This patch introduces an optional TPM 2 interface definition to the ACPI table,
which is to be used as part of a vTPM 2 implementation.
Signed-off-by: Jennifer Herbert <jennifer.herbert@citrix.com>
---
tools/firmware/hvmloader/config.h | 1 +
tools/firmware/hvmloader/util.c | 7 ++++++
tools/libacpi/Makefile | 2 +-
tools/libacpi/acpi2_0.h | 26 ++++++++++++++++++++++
tools/libacpi/build.c | 35 ++++++++++++++++++++++++++++++
tools/libacpi/libacpi.h | 1 +
tools/libacpi/ssdt_tpm2.asl | 36 +++++++++++++++++++++++++++++++
7 files changed, 107 insertions(+), 1 deletion(-)
create mode 100644 tools/libacpi/ssdt_tpm2.asl
diff --git a/tools/firmware/hvmloader/config.h b/tools/firmware/hvmloader/config.h
index c82adf6dc5..4dec7195f0 100644
--- a/tools/firmware/hvmloader/config.h
+++ b/tools/firmware/hvmloader/config.h
@@ -56,6 +56,7 @@ extern uint8_t ioapic_version;
#define PCI_ISA_IRQ_MASK 0x0c20U /* ISA IRQs 5,10,11 are PCI connected */
#define ACPI_TIS_HDR_ADDRESS 0xFED40F00UL
+#define ACPI_CRB_HDR_ADDRESS 0xFED40034UL
extern uint32_t pci_mem_start;
extern const uint32_t pci_mem_end;
diff --git a/tools/firmware/hvmloader/util.c b/tools/firmware/hvmloader/util.c
index 87bc2d677f..6e5d3609b9 100644
--- a/tools/firmware/hvmloader/util.c
+++ b/tools/firmware/hvmloader/util.c
@@ -1009,6 +1009,13 @@ void hvmloader_acpi_build_tables(struct acpi_config *config,
config->table_flags |= ACPI_HAS_TPM;
config->tis_hdr = (uint16_t *)ACPI_TIS_HDR_ADDRESS;
break;
+ case 2:
+ config->table_flags |= ACPI_HAS_TPM;
+ config->crb_hdr = (uint16_t *)ACPI_CRB_HDR_ADDRESS;
+
+ mem_hole_populate_ram(TPM_LOG_AREA_ADDRESS >> PAGE_SHIFT, TPM_LOG_SIZE >> PAGE_SHIFT);
+ memset((void *)(TPM_LOG_AREA_ADDRESS), 0, TPM_LOG_SIZE);
+ break;
}
config->numa.nr_vmemranges = nr_vmemranges;
diff --git a/tools/libacpi/Makefile b/tools/libacpi/Makefile
index 60860eaa00..125f29fb54 100644
--- a/tools/libacpi/Makefile
+++ b/tools/libacpi/Makefile
@@ -25,7 +25,7 @@ C_SRC-$(CONFIG_X86) = dsdt_anycpu.c dsdt_15cpu.c dsdt_anycpu_qemu_xen.c dsdt_pvh
C_SRC-$(CONFIG_ARM_64) = dsdt_anycpu_arm.c
DSDT_FILES ?= $(C_SRC-y)
C_SRC = $(addprefix $(ACPI_BUILD_DIR)/, $(DSDT_FILES))
-H_SRC = $(addprefix $(ACPI_BUILD_DIR)/, ssdt_s3.h ssdt_s4.h ssdt_pm.h ssdt_tpm.h ssdt_laptop_slate.h)
+H_SRC = $(addprefix $(ACPI_BUILD_DIR)/, ssdt_s3.h ssdt_s4.h ssdt_pm.h ssdt_tpm.h ssdt_tpm2.h ssdt_laptop_slate.h)
MKDSDT_CFLAGS-$(CONFIG_ARM_64) = -DCONFIG_ARM_64
MKDSDT_CFLAGS-$(CONFIG_X86) = -DCONFIG_X86
diff --git a/tools/libacpi/acpi2_0.h b/tools/libacpi/acpi2_0.h
index 2619ba32db..f4eb4d715b 100644
--- a/tools/libacpi/acpi2_0.h
+++ b/tools/libacpi/acpi2_0.h
@@ -121,6 +121,30 @@ struct acpi_20_tcpa {
};
#define ACPI_2_0_TCPA_LAML_SIZE (64*1024)
+/*
+ * TPM2
+ */
+struct acpi_20_tpm2 {
+ struct acpi_header header;
+ uint16_t platform_class;
+ uint16_t reserved;
+ uint64_t control_area_address;
+ uint32_t start_method;
+ uint8_t start_method_params[12];
+ uint32_t log_area_minimum_length;
+ uint64_t log_area_start_address;
+};
+#define TPM2_ACPI_CLASS_CLIENT 0
+#define TPM2_START_METHOD_CRB 7
+
+#define TPM_CRB_ADDR_BASE 0xFED40000
+#define TPM_CRB_ADDR_CTRL (TPM_CRB_ADDR_BASE + 0x40)
+
+#define TPM_LOG_AREA_ADDRESS 0xFED50000
+
+#define TPM_LOG_AREA_MINIMUM_SIZE (64 << 10)
+#define TPM_LOG_SIZE (64 << 10)
+
/*
* Fixed ACPI Description Table Structure (FADT) in ACPI 1.0.
