1. Patchew
  2. Xen
  3. View series

[PATCH] xen/x86: Pass TPM ACPI table to PVH dom0

Jason Andryuk posted 1 patch 1 day, 4 hours ago 
xen/arch/x86/hvm/dom0_build.c | 2 +-
xen/include/acpi/actbl3.h     | 4 +++-
2 files changed, 4 insertions(+), 2 deletions(-)
[PATCH] xen/x86: Pass TPM ACPI table to PVH dom0
Posted by Jason Andryuk 1 day, 4 hours ago 
Pass the TPM2 ACPI table so that the device can be found by a PVH dom0.

Otherwise dom0 shows:
tpm_tis MSFT0101:00: [Firmware Bug]: failed to get TPM2 ACPI table
tpm_tis MSFT0101:00: probe with driver tpm_tis failed with error -22

TCPA is "Trusted Computing Platform Alliance table", but it is really
the table for a TPM 1.2.  Use that as the comment as it's more
identifiable for readers.

While doing this, move ACPI_SIG_WPBT to alpabetize the entries.

Signed-off-by: Jason Andryuk <jason.andryuk@amd.com>
---
Only TPM2 has been tested.

AIUI, a TPM 1.2 is probed without the ACPI entry, so it is usable.
But since I know the table exists, I added it.
---
 xen/arch/x86/hvm/dom0_build.c | 2 +-
 xen/include/acpi/actbl3.h     | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/xen/arch/x86/hvm/dom0_build.c b/xen/arch/x86/hvm/dom0_build.c
index 5ac2cf8394..7eccadf7aa 100644
--- a/xen/arch/x86/hvm/dom0_build.c
+++ b/xen/arch/x86/hvm/dom0_build.c
@@ -1013,7 +1013,7 @@ static bool __init pvh_acpi_table_allowed(const char *sig,
         ACPI_SIG_DSDT, ACPI_SIG_FADT, ACPI_SIG_FACS, ACPI_SIG_PSDT,
         ACPI_SIG_SSDT, ACPI_SIG_SBST, ACPI_SIG_MCFG, ACPI_SIG_SLIC,
         ACPI_SIG_MSDM, ACPI_SIG_WDAT, ACPI_SIG_FPDT, ACPI_SIG_S3PT,
-        ACPI_SIG_VFCT,
+        ACPI_SIG_TCPA, ACPI_SIG_TPM2, ACPI_SIG_VFCT,
     };
     unsigned int i;
 
diff --git a/xen/include/acpi/actbl3.h b/xen/include/acpi/actbl3.h
index 6858d3e60f..b8db95a18b 100644
--- a/xen/include/acpi/actbl3.h
+++ b/xen/include/acpi/actbl3.h
@@ -78,8 +78,10 @@
 #define ACPI_SIG_CSRT           "CSRT"	/* Core System Resources Table */
 #define ACPI_SIG_MATR           "MATR"	/* Memory Address Translation Table */
 #define ACPI_SIG_MSDM           "MSDM"	/* Microsoft Data Management Table */
-#define ACPI_SIG_WPBT           "WPBT"	/* Windows Platform Binary Table */
+#define ACPI_SIG_TCPA           "TCPA"	/* TPM 1.2 Table */
+#define ACPI_SIG_TPM2           "TPM2"	/* TPM 2.0 Table */
 #define ACPI_SIG_VFCT           "VFCT"	/* AMD Video BIOS */
+#define ACPI_SIG_WPBT           "WPBT"	/* Windows Platform Binary Table */
 
 /*
  * All tables must be byte-packed to match the ACPI specification, since
-- 
2.52.0
Re: [PATCH] xen/x86: Pass TPM ACPI table to PVH dom0
Posted by Andrew Cooper 1 day, 4 hours ago 
On 12/12/2025 10:29 pm, Jason Andryuk wrote:
> Pass the TPM2 ACPI table so that the device can be found by a PVH dom0.
>
> Otherwise dom0 shows:
> tpm_tis MSFT0101:00: [Firmware Bug]: failed to get TPM2 ACPI table
> tpm_tis MSFT0101:00: probe with driver tpm_tis failed with error -22
>
> TCPA is "Trusted Computing Platform Alliance table", but it is really
> the table for a TPM 1.2.  Use that as the comment as it's more
> identifiable for readers.
>
> While doing this, move ACPI_SIG_WPBT to alpabetize the entries.

It's probably worth stating that this brings PVH dom0 more in line with
PV dom0.

> Signed-off-by: Jason Andryuk <jason.andryuk@amd.com>

Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>

> ---
> Only TPM2 has been tested.
>
> AIUI, a TPM 1.2 is probed without the ACPI entry, so it is usable.
> But since I know the table exists, I added it.

Yeah - I'd have asked you to do this if you hadn't already.

That said, it highlights that the Trenchboot series needs to grow the
ability to hide the TPM from dom0, both the APCI tables and blind probing.

I presume that tboot already does this, because I'm sure it's been
tested, right...?

~Andrew

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.