[09/11] tpm_tis_sysbus: fix crash when PPI is enabled

Message ID	20230713035232.48406-10-j@getutm.app
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: Joelle van Dyne <j@getutm.app> To: qemu-devel@nongnu.org Cc: Joelle van Dyne <j@getutm.app>, Stefan Berger <stefanb@linux.vnet.ibm.com> Subject: [PATCH 09/11] tpm_tis_sysbus: fix crash when PPI is enabled Date: Wed, 12 Jul 2023 20:51:14 -0700 Message-ID: <20230713035232.48406-10-j@getutm.app> In-Reply-To: <20230713035232.48406-1-j@getutm.app> References: <20230713035232.48406-1-j@getutm.app> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=209.85.210.171; envelope-from=osy86dev@gmail.com; helo=mail-pf1-f171.google.com X-Spam_score_int: -13 X-Spam_score: -1.4 X-Spam_bar: - X-Spam_report: (-1.4 / 5.0 requ) BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Series	tpm: introduce TPM CRB SysBus device \| expand [00/11] tpm: introduce TPM CRB SysBus device [01/11] tpm_crb: refactor common code [02/11] tpm_crb: CTRL_RSP_ADDR is 64-bits wide [03/11] tpm_ppi: refactor memory space initialization [04/11] tpm_crb: use a single read-as-mem/write-as-mmio mapping [05/11] tpm_crb: use the ISA bus [06/11] tpm_crb: move ACPI table building to device interface [07/11] hw/arm/virt: add plug handler for TPM on SysBus [08/11] hw/loongarch/virt: add plug handler for TPM on SysBus [09/11] tpm_tis_sysbus: fix crash when PPI is enabled [10/11] tpm_tis_sysbus: move DSDT AML generation to device [11/11] tpm_crb_sysbus: introduce TPM CRB SysBus device

Message ID

20230713035232.48406-10-j@getutm.app

State

New

Headers

From: Joelle van Dyne <j@getutm.app>
To: qemu-devel@nongnu.org
Cc: Joelle van Dyne <j@getutm.app>, Stefan Berger <stefanb@linux.vnet.ibm.com>
Subject: [PATCH 09/11] tpm_tis_sysbus: fix crash when PPI is enabled
Date: Wed, 12 Jul 2023 20:51:14 -0700
Message-ID: <20230713035232.48406-10-j@getutm.app>
In-Reply-To: <20230713035232.48406-1-j@getutm.app>
References: <20230713035232.48406-1-j@getutm.app>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=209.85.210.171; envelope-from=osy86dev@gmail.com;
 helo=mail-pf1-f171.google.com
X-Spam_score_int: -13
X-Spam_score: -1.4
X-Spam_bar: -
X-Spam_report: (-1.4 / 5.0 requ) BAYES_00=-1.9,
 FREEMAIL_FORGED_FROMDOMAIN=0.25,
 FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Series

tpm: introduce TPM CRB SysBus device | expand

If 'ppi' property is set, then `tpm_ppi_reset` is called on reset which SEGFAULTs because `tpmppi->buf` is not allocated. Signed-off-by: Joelle van Dyne <j@getutm.app> --- hw/tpm/tpm_tis_sysbus.c | 4 ++++ 1 file changed, 4 insertions(+)

Comments

Stefan Berger July 13, 2023, 4:49 p.m. UTC | #1

On 7/12/23 23:51, Joelle van Dyne wrote:
> If 'ppi' property is set, then `tpm_ppi_reset` is called on reset
> which SEGFAULTs because `tpmppi->buf` is not allocated.
> 
> Signed-off-by: Joelle van Dyne <j@getutm.app>
> ---
>   hw/tpm/tpm_tis_sysbus.c | 4 ++++
>   1 file changed, 4 insertions(+)
> 
> diff --git a/hw/tpm/tpm_tis_sysbus.c b/hw/tpm/tpm_tis_sysbus.c
> index 45e63efd63..1014d5d993 100644
> --- a/hw/tpm/tpm_tis_sysbus.c
> +++ b/hw/tpm/tpm_tis_sysbus.c
> @@ -124,6 +124,10 @@ static void tpm_tis_sysbus_realizefn(DeviceState *dev, Error **errp)
>           error_setg(errp, "'tpmdev' property is required");
>           return;
>       }
> +
> +    if (s->ppi_enabled) {
> +        sysbus_init_mmio(SYS_BUS_DEVICE(dev), &s->ppi.ram);
> +    }
>   }
> 

The tpm-tis-device doesn't work for x86_64 but for aarch64.


