From: marcandre.lureau@redhat.com
To: edk2-devel@lists.01.org
Cc: pjones@redhat.com, jiewen.yao@intel.com,
stefanb@linux.vnet.ibm.com, lersek@redhat.com,
qemu-devel@nongnu.org, javierm@redhat.com,
"Marc-André Lureau" <marcandre.lureau@redhat.com>
Subject: [PATCH v2 0/4] RFC: ovmf: Add support for TPM Physical Presence interface
Date: Thu, 17 May 2018 16:47:09 +0200 [thread overview]
Message-ID: <20180517144713.18647-1-marcandre.lureau@redhat.com> (raw)
From: Marc-André Lureau <marcandre.lureau@redhat.com>
Hi,
The following series adds basic TPM PPI 1.3 support for OVMF-on-QEMU
with TPM2 (I haven't tested TPM1, for lack of interest).
PPI test runs successfully with Windows 10 WHLK, despite the limited
number of supported funcions (tpm2_ppi_funcs table, in particular, no
function allows to manipulate Tcg2PhysicalPresenceFlags)
The way it works is relatively simple: a memory region is allocated by
QEMU to save PPI related variables. An ACPI interface is exposed by
QEMU to let the guest manipulate those. At boot, ovmf processes and
updates the PPI qemu region and request variables.
I build edk2 with:
$ build -DTPM2_ENABLE -DSECURE_BOOT_ENABLE
I test with qemu & swtpm/libtpms (tpm2 branches, swtpm_setup.sh --tpm2 --tpm-state tpmstatedir)
$ swtpm socket --tpmstate tpmstatedir --ctrl type=unixio,path=tpmsock --tpm2 &
$ qemu .. -chardev socket,id=chrtpm,path=tpmsock -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-crb,tpmdev=tpm0
Github trees:
https://github.com/elmarco/edk2/tree/tpm-ppi
https://github.com/elmarco/qemu/tree/tpm-ppi
Thanks
v2:
- style and commit message fixes
Marc-André Lureau (4):
OvmfPkg: add Tcg2PhysicalPresenceLibNull when !TPM2_ENABLE
OvmfPkg/IndustryStandard: add QemuTpm.h header
OvmfPkg: add Tcg2PhysicalPresenceLibQemu
OvmfPkg/PlatformBootManagerLib: process TPM PPI request
OvmfPkg/OvmfPkgIa32.dsc | 4 +-
OvmfPkg/OvmfPkgIa32X64.dsc | 4 +-
OvmfPkg/OvmfPkgX64.dsc | 4 +-
.../PlatformBootManagerLib.inf | 2 +
.../DxeTcg2PhysicalPresenceLib.inf | 34 +
.../DxeTcg2PhysicalPresenceLib.inf | 25 +-
OvmfPkg/Include/IndustryStandard/QemuTpm.h | 69 ++
.../PlatformBootManagerLib/BdsPlatform.c | 8 +
.../DxeTcg2PhysicalPresenceLib.c | 19 +-
.../DxeTcg2PhysicalPresenceLib.c | 889 ++++++++++++++++++
.../DxeTcg2PhysicalPresenceLib.uni | 3 +-
.../PhysicalPresenceStrings.uni | 28 +-
12 files changed, 1039 insertions(+), 50 deletions(-)
create mode 100644 OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
copy {SecurityPkg/Library/DxeTcg2PhysicalPresenceLib => OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu}/DxeTcg2PhysicalPresenceLib.inf (80%)
create mode 100644 OvmfPkg/Include/IndustryStandard/QemuTpm.h
copy EdkCompatibilityPkg/Foundation/Library/EdkIIGlueLib/Library/BaseLib/Ia32/CpuSleep.c => OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.c (55%)
create mode 100644 OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.c
copy {SecurityPkg/Library/DxeTcg2PhysicalPresenceLib => OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu}/DxeTcg2PhysicalPresenceLib.uni (97%)
copy {SecurityPkg/Library/DxeTcg2PhysicalPresenceLib => OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu}/PhysicalPresenceStrings.uni (62%)
--
2.17.0.253.g3dd125b46d
next reply other threads:[~2018-05-17 14:47 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-17 14:47 marcandre.lureau [this message]
2018-05-17 14:47 ` [PATCH v2 1/4] OvmfPkg: add Tcg2PhysicalPresenceLibNull when !TPM2_ENABLE marcandre.lureau
2018-05-17 14:47 ` [PATCH v2 2/4] OvmfPkg/IndustryStandard: add QemuTpm.h header marcandre.lureau
2018-05-17 14:47 ` [PATCH v2 3/4] OvmfPkg: add Tcg2PhysicalPresenceLibQemu marcandre.lureau
2018-05-17 14:47 ` [PATCH v2 4/4] OvmfPkg/PlatformBootManagerLib: process TPM PPI request marcandre.lureau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180517144713.18647-1-marcandre.lureau@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox