In the rare case of a TPM 2 failure, disable the platform hierarchy after
disabling the endorsement and owner hierarchies.
Signed-off-by: Stefan Berger
---
src/tcgbios.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/tcgbios.c b/src/tcgbios.c
index 02921d8..31f4d7b 100644
--- a/src
On 6/15/21 7:53 AM, Stefan Berger wrote:
On 6/15/21 4:36 AM, Paul Menzel wrote:
Dear Stefan,
Am 14.06.21 um 19:35 schrieb Stefan Berger:
Signed-off-by: Stefan Berger
---
Makefile | 2 +-
src/sha.h | 11 +++
src/sha1.c | 8 +-
src/sha1.h | 8 --
src/sha256.c
On 6/15/21 4:36 AM, Paul Menzel wrote:
Dear Stefan,
Am 14.06.21 um 19:35 schrieb Stefan Berger:
Signed-off-by: Stefan Berger
---
Makefile | 2 +-
src/sha.h | 11 +++
src/sha1.c | 8 +-
src/sha1.h | 8 --
src/sha256.c | 211
On 6/14/21 7:20 PM, Kevin O'Connor wrote:
On Mon, Jun 14, 2021 at 01:35:47PM -0400, Stefan Berger wrote:
This PR adds the implementations for sha{256, 384, 512} and makes use
of the hash implementation when extending the PCRs of the respective
banks rather than always using the sha1 and
Instead of just using sha1 for all PCR banks (and truncating
the value or zero-padding it) use the proper hash function for
each one of the banks. For unimplemented hashes, fill the buffer
with 0xff.
Signed-off-by: Stefan Berger
---
src/tcgbios.c | 58
Signed-off-by: Stefan Berger
---
Makefile | 2 +-
src/sha.h | 11 +++
src/sha1.c| 8 +-
src/sha1.h| 8 --
src/sha256.c | 211 +++
src/sha512.c | 244 ++
src/tcgbios.c | 2 +-
src
This PR adds the implementations for sha{256, 384, 512} and makes use
of the hash implementation when extending the PCRs of the respective
banks rather than always using the sha1 and zero-padding it for the PCR
banks of a TPM 2.
Regards,
Stefan
Stefan Berger (2):
Add implementations for
Fix two details of the logs:
- Set the field 'SpecErrata' to 2 as required by specs.
- Write the separator into the log entry's event field.
Signed-off-by: Stefan Berger
---
src/tcgbios.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/tcgbios.c
On 6/11/20 8:36 AM, Jason Andryuk wrote:
Hi,
SeaBIOS commit 67643955c746 (make SeaBios compatible with Xen vTPM.)
made tpm_start() exit before calling tpm_startup(). The commit
message has no explanation why this change was made. Does anyone
remember why it was made?
The code today means SeaB
The vendorInfoSize is a u8 rather than a u32.
Signed-off-by: Stefan Berger
Reviewed-by: Marc-André Lureau
---
src/tcgbios.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/tcgbios.c b/src/tcgbios.c
index cc3a51f..6a3a613 100644
--- a/src/tcgbios.c
+++ b/src
some time in the future.
Stefan
v1->v2:
- added missing check for !sizeOfSelect
- added '+ sizeof(u8)' to pad to account for vendorInfoSize field
- added Marc-Andre's R-b's
Stefan Berger (3):
tcgbios: Only write logs for PCRs that are in active PCR banks
tcgbio
Only write the logs for those PCRs that are in active PCR banks.
A PCR banks is assumed to be active if any of the BIOS relevant
PCRs 0 - 7 is enabled, thus pcrSelect[0] != 0.
Signed-off-by: Stefan Berger
Reviewed-by: Marc-André Lureau
---
src/tcgbios.c | 30 ++
1
Add support for SHA3 type of algorithms that a TPM2 may support
some time in the future.
Signed-off-by: Stefan Berger
Reviewed-by: Marc-André Lureau
---
src/std/tcg.h | 9 +
src/tcgbios.c | 22 +++---
2 files changed, 28 insertions(+), 3 deletions(-)
diff --git a/src
On 3/27/20 11:27 PM, Stefan Berger wrote:
Add support for SHA3 type of algorithms that a TPM2 may support
some time in the future.
Signed-off-by: Stefan Berger
---
src/std/tcg.h | 9 +
src/tcgbios.c | 22 +++---
2 files changed, 28 insertions(+), 3 deletions
The vendorInfoSize is a u8 rather than a u32.
Signed-off-by: Stefan Berger
---
src/tcgbios.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/tcgbios.c b/src/tcgbios.c
index 997da87..99005b9 100644
--- a/src/tcgbios.c
+++ b/src/tcgbios.c
@@ -287,7 +287,7
Add support for SHA3 type of algorithms that a TPM2 may support
some time in the future.
Signed-off-by: Stefan Berger
---
src/std/tcg.h | 9 +
src/tcgbios.c | 22 +++---
2 files changed, 28 insertions(+), 3 deletions(-)
diff --git a/src/std/tcg.h b/src/std/tcg.h
index
Only write the logs for those PCRs that are in active PCR banks.
A PCR banks is assumed to be active if any of the BIOS relevant
PCRs 0 - 7 is enabled, thus pcrSelect[0] != 0.
Signed-off-by: Stefan Berger
---
src/tcgbios.c | 30 ++
1 file changed, 22 insertions
x27;s some time in the future.
Stefan
Stefan Berger (3):
tcgbios: Only write logs for PCRs that are in active PCR banks
tcgbios: Fix the vendorInfoSize to be of type u8
tcgbios: Add support for SHA3 type of algorithms
src/std/tcg.h | 9 +
src/tcgbios.c
On 3/6/20 8:33 AM, Kevin O'Connor wrote:
On Wed, Mar 04, 2020 at 02:51:27PM +0100, Paul Menzel wrote:
Date: Tue, 3 Mar 2020 16:24:46 +0100
GCC 10 gives the warnings below:
In file included from out/ccode32flat.o.tmp.c:54:
./src/tcgbios.c: In function 'tpm20_write_EfiSpecIdEventStruct
izeof evaluates to zero."[1]
This issue was found with the help of Coccinelle.
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
Signed-off-by: Paul Menzel
It gives the same size of structure either way.
Reviewed-by: Stefan Berger
---
src/std/tcg.h | 2 +-
1 file changed,
When querying a TPM 2.0 for its PCRs, make sure that we get enough bytes
from it in a response that did not indicate a failure. Basically we are
defending against a TPM 2.0 sending responses that are not compliant to
the specs.
Signed-off-by: Stefan Berger
---
src/tcgbios.c | 13
Defend against a broken TPM 1.2 or TPM 2.0 that doesn't send at least
a full response header in the response but less than 10 bytes.
Signed-off-by: Stefan Berger
---
src/hw/tpm_drivers.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/hw/tpm_drivers.c b/s
This series of patches addresses issues that may arise if a TPM sends
unexpected short packets.
Stefan
Stefan Berger (2):
tpm: Require a response to have minimum size of a valid response
header
tcgbios: Check for enough bytes returned from TPM2_GetCapability
src/hw/tpm_drivers.c
On 9/23/19 12:12 PM, Philipp Stanner wrote:
I've recently flashed coreboot with SeaBIOS and discovered that you
folks have added some support in the boot menu to configure the TPM
since I last used SeaBIOS.
Now, I never had any direct contact to TPM and only know roughly what
it does. As far as
Use a table to convert the hash to the buffer size it needs.
Signed-off-by: Stefan Berger
---
src/tcgbios.c | 41 -
1 file changed, 28 insertions(+), 13 deletions(-)
diff --git a/src/tcgbios.c b/src/tcgbios.c
index 24846d3..0eabc60 100644
--- a/src
enu
- Undo some other changes, such as #define in src/utils.h
v1->v2:
- Refactor existing function for looking up the buffer size a hash needs
to use a table instead; we extend the table then in patch 2
Stefan Berger (2):
tcgbios: Use table to convert hash to buffer size
tcgbios: Imp
the platform authorization
before booting the system and it throws that password away.
Signed-off-by: Stefan Berger
---
src/std/tcg.h | 17
src/tcgbios.c | 223 ++
2 files changed, 240 insertions(+)
diff --git a/src/std/tcg.h b/src/std/tcg.h
On 1/29/19 4:24 PM, Kevin O'Connor wrote:
On Tue, Jan 22, 2019 at 10:46:24AM -0500, Stefan Berger wrote:
Implement a TPM 2.0 menu item that allows a user to toggle the activation
of PCR banks of the TPM 2.0. After successful activation we shut down the
TPM 2.0 and reset the machine.
