public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH 0/4] RFC: ovmf: Add support for TPM Physical Presence interface
@ 2018-05-15 12:30 marcandre.lureau
  2018-05-15 12:30 ` [PATCH 1/4] ovmf: add and link with Tcg2PhysicalPresenceLibNull when !TPM2_ENABLE marcandre.lureau
                   ` (5 more replies)
  0 siblings, 6 replies; 16+ messages in thread
From: marcandre.lureau @ 2018-05-15 12:30 UTC (permalink / raw)
  To: edk2-devel
  Cc: pjones, jiewen.yao, stefanb, lersek, qemu-devel, javierm,
	Marc-André Lureau

From: Marc-André Lureau <marcandre.lureau@redhat.com>

Hi,

The following series adds basic TPM PPI 1.3 support for OVMF-on-QEMU
with TPM2 (I haven't tested TPM1, for lack of interest).

PPI test runs successfully with Windows 10 WHLK, despite the limited
number of supported funcions (tpm2_ppi_funcs table, in particular, no
function allows to manipulate Tcg2PhysicalPresenceFlags)

The way it works is relatively simple: a memory region is allocated by
QEMU to save PPI related variables. An ACPI interface is exposed by
QEMU to let the guest manipulate those. At boot, ovmf processes and
updates the PPI qemu region and request variables.

I build edk2 with:

$ build -DTPM2_ENABLE -DSECURE_BOOT_ENABLE

I test with qemu & swtpm/libtpms (tpm2 branches, swtpm_setup.sh --tpm2 --tpm-state tpmstatedir)

$ swtpm socket --tpmstate tpmstatedir --ctrl type=unixio,path=tpmsock  --tpm2 &
$ qemu .. -chardev socket,id=chrtpm,path=tpmsock -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-crb,tpmdev=tpm0

Github trees:
https://github.com/elmarco/edk2/tree/tpm-ppi
https://github.com/elmarco/qemu/tree/tpm-ppi

Thanks

Marc-André Lureau (4):
  ovmf: add and link with Tcg2PhysicalPresenceLibNull when !TPM2_ENABLE
  ovmf: add QemuTpm.h header
  ovmf: replace SecurityPkg with OvfmPkg Tcg2PhysicalPresenceLibQemu
  ovmf: process TPM PPI request in AfterConsole()

 OvmfPkg/Include/IndustryStandard/QemuTpm.h    |  67 ++
 .../PlatformBootManagerLib/BdsPlatform.c      |   8 +
 .../PlatformBootManagerLib.inf                |   2 +
 .../DxeTcg2PhysicalPresenceLib.c              |  26 +
 .../DxeTcg2PhysicalPresenceLib.inf            |  34 +
 .../DxeTcg2PhysicalPresenceLib.c              | 881 ++++++++++++++++++
 .../DxeTcg2PhysicalPresenceLib.inf            |  67 ++
 .../DxeTcg2PhysicalPresenceLib.uni            |  26 +
 .../PhysicalPresenceStrings.uni               |  49 +
 OvmfPkg/OvmfPkgIa32.dsc                       |   4 +-
 OvmfPkg/OvmfPkgIa32X64.dsc                    |   4 +-
 OvmfPkg/OvmfPkgX64.dsc                        |   4 +-
 12 files changed, 1169 insertions(+), 3 deletions(-)
 create mode 100644 OvmfPkg/Include/IndustryStandard/QemuTpm.h
 create mode 100644 OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.c
 create mode 100644 OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
 create mode 100644 OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.c
 create mode 100644 OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
 create mode 100644 OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.uni
 create mode 100644 OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/PhysicalPresenceStrings.uni

-- 
2.17.0.253.g3dd125b46d



^ permalink raw reply	[flat|nested] 16+ messages in thread

end of thread, other threads:[~2018-05-17 14:58 UTC | newest]

Thread overview: 16+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-05-15 12:30 [PATCH 0/4] RFC: ovmf: Add support for TPM Physical Presence interface marcandre.lureau
2018-05-15 12:30 ` [PATCH 1/4] ovmf: add and link with Tcg2PhysicalPresenceLibNull when !TPM2_ENABLE marcandre.lureau
2018-05-17  7:58   ` Laszlo Ersek
2018-05-15 12:30 ` [PATCH 2/4] ovmf: add QemuTpm.h header marcandre.lureau
2018-05-17  8:10   ` Laszlo Ersek
2018-05-15 12:30 ` [PATCH 3/4] ovmf: replace SecurityPkg with OvfmPkg Tcg2PhysicalPresenceLibQemu marcandre.lureau
2018-05-17 10:14   ` Laszlo Ersek
2018-05-15 12:30 ` [PATCH 4/4] ovmf: process TPM PPI request in AfterConsole() marcandre.lureau
2018-05-17 10:24   ` Laszlo Ersek
2018-05-16  9:29 ` [PATCH 0/4] RFC: ovmf: Add support for TPM Physical Presence interface Laszlo Ersek
2018-05-17  7:41   ` Laszlo Ersek
2018-05-17 14:43   ` Marc-André Lureau
2018-05-17 14:58     ` Laszlo Ersek
2018-05-17  7:54 ` Laszlo Ersek
2018-05-17  8:26   ` Laszlo Ersek
2018-05-17 14:44   ` Marc-André Lureau

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox