On Thu, Apr 27, 2017 at 11:26:59AM -0700, Josh Zimmerman wrote: > If a TPM2 loses power without a TPM2_Shutdown command being issued, it > may lose some state that has yet to be persisted to NVRam, and will > increment the DA counter (meaning that after too many disorderly > reboots, the TPM will lock the user out). > > This is a variant of https://patchwork.kernel.org/patch/9516631/. > It differs in that: > * It only changes behavior on TPM2 devices, to avoid invoking the > unbounded-waiting sysfs codepath that was discussed on that patch. > * It modifies tpm_tis rather than tpm_i2c_infineon, so that it can > change behavior for all TPM2 devices. > > Signed-off-by: Josh Zimmerman <jo...@google.com> > --- > drivers/char/tpm/tpm_tis.c | 12 ++++++++++++ > 1 file changed, 12 insertions(+) > > diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c > index c7e1384f1b08..bd9c70b305ab 100644 > --- a/drivers/char/tpm/tpm_tis.c > +++ b/drivers/char/tpm/tpm_tis.c > @@ -216,11 +216,23 @@ static void tpm_tis_pnp_remove(struct pnp_dev *dev) > tpm_tis_remove(chip); > } > > +static void tpm_tis_pnp_shutdown(struct pnp_dev *dev) > +{ > + struct tpm_chip *chip = pnp_get_drvdata(dev); > + // TPM 2.0 requires that the TPM2_Shutdown() command be issued prior to > loss of power. > + // If it is not, the DA counter will be incremented and, eventually, > the user will be > + // locked out of their TPM. > + if (chip->flags & TPM_CHIP_FLAG_TPM2) { > + tpm_tis_pnp_remove(dev); > + } > +} > +
What about acpi driver? Doy you think this should be in stable? I wonder if we could move in tpm_tis to nowadays common infrastructure where you just have platform_driver and use acpi_match_table. I'm referring to similar infra as I have in my other project: http://git.infradead.org/users/jjs/linux-isgx.git/blob/HEAD:/drivers/platform/x86/intel_sgx/sgx_main.c I guess we have a problem in tis such that some of the devices in some environments are not available through ACPI. There's also of_match_table but I'm wondering if ACPI and OF would cover everything we are using pnp_driver for. I'm just thinking that since you are fixing the hooks maybe it would make sense to make things right at the same time. Currently the whole things is a mess. I talked about this with Rafael a while ago. He said that for some reason it is wrong in the first place to root to ACPI device but I cannot recall the exact reason. /Jarkko > static struct pnp_driver tis_pnp_driver = { > .name = "tpm_tis", > .id_table = tpm_pnp_tbl, > .probe = tpm_tis_pnp_init, > .remove = tpm_tis_pnp_remove, > + .shutdown = tpm_tis_pnp_shutdown, > .driver = { > .pm = &tpm_tis_pm, > }, > -- > 2.13.0.rc0.306.g87b477812d-goog > ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel