hw/tpm/tpm_ppi.h | 46 +++++ include/hw/acpi/tpm.h | 21 ++ hw/acpi/tpm.c | 448 ++++++++++++++++++++++++++++++++++++++++++ hw/core/machine.c | 8 + hw/i386/acpi-build.c | 29 ++- hw/tpm/tpm_crb.c | 13 ++ hw/tpm/tpm_ppi.c | 53 +++++ hw/tpm/tpm_tis.c | 13 ++ stubs/tpm.c | 5 + docs/specs/tpm.txt | 104 ++++++++++ hw/acpi/Makefile.objs | 1 + hw/tpm/Makefile.objs | 1 + hw/tpm/trace-events | 3 + 13 files changed, 743 insertions(+), 2 deletions(-) create mode 100644 hw/tpm/tpm_ppi.h create mode 100644 hw/acpi/tpm.c create mode 100644 hw/tpm/tpm_ppi.c
Hi,
The following patches implement the TPM Physical Presence Interface
that allows a user to set a command via ACPI (sysfs entry in Linux)
that, upon the next reboot, the firmware looks for and acts upon by
sending sequences of commands to the TPM.
A dedicated memory region is added to the TPM CRB & TIS devices, at
address/size 0xFED45000/0x400. A new "etc/tpm/config" fw_cfg entry
holds the location for that PPI region and some version details, to
allow for future flexibility.
With the associated edk2/ovmf firmware, the Windows HLK "PPI 1.3" test
now runs successfully.
It is based on previous work from Stefan Berger ("[PATCH v2 0/4]
Implement Physical Presence interface for TPM 1.2 and 2")
The edk2 support is merged upstream.
v15:
- fix crash on reset when PPI is disabled
v14:
- rebased, fixing conflicts after compat-props refactoring
- fix build regression from v13 with --disable-tpm
v13:
- removed needless error handling in tpm_ppi_init()
- splitted "add ACPI memory clear interface"
- moved acpi build function in dedicated hw/acpi/tpm.c
- added some function documentation in headers
- various code cleanups suggested by Philippe
- rebased
Marc-André Lureau (3):
tpm: add a "ppi" boolean property
acpi: add ACPI memory clear interface
tpm: clear RAM when "memory overwrite" requested
Stefan Berger (3):
tpm: allocate/map buffer for TPM Physical Presence interface
acpi: expose TPM/PPI configuration parameters to firmware via fw_cfg
acpi: build TPM Physical Presence interface
hw/tpm/tpm_ppi.h | 46 +++++
include/hw/acpi/tpm.h | 21 ++
hw/acpi/tpm.c | 448 ++++++++++++++++++++++++++++++++++++++++++
hw/core/machine.c | 8 +
hw/i386/acpi-build.c | 29 ++-
hw/tpm/tpm_crb.c | 13 ++
hw/tpm/tpm_ppi.c | 53 +++++
hw/tpm/tpm_tis.c | 13 ++
stubs/tpm.c | 5 +
docs/specs/tpm.txt | 104 ++++++++++
hw/acpi/Makefile.objs | 1 +
hw/tpm/Makefile.objs | 1 +
hw/tpm/trace-events | 3 +
13 files changed, 743 insertions(+), 2 deletions(-)
create mode 100644 hw/tpm/tpm_ppi.h
create mode 100644 hw/acpi/tpm.c
create mode 100644 hw/tpm/tpm_ppi.c
--
2.20.1.2.gb21ebb671b
On 1/9/19 3:28 AM, Marc-André Lureau wrote:
> Hi,
>
> The following patches implement the TPM Physical Presence Interface
> that allows a user to set a command via ACPI (sysfs entry in Linux)
> that, upon the next reboot, the firmware looks for and acts upon by
> sending sequences of commands to the TPM.
>
> A dedicated memory region is added to the TPM CRB & TIS devices, at
> address/size 0xFED45000/0x400. A new "etc/tpm/config" fw_cfg entry
> holds the location for that PPI region and some version details, to
> allow for future flexibility.
>
> With the associated edk2/ovmf firmware, the Windows HLK "PPI 1.3" test
> now runs successfully.
>
> It is based on previous work from Stefan Berger ("[PATCH v2 0/4]
> Implement Physical Presence interface for TPM 1.2 and 2")
>
> The edk2 support is merged upstream.
Tested-by: Stefan Berger <stefanb@linux.ibm.vom>
On Wed, Jan 09, 2019 at 12:28:56PM +0400, Marc-André Lureau wrote:
> Hi,
>
> The following patches implement the TPM Physical Presence Interface
> that allows a user to set a command via ACPI (sysfs entry in Linux)
> that, upon the next reboot, the firmware looks for and acts upon by
> sending sequences of commands to the TPM.
>
> A dedicated memory region is added to the TPM CRB & TIS devices, at
> address/size 0xFED45000/0x400. A new "etc/tpm/config" fw_cfg entry
> holds the location for that PPI region and some version details, to
> allow for future flexibility.
