From 5317677db4290366c95f4209de387d6c9b48707f Mon Sep 17 00:00:00 2001 From: Amir Mizinski Date: Tue, 25 May 2021 14:13:25 +0300 Subject: tpm: add longer timeout for TPM2_CC_VERIFY_SIGNATURE While running a TPM2_CC_VERIFY_SIGNATURE operation with RSA 3072-bit keys the TPM driver fails with the following error: "kernel: [ 2416.187522] tpm tpm0: Operation Timed out" Since the TPM PC Client specification does not specify a number for verify signature operation timeout, and the duration of TPM2_CC_VERIFY_SIGNATURE with RSA 3072-bit keys exceeds the current timeout of TPM_LONG (2 seconds), it is preferable to pick the longest timeout possible. Therefore, set the duration for TPM2_CC_VERIFY_SIGNATUE to TPM_LONG_LONG (5 minutes). [jarkko@kernel.org: mangled the short summary a bit] Link: https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification/ Signed-off-by: Amir Mizinski Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- drivers/char/tpm/tpm2-cmd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'drivers/char') diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index c84d23951219..a25815a6f625 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -87,7 +87,7 @@ static u8 tpm2_ordinal_duration_index(u32 ordinal) return TPM_MEDIUM; case TPM2_CC_VERIFY_SIGNATURE: /* 177 */ - return TPM_LONG; + return TPM_LONG_LONG; case TPM2_CC_PCR_EXTEND: /* 182 */ return TPM_MEDIUM; -- cgit v1.2.3