T
Implement a TPM 2.0 menu item that allows a user to toggle the activation
of PCR banks of the TPM 2.0. After successful activation we shut down the
TPM 2.0 and reset the machine.
Signed-off-by: Stefan Berger
---
src/std/tcg.h | 18
src/tcgbios.c | 229
Use a table to convert the hash to the buffer size the hash needs.
Signed-off-by: Stefan Berger
---
src/tcgbios.c | 41 -
1 file changed, 28 insertions(+), 13 deletions(-)
diff --git a/src/tcgbios.c b/src/tcgbios.c
index 24846d3..0eabc60 100644
--- a/src
ash needs
to use a table instead; we extend the table then in patch 2
Stefan Berger (2):
tcgbios: Use table to convert hash to buffer size
tcgbios: Implement TPM 2.0 menu item to activate and deactivate PCR
banks
src/std/tcg.h | 18
src/tcgbios.c |
Implement a TPM 2.0 menu item that allows a user to toggle the activation
of PCR banks of the TPM 2.0. After successful activation we shut down the
TPM 2.0 and reset the machine.
Signed-off-by: Stefan Berger
---
src/std/tcg.h | 18
src/tcgbios.c | 235
On 11/20/18 11:51 AM, Stefano Garzarella wrote:
On Tue, Nov 20, 2018 at 5:13 PM Steve Douthit wrote:
On 11/20/18 10:55 AM, Kevin O'Connor wrote:
On Mon, Nov 19, 2018 at 07:38:39PM +0100, Stefano Garzarella wrote:
just an update, I enabled the debug prints and I saw two timeouts fired
with a l
On 07/27/2018 07:43 PM, Kevin O'Connor wrote:
On Sat, Jul 21, 2018 at 08:11:14PM +0200, Piotr Kubaj wrote:
Hi,
I use SeaBIOS 1.11.2 as payload with 4.8-835-g113f670baa on ASUS KGPE-D16
board. I also have ASUS TPM-L R2.0 module with Infineon SLB9665 chip.
TPM is correctly detected by both Linu
On 03/28/2018 03:37 PM, Stefan Berger wrote:
The CRB driver has to request access to locality 0. Our QEMU
CRB model will enforce that as well.
Signed-off-by: Stefan Berger
Kevin, can you please apply this patch.
Stefan
---
src/hw/tpm_drivers.c | 2 ++
1 file changed, 2 insertions
The CRB driver has to request access to locality 0. Our QEMU
CRB model will enforce that as well.
Signed-off-by: Stefan Berger
---
src/hw/tpm_drivers.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/hw/tpm_drivers.c b/src/hw/tpm_drivers.c
index bd971f7..e4770b3 100644
--- a/src/hw
On 03/25/2018 07:46 PM, Kevin O'Connor wrote:
On Sun, Mar 25, 2018 at 07:17:33PM -0400, Stefan Berger wrote:
On 03/25/2018 11:45 AM, Kevin O'Connor wrote:
On Thu, Mar 22, 2018 at 08:19:09AM -0400, Stefan Berger wrote:
The timeout to wait for the register change is 30ms. We yie
On 03/25/2018 07:46 PM, Kevin O'Connor wrote:
On Sun, Mar 25, 2018 at 07:17:33PM -0400, Stefan Berger wrote:
On 03/25/2018 11:45 AM, Kevin O'Connor wrote:
On Thu, Mar 22, 2018 at 08:19:09AM -0400, Stefan Berger wrote:
The timeout to wait for the register change is 30ms. We yie
On 03/25/2018 11:45 AM, Kevin O'Connor wrote:
On Thu, Mar 22, 2018 at 08:19:09AM -0400, Stefan Berger wrote:
The timeout to wait for the register change is 30ms. We yield() while
waiting, so we don't block everything entirely... Is the error message
misleading and we should print
On 03/22/2018 06:57 AM, Paul Menzel wrote:
Dear Kevin,
On 03/21/18 15:38, Kevin O'Connor wrote:
On Mon, Mar 19, 2018 at 12:23:10PM -0400, Stephen Douthit wrote:
On 03/19/2018 12:00 PM, Stefan Berger wrote:
Wait for the tpmRegValidSts flag on the TPM_LOC_STATE_x register to
be set; we e
On 03/21/2018 10:38 AM, Kevin O'Connor wrote:
On Mon, Mar 19, 2018 at 12:23:10PM -0400, Stephen Douthit wrote:
On 03/19/2018 12:00 PM, Stefan Berger wrote:
Wait for the tpmRegValidSts flag on the TPM_LOC_STATE_x register to
be set; we espect the locAssigned flag to not be set.