We have this here in this file:

     DEFINE_PROP_BOOL("ppi", TPMStateSysBus, state.ppi_enabled, false),

I don't know whether ppi would work on aarch64. It needs firmware support like in edk2.
I think the best solution is to remove this DEFINE_PROP_BOOL() and if someone wants
to enable it they would have to add firmware support and test it before re-enabling it.

    Stefan

>   static void tpm_tis_sysbus_class_init(ObjectClass *klass, void *data)

Joelle van Dyne July 13, 2023, 6:15 p.m. UTC | #2

On Thu, Jul 13, 2023 at 9:49 AM Stefan Berger <stefanb@linux.ibm.com> wrote:
>
>
> The tpm-tis-device doesn't work for x86_64 but for aarch64.
>
>
> We have this here in this file:
>
>      DEFINE_PROP_BOOL("ppi", TPMStateSysBus, state.ppi_enabled, false),
>
> I don't know whether ppi would work on aarch64. It needs firmware support like in edk2.
> I think the best solution is to remove this DEFINE_PROP_BOOL() and if someone wants
> to enable it they would have to add firmware support and test it before re-enabling it.
>
>     Stefan
>
> >   static void tpm_tis_sysbus_class_init(ObjectClass *klass, void *data)

Yeah, I'm not sure if PPI works with AARCH64 since I didn't bother to
change it to not use hard coded addresses. However, isn't that "ppi"
overridable from the command line? If so, should we add a check in
"realize" to error if PPI=true? Otherwise, it will just crash.

Stefan Berger July 13, 2023, 6:31 p.m. UTC | #3

On 7/13/23 14:15, Joelle van Dyne wrote:
> On Thu, Jul 13, 2023 at 9:49 AM Stefan Berger <stefanb@linux.ibm.com> wrote:
>>
>>
>> The tpm-tis-device doesn't work for x86_64 but for aarch64.
>>
>>
>> We have this here in this file:
>>
>>       DEFINE_PROP_BOOL("ppi", TPMStateSysBus, state.ppi_enabled, false),
>>
>> I don't know whether ppi would work on aarch64. It needs firmware support like in edk2.
>> I think the best solution is to remove this DEFINE_PROP_BOOL() and if someone wants
>> to enable it they would have to add firmware support and test it before re-enabling it.
>>
>>      Stefan
>>
>>>    static void tpm_tis_sysbus_class_init(ObjectClass *klass, void *data)
> 
> Yeah, I'm not sure if PPI works with AARCH64 since I didn't bother to
> change it to not use hard coded addresses. However, isn't that "ppi"
> overridable from the command line? If so, should we add a check in
> "realize" to error if PPI=true? Otherwise, it will just crash.

Once the option is removed via my patch (cc'ed you), then you get this once you pass ppi=on on the command line:

qemu-system-aarch64: -device tpm-tis-device,tpmdev=tpm0,ppi=on: Property 'tpm-tis-device.ppi' not found

This disables it for good.

    Stefan

diff --git a/hw/tpm/tpm_tis_sysbus.c b/hw/tpm/tpm_tis_sysbus.c
index 45e63efd63..1014d5d993 100644
--- a/hw/tpm/tpm_tis_sysbus.c
+++ b/hw/tpm/tpm_tis_sysbus.c
@@ -124,6 +124,10 @@  static void tpm_tis_sysbus_realizefn(DeviceState *dev, Error **errp)
         error_setg(errp, "'tpmdev' property is required");
         return;
     }
+
+    if (s->ppi_enabled) {
+        sysbus_init_mmio(SYS_BUS_DEVICE(dev), &s->ppi.ram);
+    }
 }
 
 static void tpm_tis_sysbus_class_init(ObjectClass *klass, void *data)

[09/11] tpm_tis_sysbus: fix crash when PPI is enabled

Commit Message

Comments

Patch