SecurityPkg:Tpm2DeviceLibDTpm: Support TPM command cancel

Support TPM Command cancel if executing command timeouts. Cancel could
happen in long running command case

Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Chinnusamy Rajkumar K <rajkumar.k.chinnusamy@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>

2 files changed, 47 insertions, 7 deletions

diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
index ddd4bd0..d9df264 100644
--- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
+++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
@@ -1,7 +1,7 @@
 /** @file

   PTP (Platform TPM Profile) CRB (Command Response Buffer) interface used by dTPM2.0 library.

 

-Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>

+Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>

 This program and the accompanying materials

 are licensed and made available under the terms and conditions of the BSD License

 which accompanies this distribution.  The full text of the license may be found at

@@ -240,8 +240,26 @@ PtpCrbTpmCommand (
              PTP_TIMEOUT_MAX

              );

   if (EFI_ERROR (Status)) {

-    Status = EFI_DEVICE_ERROR;

-    goto Exit;

+    //

+    // Command Completion check timeout. Cancel the currently executing command by writing TPM_CRB_CTRL_CANCEL,

+    // Expect TPM_RC_CANCELLED or successfully completed response.

+    //

+    MmioWrite32((UINTN)&CrbReg->CrbControlCancel, PTP_CRB_CONTROL_CANCEL);

+    Status = PtpCrbWaitRegisterBits (

+               &CrbReg->CrbControlStart,

+               0,

+               PTP_CRB_CONTROL_START,

+               PTP_TIMEOUT_B

+               );

+    MmioWrite32((UINTN)&CrbReg->CrbControlCancel, 0);

+

+    if (EFI_ERROR(Status)) {

+      //

+      // Still in Command Execution state. Try to goIdle, the behavior is agnostic.

+      //

+      Status = EFI_DEVICE_ERROR;

+      goto Exit;

+    }

   }

 

   //

diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c
index 6cd7030..0889162 100644
--- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c
+++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c
@@ -1,7 +1,7 @@
 /** @file

   TIS (TPM Interface Specification) functions used by dTPM2.0 library.

   

-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>

+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>

 (C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>

 This program and the accompanying materials 

 are licensed and made available under the terms and conditions of the BSD License 

@@ -295,10 +295,32 @@ Tpm2TisTpmCommand (
              TIS_TIMEOUT_MAX

              );

   if (EFI_ERROR (Status)) {

-    DEBUG ((DEBUG_ERROR, "Wait for Tpm2 response data time out!!\n"));

-    Status = EFI_DEVICE_ERROR;

-    goto Exit;

+    //

+    // dataAvail check timeout. Cancel the currently executing command by writing commandCancel,

+    // Expect TPM_RC_CANCELLED or successfully completed response.

+    //

+    DEBUG ((DEBUG_ERROR, "Wait for Tpm2 response data time out. Trying to cancel the command!!\n"));

+

+    MmioWrite32((UINTN)&TisReg->Status, TIS_PC_STS_CANCEL);

+    Status = TisPcWaitRegisterBits (

+               &TisReg->Status,

+               (UINT8) (TIS_PC_VALID | TIS_PC_STS_DATA),

+               0,

+               TIS_TIMEOUT_B

+               );

+    //

+    // Do not clear CANCEL bit here bicoz Writes of 0 to this bit are ignored

+    //

+    if (EFI_ERROR (Status)) {

+      //

+      // Cancel executing command fail to get any response

+      // Try to abort the command with write of a 1 to commandReady in Command Execution state

+      //

+      Status = EFI_DEVICE_ERROR;

+      goto Exit;

+    }

   }

+

   //

   // Get response data header

   //