*/
@@ -431,6 +455,7 @@ struct acpi_20_slit {
#define ACPI_2_0_RSDT_SIGNATURE ASCII32('R','S','D','T')
#define ACPI_2_0_XSDT_SIGNATURE ASCII32('X','S','D','T')
#define ACPI_2_0_TCPA_SIGNATURE ASCII32('T','C','P','A')
+#define ACPI_2_0_TPM2_SIGNATURE ASCII32('T','P','M','2')
#define ACPI_2_0_HPET_SIGNATURE ASCII32('H','P','E','T')
#define ACPI_2_0_WAET_SIGNATURE ASCII32('W','A','E','T')
#define ACPI_2_0_SRAT_SIGNATURE ASCII32('S','R','A','T')
@@ -444,6 +469,7 @@ struct acpi_20_slit {
#define ACPI_2_0_RSDT_REVISION 0x01
#define ACPI_2_0_XSDT_REVISION 0x01
#define ACPI_2_0_TCPA_REVISION 0x02
+#define ACPI_2_0_TPM2_REVISION 0x04
#define ACPI_2_0_HPET_REVISION 0x01
#define ACPI_2_0_WAET_REVISION 0x01
#define ACPI_1_0_FADT_REVISION 0x01
diff --git a/tools/libacpi/build.c b/tools/libacpi/build.c
index d313ccd8cf..d4f25a68d2 100644
--- a/tools/libacpi/build.c
+++ b/tools/libacpi/build.c
@@ -19,6 +19,7 @@
#include "ssdt_s3.h"
#include "ssdt_s4.h"
#include "ssdt_tpm.h"
+#include "ssdt_tpm2.h"
#include "ssdt_pm.h"
#include "ssdt_laptop_slate.h"
#include <xen/hvm/hvm_info_table.h>
@@ -352,6 +353,7 @@ static int construct_secondary_tables(struct acpi_ctxt *ctxt,
struct acpi_20_tcpa *tcpa;
unsigned char *ssdt;
void *lasa;
+ struct acpi_20_tpm2 *tpm2;
/* MADT. */
if ( (config->hvminfo->nr_vcpus > 1) || config->hvminfo->apic_mode )
@@ -449,6 +451,39 @@ static int construct_secondary_tables(struct acpi_ctxt *ctxt,
tcpa->header.length);
}
break;
+
+ case 2:
+ if (!config->crb_hdr ||
+ config->crb_hdr[0] == 0 || config->crb_hdr[0] == 0xffff)
+ break;
+
+ ssdt = ctxt->mem_ops.alloc(ctxt, sizeof(ssdt_tpm2), 16);
+ if (!ssdt) return -1;
+ memcpy(ssdt, ssdt_tpm2, sizeof(ssdt_tpm2));
+ table_ptrs[nr_tables++] = ctxt->mem_ops.v2p(ctxt, ssdt);
+
+ tpm2 = ctxt->mem_ops.alloc(ctxt, sizeof(struct acpi_20_tpm2), 16);
+ if (!tpm2) return -1;
+ memset(tpm2, 0, sizeof(*tpm2));
+ table_ptrs[nr_tables++] = ctxt->mem_ops.v2p(ctxt, tpm2);
+
+ tpm2->header.signature = ACPI_2_0_TPM2_SIGNATURE;
+ tpm2->header.length = sizeof(*tpm2);
+ tpm2->header.revision = ACPI_2_0_TPM2_REVISION;
+ fixed_strcpy(tpm2->header.oem_id, ACPI_OEM_ID);
+ fixed_strcpy(tpm2->header.oem_table_id, ACPI_OEM_TABLE_ID);
+ tpm2->header.oem_revision = ACPI_OEM_REVISION;
+ tpm2->header.creator_id = ACPI_CREATOR_ID;
+ tpm2->header.creator_revision = ACPI_CREATOR_REVISION;
+ tpm2->platform_class = TPM2_ACPI_CLASS_CLIENT;
+ tpm2->control_area_address = TPM_CRB_ADDR_CTRL;
+ tpm2->start_method = TPM2_START_METHOD_CRB;
+ tpm2->log_area_minimum_length = TPM_LOG_AREA_MINIMUM_SIZE;
+ tpm2->log_area_start_address = TPM_LOG_AREA_ADDRESS;
+
+ set_checksum(tpm2,
+ offsetof(struct acpi_header, checksum),
+ tpm2->header.length);
}
}
diff --git a/tools/libacpi/libacpi.h b/tools/libacpi/libacpi.h
index 9143616130..b5d08ff09b 100644
--- a/tools/libacpi/libacpi.h
+++ b/tools/libacpi/libacpi.h
@@ -80,6 +80,7 @@ struct acpi_config {
uint8_t tpm_version;
const uint16_t *tis_hdr;
+ const uint16_t *crb_hdr;
/*
* Address where acpi_info should be placed.
