From nobody Fri Nov 7 10:12:38 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1547584385916752.4706390550386; Tue, 15 Jan 2019 12:33:05 -0800 (PST) Received: from localhost ([127.0.0.1]:47304 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gjVOS-0005XF-Td for importer@patchew.org; Tue, 15 Jan 2019 15:33:04 -0500 Received: from eggs.gnu.org ([209.51.188.92]:35521) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gjUyo-00081k-99 for qemu-devel@nongnu.org; Tue, 15 Jan 2019 15:06:38 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gjUyS-0003TH-4M for qemu-devel@nongnu.org; Tue, 15 Jan 2019 15:06:24 -0500 Received: from mx1.redhat.com ([209.132.183.28]:62189) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gjUyQ-0003MW-Ap for qemu-devel@nongnu.org; Tue, 15 Jan 2019 15:06:11 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9A0A9461CF; Tue, 15 Jan 2019 20:06:08 +0000 (UTC) Received: from redhat.com (ovpn-125-113.rdu2.redhat.com [10.10.125.113]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8529B1019633; Tue, 15 Jan 2019 20:06:07 +0000 (UTC) Date: Tue, 15 Jan 2019 15:06:06 -0500 From: "Michael S. Tsirkin" To: qemu-devel@nongnu.org Message-ID: <20190115200252.25911-42-mst@redhat.com> References: <20190115200252.25911-1-mst@redhat.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20190115200252.25911-1-mst@redhat.com> X-Mutt-Fcc: =sent X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Tue, 15 Jan 2019 20:06:08 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL v2 41/49] acpi: add ACPI memory clear interface X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Igor Mammedov , Stefan Berger , =?utf-8?Q?Marc-Andr=C3=A9?= Lureau Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" From: Marc-Andr=C3=A9 Lureau The interface is described in the "TCG Platform Reset Attack Mitigation Specification", chapter 6 "ACPI _DSM Function". According to Laszlo, it's not so easy to implement in OVMF, he suggested to do it in qemu instead. See specification documentation for more details, and next commit for memory clear on reset handling. The underlying TCG specification is accessible from the following page. https://trustedcomputinggroup.org/resource/pc-client-work-group-platform-re= set-attack-mitigation-specification-version-1-0/ This patch implements version 1.0. Signed-off-by: Marc-Andr=C3=A9 Lureau Reviewed-by: Michael S. Tsirkin Reviewed-by: Igor Mammedov Tested-by: Stefan Berger Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin --- docs/specs/tpm.txt | 2 ++ hw/acpi/tpm.c | 55 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+) diff --git a/docs/specs/tpm.txt b/docs/specs/tpm.txt index 424d1511fc..5d8c26b1ad 100644 --- a/docs/specs/tpm.txt +++ b/docs/specs/tpm.txt @@ -135,6 +135,8 @@ layout: +----------+--------+--------+-------------------------------------------+ | next_step| 0x1 | 0x159 | Operation to execute after reboot by | | | | | firmware. Used by firmware. | + +----------+--------+--------+-------------------------------------------+ + | movv | 0x1 | 0x15a | Memory overwrite variable | +----------+--------+--------+-------------------------------------------+ =20 The following values are supported for the 'func' field. They correspond diff --git a/hw/acpi/tpm.c b/hw/acpi/tpm.c index 9f205378f2..b96459e45b 100644 --- a/hw/acpi/tpm.c +++ b/hw/acpi/tpm.c @@ -53,6 +53,16 @@ void tpm_build_ppi_acpi(TPMIf *tpm, Aml *dev) pprq =3D aml_name("PPRQ"); pprm =3D aml_name("PPRM"); =20 + aml_append(dev, + aml_operation_region( + "TPP3", AML_SYSTEM_MEMORY, + aml_int(TPM_PPI_ADDR_BASE + + 0x15a /* movv, docs/specs/tpm.txt */), + 0x1)); + field =3D aml_field("TPP3", AML_BYTE_ACC, AML_NOLOCK, AML_PRESERVE); + aml_append(field, aml_named_field("MOVV", 8)); + aml_append(dev, field); + /* * DerefOf in Windows is broken with SYSTEM_MEMORY. Use a dynamic * operation region inside of a method for getting FUNC[op]. @@ -399,6 +409,51 @@ void tpm_build_ppi_acpi(TPMIf *tpm, Aml *dev) aml_append(ifctx, aml_return(aml_buffer(1, zerobyte))); } aml_append(method, ifctx); + + /* + * "TCG Platform Reset Attack Mitigation Specification 1.00", + * Chapter 6 "ACPI _DSM Function" + */ + ifctx =3D aml_if( + aml_equal(uuid, + aml_touuid("376054ED-CC13-4675-901C-4756D7F2D45D"))); + { + /* standard DSM query function */ + ifctx2 =3D aml_if(aml_equal(function, zero)); + { + uint8_t byte_list[1] =3D { 0x03 }; /* functions 1-2 suppor= ted */ + + aml_append(ifctx2, + aml_return(aml_buffer(sizeof(byte_list), + byte_list))); + } + aml_append(ifctx, ifctx2); + + /* + * TCG Platform Reset Attack Mitigation Specification 1.0 Ch.6 + * + * Arg 2 (Integer): Function Index =3D 1 + * Arg 3 (Package): Arguments =3D Package: Type: Integer + * Operation Value of the Request + * Returns: Type: Integer + * 0: Success + * 1: General Failure + */ + ifctx2 =3D aml_if(aml_equal(function, one)); + { + aml_append(ifctx2, + aml_store(aml_derefof(aml_index(arguments, zero= )), + op)); + { + aml_append(ifctx2, aml_store(op, aml_name("MOVV"))); + + /* 0: success */ + aml_append(ifctx2, aml_return(zero)); + } + } + aml_append(ifctx, ifctx2); + } + aml_append(method, ifctx); } aml_append(dev, method); } --=20 MST