s/espect/e
On 03/19/2018 12:23 PM, Stephen Douthit wrote:
On 03/19/2018 12:00 PM, Stefan Berger wrote:
Wait for the tpmRegValidSts flag on the TPM_LOC_STATE_x register to
be set; we espect the locAssigned flag to not be set.
s/espect/expect/ and in the subject line s/CRQ/CRB
gee... CRQ is a ppc64
On 03/19/2018 05:29 AM, Gerd Hoffmann wrote:
On Mon, Mar 12, 2018 at 06:05:41PM -0400, Kevin O'Connor wrote:
On Wed, Mar 07, 2018 at 11:49:59AM +0100, Gerd Hoffmann wrote:
Hi,
Time to prepare a 1.11-stable release, so we can pick up bugfixes for the
upcoming qemu release. Looking at the co
lag without writing to any other registers
Stefan Berger (3):
tpm: Wait for tpmRegValidSts flag on CRQ interface before probing
tpm: revert return values for successful/failed CRB probing
tpm: when CRB is active, select, lock it, and check addresses
src/hw/tpm_drivers.c | 20 ++--
Do not just indicate that the probing for the CRB interface was successful
if we find it active. Instead, select it, lock it, and test the addresses
for whether they can be used (must be 32 bit).
Signed-off-by: Stefan Berger
---
src/hw/tpm_drivers.c | 4 +---
1 file changed, 1 insertion(+), 3
Wait for the tpmRegValidSts flag on the TPM_LOC_STATE_x register to
be set; we espect the locAssigned flag to not be set.
Real hardware seems to set the tpmRegValidSts flag without for
example requesting access to a locality.
Signed-off-by: Stefan Berger
---
src/hw/tpm_drivers.c | 10
The return values for successful/failed CRB probing were reverted.
Fix it.
Signed-off-by: Stefan Berger
---
src/hw/tpm_drivers.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/hw/tpm_drivers.c b/src/hw/tpm_drivers.c
index 7e6a96a..271f8d3 100644
--- a/src/hw
On 03/19/2018 10:48 AM, Stephen Douthit wrote:
On 03/19/2018 08:55 AM, Stefan Berger wrote:
On 03/14/2018 03:42 PM, Kevin O'Connor wrote:
On Wed, Mar 14, 2018 at 01:42:41PM -0400, Stefan Berger wrote:
Wait for the tpmRegValidSts flag on the TPM_LOC_STATE_x register.
Since it's
On 03/19/2018 09:02 AM, Paul Menzel wrote:
Dear Stefan,
On 03/14/18 18:42, Stefan Berger wrote:
This series of patches attempts to fix the probing of the CRB interface
for real hardware.
Stephen Douthit should test this on real hardware.
I tested this series on the Lenovo X60, where
On 03/14/2018 03:42 PM, Kevin O'Connor wrote:
On Wed, Mar 14, 2018 at 01:42:41PM -0400, Stefan Berger wrote:
Wait for the tpmRegValidSts flag on the TPM_LOC_STATE_x register.
Since it's not quite clear when this flag may become valid, we request
access to the interace on locality 0,
On 03/14/2018 03:42 PM, Kevin O'Connor wrote:
On Wed, Mar 14, 2018 at 01:42:41PM -0400, Stefan Berger wrote:
Wait for the tpmRegValidSts flag on the TPM_LOC_STATE_x register.
Since it's not quite clear when this flag may become valid, we request
access to the interace on locality 0,
Do not just indicate that the probing for the CRB interface was successful
if we find it active. Instead, select it, lock it, and test the addresses
for whether they can be used (must be 32 bit).
Signed-off-by: Stefan Berger
---
src/hw/tpm_drivers.c | 4 +---
1 file changed, 1 insertion(+), 3
Wait for the tpmRegValidSts flag on the TPM_LOC_STATE_x register.
Since it's not quite clear when this flag may become valid, we request
access to the interace on locality 0, which must then make it valid.
Signed-off-by: Stefan Berger
---
src/hw/tpm_drivers.c | 11 +++
1 file ch
Signed-off-by: Stefan Berger
---
src/hw/tpm_drivers.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/hw/tpm_drivers.c b/src/hw/tpm_drivers.c
index ad97f67..b208a37 100644
--- a/src/hw/tpm_drivers.c
+++ b/src/hw/tpm_drivers.c
@@ -410,13 +410,13 @@ static u32
This series of patches attempts to fix the probing of the CRB interface
for real hardware.
Stephen Douthit should test this on real hardware.
Regards,
Stefan
Stefan Berger (3):
tpm: Wait for tpmRegValidSts flags on CRQ interface before probing
tpm: revert return values for successful
On 03/12/2018 01:38 PM, Stephen Douthit wrote:
I'd like to add a poll for tpmRegValidSts to crb_probe() similar to
what's in tis_probe() to avoid potential races on real hardware.
The QEMU CRB currently does not set this bit until access is requested
by writing bit 0 to TPM_LOC_CTRL_x.
The
On 03/13/2018 11:36 AM, Stephen Douthit wrote:
On 03/13/2018 10:40 AM, Stefan Berger wrote:
On 03/13/2018 10:15 AM, Stephen Douthit wrote:
When tis_probe() returns '1', it means the interface was detected.
If all registers return 0x in the no-TPM case we should
return
On 03/13/2018 10:15 AM, Stephen Douthit wrote:
When tis_probe() returns '1', it means the interface was detected.
If all registers return 0x in the no-TPM case we should
return a '0' from tis_probe since rc was set to 0 from
tis_wait_access() and we will not get into the ifaceid test ca
On 03/13/2018 07:31 AM, Stefan Berger wrote:
On 03/12/2018 06:11 PM, Kevin O'Connor wrote:
On Mon, Mar 12, 2018 at 01:38:52PM -0400, Stephen Douthit wrote:
I've got a board modded so I can jumper the TPM in and out.
What I found in the no-TPM case was that both tis_probe() and
On 03/12/2018 06:11 PM, Kevin O'Connor wrote:
On Mon, Mar 12, 2018 at 01:38:52PM -0400, Stephen Douthit wrote:
I've got a board modded so I can jumper the TPM in and out.
What I found in the no-TPM case was that both tis_probe() and
crb_probe() incorrectly return 1 for device present if all Fs
On 02/27/2018 02:17 PM, Stephen Douthit wrote:
Signed-off-by: Stephen Douthit
Tested-by: Stephen Douthit
Reviewed-by: Stefan Berger
---
src/hw/tpm_drivers.c | 80 ++--
1 file changed, 33 insertions(+), 47 deletions(-)
diff --git a/src/hw
turn TPM_VERSION_2;
+}
+/* FIFO interface as defined in PTP for TPM 2.0 is active */
+else if ((reg & 0xf) == 0) {
return TPM_VERSION_2;
}
+
return TPM_VERSION_1_2;
}
Tested it with QEMU TPM 2 and TPM 1.2:
Tested-by: Stefan Berger
Revi
On 02/27/2018 02:17 PM, Stephen Douthit wrote:
This is based on wait_startup() from the Linux tpm_tis driver.