* This must match the OperationRegion(BIOS, SystemMemory, ....)
diff --git a/tools/libacpi/ssdt_tpm2.asl b/tools/libacpi/ssdt_tpm2.asl
new file mode 100644
index 0000000000..1801c338df
--- /dev/null
+++ b/tools/libacpi/ssdt_tpm2.asl
@@ -0,0 +1,36 @@
+/*
+ * ssdt_tpm2.asl
+ *
+ * Copyright (c) 2018-2022, Citrix Systems, Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation; version 2.1 only. with the special
+ * exception on linking described in file LICENSE.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ */
+
+/* SSDT for TPM CRB Interface for Xen with Qemu device model. */
+
+DefinitionBlock ("SSDT_TPM2.aml", "SSDT", 2, "Xen", "HVM", 0)
+{
+ Device (TPM)
+ {
+ Name (_HID, "MSFT0101" /* TPM 2.0 Security Device */) // _HID: Hardware ID
+ Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
+ {
+ Memory32Fixed (ReadWrite,
+ 0xFED40000, // Address Base
+ 0x00001000, // Address Length
+ )
+ })
+ Method (_STA, 0, NotSerialized) // _STA: Status
+ {
+ Return (0x0F)
+ }
+ }
+}
--
2.31.1
On 15.12.2022 18:09, Jennifer Herbert wrote: > --- a/tools/firmware/hvmloader/util.c > +++ b/tools/firmware/hvmloader/util.c > @@ -1009,6 +1009,13 @@ void hvmloader_acpi_build_tables(struct acpi_config *config, > config->table_flags |= ACPI_HAS_TPM; > config->tis_hdr = (uint16_t *)ACPI_TIS_HDR_ADDRESS; > break; > + case 2: Nit: Blank line please between non-fall-through case blocks. > + config->table_flags |= ACPI_HAS_TPM; > + config->crb_hdr = (uint16_t *)ACPI_CRB_HDR_ADDRESS; > + > + mem_hole_populate_ram(TPM_LOG_AREA_ADDRESS >> PAGE_SHIFT, TPM_LOG_SIZE >> PAGE_SHIFT); Nit: Overlong line. > + memset((void *)(TPM_LOG_AREA_ADDRESS), 0, TPM_LOG_SIZE); Nit: Excess pair of parentheses. > --- a/tools/libacpi/Makefile > +++ b/tools/libacpi/Makefile > @@ -25,7 +25,7 @@ C_SRC-$(CONFIG_X86) = dsdt_anycpu.c dsdt_15cpu.c dsdt_anycpu_qemu_xen.c dsdt_pvh > C_SRC-$(CONFIG_ARM_64) = dsdt_anycpu_arm.c > DSDT_FILES ?= $(C_SRC-y) > C_SRC = $(addprefix $(ACPI_BUILD_DIR)/, $(DSDT_FILES)) > -H_SRC = $(addprefix $(ACPI_BUILD_DIR)/, ssdt_s3.h ssdt_s4.h ssdt_pm.h ssdt_tpm.h ssdt_laptop_slate.h) > +H_SRC = $(addprefix $(ACPI_BUILD_DIR)/, ssdt_s3.h ssdt_s4.h ssdt_pm.h ssdt_tpm.h ssdt_tpm2.h ssdt_laptop_slate.h) This line could (the latest) now also do with splitting up. > --- a/tools/libacpi/acpi2_0.h > +++ b/tools/libacpi/acpi2_0.h > @@ -121,6 +121,30 @@ struct acpi_20_tcpa { > }; > #define ACPI_2_0_TCPA_LAML_SIZE (64*1024) > > +/* > + * TPM2 > + */ > +struct acpi_20_tpm2 { > + struct acpi_header header; > + uint16_t platform_class; > + uint16_t reserved; > + uint64_t control_area_address; > + uint32_t start_method; > + uint8_t start_method_params[12]; > + uint32_t log_area_minimum_length; > + uint64_t log_area_start_address; > +}; > +#define TPM2_ACPI_CLASS_CLIENT 0 > +#define TPM2_START_METHOD_CRB 7 > + > +#define TPM_CRB_ADDR_BASE 0xFED40000 > +#define TPM_CRB_ADDR_CTRL (TPM_CRB_ADDR_BASE + 0x40) What is the relation between these two and ACPI_CRB_HDR_ADDRESS (0xFED40034)? Independent of the answer it would be nice to have a BUILD_BUG_ON()-like check somewhere tying the two together (and I have a vague recollection that I might have asked for such in a comment on v1 already). And since afaics the space at that address also isn't filled anywhere in hvmloader, the description could also do with saying what entity is doing that (qemu?) and hence with whom this needs to remain in sync. > @@ -449,6 +451,39 @@ static int construct_secondary_tables(struct acpi_ctxt *ctxt, > tcpa->header.length); > } > break; > + > + case 2: > + if (!config->crb_hdr || See the respective comment on the earlier patch. Jan
© 2016 - 2024 Red Hat, Inc.