From mboxrd@z Thu Jan  1 00:00:00 1970
Subject: TPM ACPI HID creation
To: devel@edk2.groups.io
From: jason.spottswood@hpe.com
X-Originating-Location: Owasso, Oklahoma, US (15.203.233.76)
X-Originating-Platform: Windows Chrome 75
User-Agent: GROUPS.IO Web Poster
MIME-Version: 1.0
Date: Tue, 25 Jun 2019 08:58:15 -0700
Message-ID: <3423.1561478295008356157@groups.io>
Content-Type: multipart/alternative; boundary="RyXRI4M4Zj88BOdvsPNT"

--RyXRI4M4Zj88BOdvsPNT
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Tcg2Smm.c has a function "UpdateHID to create the ACPI HID for the TPM.=C2=
=A0 This function uses the TPM vendor ID combined with the firmware versio=
n number to create the ACPI HID.=C2=A0 The use of the TPM firmware version =
is not specified in any spec from the TCG or otherwise that I have been abl=
e to find.=C2=A0 I believe this was a design choice specific to EDK2.=C2=A0=
 However, using the TPM firmware version does not match the intended use ca=
se from the TCG PC Client spec, where the HID should be comprised of the ve=
ndor ID and device ID.=C2=A0 See below.=C2=A0 One problem that arises from =
this design is that the ACPI tables will change when the TPM FW has been up=
dated.=C2=A0 Since the ACPI tables are hashed into PCR[0], it consequently =
means that a TPM FW change will cause a change to PCR[0].=C2=A0 It is not i=
ntuitive nor spec'd that TPM FW be included in PCR[0] measurements.=C2=A0 I=
n fact, PCR[0] is used only for system FW/UEFI code measurements.=C2=A0 If =
a user does not update UEFI, then there is no expectation of PCR[0] measure=
ment changes.=C2=A0 I propose that EDK2 change the UpdateHID function to us=
e the vendor ID and device ID read from register TPM_DID_VID_0 (locality 0 =
offset 0xF00) in the creation of the ACPI HID.

The following was taken from the TCG PC Client Platform Firmware spec:

According to the ACPI Specification (version 5, Errata A, Section 6.1.5 an=
d 6.1.3) a

hardware ID or compatibility ID is either a PNP ID with format =E2=80=9CAA=
A####=E2=80=9D or ACPI ID

with format =E2=80=9CNNNN####=E2=80=9D. The manufacturer ID returned by a =
TPM2_GetCapability

command can be used to set the =E2=80=9CAAA=E2=80=9D or =E2=80=9CNNNN=E2=
=80=9D portion of the ID. The remaining four

hexadecimal digits should be set to a value that allows software to differ=
entiate different

device classes built by the same manufacturer.

--RyXRI4M4Zj88BOdvsPNT
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Tcg2Smm.c has a function &#34;UpdateHID to create the ACPI HID for the TPM.=
=
=C2=A0 This function uses the TPM vendor ID combined with the firmware ver=
sion number to create the ACPI HID.=C2=A0 The use of the TPM firmware versi=
on is not specified in any spec from the TCG or otherwise that I have been =
able to find.=C2=A0 I believe this was a design choice specific to EDK2.=C2=
=
=A0 However, using the TPM firmware version does not match the intended us=
e case from the TCG PC Client spec, where the HID should be comprised of th=
e vendor ID and device ID.=C2=A0 See below.=C2=A0 One problem that arises f=
rom this design is that the ACPI tables will change when the TPM FW has bee=
n updated.=C2=A0 Since the ACPI tables are hashed into PCR[0], it consequen=
tly means that a TPM FW change will cause a change to PCR[0].=C2=A0 It is n=
ot intuitive nor spec&#39;d that TPM FW be included in PCR[0] measurements.=
=
=C2=A0 In fact, PCR[0] is used only for system FW/UEFI code measurements.=
=C2=A0 If a user does not update UEFI, then there is no expectation of PCR=
[0] measurement changes.=C2=A0 I propose that EDK2 change the UpdateHID fun=
ction to use the vendor ID and device ID read from register TPM_DID_VID_0 (=
locality 0 offset 0xF00) in the creation of the ACPI HID.<br/><br/>The foll=
owing was taken from the TCG PC Client Platform Firmware spec:<br/>
<p class=3D"DefangedMsoNormal" style=3D"margin-left: .5in; text-autospace:=
 none;" style=3D"margin:0px;"><span style=3D"font-family: BookmanOldStyle;"=
>According to the ACPI Specification (version 5, Errata A, Section 6.1.5 an=
d 6.1.3) a</span></p>
<p class=3D"DefangedMsoNormal" style=3D"margin-left: .5in; text-autospace:=
 none;" style=3D"margin:0px;"><span style=3D"font-family: BookmanOldStyle;"=
>hardware ID or compatibility ID is either a PNP ID with format =E2=80=9CAA=
A####=E2=80=9D or ACPI ID</span></p>
<p class=3D"DefangedMsoNormal" style=3D"margin-left: .5in; text-autospace:=
 none;" style=3D"margin:0px;"><span style=3D"font-family: BookmanOldStyle;"=
>with format =E2=80=9CNNNN####=E2=80=9D. The manufacturer ID returned by a =
TPM2_GetCapability</span></p>
<p class=3D"DefangedMsoNormal" style=3D"margin-left: .5in; text-autospace:=
 none;" style=3D"margin:0px;"><span style=3D"font-family: BookmanOldStyle;"=
>command can be used to set the =E2=80=9CAAA=E2=80=9D or =E2=80=9CNNNN=E2=
=80=9D portion of the ID. The remaining four</span></p>
<p class=3D"DefangedMsoNormal" style=3D"margin-left: .5in; text-autospace:=
 none;" style=3D"margin:0px;"><span style=3D"font-family: BookmanOldStyle;"=
>hexadecimal digits should be set to a <span style=3D"background: yellow; m=
so-highlight: yellow;">value that allows software to differentiate differen=
t</span></span></p>
<p class=3D"DefangedMsoNormal" style=3D"margin-left: .5in;" style=3D"margi=
n:0px;"><span style=3D"font-family: BookmanOldStyle; background: yellow; ms=
o-highlight: yellow;">device classes built by the same manufacturer</span><=
span style=3D"font-family: BookmanOldStyle;">.<br/></span><span style=3D"fo=
nt-family: &#39;Arial&#39;,sans-serif; color: #425563;"></span></p>

--RyXRI4M4Zj88BOdvsPNT--