Re: TPM chip prevents machine from suspending

From: Jeff Layton
Date: Tue Mar 29 2011 - 08:09:09 EST

Next message: Wim Van Sebroeck: "[GIT PULL REQUEST] watchdog - v2.6.39-rc1"
Previous message: Jamie Iles: "[RFC PATCHv4 2/4] drivers/otp: add support for Picoxcell PC3X3 OTP"
In reply to: Stefan Berger: "Re: TPM chip prevents machine from suspending"
Next in thread: Stefan Berger: "Re: TPM chip prevents machine from suspending"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 28 Mar 2011 19:10:55 -0400
Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> wrote:

> Ok, so this error code means TPM_INVALID_POSTINIT (not a posix code)
> and means that this command was received in the wrong sequence relative
> to a TPM_Startup command. Well, what's supposed to be happening is this:
>
> When the machines (S3) suspends then the OS needs to send a
> TPM_SaveState() to the TPM. This is done by the Linux driver. Once the
> VM resumes, the BIOS is supposed to send a TPM_Startup(ST_STATE) to the TPM.
>
> Now the fun starts when a BIOS isn't doing that (even though the spec
> says it's supposed to), which could very well be the case in your case
> (don't know what broken BIOSes are out there... Did it ever work before
> with the TPM driver in the kernel ?). I could try to send you a small
> tool that you would have to run from user space upon resume so that we
> can see that this error goes away. If that's verified we could
> subsequently write a patch for the TPM driver to also send the
> TPM_Startup(ST_STATE) to the TPM, which then in the case of most BIOSes
> would be the 2nd time that the TPM receives such a command. I think TPMs
> should be able to digest this 2nd TPM_Startup() well, but I'd have to
> check -- but really we would ill-fix it just because of one (possibly)
> buggy BIOS.
>
> The failure of the 2nd suspend then likely stems from the TPM not
> accepting the TPM_SaveState() anymore since it hasn't seen the
> TPM_Startup(ST_STATE) that we expected the BIOS to send.
>

Yep. That program fixed the problem. When I run it after a resume, I
can then cat the caps file and get output from it, and the machine will
successfully suspend again.

> Another possibility would be for you to check for BIOS updates from the
> laptop manufacturer...
>

This is actually a desktop machine and the BIOS for the motherboard is
at the latest version, though it is quite old -- 2007/09/01. For the
record this is a:

Foxconn 6150BK8MC

I'm actually not using the TPM in this thing at all. I'd be just as
happy if there were some way to disable it. Unfortunately, the option
in the BIOS to do this doesn't seem to actually work. When I set "TPM
Control" in the BIOS to "Disable" it always ends up reset back to "No
Change". I'd report both problems to the mfr, but this thing is long
out of warranty and I'm pretty sure they won't care.

Is there some way short of recompiling with CONFIG_TCG_* turned off
to disable the TPM driver at boot time?

--
Jeff Layton <jlayton@xxxxxxxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Wim Van Sebroeck: "[GIT PULL REQUEST] watchdog - v2.6.39-rc1"
Previous message: Jamie Iles: "[RFC PATCHv4 2/4] drivers/otp: add support for Picoxcell PC3X3 OTP"
In reply to: Stefan Berger: "Re: TPM chip prevents machine from suspending"
Next in thread: Stefan Berger: "Re: TPM chip prevents machine from suspending"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]