File tboot-Release-localities-in-S3-flow-for-CRB-interface.patch of Package tboot.18210

From 8a71817796b44d5b2ccd3b3b6fb33c5c99833e6f Mon Sep 17 00:00:00 2001
From: Michal Stachowiak <michal.jan.stachowiak@intel.com>
Date: Tue, 14 Jan 2020 11:54:11 +0100
Subject: [PATCH] Release localities in S3 flow for CRB interface

Locality 0 is required to be released before executing GETSEC[SENTER].
Locality 2 is required to be released before jumping to Linux kernel.

Signed-off-by: Michal Stachowiak <michal.jan.stachowiak@intel.com>
---
 tboot/common/tboot.c |  9 +++++++++
 tboot/common/tpm.c   | 11 ++++++-----
 tboot/txt/txt.c      |  9 ---------
 3 files changed, 15 insertions(+), 14 deletions(-)

diff --git a/tboot/common/tboot.c b/tboot/common/tboot.c
index 4064a1b..4518c3e 100644
--- a/tboot/common/tboot.c
+++ b/tboot/common/tboot.c
@@ -488,6 +488,15 @@ void s3_launch(void)
     }
 
     print_tboot_shared(&_tboot_shared);
+    
+    if (g_tpm_family != TPM_IF_20_CRB ) {
+        if (!release_locality(tpm->cur_loc))
+            printk(TBOOT_ERR"Release TPM FIFO locality %d failed \n", tpm->cur_loc);
+    }
+    else {
+        if (!tpm_relinquish_locality_crb(tpm->cur_loc))
+            printk(TBOOT_ERR"Relinquish TPM CRB locality %d failed \n", tpm->cur_loc);
+    }
 
     /* (optionally) pause when transferring kernel resume */
     if ( g_vga_delay > 0 )
diff --git a/tboot/common/tpm.c b/tboot/common/tpm.c
index b325a97..65d4f93 100644
--- a/tboot/common/tpm.c
+++ b/tboot/common/tpm.c
@@ -768,11 +768,12 @@ bool prepare_tpm(void)
      * must ensure TPM_ACCESS_0.activeLocality bit is clear
      * (: locality is not active)
      */
-   if (is_tpm_crb()) 
-//   	return release_locality_crb(0);
-       return true;
-   else 
-   	return release_locality(0);
+   if ( is_tpm_crb() ) {
+       return tpm_relinquish_locality_crb(0);
+   }
+   else {
+       return release_locality(0);
+   }
 }
 
 bool tpm_request_locality_crb(uint32_t locality){
diff --git a/tboot/txt/txt.c b/tboot/txt/txt.c
index de4ef54..aaa9634 100644
--- a/tboot/txt/txt.c
+++ b/tboot/txt/txt.c
@@ -863,15 +863,6 @@ tb_error_t txt_launch_environment(loader_ctx *lctx)
     if ( !set_mtrrs_for_acmod(g_sinit) )
         return TB_ERR_FATAL;
 
-   /* deactivate current locality */
-   if (g_tpm_family == TPM_IF_20_CRB ) {
-       printk(TBOOT_INFO"Relinquish CRB localility 0 before executing GETSEC[SENTER]...\n");
-	if (!tpm_relinquish_locality_crb(0)){
-		printk(TBOOT_INFO"Relinquish CRB locality 0 failed...\n");
-		apply_policy(TB_ERR_TPM_NOT_READY) ;
-	}
-   }
-
    /*{
    tpm_reg_loc_ctrl_t    reg_loc_ctrl;
    tpm_reg_loc_state_t  reg_loc_state;
-- 
2.26.2