From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <marcandre.lureau@redhat.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=66.187.233.73; helo=mx1.redhat.com;
 envelope-from=marcandre.lureau@redhat.com; receiver=edk2-devel@lists.01.org 
Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 034D8207E36A7
 for <edk2-devel@lists.01.org>; Thu, 17 May 2018 07:47:15 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
 [10.11.54.4])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.redhat.com (Postfix) with ESMTPS id 03ACFBB405;
 Thu, 17 May 2018 14:47:15 +0000 (UTC)
Received: from localhost (ovpn-112-71.ams2.redhat.com [10.36.112.71])
 by smtp.corp.redhat.com (Postfix) with ESMTP id A48CF2024CBB;
 Thu, 17 May 2018 14:47:14 +0000 (UTC)
From: marcandre.lureau@redhat.com
To: edk2-devel@lists.01.org
Cc: pjones@redhat.com, jiewen.yao@intel.com, stefanb@linux.vnet.ibm.com,
 lersek@redhat.com, qemu-devel@nongnu.org, javierm@redhat.com,
 =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
Date: Thu, 17 May 2018 16:47:09 +0200
Message-Id: <20180517144713.18647-1-marcandre.lureau@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
 (mx1.redhat.com [10.11.55.1]); Thu, 17 May 2018 14:47:15 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.1]);
 Thu, 17 May 2018 14:47:15 +0000 (UTC) for IP:'10.11.54.4'
 DOMAIN:'int-mx04.intmail.prod.int.rdu2.redhat.com'
 HELO:'smtp.corp.redhat.com' FROM:'marcandre.lureau@redhat.com' RCPT:''
Subject: [PATCH v2 0/4] RFC: ovmf: Add support for TPM Physical Presence interface
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Thu, 17 May 2018 14:47:16 -0000
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

From: Marc-André Lureau <marcandre.lureau@redhat.com>

Hi,

The following series adds basic TPM PPI 1.3 support for OVMF-on-QEMU
with TPM2 (I haven't tested TPM1, for lack of interest).

PPI test runs successfully with Windows 10 WHLK, despite the limited
number of supported funcions (tpm2_ppi_funcs table, in particular, no
function allows to manipulate Tcg2PhysicalPresenceFlags)

The way it works is relatively simple: a memory region is allocated by
QEMU to save PPI related variables. An ACPI interface is exposed by
QEMU to let the guest manipulate those. At boot, ovmf processes and
updates the PPI qemu region and request variables.

I build edk2 with:

$ build -DTPM2_ENABLE -DSECURE_BOOT_ENABLE

I test with qemu & swtpm/libtpms (tpm2 branches, swtpm_setup.sh --tpm2 --tpm-state tpmstatedir)

$ swtpm socket --tpmstate tpmstatedir --ctrl type=unixio,path=tpmsock  --tpm2 &
$ qemu .. -chardev socket,id=chrtpm,path=tpmsock -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-crb,tpmdev=tpm0

Github trees:
https://github.com/elmarco/edk2/tree/tpm-ppi
https://github.com/elmarco/qemu/tree/tpm-ppi

Thanks

v2:
 - style and commit message fixes

Marc-André Lureau (4):
  OvmfPkg: add Tcg2PhysicalPresenceLibNull when !TPM2_ENABLE
  OvmfPkg/IndustryStandard: add QemuTpm.h header
  OvmfPkg: add Tcg2PhysicalPresenceLibQemu
  OvmfPkg/PlatformBootManagerLib: process TPM PPI request

 OvmfPkg/OvmfPkgIa32.dsc                       |   4 +-
 OvmfPkg/OvmfPkgIa32X64.dsc                    |   4 +-
 OvmfPkg/OvmfPkgX64.dsc                        |   4 +-
 .../PlatformBootManagerLib.inf                |   2 +
 .../DxeTcg2PhysicalPresenceLib.inf            |  34 +
 .../DxeTcg2PhysicalPresenceLib.inf            |  25 +-
 OvmfPkg/Include/IndustryStandard/QemuTpm.h    |  69 ++
 .../PlatformBootManagerLib/BdsPlatform.c      |   8 +
 .../DxeTcg2PhysicalPresenceLib.c              |  19 +-
 .../DxeTcg2PhysicalPresenceLib.c              | 889 ++++++++++++++++++
 .../DxeTcg2PhysicalPresenceLib.uni            |   3 +-
 .../PhysicalPresenceStrings.uni               |  28 +-
 12 files changed, 1039 insertions(+), 50 deletions(-)
 create mode 100644 OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
 copy {SecurityPkg/Library/DxeTcg2PhysicalPresenceLib => OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu}/DxeTcg2PhysicalPresenceLib.inf (80%)
 create mode 100644 OvmfPkg/Include/IndustryStandard/QemuTpm.h
 copy EdkCompatibilityPkg/Foundation/Library/EdkIIGlueLib/Library/BaseLib/Ia32/CpuSleep.c => OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.c (55%)
 create mode 100644 OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.c
 copy {SecurityPkg/Library/DxeTcg2PhysicalPresenceLib => OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu}/DxeTcg2PhysicalPresenceLib.uni (97%)
 copy {SecurityPkg/Library/DxeTcg2PhysicalPresenceLib => OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu}/PhysicalPresenceStrings.uni (62%)

-- 
2.17.0.253.g3dd125b46d