>
> With the associated edk2/ovmf firmware, the Windows HLK "PPI 1.3" test
> now runs successfully.
>
> It is based on previous work from Stefan Berger ("[PATCH v2 0/4]
> Implement Physical Presence interface for TPM 1.2 and 2")
>
> The edk2 support is merged upstream.
So it looks good to me overall.
Minor style comments.
With or without:
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
> v15:
> - fix crash on reset when PPI is disabled
>
> v14:
> - rebased, fixing conflicts after compat-props refactoring
> - fix build regression from v13 with --disable-tpm
>
> v13:
> - removed needless error handling in tpm_ppi_init()
> - splitted "add ACPI memory clear interface"
> - moved acpi build function in dedicated hw/acpi/tpm.c
> - added some function documentation in headers
> - various code cleanups suggested by Philippe
> - rebased
>
> Marc-André Lureau (3):
> tpm: add a "ppi" boolean property
> acpi: add ACPI memory clear interface
> tpm: clear RAM when "memory overwrite" requested
>
> Stefan Berger (3):
> tpm: allocate/map buffer for TPM Physical Presence interface
> acpi: expose TPM/PPI configuration parameters to firmware via fw_cfg
> acpi: build TPM Physical Presence interface
>
> hw/tpm/tpm_ppi.h | 46 +++++
> include/hw/acpi/tpm.h | 21 ++
> hw/acpi/tpm.c | 448 ++++++++++++++++++++++++++++++++++++++++++
> hw/core/machine.c | 8 +
> hw/i386/acpi-build.c | 29 ++-
> hw/tpm/tpm_crb.c | 13 ++
> hw/tpm/tpm_ppi.c | 53 +++++
> hw/tpm/tpm_tis.c | 13 ++
> stubs/tpm.c | 5 +
> docs/specs/tpm.txt | 104 ++++++++++
> hw/acpi/Makefile.objs | 1 +
> hw/tpm/Makefile.objs | 1 +
> hw/tpm/trace-events | 3 +
> 13 files changed, 743 insertions(+), 2 deletions(-)
> create mode 100644 hw/tpm/tpm_ppi.h
> create mode 100644 hw/acpi/tpm.c
> create mode 100644 hw/tpm/tpm_ppi.c
>
> --
> 2.20.1.2.gb21ebb671b
Hi
On Wed, Jan 9, 2019 at 6:51 PM Michael S. Tsirkin <mst@redhat.com> wrote:
>
> On Wed, Jan 09, 2019 at 12:28:56PM +0400, Marc-André Lureau wrote:
> > Hi,
> >
> > The following patches implement the TPM Physical Presence Interface
> > that allows a user to set a command via ACPI (sysfs entry in Linux)
> > that, upon the next reboot, the firmware looks for and acts upon by
> > sending sequences of commands to the TPM.
> >
> > A dedicated memory region is added to the TPM CRB & TIS devices, at
> > address/size 0xFED45000/0x400. A new "etc/tpm/config" fw_cfg entry
> > holds the location for that PPI region and some version details, to
> > allow for future flexibility.
> >
> > With the associated edk2/ovmf firmware, the Windows HLK "PPI 1.3" test
> > now runs successfully.
> >
> > It is based on previous work from Stefan Berger ("[PATCH v2 0/4]
> > Implement Physical Presence interface for TPM 1.2 and 2")
> >
> > The edk2 support is merged upstream.
>
> So it looks good to me overall.
> Minor style comments.
>
> With or without:
>
> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Thanks Michael for the review!
Would you take it in your next pull request? Or may I send a pull req?
For the minor style comments, I can either let you do that on commit,
resend, or together with a pullreq.