Signed-off-by: Stephen Douthit
Tested-by: Stephen Douthit
Reviewed-by: Stefan Berger
---
src/hw/tpm_drivers.c | 13 -
1 file changed, 12 insertions(+), 1 deletion
On 02/27/2018 12:35 PM, Stephen Douthit wrote:
On 02/27/2018 12:17 PM, Stefan Berger wrote:
On 02/27/2018 12:14 PM, Stephen Douthit wrote:
On 02/26/2018 07:45 PM, Stefan Berger wrote:
On 02/26/2018 06:24 PM, Stephen Douthit wrote:
On 02/26/2018 06:02 PM, Stefan Berger wrote:
On 02/26/2018
On 02/27/2018 12:14 PM, Stephen Douthit wrote:
On 02/26/2018 07:45 PM, Stefan Berger wrote:
On 02/26/2018 06:24 PM, Stephen Douthit wrote:
On 02/26/2018 06:02 PM, Stefan Berger wrote:
On 02/26/2018 05:44 PM, Stephen Douthit wrote:
On 02/26/2018 05:09 PM, Stefan Berger wrote:
On 02/26/2018
On 02/26/2018 06:24 PM, Stephen Douthit wrote:
On 02/26/2018 06:02 PM, Stefan Berger wrote:
On 02/26/2018 05:44 PM, Stephen Douthit wrote:
On 02/26/2018 05:09 PM, Stefan Berger wrote:
On 02/26/2018 03:37 PM, Stephen Douthit wrote:
tis_get_tpm_version() was returning the interface version
On 02/26/2018 05:44 PM, Stephen Douthit wrote:
On 02/26/2018 05:09 PM, Stefan Berger wrote:
On 02/26/2018 03:37 PM, Stephen Douthit wrote:
tis_get_tpm_version() was returning the interface version, which is
always
1.2 since tis_probe() would have failed if the interface wasn't TIS.
u32 didvid = readl(TIS_REG(0, TIS_REG_DID_VID));
if ((didvid != 0) && (didvid != 0x))
On QEMU that VALID flag is always set.
Reviewed-by: Stefan Berger
___
SeaBIOS mailing list
SeaBIOS@seabios.org
https://mail.coreboot.org/mai
On 02/26/2018 03:37 PM, Stephen Douthit wrote:
Signed-off-by: Stephen Douthit
Tested-by: Stephen Douthit
---
src/hw/tpm_drivers.c | 80 ++--
1 file changed, 33 insertions(+), 47 deletions(-)
diff --git a/src/hw/tpm_drivers.c b/src/hw/tpm_drive
On 02/26/2018 03:37 PM, Stephen Douthit wrote:
tis_get_tpm_version() was returning the interface version, which is always
1.2 since tis_probe() would have failed if the interface wasn't TIS.
New version check is based on the tpm2_probe() function from the Linux
tpm_tis driver.
Signed-off-by: St
On 02/26/2018 09:12 AM, Stefan Berger wrote:
The following series implements a TPM CRB driver. The TIS device with
a TPM 2.0 seems to be ignored by Windows 10, so I implemented a simple
CRB device that has now been integrated into QEMU. With the CRB device,
Windows 10 correctly recognizes and
The following series implements a TPM CRB driver. The TIS device with
a TPM 2.0 seems to be ignored by Windows 10, so I implemented a simple
CRB device that has now been integrated into QEMU. With the CRB device,
Windows 10 correctly recognizes and exchanges packets with a TPM 2.0.
Marc-André (a
patch only support locality 0 since also the CRB device in QEMU
only supports this locality.
Signed-off-by: Marc-André Lureau
Reviewed-by: Stefan Berger
Tested-by: Stefan Berger
---
src/hw/tpm_drivers.c | 196 ++-
src/hw/tpm_drivers.h | 26
From: Marc-André Lureau
As originally intended.
Signed-off-by: Marc-André Lureau
Reviewed-by: Stefan Berger
Tested-by: Stefan Berger
---
src/hw/tpm_drivers.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/hw/tpm_drivers.c b/src/hw/tpm_drivers.c
index 0daaef2
From: Marc-André Lureau
Signed-off-by: Marc-André Lureau
Reviewed-by: Stefan Berger
Tested-by: Stefan Berger
---
src/x86.h | 5 +
1 file changed, 5 insertions(+)
diff --git a/src/x86.h b/src/x86.h
index 4aea65c..c7bb60d 100644
--- a/src/x86.h
+++ b/src/x86.h
@@ -211,6 +211,11 @@ static
From: Marc-André Lureau
It seems both TIS & CRB devices share the same timeout. Make
initialization function generic now.
Signed-off-by: Marc-André Lureau
Reviewed-by: Stefan Berger
Tested-by: Stefan Berger
---
src/hw/tpm_drivers.c | 25 +++--
1 file changed
On 02/23/2018 12:05 AM, Kevin O'Connor wrote:
On Tue, Feb 13, 2018 at 11:08:07AM -0500, Stefan Berger wrote:
From: Marc-André Lureau
The CRB device was introduced with TPM 2.0 to be physical-bus agnostic
and defined in TCG PC Client Platform TPM Profile (PTP) Specification
Family “2.0”
The following series implements a TPM CRB driver. The TIS device with
a TPM 2.0 seems to be ignored by Windows 10, so I implemented a simple
CRB device that has now been integrated into QEMU. With the CRB device,
Windows 10 correctly recognizes and exchanges packets with a TPM 2.0.
Marc-André (a
From: Marc-André Lureau
As originally intended.
Signed-off-by: Marc-André Lureau
Reviewed-by: Stefan Berger
Tested-by: Stefan Berger
---
src/hw/tpm_drivers.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/hw/tpm_drivers.c b/src/hw/tpm_drivers.c
index 0daaef2
From: Marc-André Lureau
It seems both TIS & CRB devices share the same timeout. Make
initialization function generic now.
Signed-off-by: Marc-André Lureau
Reviewed-by: Stefan Berger
Tested-by: Stefan Berger
---
src/hw/tpm_drivers.c | 25 +++--
1 file changed
patch only support locality 0 since also the CRB device in QEMU
only supports this locality.
Signed-off-by: Marc-André Lureau
Reviewed-by: Stefan Berger
Tested-by: Stefan Berger
---
src/hw/tpm_drivers.c | 198 ++-
src/hw/tpm_drivers.h | 26
From: Marc-André Lureau
Signed-off-by: Marc-André Lureau
Reviewed-by: Stefan Berger
Tested-by: Stefan Berger
---
src/x86.h | 5 +
1 file changed, 5 insertions(+)
diff --git a/src/x86.h b/src/x86.h
index 4aea65c..c7bb60d 100644
--- a/src/x86.h
+++ b/src/x86.h
@@ -211,6 +211,11 @@ static
On 02/12/2018 01:17 PM, Marc-Andre Lureau wrote:
Hi
On Sun, Feb 11, 2018 at 5:53 PM, Stefan Berger
wrote:
On 10/06/2017 10:33 AM, marcandre.lur...@redhat.com wrote:
From: Marc-André Lureau
Hi,
The following series implements a limited TPM CRB driver. The TIS
device with a TPM 2.0 seems to
On 10/06/2017 10:33 AM, marcandre.lur...@redhat.com wrote:
From: Marc-André Lureau
Hi,
The following series implements a limited TPM CRB driver. The TIS
device with a TPM 2.0 seems to be ignored by Windows 10, so I
implemented a simple CRB device that I will send shortly on the
qemu-devel. Wit
On 02/08/2018 02:30 PM, Marc-André Lureau wrote:
Hi
On Thu, Feb 8, 2018 at 5:35 PM, Stefan Berger
wrote:
On 02/08/2018 10:52 AM, Marc-André Lureau wrote:
Hi
On Wed, Feb 7, 2018 at 6:21 PM, Laszlo Ersek wrote:
On 02/07/18 17:44, Stefan Berger wrote:
On 02/07/2018 10:50 AM, Laszlo Ersek
On 02/08/2018 10:52 AM, Marc-André Lureau wrote:
Hi
On Wed, Feb 7, 2018 at 6:21 PM, Laszlo Ersek wrote:
On 02/07/18 17:44, Stefan Berger wrote:
On 02/07/2018 10:50 AM, Laszlo Ersek wrote:
OK, but if the OS is allowed to modify this set of "queued operations",
then what pro
On 02/07/2018 10:50 AM, Laszlo Ersek wrote:
On 02/07/18 15:57, Stefan Berger wrote:
On 02/07/2018 09:18 AM, Laszlo Ersek wrote:
On 02/07/18 14:51, Stefan Berger wrote:
To support SeaBIOS as well, we would have to be
able to distinguish a BIOS from the UEFI on the QEMU level so that we
could
On 02/07/2018 09:18 AM, Laszlo Ersek wrote:
On 02/07/18 14:51, Stefan Berger wrote:
On 01/10/2018 08:22 AM, Laszlo Ersek wrote:
Stefan,
On 01/09/18 20:02, Stefan Berger wrote:
Another twist is that Intel's EDK2 also implements this but the data
structure layout is different and they us
On 01/10/2018 08:22 AM, Laszlo Ersek wrote:
Stefan,
On 01/09/18 20:02, Stefan Berger wrote:
Another twist is that Intel's EDK2 also implements this but the data
structure layout is different and they use SMM + SMIs etc.
