT_DURATION_LONG,
+    };
+    u32 timeouts[4] = {
+        TIS2_DEFAULT_TIMEOUT_A,
+        TIS2_DEFAULT_TIMEOUT_B,
+        TIS2_DEFAULT_TIMEOUT_C,
+        TIS2_DEFAULT_TIMEOUT_D,
+    };
+
+    tpmhw_set_timeouts(timeouts, durations);
+}
+
 static int
 tpm12_extend(u32 pcrindex, const u8 *digest)
 {
@@ -557,6 +575,8 @@ err_exit:
 static int
 tpm20_startup(void)
 {
+    tpm20_set_timeouts();
+
     int ret = tpm_build_and_send_cmd(0, TPM2_CC_Startup,
                                      Startup_SU_CLEAR,
                                      sizeof(Startup_SU_CLEAR),