thanks
>
>
> > v15:
> > - fix crash on reset when PPI is disabled
> >
> > v14:
> > - rebased, fixing conflicts after compat-props refactoring
> > - fix build regression from v13 with --disable-tpm
> >
> > v13:
> > - removed needless error handling in tpm_ppi_init()
> > - splitted "add ACPI memory clear interface"
> > - moved acpi build function in dedicated hw/acpi/tpm.c
> > - added some function documentation in headers
> > - various code cleanups suggested by Philippe
> > - rebased
> >
> > Marc-André Lureau (3):
> > tpm: add a "ppi" boolean property
> > acpi: add ACPI memory clear interface
> > tpm: clear RAM when "memory overwrite" requested
> >
> > Stefan Berger (3):
> > tpm: allocate/map buffer for TPM Physical Presence interface
> > acpi: expose TPM/PPI configuration parameters to firmware via fw_cfg
> > acpi: build TPM Physical Presence interface
> >
> > hw/tpm/tpm_ppi.h | 46 +++++
> > include/hw/acpi/tpm.h | 21 ++
> > hw/acpi/tpm.c | 448 ++++++++++++++++++++++++++++++++++++++++++
> > hw/core/machine.c | 8 +
> > hw/i386/acpi-build.c | 29 ++-
> > hw/tpm/tpm_crb.c | 13 ++
> > hw/tpm/tpm_ppi.c | 53 +++++
> > hw/tpm/tpm_tis.c | 13 ++
> > stubs/tpm.c | 5 +
> > docs/specs/tpm.txt | 104 ++++++++++
> > hw/acpi/Makefile.objs | 1 +
> > hw/tpm/Makefile.objs | 1 +
> > hw/tpm/trace-events | 3 +
> > 13 files changed, 743 insertions(+), 2 deletions(-)
> > create mode 100644 hw/tpm/tpm_ppi.h
> > create mode 100644 hw/acpi/tpm.c
> > create mode 100644 hw/tpm/tpm_ppi.c
> >
> > --
> > 2.20.1.2.gb21ebb671b
>
--
Marc-André Lureau
On Wed, Jan 09, 2019 at 06:58:04PM +0400, Marc-André Lureau wrote:
> Hi
>
> On Wed, Jan 9, 2019 at 6:51 PM Michael S. Tsirkin <mst@redhat.com> wrote:
> >
> > On Wed, Jan 09, 2019 at 12:28:56PM +0400, Marc-André Lureau wrote:
> > > Hi,
> > >
> > > The following patches implement the TPM Physical Presence Interface
> > > that allows a user to set a command via ACPI (sysfs entry in Linux)
> > > that, upon the next reboot, the firmware looks for and acts upon by
> > > sending sequences of commands to the TPM.
> > >
> > > A dedicated memory region is added to the TPM CRB & TIS devices, at
> > > address/size 0xFED45000/0x400. A new "etc/tpm/config" fw_cfg entry
> > > holds the location for that PPI region and some version details, to
> > > allow for future flexibility.
> > >
> > > With the associated edk2/ovmf firmware, the Windows HLK "PPI 1.3" test
> > > now runs successfully.
> > >
> > > It is based on previous work from Stefan Berger ("[PATCH v2 0/4]
> > > Implement Physical Presence interface for TPM 1.2 and 2")
> > >
> > > The edk2 support is merged upstream.
> >
> > So it looks good to me overall.
> > Minor style comments.
> >
> > With or without:
> >
> > Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
>
> Thanks Michael for the review!
>
> Would you take it in your next pull request?
Stefan acked so sure I can do it.
> Or may I send a pull req?
>
> For the minor style comments, I can either let you do that on commit,
> resend,
Resend is easiest for maintainers usually.
> or together with a pullreq.
>
> thanks
>
> >
> >
> > > v15:
> > > - fix crash on reset when PPI is disabled
> > >
> > > v14:
> > > - rebased, fixing conflicts after compat-props refactoring
> > > - fix build regression from v13 with --disable-tpm
> > >
> > > v13:
> > > - removed needless error handling in tpm_ppi_init()
> > > - splitted "add ACPI memory clear interface"
> > > - moved acpi build function in dedicated hw/acpi/tpm.c
> > > - added some function documentation in headers
> > > - various code cleanups suggested by Philippe
> > > - rebased
> > >
> > > Marc-André Lureau (3):
> > > tpm: add a "ppi" boolean property
> > > acpi: add ACPI memory clear interface
> > > tpm: clear RAM when "memory overwrite" requested
> > >
> > > Stefan Berger (3):
> > > tpm: allocate/map buffer for TPM Physical Presence interface
> > > acpi: expose TPM/PPI configuration parameters to firmware via fw_cfg
> > > acpi: build TPM Physical Presence interface
> > >
> > > hw/tpm/tpm_ppi.h | 46 +++++
> > > include/hw/acpi/tpm.h | 21 ++
> > > hw/acpi/tpm.c | 448 ++++++++++++++++++++++++++++++++++++++++++
> > > hw/core/machine.c | 8 +
> > > hw/i386/acpi-build.c | 29 ++-
> > > hw/tpm/tpm_crb.c | 13 ++
> > > hw/tpm/tpm_ppi.c | 53 +++++
> > > hw/tpm/tpm_tis.c | 13 ++
> > > stubs/tpm.c | 5 +
> > > docs/specs/tpm.txt | 104 ++++++++++
> > > hw/acpi/Makefile.objs | 1 +
> > > hw/tpm/Makefile.objs | 1 +
> > > hw/tpm/trace-events | 3 +
> > > 13 files changed, 743 insertions(+), 2 deletions(-)
> > > create mode 100644 hw/tpm/tpm_ppi.h
> > > create mode 100644 hw/acpi/tpm.c
> > > create mode 100644 hw/tpm/tpm_ppi.c
> > >
> > > --
> > > 2.20.1.2.gb21ebb671b
> >
>
>
> --
> Marc-André Lureau
© 2016 - 2025 Red Hat, Inc.