https://github.com/tianocore/edk2/blob/master/SecurityPkg/Tcg/Tc
On 01/16/2018 05:35 PM, Kevin O'Connor wrote:
On Tue, Jan 16, 2018 at 05:01:51PM -0500, Stefan Berger wrote:
On 01/16/2018 01:36 PM, Kevin O'Connor wrote:
On Tue, Jan 16, 2018 at 11:41:02AM -0500, Stefan Berger wrote:
+tp = (struct tpm_ppi *)(u32)qemu->tpmppi_address;
On 01/16/2018 01:36 PM, Kevin O'Connor wrote:
On Tue, Jan 16, 2018 at 11:41:02AM -0500, Stefan Berger wrote:
Add support for TPM 1.2 and TPM 2 Physical Presence interface (PPI).
A shared memory structure is located at 0xfffe f000 - 0xfffe f3ff
that SeaBIOS initializes (unless it has al
On 01/16/2018 01:16 PM, Kevin O'Connor wrote:
On Tue, Jan 16, 2018 at 11:41:01AM -0500, Stefan Berger wrote:
Pass the returnCode parameter through many of the functions so
that we can get the TPM return code from hwtpm_transmit, if needed.
Signed-off-by: Stefan Berger
---
s
On 01/16/2018 01:58 PM, Kevin O'Connor wrote:
On Tue, Jan 16, 2018 at 11:41:03AM -0500, Stefan Berger wrote:
Implement more functions of the TPM Physical Presence interface.
Some of the added functions will automatically reboot the machine.
Thus we need to save the next step after the rebo
e the OS can write
a code into that SeaBIOS needs to find and act upon after a reboot.
Stefan
Stefan Berger (3):
tcgbios: pass returnCode through many functions
tcgbios: Add TPM Physical Presence interface support
tcgbios: extend Physical Presence interface with more functions
s
Implement more functions of the TPM Physical Presence interface.
Some of the added functions will automatically reboot the machine.
Thus we need to save the next step after the reboot in an additional
variable.
Signed-off-by: Stefan Berger
---
src/std/tcg.h | 7 ++
src/tcgbios.c | 69
Pass the returnCode parameter through many of the functions so
that we can get the TPM return code from hwtpm_transmit, if needed.
Signed-off-by: Stefan Berger
---
src/hw/tpm_drivers.c | 8 ++-
src/hw/tpm_drivers.h | 2 +-
src/tcgbios.c| 147
more TPM commands are being sent.
The underlying spec can be accessed from this page here:
https://trustedcomputinggroup.org/tcg-physical-presence-interface-specification/
Version 1.30 is implemented.
Signed-off-by: Stefan Berger
---
src/post.c | 4 +++
src/std/acpi.h | 10 ++
src/std
On 01/11/2018 12:38 PM, Laszlo Ersek wrote:
On 01/11/18 18:16, Stefan Berger wrote:
I can only point to the standard for the address. If QEMU has an API
where we can first try to allocate fed4 and if that fails ask for
another address, then we can use that. But does driver initialization
On 01/11/2018 11:44 AM, Laszlo Ersek wrote:
(I'm not trying to further argue for the idea below, just to clarify it:)
On 01/11/18 15:29, Stefan Berger wrote:
On 01/11/2018 09:02 AM, Laszlo Ersek wrote:
On 01/11/18 13:40, Igor Mammedov wrote:
On Wed, 10 Jan 2018 17:45:52 +0100
Laszlo
On 01/11/2018 10:52 AM, Igor Mammedov wrote:
On Thu, 11 Jan 2018 09:29:14 -0500
Stefan Berger wrote:
On 01/11/2018 09:02 AM, Laszlo Ersek wrote:
On 01/11/18 13:40, Igor Mammedov wrote:
On Wed, 10 Jan 2018 17:45:52 +0100
Laszlo Ersek wrote:
(My understanding is that the guest has to
1 - 100 of 434 matches
Mail list logo